Effective: March 31, 2022
You may view or change your consent choices for this website at any time
Collection and use of your information
In the Collection and use of your information section we have set out:
(a) The general categories of personal data that we may process;
(b) In the case of personal data that we did not obtain directly from you, the source and specific categories of that data (i.e., Tracking Information);
(c) The purposes and legal basis for which we may process personal data; and
When you visit our websites, we may collect certain information from you. This information falls into two categories: 1) personal data you voluntarily supply when you log into or submit data on our websites and 2) tracking data collected as you navigate our sites.
Personal data you provide to us
We may retain and use for our business purposes (including to contact you, provide services to you, provide customer service and to send newsletters) personally identifiable information you provide to us such as your name, email address, and company. The legal basis for this processing is legitimate interests, namely the proper administration of our website and business, in accordance with Article 6(1)(f) of the GDPR.
We may retain and use technologies to track your use of our websites and tailor your web experience. The tracking information data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services, in accordance with Article 6(1)(f) of the GDPR.
Cookies are small, unique strings of code stored on your computer that make it easier for you to use our site and help us improve site functionality and security. We may use both session cookies (which expire once you close your browser) and persistent cookies (which stay on your computer until you delete them).
When you visit our web sites or open an email you have received from us, we, or one of our technology vendors, may place or recognize a unique cookie on your browser. These cookies, which do not contain personally identifiable information, enable us to customize our services and gather analytics about our web traffic. Additionally, emails we send to you may contain a bit of code known as a “web beacon.” This code helps us understand the time and date that a user has opened an email and when he/she has used a link within the email to visit a website, allowing us to collect analytics about our traffic and customize our services. You can disable our web beacons by turning images “off” in your email client (e.g., Outlook, Outlook Express). Please see your email client for more information.
Your browser may permit you to reject or delete cookies, but this may prevent proper working of our website.
We may disclose your personal data as follows:
Disclosure to Vendors and other service providers
We may use third party service providers for network, security, email, and hosting services. Suppliers and service providers are required by contract to keep confidential the information received on our behalf, and may not use it for any purpose other than to carry out the services they are performing for us.
We use Piwik PRO Analytics Suite (Piwik) as our website/app analytics software [and consent management tool]. Piwik collects data about website visitors based on cookies. The collected information may include a visitor's IP address, operating system, browser ID, browsing activity and other information. You can find the scope of data collected by Piwik PRO here.
Through Piwik, we calculate metrics like bounce rate, page views, sessions and the like to understand how our website/app is used. [We may also create visitors' profiles based on browsing history to analyze visitor behaviour, show personalized content and run online campaigns.]
Piwik hosts its solution on Microsoft Azure in Germany/Netherlands/United States/Singapore/ElastX in Sweden, and the data is stored for 14/25 months.
Disclosure required by law
Under certain circumstances personal data may be subject to disclosure pursuant to judicial or other government subpoenas, warrants, or orders. Also when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request or to any other third party with your prior consent to do so. If we are ever legally compelled to disclose your personal data to a third party, we will notify you with the contact information we have unless doing so would violate the law or a court order.
Disclosure to Insurance
We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
Disclosure of non-personal data
We may share with third parties or service providers non-personally identifiable information about your use of our website, which could include demographics, interests, and other online habits.
In the Your Rights Section, we have summarized the rights that you have under data protection law.
As it relates to personal data collected on this site, your principal rights under data protection law are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to complain to a supervisory authority; and
(g) the right to withdraw consent.
You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information.
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.
You have the right to request the restriction or suppression of your personal data. This is not an absolute right and only applies in certain circumstances, as listed above in Erase. When processing is restricted, we are permitted to store the personal data, but not use it.
If you consider that our processing of your personal data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
If your personal data changes, or if you no longer desire our service, you may correct, update, amend, delete/remove, or deactivate it by making the change on your settings page or by emailing our customer support at firstname.lastname@example.org.
If you wish to subscribe to our newsletter, we will use your name and email address to send the newsletter to you. Out of respect for your privacy, you may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing the email preferences in your account settings page or you can contact us at email@example.com.
We will retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Other important information
We do not knowingly collect personal data about children. Our systems are not designed for use by children under the age of 13. If we learn we have collected or obtained personal data of someone under 13, we will delete that information from our database. If you believe that this has occurred, please contact us at firstname.lastname@example.org.
We take the security of our data and client's information seriously. We always take what we believe are reasonable precautions to protect against unauthorized access to our systems and to prevent data from being disclosed to unauthorized parties. We follow generally accepted standards to protect the personal data submitted to us, both during transmission and once we receive it. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee absolute security.
If we ever go through a business transition such as a merger, acquisition, or sale of all or a portion of its assets, your personal data and non-personal data will likely be among the assets transferred. You will be notified in advance by email where possible, and we will post a prominent notice on our website. We will require an acquiring company or merger agreement to uphold the material terms of this privacy statement, including honoring requests for account deletion.
Where business needs exist, ID5 intends to transfer personal data to entities outside the EU. However, your personal data will not be transferred unless a valid transfer mechanism is in place legitimizing such a transfer. In the case referred to in Article 46,47, or the second paragraph of Article 49(1), this will typically involve EU model clauses or the EU-US Privacy Shield Framework. Safeguards afforded by the EU model clauses may be accessed here.
Links to third-party sites
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Blog / Forum
Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. You can request the removal of your personal data from our blog or community forum, by contacting us at email@example.com. In some cases, we may not be able to remove your personal data, in which case we will let you know if we are unable to do so and why.
Changes to this policy
If you have questions about this statement, please e-mail our privacy administrator at firstname.lastname@example.org or contact us at:
Privacy Administrator, ID5, 15 Bishopsgate, London EC2N 3AR, UK