This policy was last updated on the 24th May 2018
Who this privacy statement applies to and what it covers
This privacy statement sets out how we will collect, handle, store and protect information about you when providing services to you or our clients, or performing any other activities that form part of the operation of our business.
This privacy statement also contains information about when we share your personal information with third parties (for example, third parties carrying out business related activities on our behalf).
In this privacy statement, your information is sometimes called “personal data” or “personal information”. We may also sometimes collectively refer to handling, collecting, protecting and storing your personal information as “processing” such personal information.
What information we collect
We may collect and process personal data about you because you give it to us, because other people give that data to us (for example, third party service providers that we use to help operate our business) or because it is publicly available.
The personal data that we collect or obtain may include: your name; e-mail address; employment and education details (for example, the organisation you work for and your job title); your IP address; your browser type and language; your access times; complaint details; details of how you use our products and services; details of how you like to interact with us and other similar information.
We may collect and process personal data about you that you give to us, as follows:
- If you provide information to us by filling in forms on our website. This may include information provided at the time of submitting queries, registering, subscribing to any of our services, posting material, sending messages, giving reviews or requesting further services.
- Details of transactions and projects you carry out via our website.
- We may ask you for information when you report an issue or concern or we have or receive a complaint or query about you (whether or not a formal dispute is raised).
- We may keep a record of correspondence between you and us.
- We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of the messages you send and receive (e.g. using our web chat feature) including without limitation, when you sent or received a message and the contents of that message. Messages are not private and are not confidential.
We may collect and process personal data about you from other sources as follows:
- We sometimes supplement the information that you provide with information received from third parties. For instance, marketing and website analytics organisations (subject to their privacy policies and applicable law).
- Where we are provided with personal data about you by any third party such as a service provider, we take steps to ensure that that third party has complied with the privacy laws and regulations relevant to that information; this may include, for example, that the third party has provided you with notice of the collection (and other matters) and has obtained any necessary consent (if applicable) for us to process that information as described in this privacy statement.
Use of personal data
We will use your personal data to fulfil your requests and we will ask only for data that is adequate, relevant and not excessive for those purposes. Where we send you information for any purpose, it may be sent by e-mail or post. When we ask you for personal data it may include the following purposes:
- We may contact you occasionally to inform you of new products and services we will be providing;
- We may send you regular updates on issues we think will be of interest to you;
- We may send you requested information on our products and services;
- We may use your personal data for marketing purposes and market research;
- We may use your personal data internally to provide you with the services offered by us.
- We may use your personal data for managing and making information available to third party service providers (e.g. providers of information technology or marketing services).
- We may use your personal data to notify you about changes to our services, terms and conditions, policies or website.
- We may use your personal data to manage risk, or to investigate, detect, prevent, and/or remediate fraud, suspected fraud or other potentially illegal or prohibited activities.
- We may use your personal data pursuant to applicable legal or regulatory requirements or to respond to requests and communications from competent authorities (including courts and tribunals).
- We may use your personal data for the services we receive from our professional advisors, such as lawyers, accountants and consultants.
- We may use your personal data for protecting our rights, those of our clients, or protecting those of our affiliates.
The legal grounds we use for processing personal information
We are not allowed to process personal information if we do not have a valid legal ground. Therefore, we will only process your personal information for the purposes outlined above because:
- of our legitimate interests in the performance of activities that form part of the operation of our business;
- of our legitimate interests in the effective and lawful operation of our business so long as such interests are not outweighed by your interests or fundamental rights and freedoms;
- of the legal and regulatory obligations that we are subject to, such as keeping records for tax purposes or providing information to a public body or law enforcement agency; or
- the information is required in order to carry out the activities that form part of the operation of our business (e.g. the processing is necessary to perform our contractual obligations towards you). Examples of the ‘legitimate interests’ referred to above are:
- to benefit from cost-effective services (e.g. we may opt to use certain IT platforms offered by suppliers);
- to verify the accuracy of information provided by a third party;
- to prevent fraud or criminal activity;
- to safeguard the security of our IT systems, architecture and networks, and of our physical premises; and
- to exercise our rights under Articles 16 and 17 of the Charter of Fundamental Rights, including our freedom to conduct a business and right to property.
In order to collect anonymous data, we may use temporary “cookies” that remain in the cookies file of your browser until the browser is closed. Cookies by themselves cannot be used to discover the identity of the user. A cookie is a small piece of information which is sent to your browser and stored on your computer’s hard drive. Cookies do not damage your computer. You can set your browser to notify you when you receive a cookie.
This enables you to decide if you want to accept it or not. We also use your IP address to help diagnose problems with our server and to administer our website. An IP address is a numeric code that identifies your computer on a network, or in this case, the internet. Your IP address is also used to gather broad demographic information. We may also perform IP lookups to determine which domain you are coming from (i.e.: aol.com, yourcompany.com) to more accurately gauge our users’ demographics.
Disclosure of your personal data
In connection with one or more of the purposes outlined in the “Use of personal data” section above, we may disclose details about you to: our affiliates; third parties that provide services to us and/or our affiliates, such as our lawyers; competent authorities (including courts and supervisory or other authorities); your advisers or where applicable, your employer; credit reference agencies or other organisations that help us make decisions and reduce the incidence of fraud; and other third parties that reasonably require access to personal data relating to you for one or more of the purposes outlined in the “Use of personal data” section above.
Information Collection, Use, and Sharing
We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.
We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organisation, other than as necessary to fulfill your request.
Your Access to and Control Over Information You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
• See what data we have about you, if any.
• Change/correct any data we have about you.
• Have us delete any data we have about you.
• Express any concern you have about our use of your data.
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for “https” at the beginning of the address of the web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, invoicing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
How long we keep your information for
We will hold your personal data on our systems for the longest of the following periods: (i) as long as is necessary for the relevant activity (which is typically 7 years); (ii) any retention period that is required by law or regulation; or (iii) the end of the period in which litigation or investigations might arise in respect of our activities.
You have various rights in relation to your personal data. In particular, you have a right to:
- request a copy of personal data we hold about you
- ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete
- ask that we delete personal data that we hold about you, or restrict the way in which we use such personal data
- object to our processing of your personal data o ask that we restrict our processing of your personal data; and
- ask for the portability of personal data – receive the Personal Data you have provided to us in a structured, commonly used and machine-readable form and transmit it to another data controller.
To exercise any of your rights, or if you have any other questions about our use of your personal data, please contact us at firstname.lastname@example.org.