DNASTREAM Limited - Privacy Policy

1. Introduction and objectives

DNASTREAM Limited (referred to in this Privacy Policy as “DNASTREAM”, “we”, “us” or “our”) takes your privacy extremely seriously and we want you to be confident that any information you provide to us, or that we collect about you, when using our websites, products or services is safe and secure. This Privacy Policy explains how and why we may collect your personal information, how we use it, your rights and choices when it comes to these details, and the steps we take to keep it secure and confidential.

Please read this Privacy Policy carefully as once you use our websites, products or services you will be deemed to have read and accepted this Privacy Policy.  This Privacy Policy is a part of the Conditions of Use included on our websites.

2. Scope of this Privacy Policy

This Privacy Policy covers our information practices, including how we collect, use, share and protect the personal information you provide to us through our websites, through your purchase and use of our products or services, or when you work for us or on our behalf as a contractor. This Privacy Policy forms part of the conditions of use of our websites and the terms and conditions of our products and services. If you do not agree with this Privacy Policy you must not access our websites, access or use any of our products, or use any of our services.

We may provide links to third-party websites from our websites or from within our products for your convenience and information. If you access any third-party website from any of our websites or from within any of our products, you will be directed to a third-party website. We do not control such third-party websites, or the privacy practices of the respective website provider, and we do not endorse or make any representations about or accept any responsibility for such third-party websites. The personal information you choose to provide to, or that is collected by, these third-party websites including any social media websites featured on our website or within our products, is not covered by this Privacy Policy. We recommend that you to review the terms of use and privacy policy of any third-party website before submitting your personal information to it.

We may provide social media features on our websites or within our products that enable you to share information about DNASTREAM or your use of our products with your social networks and to interact with us and other parties on various social media platforms. Your use of these features may result in the collection or sharing of information about you, depending on the feature. We recommend that you review the privacy policy and your account settings on the social media platforms that you use to make sure you understand how the information provided by you could be used or shared by the providers of those platforms.

We may modify or update this Privacy Policy from time to time. If we change this Privacy Policy, we will publish it on our websites and make it available within our products. Where any changes will have a fundamental impact on the nature of the processing of your personal information or otherwise have a substantial impact on you, we will give you sufficient notice so that you can exercise any rights you may have (e.g. to object to the processing).

3. How we collect your personal information

These are the main ways we collect your personal information:

  • If you use our websites to register for events, subscribe to our e-newsletter or request information about our products or services
  • If you purchase any products or services from us
  • If you reply to our marketing campaigns (e.g. by filling out a response form)
  • If your contact details are shared with us by our business partners, service providers or other third-parties, where you have provided your consent
  • From other public sources, such as social media platforms, where you have provided your personal details
  • When you use our services
  • When you access or use our products, such as cloud applications or mobile applications
  • If you correspond with us in writing or by email or telephone
  • If you work for us or on our behalf as a contractor

You may engage with us through social media platforms or through features on our websites or within our products that integrate with social media platforms.  When you engage with us through social media platforms, you may allow us to have access to certain information from your social media profile based upon your privacy preference settings on such platforms.  We recommend that you review the settings of your social media profile on the social media platforms that you use, to ensure that you understand what information may be collected about you.

If you provide information on behalf of someone else, you must ensure that you have that person’s permission and that they have been given this Privacy Policy beforehand.

Our websites, products and services (including any cloud applications and mobile applications) have been created for business purposes and are not intended for use by children, and we do not knowingly collect any personal information about children.

Please help us to keep your personal information up to date by informing us of any changes to your personal information or privacy preferences.  You may do this either by using the features available on our websites or within our products, or by contacting us using the details provided in this Privacy Policy.

4. What personal information we may collect

We may collect the following types of personal information about you:

  • Name
  • Home address
  • Correspondence address
  • Email addresses
  • Telephone numbers
  • The name of the organisation you work for
  • Job title
  • Topics of interest regarding DNASTREAM’s products and services
  • How you use our websites and whether you open or forward our communications, including information collected through cookies or other tracking technology (please refer to the section ‘Cookies and other technologies’ in this Privacy Policy)
  • Information relating to purchases of our products or services, including the necessary information for us to bill you for their usage such as billing address
  • Information relating to your use of our products or services
  • If you are a customer, information relating to your business relationship with us that is necessary for us to administer this relationship including information provided by credit reference agencies (e.g. credit rating)
  • If you are a contractor, information relating to your business relationship with us that is necessary for us to administer this relationship including your identification documents (e.g. passport, driving license, utility bills), proof of your right to work in the UK, employment history, skills, qualifications, bank account details and information provided by background checking/vetting agencies (e.g. criminal convictions)

5. How we use your personal information

The personal information we collect may be used to:

  • Manage and administer events that you have registered for, and to follow up on events that you have attended
  • Publicise future events that we believe you may find of legitimate business interest based on your registration for previous events or the topics of interest you have expressed
  • Issue e-newsletters that you have subscribed to
  • Provide information about our products or services as requested by you, or relevant to the topics of interest you have expressed
  • Assess the performance of our websites and analyse how they are used to help us make improvements
  • Maintain leads in our sales processes and run marketing or promotional campaigns to create awareness of our brand, products and services
  • Process requests to purchase any of our products and services
  • Provide access to our products and enable your effective use of the features of our products
  • Administer the relationship with our customers including general communications, account management, product or service delivery, support, contract management, credit management, billing and accounts receivable
  • Administer the relationship with our contractors including general communications, account management, contract management, assignment management, invoice management and accounts payable
  • Manage our contractual obligations and enforce our contractual and legal rights

Your personal information may be used for other purposes for which you give your consent or, in limited circumstances, when required by law or where permitted under the relevant data protection and privacy law.

The use of your personal information set out above is permitted under UK data protection law based on these principal legal grounds:

  • Where you have consented to the use (you will have been presented with a consent form or some other method to give your consent in relation to use), you may withdraw your consent at any time through by using the features available on our websites or within our products, or by contacting us using the details provided in this Privacy Policy
  • Where it is necessary for us to enter into or perform our contractual obligations with you
  • Where we need to use it to comply with our legal obligations
  • Where we use it to achieve a legitimate business interest and our reasons for using it outweigh any prejudice to your data protection rights (our legitimate interests include promoting DNASTREAM’s business and tailoring news or offers to your profile, research and development of products or services, providing you with products or services and managing our business relationship with you)

6. How we keep your personal information safe

We use technical and organisational security measures including authentication tools to protect your personal information against unauthorised access, loss, manipulation or destruction.

Although data transmission over the Internet cannot be guaranteed to be secure, we and our business partners maintain physical, electronic and procedural safeguards to protect your information in accordance with applicable data protection requirements. Our main security measures are:

  • Tightly restricted access to your data on a “need to know” basis and for the communicated purposes only
  • Use of encryption or password-protection when sharing personal information with other parties
  • Use of encryption (in transit and at rest) for our IT systems as far as is possible within the capabilities of the respective system
  • Use of individual, password-protected user accounts for users of our IT systems with assigned permissions to ensure access is only permitted to specific information according to the job role of the user
  • Provision of facilities to set up individual, password-protected user accounts for users of our products with assigned permissions to ensure access is only permitted to specific product features of the respective product and/or data relating to that user’s assigned role 
  • Use of firewalls for our IT systems to prohibit unauthorised access
  • Physically recorded information (i.e. paper documents) stored in locked cabinets in a locked office location
  • Enforcement of strict company policies relating information security, control of access to our IT systems and the permitted uses of our IT systems, our other IT assets and our products, which form part of our employee handbook and the contractual obligations of our contractors and business partners
  • Use of binding contracts with our customers regarding the permitted uses of our products

7. How long we keep your personal information

We retain your personal information only for as long as is necessary and only for the purposes for which it has been collected. Our retention periods are based on our legitimate business needs or our legal obligations, and once no longer needed personal information is either irreversibly anonymised or securely destroyed.

Use for providing features within a product: we retain your personal information for the duration of the contract that provides for your use of the product including any subsequent period to facilitate off-boarding activities as set out in the respective contract.

Use for marketing purposes: we retain your personal information for as long as is necessary and in accordance with your privacy preferences, but only for the purposes for which it was collected – for example, if you have expressed an interest about our products or services we will retain your personal information for the purposes of marketing such products or services unless you update your privacy preferences to withdraw your consent.

Use for performing a contract: we retain your personal information for the duration of the contract and for a period of six years after the contract expiration or termination date to deal with queries or claims thereafter.

Use for managing a business partnership: we retain your personal information for the duration of the partnership and for a period of up to six years thereafter.

Where claims are contemplated: in relation to any personal information where we reasonably believe it will be necessary to defend or prosecute or make a claim, we may retain that information for a long as that claim could be pursued.

8. Who we share your personal information with

Personal information that we collect about you may be transferred to other parties or accessed by other parties on our behalf, with your consent where necessary.

The types of parties we may transfer personal information to are as follows:

  • Business partners and contractors that work with us or on our behalf to provide or support the products or services that you have requested or purchased
  • Event companies that run or manage events on our behalf
  • IT or application providers that provide us with the systems, products or services we use to operate our business activities
  • Credit reference and background checking agencies
  • Law firms that provide legal advice to us (e.g. when dealing with disputes)

Where we share personal information, this is done in a secure manner. When we share this information with other parties, we ensure that the other parties are required to use it only for the purpose it was collected and require such parties to enter into a binding confidentiality and/or contractual agreement with us.

We may also share personal information without your consent if it is in relation to a legitimate business interest or where we have a contractual or legal obligation to do so, such as:

  • When required by law to share information with statutory authorities, government institutions or other authorized bodies
  • When required to use the information to respond to subpoenas, court orders or legal process, or to establish or exercise our legal rights or defend against legal claims
  • Where we believe it is necessary to investigate, prevent or take actions against any illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or as otherwise required by law
  • Where we believe it is necessary to protect or enforce our rights, usage terms, intellectual or physical property or for the safety of DNASTREAM or that our customers, business partners, contractors or other associated parties
  • In the event DNASTREAM is acquired by or merged with another company

While performing our business activities, your personal information may be accessed by our staff, agents or contractors from a country outside of the European Economic Area (EEA) for any of the purposes set out in this Privacy Policy. These countries may have in place data protection laws that may be of a lower standard than in the EEA. We will ensure that any of your personal information that is accessible outside of the EEA is handled subject to appropriate safeguards.

Certain countries outside the EEA, such as Canada and Switzerland, have been approved by the European Commission as providing essentially equivalent protection to EEA data protection laws and therefore no additional legal safeguards are required. In countries that have not had such approval, we will either ask for your consent to transfer the data or transfer it subject to European Commission approved contractual terms that impose equivalent data protection obligations directly on the recipient unless we are permitted under applicable data protection law to make such transfers without such formalities.

9. Cookies and other technologies

What is a cookie?

A cookie is a small text file that stores Internet settings. Almost every website uses cookie technology. The cookie is downloaded by your Internet browser the first time you visit a website. The next time you visit this website from the same device, the cookie and the information in it are either sent back to the originating website (first-party cookies) or to another website to which it belongs (third-party cookies). By that, the website can detect that it has already been opened using this browser and, in some cases, it will then vary the content it shows.

Some cookies are extremely useful because they can improve your user experience when you return to a website you have already visited. This assumes that you are using the same device and the same browser as before; if so, cookies will remember your preferences, will know how you use the website, and will adapt the content you are shown so that it is more relevant to your personal interests and needs.

Use of cookies on our websites and within our products

Our websites and products accessed via a web browser may use cookies of different types.

Strictly necessary cookies: Enable features without which you would not be able to use the website or product as intended. These cookies are used exclusively by DNASTREAM and are therefore known as first-party cookies. They are only saved on your computer while you are actually browsing the website or using the product. Strictly necessary cookies do not require approval and cannot be disabled using the features of the website or product.

Performance cookies: Gather information about how a website or product feature is used for example, which pages a visitor opens most often, and whether the user receives error messages from some pages. These cookies do not save information that would allow the user to be identified. The collected information is aggregated and therefore anonymous. These cookies are used exclusively to improve the performance of the website or product and with it the user experience.

Functional cookies: Enable a website or product to save information which has already been entered (such as user names and language choices), so that it can offer you improved and more personalized functions. For example, a website can offer content in your local language if it uses a cookie to remember your preferred language. These cookies collect anonymous information and cannot track your movements on other websites.

Marketing cookies: Used to deliver adverts and other communications more relevant to you and your interests. They are also used to limit the number of times you see an advertisement and to help measure the effectiveness of advertising campaigns. They remember whether you have visited a website or not, and this information can be shared with other organizations such as advertisers (this includes advertising technologies on websites such as Facebook, LinkedIn and Twitter). Cookies for improving group targeting and advertising will often be linked to site functionality provided by other organizations.

You can choose to accept or decline to the use of cookies on your first visit to each of our websites (and in the latter case our website may attempt to set a cookie to record your preference for future visits). Web browsers may be set to automatically accept cookies, but you may change these settings to decline all cookies if you prefer.

If you set your browser to decline all cookies, the website or product may not function correctly, and you may not be able to use all the features of the website or product.

We may also use web beacons or tracking pixels in our emails and on web pages that help us to monitor whether you have opened any newsletters we may have sent to you. A web beacon is one of various techniques used on web pages or email to unobtrusively (usually invisibly) allow checking that a user has accessed some content. Common uses are email tracking and page tagging for web analytics. We use this information in conjunction with the topics of interest you have expressed, to deliver you a personalized experience by ensuring we send you information that we believe you will find interesting, based on the content we know you have engaged with previously.

Our websites and products may include functionality to interact with social media websites where you may have accounts, such as Facebook, Twitter and LinkedIn. You should be aware that these social media websites may set cookies while you are using them and use of these features may result in the collection or sharing of information about you.

We may disclose aggregated information about your use of our websites to our social media, advertising or analytics partners who may combine it with other information that they hold. We will not disclose information to such parties that identifies you or that contains your personal information.

10. How to change your privacy preferences

You can make individual changes to your privacy preferences using the features included on our websites and within our products, where available. You may also use the “unsubscribe” feature included in our marketing communications and e-newsletters to stop receiving these communications.

You can also contact us using the details provided in this Privacy Policy to change your privacy preferences, withdraw your consent in relation to how we use your personal information, or request information about the personal information we hold about you as well as requesting the correction, deletion or restriction of your personal data for analytics and/or marketing use.

Under certain conditions you have the right to require us to:

  • Provide you with further details on the use we make of your information
  • Provide you with a copy of the information we hold about you
  • Update any inaccuracies in the information we hold about you
  • Delete any information about you that we no longer have a lawful ground to use
  • Remove you from any direct marketing lists when you object or withdraw your consent
  • Provide you with your personal information in a usable electronic format and transmit it to a third-party (right to data portability)
  • Restrict our use of your personal information
  • Cease carrying out certain processing activities based on the grounds of having a legitimate business interest unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime), our interests (e.g. the maintenance of legal privilege) and the rights of third-parties.  In certain circumstances, where you exercise these rights you may no longer be able to access or use our products.  Where you have been provided with access to use our products by your employer or another party, you should also liaise with your employer or such other relevant party with regard to exercising these rights.

11. How to contact us

You can contact us in the following ways:

  • By sending an email to info@dnastream.com and providing us with your full name and email address, together with details of the changes you wish to make
  • By writing to us at
    DNASTREAM Limited
    Surrey Technology Centre
    40 Occam Road
    The Surrey Research Park
    Guildford
    Surrey
    GU2 7YG

If you are dissatisfied with our use of your information or our response to any exercise of your rights, you have the right to complain to the Information Commissioner’s Office (ICO) which regulates the processing of personal data in the UK. More information can be found on the ICO website at https://ico.org.uk.

========================
Last revision: October 2018.

Our solutions

Salesforce Field Service

Salesforce Field Service
BI-as-a-Service

Yellowfin BI

Yellowfin provides the insight you need to make better business decisions and improve your business performance.

ClickSoftware

Get the right people and resources to the right place at the right time

Oracle

Transform your Customer Satisfaction using Oracle RightNow

SAP

Getting results from SAP by understanding what works best