Effective Date: 05/25/2018
This policy sets out what personal data we might collect, how we process and protect that data, the lawful grounds for that processing, and your related rights. Essentially “personal data” means any information relating to an identified or identifiable natural person, namely one who can be identified, directly or indirectly from that information alone or in conjunction with other information.
In most cases, the lawful ground will be that the processing: (i) is necessary for our legitimate interests in carrying out our business, including to maintain, improve and market our products and services], provided those interests are not outweighed by your rights and interests (“Legitimate Interests”), (ii) is necessary to perform a contract with you (“Contract”), or (iii) is necessary to comply with our legal obligations (“Legal Obligation”). Where processing is based on your consent (“Consent”), we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent.
As data protection law and practice are constantly developing, we’ll need to update this policy from time to time, which we’ll do by posting a new policy on the Website that takes effect from the date stated. It is your responsibility to return to the Website from time to time and check for changes.
- Information Collection and Use
We collect or are provided Personal Data in the normal course of business, for example:
- you may provide us with your details during discussions about buying our products or services,
- when you visit the Website, we may collect information about your visit such as your IP address and the pages you visited,
- you may provide us with your details when you ask about our Services (through the Website, by email or otherwise) and we may obtain legally-compliant lists of potential customers for our Services for our marketing purposes.
We may collect the following Personal Data from or about you:
- contact Information such as name, email address, mailing address, phone number
- information about your business role, such as job title and company name
- information about your interests in our services and products
We use this information for our legitimate business interests, including to:
- respond to enquiries about the Services, to provide the Websites and Services, to provide advice and support. Lawful basis: Legitimate Interests or Contract.
- analyze and improve the Website, the Services, for example for technical or security purposes and to improve the customer experience. Lawful basis: Legitimate Interests, however where for example applicable law requires your consent to use certain cookies, we will ask for your Consent having provided you with relevant information.
- market our Services – if we do so, we will provide you with an easy and free way to opt-out of receiving such communications in the future. Lawful basis: Legitimate Interests (or Consent as above).
- administer and manage delivery of our services and products to you. Lawful basis: Legitimate Interests (or Consent as above).
- in certain circumstances, to share it with a limited number of third parties as described in this policy, for example for operational requirements and business continuity purposes. Lawful basis: most processing will be based on Legitimate Interests, some processing is based on Contract and, where necessary (as above) some processing may be based on your prior Consent.
When you provide us with personal data about yourself or another person, you are confirming to us that you are authorized to provide us with that information and that any personal data you give us is accurate and up-to-date.
Given the nature of our business, we do not ask for “sensitive” or “special categories of personal data,” such as information about your health, political opinions, racial origins or sexual life and we would ask you not to send any to us.
- Information Sharing
- For provision of the Services, and for our own disaster recovery and business continuity purposes, we may store or transmit personal data to or through third party providers, such as with our contractors and advisors to help us operate, secure and analyze our business. Lawful basis: Legitimate Interests or Contract.
- We may be obliged to disclose your personal data to comply with a law, order or request of a court, government authority, other competent legal or regulatory authority or any applicable code of practice or guideline. We may also be obliged to disclose personal data when we believe in good faith that disclosure is necessary for our legitimate interest such as investigating fraud, to make or defend a legal claim, to protect your safety or the safety of others, or to maintain our compliance or that of our personnel with applicable laws, regulations and/or professional obligations, all in accordance with applicable law. Lawful basis: Legal Obligation.
- If Cordium is involved in a merger, acquisition, or sale of all or a portion of its assets, we may disclose such Personal Data as is necessary for our legitimate interests in completing that transaction and always provided that appropriate safeguards are in place including limitations and restrictions on use, access and retention. Lawful basis: Legitimate Interests.
- In other situations, only with your prior consent. Lawful basis: Legitimate Interest and Consent.
- Transfers outside the EEA
We share the minimum personal data necessary and we have written contracts in place incorporating relevant wording to safeguard that personal data and comply with applicable laws, and we will only share such data as is necessary for the purpose in question. Where possible, we keep personal data within the European Economic Area (‘EEA’). However, in order to carry out the above purposes, we may use third parties and their facilities outside the EEA. In all such cases we will ensure that appropriate security measures are in place to protect your personal data and a valid legal basis for the transfer applies.
- Your Rights
You have the right to ask whether Cordium processes your Personal Data and to request a copy, to object to direct marketing and in certain circumstances to have the data rectified or blocked or withdrawn. To request this information, please email email@example.com. If your personal information changes, or if you no longer desire our services, you may ask to have your Personal Data corrected, amended, removed or deleted by emailing firstname.lastname@example.org. You have the right to ask us to restrict processing certain of your personal data, to erase your personal data, and to ‘port’ certain of your personal data to you or another provider, provided in each case that we have such data and certain conditions are met. You also have the right to object to direct marketing and, under certain circumstances, to object to our processing of your Personal Data. We will respond to your request within 30 days.
If you subscribe to our newsletter(s), we will use your name and email address to send the newsletter to you. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in such emails or by contacting us at email@example.com.
- Tracking Technologies / Cookies
Analytics / Log Files
As is true of most web sites, we gather certain information automatically. This information includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and clickstream data to analyze trends in the aggregate and administer the site. You are not identifiable from any of this data.
Social Media Widgets
The security of your Personal Data is important to us. We follow industry standards to protect the Personal Data submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore, we cannot guarantee its absolute security. If you have any questions about the security of your Personal Data, you can contact firstname.lastname@example.org.
We will retain your information for the longer of the period we are required to do so by law, as is reasonably necessary for the purpose (for example to comply with our legal obligations, resolve disputes, and enforce our agreements), or as needed to provide you services. If you opt-out of communications, we will retain your name and contact details to enable us to respect your request.
- Additional Information
Links to 3rd Party Sites
With consent from the individual, we display personal testimonials of satisfied customers on our website in addition to other endorsements, including their name. If you wish to update or delete your testimonial, you can contact us at email@example.com.
Changes To This Policy
- “Do-Not-Track” / California Privacy Notice
The Web Sites do not respond to “Do-Not-Track” signals communicated by your internet browser.
If you’ve any question you can always contact us by email at firstname.lastname@example.org. You have the right, at all times, to notify a complaint to any regulator such as the UK Information Commissioner, although we would welcome the opportunity to discuss and resolve any complaint with you first.