What is the purpose of this document?
This privacy notice (the Privacy Notice) for SC Contacts sets out the information that must be provided by us to you at the time your Personal Data is obtained. It is drafted in compliance with Data Protection Law.
The following terms have defined meanings in this Privacy Notice:
|Data Controller||means the organisation that determines the purposes for which and the manner in which Personal Data are processed;|
|Data Processor||means the organisation that processes Personal Data on behalf of the Data Controller;|
|Data Protection Law||means any laws and regulations in the UK relating to privacy or the use or processing of data relating to natural persons, including: (a) EU Directives 95/46/EC and 2002/58/EC (as amended by 2009/136/EC) and any legislation implementing or made pursuant to such directives, including (in the UK) the Data Protection Act 1998 (the DPA) and the Privacy and Electronic Communications (EC Directive) Regulations 2003; and (b) from 25 May 2018, EU Regulation 2016/679 (GDPR); and (c) any laws or regulations ratifying, implementing, adopting, supplementing or replacing GDPR or DPA; in each case, to the extent in force, and as such are updated, amended or replaced from time to time;|
|Data Subject||means a living, identifiable individual about whom Personal Data is processed;|
|Marketing and Sales Activities||means the following activities and any combination of these activities:
a) inviting you (using e-mail, telephone or other media) to: (i) marketing events organised by an SC Entity or by a third party on behalf of an SC Entity; and/or (ii) webinars organised by an SC Entity or by a third party on behalf of an SC Entity;
b) sending you marketing newsletters;
c) sending you information in relation to our products and services generally as well as current news and special offers;
d) arranging personal meetings with you to discuss our products and services;
e) connecting with you for business purposes on social media (such as LinkedIn); and
f) any other reasonable marketing and sales activity which is carried out by similar businesses.
|Personal Data||means data which relate to a living individual who can be identified from those data or from those data and other information which is in the possession of or is likely to come into our possession as Data Controller or Data Processor, as the case may be. Personal Data include opinions and any indications of our intentions towards an individual;|
|Processing||includes obtaining, recording, holding, altering, retrieving, consulting, using, disclosing, blocking, erasing or destroying Personal Data;|
|SC Contact||means an individual whose Personal Data a SmartComms Entity would like to Process for the purpose of Marketing and Sales Activities;|
a) SmartComms SC Limited, a limited company incorporated under the laws of England and Wales with registered number 04303041 and its registered address at Catalyst House, 720 Centennial Court, Centennial Park, Elstree, Hertfordshire, England, WD6 3SY (SC UK);
b) SmartComms, LLC, a limited liability corporation incorporated under the laws of the state of New Hampshire and its registered address at 250 Commercial St STE4006, Manchester NH 03101-1120, United States (SC US); and
c) SmartComms Pty Ltd, a proprietary limited company incorporated under the laws of Australia with registered number 3110278521 and its registered address at Level 18, 175 Pitt Street, Sydney, NSW 2000, Australia (SC AU),
and SmartComms Entity shall be construed accordingly.
|Smart Communications, we, our, us||means SC UK; and|
|You, your||means each SC Contact in receipt of this Privacy Notice whether by notice, URL link or other form of communication.|
The person responsible for overseeing data protection compliance issues at Smart Communications is the Data Protection Officer who can be contacted via email@example.com.
For the purpose of this Privacy Notice, we are a Data Controller and we Process Personal Data about you.
This Privacy Notice concerns your Personal Data and describes how we collect and use Personal Data about you in respect of Marketing and Sales Activities.
This Privacy Notice applies to current SC Contacts.
The Data Protection Principles
We will comply with Data Protection Law which state that the Personal Data we hold about you must be:
- used lawfully, fairly and in a transparent way;
- collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- adequate and relevant to the purposes we have told you about and limited only to those purposes
- accurate and kept up to date;
- kept only as long as necessary for the purposes we have told you about; and
- kept securely.
The types of Personal Data we hold about you
We may collect, store, use and Process the following Personal Data or categories of Personal Data about you consists of business contact details such as:
- full name;
- telephone numbers; and
- business email addresses.
Personal Data is collected in the following ways:
- as a result of and/or in the course of physical marketing events (for example, we may collect your business card at a marketing event);
- through Linked-In’s Sales Navigator;
- from third parties, such as marketing agents, content syndicators and telemarketing services providers;
- from information you submit online:
- using the “Contact Us” tool on our website;
- from our newsletter; and
- on the App Exchange platform;
- from information you provide to register for webinars (whether organised by an SC Entity or by a third party); and
- through CRM applications which may collect your Personal Data as a result of your consent to be part of a larger database of Personal Data.
How we will use Personal Data about you – the “Lawful Basis”
Under Data Protection Law, Data Controllers must justify the use of Personal Data by establishing a “Lawful Basis” of Processing. In Smart Communications’ case, this lawful basis is the pursuance of our legitimate interests (see below) as long as your interests and fundamental rights do not override those interests.
Our Legitimate Interests
With regards to our ‘legitimate interests’ referred to above, these would include, but are not limited to:
- the furtherance of our Marketing and Sales Activities;
- the pursuit or defence of any claims, rights or litigation or detection of a crime;
- our accounting or auditing functions and reporting duties;
- the furtherance of our commercial development, strategy, planning or growth including any business sales or transactions; and
- monitoring and ensuring compliance with our policies, processes and procedures.
Third Party Recipients of Personal Data
From time to time, we may share your Personal Data with SmartComms Entities as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support or hosting of data.
We will also share your Personal Data with third parties:
- where required by law;
- where it is necessary to administer the working relationship with you; or
- where we have another legitimate interest in doing so.
We may share your Personal Data with other third parties in relation to Marketing and Sales Activities and we may also need to share your Personal Data with a regulator or to otherwise comply with applicable law.
The third-party recipients or categories of recipients of the Personal Data may include:
- legal representatives;
- regulators and professional bodies;
- government or statutory bodies;
- non-government bodies;
- marketing or PR agencies;
- organisers of marketing events;
- cloud service providers;
- specialist marketing and CRM services providers (such as Marketo, and Salesforce), solely in order or provide elements of the Marketing and Sales Activities;
- data analysis service providers who help us to assess the best services and pricing structure to offer you;
- industry regulators; and
- consultants or contractors working on our behalf.
Transferring Personal Data outside the EU
We may transfer the Personal Data we collect about you to the following countries outside the EU in order to fulfil our responsibilities to you:
We will only transfer your Personal Data to these countries under the terms of an International Group Data Transfer Agreement which apply the standard of the EU’s Standard Contractual Clauses and we will only transfer it to SmartComms Entities in the USA and in Australia.
Any questions about the transmission of Personal Data or requests to receive a copy of the Personal Data being transferred should be addressed in writing to the Data Protection Officer.
Data Security and Data Breaches
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only Process your Personal Data on our instructions and they are subject to a duty of confidentiality. Details of these measures may be obtained from the Data Protection Officer.
Personal Data Retention
The periods for which Personal Data will be stored and the criteria used to determine retention periods or whether Personal Data can be removed will depend on the information in question, its relevance or sensitivity; however, generally, Personal Data will be removed if it has been superseded by other relevant or up to date information, if it is out of date, irrelevant or no longer necessary. Any removal of Personal Data will be subject to the principles of Data Protection Law, compliance with the Lawful Basis for processing as well as other statutory rights and obligations.
Your Rights in Relation to your Personal Data
Under certain circumstances, under Data Protection Law you have the right to:
- Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive information about the Personal Data we hold about you.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to Process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (in certain circumstances).
- Object to processing of your Personal Data where we are relying on a legitimate interest for processing (or a legitimate interest of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your Personal Data to another party.
If you want to review, verify, correct or request erasure of your Personal Data, object to its Processing, or request that we transfer a copy of your Personal Data to another party, please contact the Data Protection Officer in writing.
You also have the right to lodge a complaint as to our Processing of your Personal Data with the UK’s data protection supervisory authority, the Information Commission’s Office.
Change of Purpose
We will only use your Personal Data for the purpose for which it was collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purposes. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. We may also process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is permitted or required by law.
Changing this Privacy Notice
Smart Communication reserves the right to update this Privacy Notice at any time, and it will provide you with a new Privacy Notice when we make substantial changes. We may also notify you in other ways from time-to-time about the processing of your Personal Data.
Any questions about this Privacy Notice should be directed to the Data Protection Officer at firstname.lastname@example.org.