Privacy Policy
Introduction
This privacy policy sets out how Cyclr collects, uses, stores, transfers and protects any personally identifying information that you provide to Cyclr when you use this website, or otherwise provide in the course of your interactions with Cyclr.
2. Personal Data
In this privacy policy we refer to such personally identifying information as Personal Data in accordance with the term and its definition used in the General Data Protection regulation (GDPR), which is “information that identifies you as an individual or relates to an identifiable individual”. References to “your information” in this privacy policy similarly refers to your Personal Data.
Cyclr Systems Limited (“Cyclr” or “we”) takes very seriously our legal and ethical duties and obligations with respect to privacy issues, and this privacy policy describes our practices in connection with Personal Data that we collect from you. If you have questions on privacy issues, please email us at dpo@cyclr.com.
3. Our contact details are:
Full name of legal entity: Cyclr Systems Ltd
Email address: dpo@cyclr.com
Telephone number +44 (0) 330 010 2525
Postal address: Office 6-10, Sussex Innovation Centre, 12-16 Addiscombe Road, London CR0 0XT
4. Complaints
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, value the opportunity to deal with your concerns before you approach the ICO, so please contact us in the first instance.
5. Changes to the privacy policy and your duty to inform us of changes
This version of our privacy policy was last updated on 28/02/2023.
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.
6. Information about our customers’ end users
We may handle information relating to our customers’ own clients (or end users), as a service provider on behalf of our customers. Our use of such information is governed by separate agreements with our customers. In addition, such information may be subject to our customers’ own privacy policies. This privacy policy does not apply to such information.
7. Data Protection Legislation
Cyclr complies with all applicable Data Protection Legislation including (i) the UK General Data Protection Regulations (UK GDPR) as defined in section 3(10) of the Data Protection Act 2018 (DPA 2018) and as supplemented by the DPA 2018; and (ii) the EU General Data Protection Regulation (EU) 2016/679) (EU GDPR) .:
Personal Data includes
- Name
- Postal address
- Telephone number
- Email address
- Credit and debit card number
- Location data and online identifiers
Other factors that can identify an Individual We may need to collect and process these types of Personal Data in order to provide services to you, or because we are legally required to do so. If you do not provide the information that we request, we may not be able to provide you with services.
8. Data Collection
We only collect identifiable Personal Data that is specifically and voluntarily provided by a visitor to our site. For example, a visitor to our site may choose to provide information such as name, title, office address, office email address and telephone number in order to:
- register for certain areas of the site;
- contact us for further information;
- arrange an appointment or demonstration with us;
- order Cyclr or ConnectorEngine publications or reference materials;
- submit a curriculum vitae/apply for a job at Cyclr;
- enter surveys, quizzes or benchmarking surveys;
- sign up for a Cyclr or ConnectorEngine trial or paid account;
- sign up to receive marketing communications, and register for events and conferences.
Visitors are also able to send email to us through the site. Their messages will contain the user’s screen name and email address, together with any additional information the user may wish to include in the message.
9. Use of Personal Data
When a visitor provides PersonalData to us, we (or our service providers) use it for the Legitimate Interests (defined below) of our business and for the purposes for which it was provided to us by you as stated at the point of collection (or as is obvious from the context of collection), for example the fulfilment of a contract (also defined below). In addition to the examples of use given in the Data Collection section above, Personal Data is used:
- To respond to your enquiries, fulfil your requests, complete your transactions and provide you with related customer service.
- To send administrative information to you, such as changes to our terms, conditions and policies, and, subject to your consent, marketing communications that we believe may be of interest.
- For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Services, identifying usage trends, determining the effectiveness of our promotional campaigns, and operating and expanding our business activities.
Our website does not collect or compile personally identifying information for dissemination or sale to outside parties for consumer marketing purposes or host mailings on behalf of third parties.
10. Sensitive Data
We do not seek any sensitive personal data through this website. Sensitive personal data includes data relating to race or ethnic origin, political opinions, religious or other similar beliefs, trade union membership, physical or mental health, sexual life or criminal record.
11. Disclosure to Third Parties
Our policy is not to share Personal Data with any third parties, unless required by law, or unless explicitly requested by a visitor or otherwise as set out in this section. We recognise that your Personal Data is valuable, and we take all reasonable measures to protect it, while it is in our care.
We may subcontract some areas such as distribution of publications and organisation of events and conferences, and so if a visitor submits Personal Data as part of a request relating to these areas, we may disclose certain data to third parties in order to fulfil these requests (e.g. when ordering a publication we display the party fulfilling the order).
We may also disclose Personal Data to our third party service providers who provide services such as website hosting, data analysis, payment processing, order fulfilment, information technology and related infrastructure provision, customer service, email delivery, auditing and other services.
12. Other uses and disclosures
We may also use and disclose your Personal Data as we believe to be necessary or appropriate: (a) to comply with applicable law, which may include laws outside your country of residence, to respond to requests from public and government authorities, which may include authorities outside your country of residence, to cooperate with law enforcement, or for other legal reasons; (b) to enforce our terms and conditions; and (c) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
In addition, and subject to compliance with applicable law, we may use, disclose or transfer your information to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings).
13. Withdrawal of Consent
Where we are relying on consent to process your Personal Data, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. (Please refer also to section 16 below).
14. Security
We process Personal Data securely by means of appropriate confidentiality obligations and technical and organisational security measures designed to prevent any unauthorised or unlawful disclosure or processing of Personal Data, and the misuse, alteration or accidental loss or destruction of, or damage to, such data. Only authorised Cyclr personnel are provided access to Personal Data, and these employees have agreed to ensure confidentiality of this information.
15. Choices and Access to Information
You have certain individual rights as a data subject, in relation to your Personal Data, which we summarise at the end of this privacy policy (refer section 24 below). If you would like to request to review, correct, update, suppress, restrict or delete Personal Data that you have previously provided to us, please do so via the original registration page, inside the Cyclr application if appropriate, or email us at dpo@cyclr.com. We will respond to your request in accordance with applicable law.
In your request, please make clear what Personal Data you would like to have changed, whether you would like to have your Personal Data suppressed from our database or otherwise let us know what limitations you would like to put on our use of your Personal Data. For your protection, we will only implement requests with respect to Personal Data associated with the particular email address that you use to send us your request, and we may need to verify your identity before implementing your request. We will aim to comply with your request as soon as reasonably practicable, and within any legal timeframe
Please note that we may need to retain certain information to complete any transactions that you began prior to requesting a change or deletion, or to comply with applicable law. There may also be residual information that will remain within our databases and other records, which will not be removed but this will not be Personal Data.
16. Unsubscribe
Should visitors choose to unsubscribe from mailing lists or any registrations, we will provide instructions, on the appropriate webpage or in communications to our visitors, or a visitor may make contact by email to dpo@cyclr.com detailing the sending email address of the communication from which they wish to be removed.
17. Data Retention
We will retain your Personal Data for as long as is needed or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time we have an ongoing relationship with you and provide any services to you; (ii) when we have legal obligation to which we are subject; or (iii) as advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
For example, contact information about visitors (such as information generated though registration for access to areas on the site) will be kept for as long as the information is required to completely service the contact request or until a user requests that we delete that information under section 24 below. Mailing list information, discussion posts and email are kept for only the period of time considered reasonable to facilitate the visitor’s requests. Resumes are retained for up to six months, unless special circumstances prevail, and are then securely disposed of..
18. Cookies and Log Files
We use small text files called ‘cookies’ which are placed on your hard drive to assist in providing a more customised website experience. For example, a cookie can be used to store registration information in an area of the site so that a user does not need to re-enter it on subsequent visits to that area. Cookies are not used to track individual visitors to our site.
Our website uses cookies to provide the best user experience However if you prefer, , you may opt out of all but strictly necessary cookies, by responding to the online prompt on access to our website. .
In order to properly manage our website we may log anonymised information on our operational systems, and identify categories of visitors by items such as domains and browser types. These statistics are reported in the aggregate to our webmasters. This is to ensure that our website presents the best web experience for visitors and is an effective information resource.
19. Children
We understand the importance of protecting children’s privacy, especially in an online environment. Our site is not designed for or directed at children 13 years of age or younger. It is our policy never to knowingly collect or maintain information about anyone under the age of 13.
20. Sensitive Information
We ask that you not send us, and you not disclose, any sensitive Personal Data (e.g., social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background or trade union membership) on or through the Services or otherwise.
21. Jurisdiction and cross-border transfer
Your Personal Data may be stored and processed in any country where we have facilities or in which we engage service providers, and by using our services you consent to the transfer of information to countries outside your country of residence, including the United States which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
If you are located in the European Economic Area (the EEA), the EU GDPR will apply to the processing of your Personal Data; and although the UK is no longer in the EEA, the UK is recognised by the European Commission (the EC) as providing adequate protection for the privacy rights of individuals under the UK GDPR. Some other non-EEA countries are also recognised by the EC as providing an adequate level of data protection.
For transfers from the EEA to the United States and other countries not considered by the EU and the UK to provide adequate protection, we have put in place supplementary measures, including Standard Contractual Clauses (SCCs) adopted by the EC and, in the case of the UK, EU SCCs as supplemented by an Addendum as a measure designed to protect your Personal Data in these instances. If you would like details of any such measures that may affect you, please contact us on dpo@cyclr.com.
22. Email Communications
If you are subscribed to any of our mailing lists we may use ‘web bugs’ (one pixel invisible images) contained in the email to track whether you open the message. You may opt out of this tracking process by choosing not to download images automatically in your email client, when prompted; otherwise your opening of the email will report back to our systems that you have read the message. We may also employ tracking of any links you click in our messages. Any data we collect will be anonymised and used by our marketers for aggregate analysis only
23. Third Party Links
There may be pages on our sites which include links to websites which are owned and operated by third parties and which, as a consequence, do not operate this privacy policy. When you link to other websites, this privacy statement and our privacy practices no longer apply. We encourage visitors to review each site’s privacy policy before disclosing any Personal data.
24. A summary of your Legal Rights
The GDPR gives individuals eight data subject rights in relation to your Personal Data. You have the right to:
Be informed as to what Personal Data is being collected, how it is being used, how long it will be kept, and whether it will be shared with third parties.
Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data and supplementary information we hold about you.
Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us. Cyclr has no responsibility with regard to the accuracy of Personal Data where we have not been informed of any inaccuracy.
Request erasure of your Personal Data. Otherwise known as the ‘right to be forgotten’, this enables you to ask us to delete or remove Personal Data where there is no valid reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may be able to demonstrate to you that we have compelling legitimate grounds to continue to process your information. You have an absolute right to stop the processing of your Personal Data for direct marketing purposes.
Request restriction of processing of your Personal Data. This enables you to ask us to restrict or suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your Personal Data (known as ‘data portability’) to you or to a third party. We will provide to you, or a third party you have chosen, the Personal Data which you provided to us, in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use, or where we used the information to perform a contract with you.
In relation to automated decision-making and profiling the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you.
If you wish to exercise any of the rights set out above, please contact us at dpo@cyclr.com.
Legal Definitions
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and recognise your rights to having your Personal Data processed in line with the ‘lawfulness, fairness and transparency’ principle before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us on dpo@cyclr.com.
Performance of Contract means processing your Personal Data where it is necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract.
Cyclr Systems Limited