PERSONAL DATA PRIVACY POLICY
INTRODUCTION:
Sefas Innovation Limited, its subsidiaries and all affiliated entities (“we”, “us”, or “our”) are committed to respecting and protecting your privacy. We recognise that when you choose to provide us with personal information about yourself, you trust us to act in a responsible manner.
This Privacy explains the privacy rights you have in relation to these processing activities. As used in this Privacy Policy, ‘personal information’ or ‘personal data’ means information that relates to an identified individual or to an identifiable individual. For example, this could include among other things your name, address, email address, business contact details, or information gathered through your interactions with us via our websites or at events. See below for more detail on the types of information we collect and may process about you.
WHO IS RESPONSIBLE FOR PROCESSING YOUR PERSONAL INFORMATION
Sefas, and its affiliated entities are responsible for the processing of your personal information as described in this Privacy Statement. Our details are:
-
Data Controller: Sefas Innovation Limited, Whitefriars, Lewins Mead, Bristol BS1 2NT
INFORMATION WE MAY COLLECT ABOUT YOU
We may collect and process information about you and your personnel through various means, including:
-
in the course of carrying out work for you (or your business)
-
via our website (e.g. on our ‘Contact Us’ page)
-
by email or other electronic correspondence (including through the technical monitoring tools and other tracking technologies which we use for purely administrative / technical reasons in respect of emails, to check our emails are sent to the intended recipients and are read / engaged with in the way we want)
-
by telephone, video conferencing or collaboration software
-
networking (e.g. at events and/or other meetings or events both in person or virtual either hosted or attended by us)
-
through our guest WiFi service or other facility at our premises that may require log in details
-
through an online or emailed form, questionnaire, survey or similar format
-
by operating security policies and procedures in our offices (e.g. by virtue of our access to CCTV footage recorded by our buildings’ landlord and other CCTV footage we collect in our offices)
-
otherwise through providing services or operating our business.
The personal data you give to us may include:
-
your name and title
-
contact information, including telephone number, postal address and email address
-
information relating to your location, preferences and / or interests
-
the MAC address of the device you use when logging in to our guest WiFi service (only held for 24 hours)
-
information collected in-app or through one of our digital services, such as GPS or other location tracking
-
employment and job application details, e.g. date of birth, employment history, qualifications, equality monitoring information
-
photographic identification and video footage
-
in certain circumstances, your and others’ signature(s), National Insurance number(s), financial details such as bank account details and details of any relevant sanctions or similar restrictions
-
in certain circumstances, data relating to health (including disabilities), ethnicity, race, religious beliefs, trade union membership and other ‘special category personal data’
-
the content of any enquiry submitted over our website, during an online event or via any of our social media accounts
-
where you have subscribed or responded to our marketing mailings, your communication preferences and, if required, any dietary requirements
-
survey responses and feedback
-
any other personal data we collect in the course of operating our business
Each time you visit our website or use one of our apps or digital services, we may automatically collect the following information:
-
Web or app usage information (e.g. IP address), your login information, browser type and version, time zone setting, operating system and platform.
-
Information about your visit, including the full Uniform Resource Locators (URLs) clickstream to, through and from our website (including date and time); time on page, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs).
-
Location, device and demographic information (Google Analytics provides age range and gender information. Find out more about how Google collects demographic data).
We may ask you for information when you report a problem with our website, apps or other digital services.
If you contact us, we may keep a record of that correspondence.
The personal data described above may relate to any of the following categories of person:
-
our customers and customers’ personnel
-
prospective employees or other job applicants
-
our employees, partners, consultants and any other person employed by us
-
those emergency contacts or referees whose details have been provided to us by our people
-
our contacts at our professional advisors or others with whom we work in the context of our business
-
our prospective target customers
-
our contractors and suppliers
-
those with whom we work in the context of our Corporate Responsibility initiatives
-
attendees and/or participants at events hosted by us either virtually or in person or held at our offices
-
those who submit enquiries through our website or whose details are otherwise entered into our customer relationship management system
-
any other visitor to our offices.
COOKIE POLICY
Our website, apps and other digital services use cookies to distinguish you from other users, to improve your experience on our website, apps and other digital services and where applicable, to recommend content that may be of interest to you. For full details on how we use cookies, please see our Cookie Policy.
HOW DO WE USE YOUR INFORMATION?
We may use your information for the following purposes:
-
to respond to any request or query that you may submit to us for example a callback or for marketing materials
-
to manage our relationship with you (and/or your business), including by maintaining our customer database and other third parties for administration, accounting and relationship management purposes
-
to complete our contractual obligations to you, or otherwise taking steps as described in our engagement terms and/or our Terms of Business (including any associated administration)
-
to use your personal information to support products or services you have obtained from us, such as notifying you of a product update or fix.
-
to register you as a new customer or when you enter a contest or other promotional event, we may use your name, address, telephone number and e-mail address so we can administer the program and notify winners.
-
to market our products and services or related products and services and to tailor marketing and sales activities. You will receive marketing communications from Sefas, unless you have specifically opted out of that marketing, if you have:
-
Requested information
-
Received a product or service
-
Provided us with your details when you enquired about a product, quote, service
-
Registered for a promotion
-
-
And, in each case, you have not opted out of receiving that marketing.
-
You may also receive marketing material if you are on a list that has been lawfully acquired by Sefas or your information has been referred to us by a third party or colleague.
-
to manage and administer any events (either virtual or in person) hosted or sponsored by us
-
to process any job application you (or your representative) has submitted
-
to administer our corporate responsibility initiatives
-
to ensure that our website, apps and digital service’s content is presented in the most effective manner for you and your device
-
to customise our website, apps and other digital services according to your interests
-
to administer our website, apps and other digital services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey responses;
-
to allow you to participate in interactive features on our website, apps and other digital services when you choose to do so
-
as part of our efforts to keep our website, apps and other digital services safe and secure
-
to measure or understand the effectiveness of advertising we send to you and others, and to deliver relevant advertising to you
-
as we feel is necessary to prevent illegal activity or to protect our interests.
-
third-party marketing: Sefas does not share your data with third-parties to carry out their own marketing. Should this ever change we will get your express opt-in consent before we share your personal data with any company outside Sefas for marketing purposes.
-
Opting out: You can ask us to stop sending you marketing messages at any time by contacting here.
-
To comply with applicable laws and regulations
SHARING YOUR PERSONAL INFORMATION
Sefas employees of other entities in Sefas are authorised to access your personal information only to the extent necessary to serve the applicable purpose(s) and to perform their job functions.
SHARING YOUR PERSONAL DATA:
Sefas may share your personal data with other Sefas affiliates, third party service providers; and according to Sefas’s legal and contractual obligations. For personal information collected about you our basis for processing is most commonly as follows:
-
We need to perform the contract we are about to enter into or have entered into with you;
-
It is necessary for our legitimate interests and your interests and fundamental rights do not override those interests;
-
To keep our records updated and in order to communicate adequately with you and to respond to your requests
-
To analyse, develop, improve and optimize the use of our sites, products and services, and to maintain the security of our sites, networks and systems.
-
In many instances where personal information is collected, Sefas can rely on legitimate interest to send marketing communications. However, Sefas will ensure that your contact data will be used for marketing purposes if you have provided your consent. Therefore, Sefas will always ask approval and consent, when collecting personal information. Your personal information is utilised in the Sefas group of entities.
-
-
Where we need to comply with a legal or regulatory obligation such as to comply with a subpoena or other legal process, or to process an opt-out request.
-
Generally we do not rely on consent as a legal basis for processing your personal data and communicating with you. You have the right to withdraw consent to marketing at any time by contacting us
VISITING NON-SEFAS WEBSITES
Sefas websites may have links to other websites that operate independently from us. Linked websites may have their own privacy statements or policies. We advise that you review these statements. Any information you provide when you visit a non-affiliated Sefas site is subject to the privacy policy posted on those websites. We are not responsible for the content of any website that are not affiliated with or owned by Sefas, any use of those websites, or the privacy practices of those websites.
YOUR RIGHTS
You have privacy rights for the information we process about you depending on where you reside. You can choose to access; correct; delete; restrict; ask for portability of your personal information.
If you reside in the UK, EU or other jurisdiction that provides this right as a matter of law, You have the right to request: (i) access to your personal data; (ii) correction of your personal data if it is incomplete or inaccurate; (iii) deletion or restriction of your personal data or (IV) ask for portability of your personal information. Where We have obtained your consent for the processing of your personal data, you have the right to withdraw your consent at any time. You also have the right to object to the processing of your personal data, including opting-out from the use for direct marketing purposes.
You may have additional rights pursuant to your local law applicable to the processing. For example, if the processing of your personal information is subject to the EU General Data Protection Regulation (“GDPR”), and your personal information is processed based on legitimate interests, you have the right to object to the processing on grounds relating to your specific situation.
Right to Lodge a Complaint
In the event you consider our processing of your personal information not to be compliant with the applicable data protection laws, you can lodge a complaint:
-
Directly with Sefas by using this form here.
-
With the competent data protection authority. The name and contact details of the Data Protection Authorities in the European Union can be found here.
Storage and retention of your personal data
We follow strict security procedures as to how your personal information is stored and used, and who sees it, to help stop any unauthorised person getting hold of it. All personal information you register on our website, app or other digital service will be located behind a firewall. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. Unfortunately, the transmission of information via the internet is not completely secure and although we do our best to protect your personal data, we cannot absolutely guarantee the security of your data.
We will keep your information stored on our systems for as long as it is necessary to fulfil the purpose for which we collected it, except if required otherwise by law. If you wish to request that we no longer use your registration information to provide you services, contact us here.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
WHAT IF THERE ARE CHANGES TO OUR PRIVACY POLICY:
This Privacy Policy was last updated September 2023.
We may update this Privacy Statement from time to time to reflect changes to our data governance practices and to comply with our legal requirements. The revised Privacy Policy will be posted here with an updated revision date. We encourage you to check back periodically for any changes or updates. If we make a material change to our Privacy Policy, we will post a notice at the top of this page for 30 days. By continuing to use our websites after such revision takes effect, we consider that you have read and understand the changes.
DISPUTE RESOLUTION
If you have any complaints regarding our compliance with this Privacy Policy, please contact us first. We will investigate and attempt to resolve complaints and disputes regarding use and disclosure of personal information in accordance with this Privacy Policy and in accordance with applicable law. You also have the right to file a complaint with a competent data protection authority if you are a resident of the UK.
HOW TO CONTACT US
If you have a question related to this Privacy Statement, please contact us here. Your message will be forwarded to the appropriate member of our Data Privacy Team, such as Data Protection Officers or members of their teams.
In your request, you need to provide enough information that allows us to reasonably verify that you are the consumer that we collected information about.