Below, we give a general description of how we protect your personal data in addition to specific information on the following:
1. What personal data do we collect?
We collect the personal data of our employees, potential employees, clients, suppliers, business contacts, shareholders and website users. We will only collect details which you or your employer provide to us about yourself. Any information which identifies you such as your name, address, email address, telephone number, country of residence will only be retained by us if you or your employer provide this information to us when using one of our services as available on our website. Personal data will be held on our system and used for operational purposes in connection with the running of our company.
Except for certain information that is required by law, your decision to provide any personal data to us is voluntary. However, if you do not provide certain information, we may not be able to achieve or deliver some or all of the purposes outlined in this statement, and you and your employer may not be able to use certain tools and systems which require the use of such personal data.
2. Why do we collect it?
We may collect information about you in a number of circumstances including:
• So that we can personalise your use of our website, assist your use of our website and improve the site generally.
• When you make an enquiry on any area of our website.
• When we provide services to you or your employer on your behalf.
• When you apply for employment.
Your personal information may also be used by us to send you information about additional products, services and offers. You may choose not to receive such messages at any time.
3. For which purposes do we use your personal data?
We only use your personal data where required for the specific purposes and legitimate interests detailed only, such as:
• Managing our contractual and/or employment relationship with you.
• Facilitating communication with you.
• Operating and managing our business operations.
• Complying with legal requirements.
• Monitoring your use of our website, systems, any apps and tools you use.
• Improving the security and functioning of our website, networks and information.
• Applying data analytics to business operations and data to describe, predict and improve business performance within our business, and/or to provide a better user experience.
• Marketing our products and services to you with your agreement.
We will only process your personal data for the specific purposes mentioned above, and only with your consent, to the extent such consent is mandatory under applicable laws.
We will not use your personal data for purposes that are incompatible with the purposes above, unless it is required or authorised by law, or it is in your own vital interest (e.g. in case of a medical emergency) to do so.
4. Will we share your personal data with third parties?
We may disclose your personal information on a confidential basis to employees and/or approved contractors/developers that we may appoint from time to time to perform specific services requested by you or other internal administrative, billing and business purposes only.
We may transfer personal data to our service providers, professional advisors, public and governmental authorities or third parties in connection with a (potential) corporate or commercial transaction or as required by law. Such third parties may be located in other countries outside of the European Economic Area (EEA).
Before transferring personal data, we shall take the necessary steps to ensure that your personal data is given adequate protection as required by relevant data privacy laws and our own internal policies.
We will not transfer your personal data to third parties for marketing purposes without your prior consent, which may be withdrawn at any time.
Any non-EEA related transfers of your personal data, will take place in accordance with the appropriate international data transfer mechanisms and standards. Where your order or business purpose requires the transfer of information about you between countries outside the EEA which may not provide the same level of data protection, you consent to your information being transferred to such countries.
If we or substantially all of our assets are acquired by a third party, in such case personal information held by us about our customers will be one of the transferred assets.
5. What about sensitive data?
We do not collect any sensitive data (as defined within data privacy laws) about your racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offences, requiring special treatment.
6. How do we protect your personal data?
We attach great importance to the protection of your personal data and your right to privacy. When you deal with us we want you to feel secure in the knowledge that your personal data is in safe hands.
We protect your personal data in accordance with applicable laws and our data privacy policies. In addition, we maintain the appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage.
We take appropriate measures to keep your information confidential and secure in accordance with our internal procedures covering the storage, access and disclosure of information. All online transactions are conducted using a secure web address and we do not personally hold any card details.
We maintain organisational, physical and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements, considering the risks associated with the categories of personal data and the processing we undertake.
Keeping information about you secure is very important to us and certain sections of the site may encrypt data using SSL or a comparable standard. However, no data transmission over the Internet can be guaranteed to be totally secure. As a result, whilst we strive to protect your personal information, we cannot ensure or warrant the security of any information which you send to us, and you do so at your own risk.
All passwords we retain are encrypted and secured within restricted access servers. Where you have a password and account details, you are responsible for protecting the confidentiality of your password and user account details and you should not share this information with any other person. You may not transfer your account to anyone without our prior written consent.
Regarding your use of our website, you should understand that the open nature of the internet is such that information and personal data flows over networks connecting you to our systems without security measures and may be accessed and used by people other than those for whom the data are intended.
Regular updates are made to our website platform to ensure that the site remains safe and secure for your protection.
7. Where will your personal data be processed?
Some of our service providers are global organisations with offices and operations throughout the world. Personal data we collect may be transferred or be accessible throughout our company and internationally between our partners and affiliates. In some instances, and on your request, we may be able to arrange for your personal data be stored or processed only within the EEA.
8. How long will your personal data be retained by us?
We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data are deleted after a reasonable time according to the following retention criteria:
• We retain your personal data as long as we have an ongoing relationship with you (in particular, if you or your employer have an open account with us.
• We will only keep the personal data while your account is active or for as long as needed to provide services to you.
• We retain your data for as long as needed in order to comply with our legal and contractual obligations.
9. What personal data do we collect when you use our website?
We collect personal data at our website directly (for example, when you provide personal data to sign up for a newsletter) and indirectly, through our website’s technology.
We may collect and process the following personal data:
• Personal data that you provide by filling in forms on our website. This includes registering to use the website, subscribing to services, newsletters and alerts. Pages that collect this type of personal data may provide further information as to why your personal data are needed and how it will be used. It is completely up to you whether you want to provide it.
• If you contact us, we may keep a record of that correspondence.
• We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
• Any postings, comments or other content that you upload or post to our website.
• Our website collects personal data about your computer, including (where available) your IP address, operating system and browser type, for system administration, to filter traffic, to look up user domains and to report on statistics.
• Details of your visits to our website, the pages you view and resources you access or download, including but not limited to, traffic data, location data, weblogs and other communication data. Please see the Cookies section below for more information.
9.1. Log files
Every time someone visits our website a log file is generated on our computer.
The log file records the time and date of your visit, the files that were requested, your IP (Internet Protocol) address, the referrer URL (if provided) and the browser version. We collect this information to help us diagnose problems and administer our systems and to audit the geographical make-up of users and how they have arrived at our site that is, from what other sites have visitors arrived – this information being obtained from the referrer URL.
We do not normally link IP addresses to anything personally identifiable, which means that you remain anonymous even though we include your IP address in our aggregate information. However, we can and will attempt to use IP addresses to identify a user when we feel it is necessary to enforce compliance with our terms and conditions, or to protect our services and other users.
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive.
10. Which rights do you have with respect to the processing of your personal data?
You are entitled to:
• Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
• Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
• Object to the processing of your personal data: this right entitles you to request that we no longer processes your personal data.
• Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
• Request the restriction of the processing of your personal data: this right entitles you to request that we only process your personal data in limited circumstances, including with your consent.
• Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to us, or request that we transmit such personal data to another data controller.
To the extent that the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time by contacting us. Please note that this will not affect our right to process personal data obtained prior to the withdrawal of your consent, or its right to continue parts of the processing based on other legal bases than your consent.
If, despite our commitment and efforts to protect your personal data, you believe that your data privacy rights have been violated, we encourage and welcome individuals to come to contact us first to seek resolution of any complaint.
11. What are your rights regarding marketing communications?
You can exercise your right to prevent marketing communications to you by checking certain boxes on the forms we use to collect your personal data, or by utilising opt-out mechanisms in e-mails we send to you. You can also exercise the right to discontinue marketing communications to you, or to have your personal data removed from our customer relationship management (CRM) databases at any time by contacting us at firstname.lastname@example.org. In such cases, we will retain minimum personal data to note that you opted out in order to avoid contacting you again.
12. How do we use personal data when you visit our offices?
In addition to the information set out above, we may potentially process your personal data through CCTV in our office location where they are active. This data is only retained for security purposes and is not retained.
13. Accessing and updating
You have the right to apply for a copy of the personal information we hold about you, and to request to have any inaccurate personal information about you corrected. You also have the right to ask us not to process your personal data for marketing purposes. Where we intend to use your data for such purposes or intend to disclose your information to any third party for such purposes, we will usually inform you before collecting your data.