GDPR Data Collection & Processing Notice
Droman Limited is committed to protecting your privacy and the personal data collected and processed about you.
By visiting and using the Droman Limited website, registering to use our services offered through the site or consultation, or providing your personal information to us at corporate or networking events/meetings (the “Services”), you understand that you will be subject to the terms set in this notice (“Data Use Notice”).
This Data Use Notice describes how we collection personal information, what we do with that information, and also what controls you as the Data Subject have over that information in relation to your use of our Site and Services.
Your information will be held and managed by Droman Limited, acting as either the data controller, or, if you are a client or interested party of Droman Limited, as the data processor.
In this Notice, we will use ‘plain English’ guidance to clearly explain what each section details.
How we collect your personal data
When using our Services, we may collect and process the following data about you:
Information provided directly by you:
• Information (including your name, email address, postal address, telephone number and other contact details) that you provide through registering interest, other communications or using the Service, including information about you that you willingly submit through electronic communication when requesting information or material from us;
• Information and other details of any transactions made by you through the use of our Service including but not limited to financial and billing information, including account numbers and other financial-related information provided by you when making a transaction when using our Service;
• Information contained in communications you send to us, for instance, to report a problem, submit a query, concern or comment regarding our Service;
• Information from any employment materials you send us, for example, a CV, resume, or other details of your employment history; or
• Information from surveys that we may, from time to time, conduct on the Service that you respond to or participate in.
Data about you collected from other sources:
We may collect personal data about you when using our Services and/or our Site:
• Automatically-collected Information – We may automatically collect certain information about the computer or devices that are used to access the Site or use the Services, including mobile devices, through commonly-used information-gathering tools, such as cookies. Such information includes standard information from your browser or device (for example, browser/device type and language), your Internet Protocol access and any actions you take on Droman Limited’s Site, such as pages viewed and the links clicked. We use this information to ensure the proper functioning and security of our Site and to optimise our Site. Our use of cookies to process personal information is explained thoroughly in our Privacy Policy, which you should read.
• Location Information – We may collect information about your location when you access our Site through a mobile device. If you do not want to provide us with location-tracking information, you can disable the GPS or other location-tracking functions on your device; provided your devices allows you to do so.
• Information Collected from Third Parties and Contractors/Suppliers – We may obtain information about you from third parties, such as partners, clients, researchers, associates, and others.
• Aggregate or Pseudonymise Data – We may aggregate and/or pseudonymise information collected by the Services or via other means such as corporate/ business networking events so that the data is not intended to identify you. This Data Use Notice does not restrict our use or disclosure of aggregated and/or de-identified information.
How we use your personal data?
We will collect and use your information as described in this Data Use Notice and as permitted by applicable laws, including in circumstances where it is necessary:
• To provide or fulfil Services requested by or for you;
• For the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
• For compliance with a legal obligation to which we are a subject;
• To pursue our legitimate interests;
• Where you have given us your express consent.
We collect and use your information for the following purposes:
• To perform the Services requested by you – for instance, if you fill out a “Contact Me” web form, we will use the data provided to contact you about your interest in our Services. This data processing is necessary to provide and fulfil a service requested by or for you.
• To plan and host events – this includes corporate/ business networking events, any online forum/webinar and social networks in which event attendees may participate, and populate online profiles in relation to the Services. This data processing is necessary to provide and fulfil a service requested by or for you.
• For marketing purposes – we may use your information to further discuss your interest in the Services and to send you information regarding Droman Limited such as information updates about our service, product and events with your prior consent. You can withdraw your consent at any time. Data processing for marketing purposes is a legitimate business interest.
You may manage your receipt of marketing and non-transactional communications by sending a request to: data.security@droman.co.uk
You have the right to contact us ( data.security@droman.co.uk ) at any time to object to the further processing of your data for the purposes of direct marketing to you, including any profiling related to such marketing.
• For financial and payment purposes – for checking financial qualifications and collect payment from you, where applicable. This data processing is necessary to provide or fulfil a service requested by or for you.
• For operating and improving Droman Limited Site, Service and your customer experience – we may collect and analyse data with the purpose of improving our customer experience. Data collected could include data about your device, such as unique device identifiers, information about your mobile phone or other mobile device(s), browser types, browser language, operating system, and the state or country from which you accessed the Site. Data collected could also include information related to the ways in which you interact with the Site, such as referring and exit pages and URLs, platform type, the number of clicks and domain names. This data allows us to understand our customers, their interactions with our Service and improve them to better serve the customers. Data processing for analytical and operational improvement purposes is a legitimate business interest.
• For Security purposes – we may use your data to protect Droman Limited and its suppliers against security breaches and to prevent fraud and violation of Droman Limited applicable agreements. Data processing for security purposes is a legitimate business interest.
• For hosting purposes – for example, if you are a customer, we may collect and host your data to provide Services to you. If your employer is our customer, we may process your data in accordance with providing Services to them. However, we will not review, share, distribute, or reference any such data except as provided in a services agreement between our customer and us, or as may be required by law. Data processing for the purpose of hosting our Services is a legitimate business interest.
• Protection of Droman Limited and others – we may disclose your information to:
o Comply with legal obligations;
o Enforce any agreements that you entered into with us;
o Respond to claims that any content violates the rights of third parties;
o Respond to your requests for customer service; and/or
o The extent necessary for the purposes of the legitimate interests pursued by us or by the third party or parties to whom the data is disclosed, except where such interests are overridden by the interests for fundamental rights and freedoms of the data subjects.
We may also disclose information to law enforcement agencies in emergency circumstances, where the disclosure of such information is consistent with the types of emergency disclosures permitted or required by law. This is data processing for compliance with legal obligation.
• Business Transfers – we reserve the right to disclose and transfer all of your data to a successor (or potential successor) company in connection with a merger, acquisition, or sale of all, or components, of our business, or in connection with due diligence associated with any such transaction. Data processing for this purpose is a legitimate business interest.
Sharing your data:
We may share your data with:
• Any of our suppliers, or to our associates, contractors or partners who assist us in providing the Services we offer. The assistance provided by our suppliers, associates, contractors or partners may be related to our marketing activities such as: updating marketing lists, advertising, market research and sending and receiving communications. Transactional assistance may also be provided by our suppliers, associates, contractors and partners, including: processing transactions, fulfilling requests for information, billing, sales, execution, and the fulfilment of orders. Other support services provided may include: data storage, transfer, analysis and processing, providing software services and in other tasks as may requested from time to time. Our suppliers, associates, contractors and partners will only use your information to the extent necessary to perform their functions and are subject to contractual restrictions prohibiting them from using your information for any other purpose.
To receive a list of suppliers, associates, contractors or partners assisting us in the processing of your data please send your request to data.security@droman.co.uk This list may change and will be updated from time to time.
Droman Limited may partner with other companies to jointly offer products or services. If you purchase or specifically express interest in a jointly-offered product or service from Droman Limited. Droman Limited may share information about you collected in connection with your purchase or expression of interest with our joint promotion partner(s). If you do not want your information to be shared in this manner, you may email data.security@droman.co.uk
However, we do not control our business partners’ use of the information that we share with them about you that we collect, and their use of the information will be in accordance with their own privacy policies.
Customer Testimonials
Droman Limited obtains the consent of the individuals concerned prior to posting such information or testimonials.
Transfer of Information Overseas:
The personal data about you that we collect is sent to and stored on secure servers located as noted below or in the systems of the third parties that we use, where applicable. Such storage is necessary in order to process the information.
Personal information may be transferred by us to the third parties mentioned in the circumstances described above, who or which may be situated outside the European Economic Area (EEA) and may be processed by our staff operating outside the EEA.
Standard Contractual Clauses
We will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism which may include by entering into EC approved standard contractual clauses relevant to transfers of personal information (see http://ec.europa.eu/justice/dataprotection/internationaltransfers/transfer/index_en.html ) and that it is treated securely and in accordance with this Data Use Notice.
Security:
We have appropriate physical, electronic, and managerial procedures to safeguard and help prevent unauthorised access and maintain data security of, and to use correctly, the information we collect online. These safeguards vary based on the sensitivity of the information that we collect and store. We have implemented procedures designed to limit the dissemination of your information to only such designated staff as are reasonably necessary to carry out the stated purposes we have communicated to you.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to make reasonable efforts to prevent unauthorised access.
Retention:
We will only keep your data as long as it remains necessary for the identified purpose(s) for which it was originally collected and for up to six plus one years afterwards or otherwise permitted by local laws, or as required for our business operations or by applicable laws.
We may need to retain certain personal information even once a customer account has been closed or deleted to enforce our terms, for fraud prevention, to identify, issue or resolve legal claims and/or for proper record keeping purposes. We may also retain a record of any stated objection by you to receiving our updates for the purpose of ensuring we can continue to the respect your wishes and not contact your further. If you request to stop receiving emails from us, we will retain your email address for use on an email “suppression list” to ensure you do not receive further emails, as requested.
All retained information will remain subject to the terms of this Data Use Notice. If you request that your name be removed from our databases, it may not be possible to completely delete all your information due to technological and legal constraint.
Your Rights:
You have the right to ask us for/to:
• Access all personal data held by us on you. On request, we will provide you with a copy of this information. We reserve the right to charge a reasonable fee taking into account the administrative costs of providing the information or taking the action requested. You can exercise your right of access to your personal data:
o By emailing us at data.security@droman.co.uk
o By writing to us at the address below.
Please note that we may be required to ask for further information in order to confirm your identity before we provide the information requested.
• Correct or erase your personal data where appropriate.
• Restrict the processing of your personal information whilst we investigate your concern;
• Where your processing is based on your consent, you have a right to receive your information in a commonly used electronic format or ask we move the data in that format to another provider where your request relates to the data that you gave us direct and where technically possible (data portability); and
• Withdraw your consent at any time when the processing relies upon consent.
If you remain dissatisfied with the response you receive you can also refer the matter to the data protection supervisory authority.
In the UK, this body is the Information Commission Office (ICO).
The ICO Scotland contact details are:
The Information Commissioner’s Office – Scotland,
45 Melville Street,
Edinburgh,
EH3 7HL
Telephone: 0303 123 1115
Email: Scotland@ico.org.uk
Linked Sites and Advertisements:
The Site or Services may contain links to third-party websites. We are not responsible for the privacy practices or the content of those third-party websites. Any information you provide via those services is subject to the applicable third-party privacy policies and is not covered by this Data Use Notice.
Children:
Our Sites and Services do not target and are not intended to attract anyone under the age of 18. Droman Limited does not knowingly solicit personal data from children under the age of 18. Should we learn or be notified that we have collected information from anyone under the age of 18, we will immediately delete such personal data. If you are under 18 years of age in your country of residency, please ask your parent/guardian to provide their information for you.
How you can access and update your information:
You may review and update your personal data by contacting data.security@droman.co.uk
Changes to this Data Use Notice:
Droman Limited reserves the right to change this Data Use Notice from time to time. Please check periodically for changes. If we make any material changes to this Data Use Notice we will notify you before they take effect either through the Site or by sending you a notification. Any such material changes will only apply to personal information collected after the revised Data Use Notice took effect.
Contact Us:
If you have any questions, comments, or concerns regarding this Data Use Notice or Droman Limited privacy practices, they may be submitted via email to data.security@droman.co.uk or in writing by addressing your inquiries to:
Droman Limited
FAO: Data Protection Lead
Techcube 4.9,
1 Summerhall Place,
Edinburgh,
EH9 1PL
Edinburgh, EH9 1PL
©2018 Droman Limited – All Rights Reserved