- This information includes:
- How we collect Personal Data
- How we process Personal Data
- How long we retain Personal Data
- How Personal Data is shared, processed and secured
- How to exercise your rights under the GDPR and how to contact us
How we collect Personal Data
We collect Personal Data in a variety of ways:
- We record information that you provide when registering to use our sites, subscribing to our services, blogs, posting material or requesting further information.
- We may keep records of any correspondence or conversations when you contact us through the website, by phone, email or in person,.
- We may also ask you to voluntarily complete surveys that we use for research purposes.
- We keep records of transactions you carry out through our site and of the fulfilment of your orders for our products and services.
- You may provide and we may collect information to allow us to supply products or to perform our services.
- Our websites record details of visits including, but not limited to, traffic data, location data, weblogs, IP address, operating system and browser type. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
- We reject personal email addresses when collecting information on our sites (e.g. Gmail Hotmail/Outlook etc.) and only record email addresses from corporate bodies.
If you provide Personal Data to us, you warrant that you shall comply with all provisions of the Data Protection Laws, including that you have a obtained all necessary consents from relevant individuals or have another lawful basis to provide the personal data to us. You should not provide us with your personal (non-corporate) email addresses for any purpose other than applications for employment.
How we process Personal Data
If we are processing data for the purposes of delivery of our products and services, on the basis is that it is necessary for the contract between us. This will be subject exclusively to the Data Processing Agreement included in the Ancoris Terms and Conditions (www.ancoris.com/terms) unless any other data processing agreement is in place between us.
We may process Personal Data to contact individual employees in corporate bodies and inform them about products, services or events, which we think may be of interest to them, and on the basis that it is in our legitimate interests to do so. As an individual employee in these organisations, if you no longer wish to be contacted for marketing purposes, please unsubscribe using the link sent to you in the email.
We do not intend to send marketing information to individual’s personal email addresses or non-corporate bodies.
How long we retain Personal Data
We will retain your personal data as long as there is a lawful basis for doing so. After this period, your personal data will be destroyed. Any personal data held by us for marketing and notifications related to the provision of our services will be kept by us until such time that you notify us that you no longer wish to receive this information.
How Personal Data is shared, processed and secured
We will not sell your Personal Data to any third party. We will share it with our business partners only to the extent necessary to deliver our products and services to you or to provide access to information or events you have requested.
Ancoris maintains technical and organisational measures including its CyberEssentials Plus Certification to protect Personal Data against accidental loss, destruction or damage. These measures will be appropriate to the nature of the data to be protected; considering the harm that might result from the unauthorised processing or accidental loss, destruction or damage; having regard to the state of technological development and the cost of implementing any
Ancoris contracts with the following subprocessors to process Personal Data https://www.ancoris.com/subprocessors/. These contracts may allow for the lawful transfer of personal data to a third country in accordance with Article 45 or 46 of the GDPR.
How to exercise your rights under the GDPR and contact information
You have the right to ask us not to process your personal data for marketing purposes unrelated to any contract or communication between us. You also have the right to:
- Request access to, deletion of or correction of, your personal data
- Restrict or object to processing your personal data
- Withdraw your consent where the processing was based on that consent, but note that this does not affect any processing not based on your consent
- Request we transfer your personal data to another person
- Make a complaint in which case we will follow our internal complaints procedure.
If you do request access to your personal data we will:
- Give you a description of it;
- Tell you why we are holding it;
- Tell you who it could be disclosed to; and
- Let you have a copy of the information in an standard electronic format.
To make a request for any personal information we may hold or to make a complaint you need to put the request in writing addressing it to our Data Protection department by email at firstname.lastname@example.org .
If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone. If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting our Data Protection department.
“Data Protection Laws” means laws, policies and codes of conduct issued by the Information Commissioner’s Office or other regulatory authorities, relating to data protection, privacy and the processing of Personal Data, including the Data Protection Act 2018; the Privacy and Electronic Communications (EC Directive) Regulations 2003; the GDPR (meaning Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016); and any applicable laws replacing, amending, extending, re-enacting or consolidating any of the above from time to time.