We are required to provide certain information about data protection and privacy as a result of data protection laws arising pursuant to a European Union data protection directive and corresponding UK laws. Businesses in the UK and European Union countries must comply with national laws enacted in light of their country’s interpretation of the European Union data protection legislation. The legislation seeks to ensure that all personal information held by businesses and organizations is both accurate and suitably protected in order to ensure there is no mis-use of personal data relating to an individual held by the business or organization. Irithmics intends to process your data by complying with relevant legislation.

Irithmics kindly requests that you read the privacy statement below which has been included with a view to protecting your personal data.

Who are we?

This website is provided by Irithmics, the trading name of Findicate Limited, a company registered in England & Wales under registration number 07868666 at 4 Queen Street, Bath, United Kingdom, BA1 1HE (“Irithmics”, “we”, “us”, “our”). For the purposes of data protection legislation, Irithmics is the controller and is responsible for your personal data. We may collect personal information about you (“personal data”) either (i) directly when you are asked to provide data (e.g., name, e-mail address and mailing address) or when you email, phone or otherwise contact us; or (ii) indirectly, e.g. via cookies and other technical means to monitor your use of the portal such as access logs, your internet protocol address or profiling to tailor the website to your preferences or to track your use of certain pages of the website, or from third parties who provide us with information about you.

“You” or “your”, in this privacy statement, means you as an individual, rather than any legal entity (such as your employer) which you may represent when you order a service from us.

The data we collect about you

We may collect, use, store and transfer different kinds of personal data about you as follows:

• Identity Data – including Name, Username, Employer, Title, Date of Birth;
• Contact Data – including Billing Address, Delivery Address, Email Address and Telephone Numbers;
• Financial Data – including Bank account and payment card details;
• Profile Data – including your username and password, your interests, preferences, feedback and survey responses;
• Usage Data – including details of your use on our website and services, including and not limited to, traffic data;
• Marketing and Communications Data – including your preferences in receiving newsletters and marketing communication from us and our third parties and your communication preferences.
• Location Data – includes your IP address.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature on our website. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We will rely on you as customers with whom we do business to provide us with accurate and relevant information and inform us of any changes.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel the service you have with us.

We do not generally seek to collect data about your racial or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life, criminal record or alleged criminal activity through the website (“special category data”). We may collect some sensitive personal data incidentally. By providing us with unsolicited sensitive personal data you consent to our using those data for the above purposes.

How is your personal data collected?

We will collect and process data about you which includes information you give us at several different points, including but not limited to, when you register as a user of our services and an account is created for you, when we correspond with you as a customer or prospective customer, when you visit our website, when you contact us for help, when the website sends us error reports or application analytics data and when you sign up to our newsletters.

We may receive personal data about you from various third parties such as the following:

• Identity and Contact Data from third party intermediaries via whom you have subscribed to or use our services;
• Device data from analytics providers, advertising networks, search information providers
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services
• Identity and Contact data from data brokers or aggregators
• Identity and Contact data from publicly available sources such as companies house and the electoral register

If you supply your personal information to us through an intermediary (such as your employer or your service provider), you should ensure that they are duly authorised to do so and that they understand and agree to our Privacy Policy.

If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party (such as your employer or a client), you undertake that you are an authorized representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, processing, use and disclosure by us of their personal data.

We have adopted generally accepted standards of technology and operational security in order to protect the confidentiality and security of personal data we collect but where we collect personal data via this website, the nature of the internet is of course such that the data may flow over networks without appropriate security measures and may be accessed and used by unauthorized persons.

How we use your personal data

We will only use your personal data when the law allows us to so do. Most commonly, we will use your personal data in the following circumstances:

• to perform a contract we are about to enter into, or have entered into, with you;
• if it is necessary for our legitimate interests (or those of a third party) and these are not overridden by your own rights and interests;
• where we need to comply with a legal or regulatory obligation;
• where we have received your consent to do so.

The table below explains what we use (process) your personal information for and our reasons for doing so:

Marketing

We may store your contact details, and carry out marketing profiling activities for direct marketing purposes. If you have given your consent, or if we are otherwise permitted to do so, we may contact you about our products or services that may be of interest to you. If you prefer not to receive any direct marketing communications from us, you can opt out at any time by sending an email to privacy@irithmics.com. We will also give you the option to opt out each time we send a marketing communication by electronic means.

Consent

Generally we do not rely on consent as a legal basis for processing your personal data, other than sending direct marketing communications to you electronically where we are not otherwise entitled to do so. We will always be clear whenever we intend to process on the basis of consent, and we will process lawfully and only for the purpose for which consent was given. In these cases, you have the right to withdraw consent at any time, but such withdrawal of consent will not affect our processing based on consent before your withdrawal.

Sharing your Personal Information

The data may, for these purposes, be disclosed to certain types of staff within Irithmics’ organization (i.e., staff whose job it is to process your enquiries and orders or otherwise to administer the website, and those staff involved in the provision of Irithmics services and products which may be of interest to you).

Personal data may also be disclosed to a limited number of third parties, such as intermediaries via whom you access our website or services, third party marketing companies to send you information which may be of interest, data processors, suppliers or providers of goods or services or affiliated entities within our corporate group, as well as vendors who perform functions on our behalf such as parties that provide hosting, maintenance services, virtual infrastructure, payment processing, analysis and other services for us.

We may also be required to share your information as required by law enforcement or government officials, or when we believe, in our sole discretion, that the disclosure of personal information is necessary to report any suspected illegal activity and to protect the security or integrity of our products and services. The third party law enforcement or government officials to whom information may be provided may be in other countries where the laws on processing personal data may be less stringent than in your country.

International transfers

Some of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Data Retention

We carefully consider the personal data that we store, and we will not keep your information in a form which identifies you for longer than is necessary for the purposes set out in this Privacy Policy.

We use the following criteria to determine data retention periods for your personal data:

• Retention for providing the Services. We will retain your personal data as long as necessary for us to provide relevant Services.
• Retention in case of queries. We will retain your personal data as long as necessary to deal with your queries.
• Retention in accordance with legal and regulatory requirements. We will retain your personal data after we have completed relevant Services based on our legal and regulatory requirements

Your Information rights

We draw your attention to your following rights under data protection law:

• the right to be informed about the collection and use of your personal data;
• the right of access to your personal data, and to request a copy of the information that we hold about you and supplementary details about that information;
• the right to have inaccurate personal data that we process about you rectified;
• the right (in certain circumstances) to have personal data that we process about you blocked, erased or destroyed;
• the right to object:
  • to processing of personal information concerning you for direct marketing;
  • to decisions being taken by automated means which produce legal effects concerning you or that similarly significantly affect you;
  • in certain other situations, to our continued processing of your personal information;
• the right of portability of your data in certain circumstances;
• rights in relation to automated decision-making.
• These rights are subject to certain limitations that exist in law. Further information about your information rights is available on the website of the Information Commissioner’s Office (“ICO”): https://ico.org.uk/.

You also have the right to ask us not to continue to process your personal data for marketing purposes.

You can exercise any of these rights at any time by contacting us at Findicate Ltd, 4 Queen Street, Bath BA1 1HE or by email on info@irithmics.com.

Website links

Our website and services may, from time to time, contain links to and from the third party platforms or websites. If you follow a link to any of these platforms or websites, you need to note that these websites have their own privacy policies and that we do not accept any responsibility or liability for those policies.

Cookies

Our Website uses cookies. For more information on which cookies we use and how we use them, please see our Cookies Policy.

Complaints

If you have a complaint about the way we handle your personal data, please contact us in the first instance by email to privacy@irithmics.com or write to us at our address above, so that we have an opportunity to resolve it.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO): https://ico.org.uk/, the UK supervisory authority for data protection issues or other competent supervisory authority of an EU member state if you are using our services outside of the UK.

Changes to our Privacy Policy and your duty to inform us of changes

We keep our privacy policy under regular review and may revise this Privacy Policy from time to time and publish it on our website.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.