Optellum (“we”, “us”, ”our”) believes your data is a precious commodity and know it is your right to total transparency and control on how we use it. We have implemented strong data privacy and security safeguards to ensure that you’re protected to the best extent we can.
This policy outlines what data we collect, how we use it and the safeguards we put in place to protect it and covers both our UK and USA locations.
You can contact our voluntarily appointed Data Protection Officer at firstname.lastname@example.org if you have any concerns or wish to exercise your rights.
We’re committed to your data privacy and security. As such we give you these promises:
- We will only collect data about you that is relevant and necessary;
- Your data will only be held on systems that meet compliance standards;
- Your data will only be accessed by those who need it and we will minimise the amount of data that is processed, wherever possible;
- We won’t share or sell your data to any third party except for the marketing of our own services to you, unless either you have agreed, we are required to share it by law or we need to fulfil our service commitments to you through a third party that meets our own privacy standards;
- We will always remember that it is your personal data, not ours. As such we will ensure complete transparency and openness with you wherever possible;
- We respect your rights as outlined in the next section and will respond to all requests promptly.
You have the following rights over any data we hold about you:
- Right to object to processing at any time
- Right to opt out of marketing at any time
- Right to have inaccurate data corrected
- Right to erasure of personal data from our database
- Right to export of personal data
You can read more about your rights knowyourprivacyrights.org.
If you would like to uphold your rights, then please contact our Data Protection Officer at email@example.com.
If you are in dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at ico.org.uk/concerns.
We collect information about you in two key ways:
- Passive – you give us information on our website, email us, call us, post a comment on our blog, send us a CV, meet one of us at events or meetings or approach us on social media
- Proactive – this is data about you that we may hold from referrals, resellers or proactive marketing activity.
We try and minimise the personal data held on you. Typically, this is restricted to:
- Your personal contact details – email address, IP Address, phone numbers, business related social media page such as LinkedIn, source of your data and legal reason for the holding of your information.
- Your company details – as above but also address, website and other public held information including credit rating and invoicing details if relevant.
- Transmitted information – such as emails, texts, messaging, phone call information and recordings, voice mails, email, meeting notes and document tracking information.
Processing your data
Data is processed/stored on encrypted systems on-premises and on hosted cloud services such as Microsoft 365. We also use Third Parties for processing of data including for marketing.
As such, some data will either be in UK and EU data centres or on US based servers that are covered by where relevant Standard Contractual Clauses (SCCs) are in place.
We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business. We will always use the Adequacy Decisions or SCCs for this purpose to ensure your data is safeguarded to the extent we can.
We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held.
We also use your data to market to you, fulfil contractual arrangements or for agreed purposes. Calls may be recorded for information holding, quality and training purposes. Our email, document management and website analytics are used for information purposes and to track breaches of copyright. All our processes are subject to various internal policies to ensure that your data privacy and security is upheld.
You may contact us if you are concerned about the processors we use.
Dependant on the data you provide us and for what purpose it is provided we may need to retain your data for up to 6 years. If you wish to find out more about your specific data retention, please contact us.
Every marketing email sent from Us allows you to opt out, except for the purposes of fulfilling any contractual arrangements.
You can also contact us at the email address above and request to opt out, view, export or delete your data.
If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed.
We also share information where agents, resellers or suppliers are involved in the delivery of your service.
Our website and other materials sent to you may contain links to other third party websites. We may also offer buttons to social media that link to third party services. We’re not responsible for the content or your data privacy these sites provide through their tools or sites.
We seek to uphold our legal obligations as covered by the Data Protection Act 2018 and the General Data Protection Regulation 2016. Our Data Protection Authority is designated as the ICO.
Where data is processed in any other jurisdictions and you believe we may be infringing on legal or regulatory obligation please contact us at the above address immediately.