Privacy notice
Who we are
Gravicus Technologies Limited, (referred to below as “Gravicus”, “we”, “our”, “us”), takes your privacy seriously. This Privacy Notice covers all activities of our organisation. Operating as a Limited Company registered in England and Wales (10523409), our registered office address is 4th floor, 166 College Road, Harrow, England HA1 1BH, United Kingdom.
Summary
This Privacy Notice describes how we collect, use, share, store or otherwise process the information we hold about you. Your personal information allows us to provide a range of services, particularly in respect of the provision of our software technology.
Legal basis for using your information
All organisations need a legal reason to use your personal information, if they don’t have one, they can’t use it. There are a number of legal grounds that enable data processing. It’s quite complicated but below are the most relevant grounds you should be aware of: With your consent (C) There are some activities where we process personal information with your consent, which you are able to withdraw at any time. For example, where we want to send you newsletters and similar messages by email, we would ask your permission first and you could opt-out at any time. We will indicate in the Notice where we rely on consent. To fulfil a contract (A) We also process your personal information in order to fulfil a contract we have with you. For example, when you gain employment or purchase a service from us, we will process your information to administer that transaction. For a legitimate interest (LI) Sometimes we may use your information to help us operate our facilities or provide services, but only where that activity doesn’t negatively affect your rights. For example, we might use your information to communicate with you on the basis of our legitimate interest. To comply with legal obligations (LO) There may be situations where we need to use your information to comply with legal obligations. For example, we are required by law to keep certain records visitors in case there is an emergency, so we can make sure you’re safe.
What information do we collect?
When you interact with our organisation, our products, and our services, we collect information about you and our interaction. Generally, this may include: • Your personal details, contact information, and preferences; • More sensitive information, for example when you tell us about dietary requirements, or disabilities, such as when you attend a seminar; • Information about your use of our products or services; • Conversations you have when you call our sales or customer support teams; • Information about the devices you use to interact with us. Where you provide information to us about other people, you need to make sure you have their permission to do so.
When and how we collect your information
We may collect information you provide to us directly and indirectly when interacting with our products and services. This may include such interactions as: • Make an initial approach to use by email or on the phone; • Create, use or manage an online account, if you have one; • Visit our website or use our apps; • Fill out our online forms or registration cards; • Access our internet facilities; • Use social media login functionality; • Interact with us in online forums, by email, text, or on social media; • Complete our market research/customer surveys;
Our processors
There may be situations where we use data processors – companies who act on our behalf – to collect your information for us. These processors can only use your information in accordance with our instructions and for the purposes stated in this Notice published on our websites and partner websites. We also receive information about you indirectly when you interact with us. For example, when you visit our websites or use our apps the devices you use may provide us with your general location (like which country or region you’re in), if you are using ad-blockers, and your IP address. We may also receive information from cookies and other technologies that are on your device or browser. For more information on our use of cookies, please see our Cookies Notice.
Our partners and Third Parties
We collect information about you when it is provided to us by third parties. This might include when you interact anyone who promotes our products, brands, or services. You should always read the privacy policies of other third parties you use, as they will use your information in accordance with their own privacy policies. We may also obtain information about you from our partners and other companies that have your permission to share your information both online and offline, like insight providers.
How we use your personal information
The reason we use your information will often be obvious from the way you interact with us. We have detailed below, the legal bases for processing your personal data. Where there is more than one, the exact grounds will depend on the activity. See the section above for an explanation of each.
Use of personal information | Basis |
---|---|
(a) To provide you with the products and services you have requested, including responding to any enquiries, complaints or requests you may have, (b) to manage our relationship with you, such as for support, or to tailor our service to your preferences, where you tell us about them, (c) to provide linked services, like joint promotions with partners, (d) Allow social sharing functionality | C, LI, A |
Make decisions about what direct marketing to show you based on how you have interacted with us, to improve our products and services online and offline, including our websites and apps | LI |
(a) Comply with legal obligations on us, and (b) to keep you safe and ensure your security | LO, LI |
(a) To send you product or service related communications, service messages, (b) Facilitate the restructuring or sale of all or part of our business | LO, LI, C, A |
Send you direct marketing, where you have consented | C, LI |
Further Information on how we use your information
We sometimes use your information for other reasons, so to help we have added more information to these below. Direct marketing In addition to sending you information about the products and services you use, and where we have your permission, we may send you direct marketing communications about our products, services, events and offers, as well as those of our commercial partners that we think you’ll be interested in. Direct marketing communications may be sent by post, email, telephone, social media (such as WhatsApp, Instagram, Twitter, and Facebook), messages including push notifications to your mobile devices, and via other electronic means such as when you visit our websites or use our apps. We may send you direct marketing while you have an ongoing relationship with us and for a reasonable time after you have used one of our products or services. Please note that such marketing communications sent by email may record your interaction with the communication, such as recording that your opened, forwarded or deleted the email. You will be able to opt-out of direct marketing by following the instructions in the communications you receive or by changing your device settings. Linked services, third party sites and content Our website may, from time to time, contain links to other websites which are outside of our control and are not covered by this Notice. We do not accept any responsibility or liability for other sites’ privacy notices or privacy policies. If you access other websites using the links provided, please check their policies before submitting any personal information. Payments and credit checks Your information may be used to take payment for products and services and may be used to verify credit details related to payments. Disclosures required by law Your information will be disclosed where we are obliged by law to do so. We may also disclose your information where we are allowed by law to protect or enforce our rights or the rights of others and for the detection and prevention of crimes, such as fraud. Data Transfers within the EEA When you complete our registration forms or use our services, we may transfer your information to our processors – companies that carry out activities on our behalf, and only on our instructions. Training and quality If you call contact us by phone or on chat the conversation may be recorded and listened to for training and quality purposes. Social media login Our websites and apps may provide plug-ins to social media websites, including Facebook, Twitter, Google, Yahoo and LinkedIn. If you make use of, or log-in to, the social media features on our websites or apps, we may (depending on your privacy settings) access, use and store information about you, including, but not limited to: your name, e-mail address, gender, location, profile, picture, contacts, and any other information you have chosen to make available. To find out more about the reasons and extent to which social media sites collect and process your data, or to change your privacy settings, please refer to your social media provider’s privacy policy.
Security
We have implemented technical, organisational and administrative security measures to protect any information we hold from loss and misuse, or unauthorised access, disclosure, alteration and destruction. Gravicus Technologies Limited Integrated Management System is ISO/IEC 27001:2013 certified, proof of which can be found here.
International Data Transfers
When you complete our registration forms or use our services, we may transfer your information to our processors – companies that carry out activities on our behalf, only on our instructions – outside the European Economic Area (EEA) to countries that may not have data protection rules that provide the same level of protection to your personal information as countries in the EEA. However, we will only transfer your information if we have appropriate measures in place to ensure the protection of your information in accordance with applicable data protection legislation. When you give us information about other individuals, you confirm that you have authority to act for them and have made them aware of the potential transfer of their information outside the EEA.
Detecting ad blockers
When you visit our websites we may check (by using script, code, cookies or other technical means) if you are using ad-blocker or other privacy tools. If we do detect one of these tools, we may ask you or ask your browser to ask you, if you would give us permission to ignore those settings and continue to serve adverts and/or collect your information using cookies and similar technologies.
How we share your personal information
Where you provide your information to us we do not share it with any third parties except in the performance of a contract or in anticipation of a contract. Your information will only be shared and used in accordance with this notice, and where an agreement is in place to ensure that your information is protected. We won’t sell your personal information without your consent. For example, we will share your information with a finance company for the administrative purposes of providing you or your organisation credit facilities, as well as making sure information is accurate, up to date and to enable business planning and continuity. Sharing with our processors There may be situations where we use data processors – companies who act on our behalf – to process your information for us. These processors can only use your information in accordance with our instructions and for the purposes in this Policy. Sale of our business If we restructure or sell all or part of our business or business operations, we may transfer your information as part of that activity. Where this is the case your information will be used in accordance with this Notice unless you are notified otherwise.
Access and Control
Controlling direct marketing You can change your mind about receiving direct marketing from us or change your preferences by logging into your account, if you have one. Opting-out in any marketing or product communication you have received from us or emailing us using the contact details below. Controlling other communications You can control the communications you receive from us, such as product related communications, by logging into your account, by following the instructions in any relevant communication.
Requesting copies of your information
You may request a copy of your personal information which we may hold about you. You may also ask us to correct any inaccuracies in your personal information. This right may be restricted by law where disclosing information may result in the personal information of other individuals being disclosed and it would be unreasonable to do so.
Withdrawing consent
Where we may rely on consent to use your information, you have the right to withdraw that consent for that processing activity at any time. However, we may have the right to rely on an alternative legal basis for the processing activity and will inform you of that. If you do withdraw consent we may not be able to provide you with the product or service you have requested.
Other rights
You may have the right to object, erase, or restrict our processing of your information – for example, where we process your personal information because this is in our legitimate interests, you may object to this. We will carefully consider your request as there may be circumstances which require us to, or allow us to, continue processing your data.
Complaining to the regulator
If you have any comments, concerns or complaints about our uses of your information we would ask that you contact us first, so that we can try and resolve any matter. However, where we are unable to help, you are able to complain to the Information Commissioner’s Office in the United Kingdom or the data protection regulator in your country of residence, who will be able to liaise with the UK Information Commissioner in the UK.
Retention of your information
We shall retain your information in accordance with our records retention policy, or for as long as necessary for the uses set out in this notice or while there is a legitimate business reason for doing so. If you ask us to delete your information before this time, we may not be able to do so for technical, legal, regulatory or contractual constraints. For example, where you wish to be suppressed from direct marketing, we would need to retain your information for this purpose. Where you ask for your account to be closed, we will do this as soon as possible subject to any terms and conditions relating to the account. Your information will be retained in order to comply with legal and regulatory obligations as well as for analysis, to prevent fraud, collect any monies owed, and to resolve disputes.
Changes to our Privacy Notice
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
Complaints, Questions and Assistance
You are encouraged to raise any issues with the Compliance Officer of Gravicus Technologies Limited:
by Email: compliance@gravicus.com
by telephone: 0203 858 0636
by post: The Compliance Officer, Gravicus Technologies Limited, 8F Hewlett House, London SW8 4AS, United Kingdom
Alternatively, you may raise your queries or concerns with the Supervisory Authority. In the United Kingdom, this is the Information Commissioner’s Office:
by Email: casework@ico.org.uk
by telephone: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
by post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Please click on the tab below that most closely resembles your relationship with Gravicus Technologies limited:
Email Contacts and Prospective Customers
For the purpose of applicable data protection legislation, the controller of your personal data is: Gravicus Technologies Limited, 4th floor, 166 College Road, Harrow, HA1 1BH
For queries to this notice please contact dpo@theprivacyworx.com
As an email contact or prospective customer to Gravicus Technologies Limited we hold the following information about you:
- Name
- Contact details
- Job Title
- Location
This data may come directly from yourself or from Data as a Service providers such as ZoomInfo or LinkedIn. We hold and process this data for the legitimate interest of communicating with you, either for standard business communications or for marketing.
We will retain this data for up to 3 years from our last contact with you, unless you request that we delete the data beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
In order to facilitate our communications with you we may use third party applications such as Administration & Support Service providers, Salesforce, and analytics platforms such as Google.
Where a controller or processor is outside of the UK, we ensure that the appropriate lawful transfer mechanisms are in place when transferring your personal data.
You have the qualified right to request: access to and porting of your data; rectification or erasure of the data; restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office or https://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080
Please check back soon.
Data Subject: Gravicus Technologies Ltd Partners & Resellers
For the purpose of data protection legislation, including the UK Data Protection Act 2018, the General Data Protection Regulation (GDPR), the UK Privacy and Electronic Communications Regulations 2003 (PECR), and other applicable legislation, the controller is: Gravicus Technologies Limited, 4th floor, 166 College Road, Harrow, HA1 1BH
For queries to this notice please contact our DPO at dpo@theprivacyworx.com
As user of the Partner or Reseller of the Smartbox AI platform we hold the following information about you:
- Name
- Contact details
- Financial Details (sole traders or LLP’s)
We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your organisation.
Certain data may be stored on servers outside the UK, for example CRM platforms with whom we are joint controllers. In this case your data is protected by appropriate lawful transfer mechanisms for example, Standard Contractual Clauses or International Data Transfer Agreements.
We will retain this data for up to 7 years from termination of the contract in case there are any queries, unless you request that we delete the data beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
You have the qualified right to request: access to and porting of your data; rectification or erasure of the data; restriction of processing or to object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example the Information Commissioner’s Office.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to dpo@theprivacyworx.com
Please check back soon.
Virtual meetings, Webinars & Online Conference Delegates
Gravicus Technologies Ltd is committed to protecting and respecting your privacy.
This notification sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our practices regarding your personal data and how we will treat it.
For the purpose of data protection legislation, including the UK Data Protection Act 2018, the General Data Protection Regulation (GDPR), the UK Privacy and Electronic Communications Regulations 2003 (PECR), and other applicable legislation, the controller is: Gravicus Technologies Limited, 4th floor, 166 College Road, Harrow, HA1 1BH
Our Data Protection Officer can be contacted at dpo@theprivacyworx.com
As an attendee, or guest speaker at one of our business conferences, webinars or online meetings or training, we process the following information about you:
- Name
- Contact details
- Job Title
We hold and process this data for the legitimate interest of fulfilling a business-to-business contract with your organisation, or the processing is necessary for the performance of a contract or the process of negotiating a contract.
When we hold or facilitate a conference or webinars, we may share conference attendees and delegate details with our sponsors in our legitimate interest. For this purpose of processing, we act as joint controller with any relevant sponsors and partners. For details on how our sponsors and partners process your personal data please go to their privacy notices on their website, where applicable.
We will retain your personal information only for as long as we need it, given the purposes for which it was collected, or as required to do so by law.
Normally, this means we will retain your personal information for 1 year, unless you request that we delete it beforehand.
At the conclusion of all relevant retention periods, physical documents containing your personal data will be shredded, and all personal data held electronically will be deleted.
To facilitate these virtual meetings, webinars, or conferences we may use third party applications, such as Microsoft Teams, or Zoom. For this purpose of processing, we act as joint controller. Please note that if you follow a link or access to any of these applications that they will have their own terms of use and privacy policies and we do not accept any responsibility of liability for these policies. Please check these policies before you submit any personal data to these websites or apps. Their privacy notices can be found here – Microsoft, Zoom
You have the qualified right to request: Access to and Porting of your data; Rectification or Erasure of the data; Restriction of processing or to Object to the processing.
You also have a right to lodge a complaint with a Supervisory Authority, for example theInformation Commissioner’s Office.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to dpo@theprivacyworx.com
Please check back soon.