In the context of the law and this notice, “process” means collect, store, transfer, use or otherwise act on information.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, namely, ProArch IT Solutions Ltd and its group and associate companies located in USA, Singapore and India.
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a user’s computer or device.
Our policy complies with UK law accordingly implemented, including that required by the EU General Data Protection Regulation (GDPR). You could view your rights at http://knowyourprivacyrights.org
Except as set out below, we do not share, or sell, or disclose to a third party, any information collected through our website.
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.
We may collect, use, store and transfer different kinds of personal data about you. We have collated these into groups as follows:
- Your identity includes information such as first name, last name, title, date of birth, and other identifiers that you may have provided at some time.
- Your contact information includes information such as billing address, delivery address, email address, telephone numbers and any other information you have given to us for the purpose of communication or meeting or for raising invoices if you would be a customer of ProArch.
- Transaction data includes details about payments or communications to and from you and information about products and services you have purchased from us.
- Technical data includes your IP address, browser type and version, time zone and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Marketing data includes your preferences in receiving marketing from us; communication preferences; responses and actions in relation to your use of our services.
- We may aggregate anonymous data such as statistical or demographic data for any purpose. Anonymous data is data that does not identify you as an individual. Aggregated data may be derived from your personal data but is not considered personal information in law because it does not reveal your identity.
- If we combine or connect aggregated data with your personal information, so that it can identify you in any way, we treat the combined data as personal information and it will be used in accordance with this privacy notice.
- We do not collect any special personal information about you. Special personal information is data about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions and orientation, trade union membership or information about your health and genetic and biometric data. We do not collect any information regarding criminal convictions and offences. However, we may collect special personal information about you if there is a lawful basis on which to do so. In such a situation, we would inform you
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
If you do not provide personal information we need: Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform that contract. In that case, we may have to stop providing a service to you. If so, we will notify you of this at the time.
The bases on which we process Information about you
The law requires us to determine under which of the bases defined below, we process different categories of your personal information, and to notify you of the basis for each category.
If a basis on which we process your personal information is no longer relevant then we shall immediately stop processing your data. If the basis changes then if required by law we shall notify you of the change and of any new basis under which we have determined that we can continue to process your information.
- Lawful basis:
When you create an account on our website, buy a product or service from us, or otherwise agree to our terms and conditions, a contract is formed between you and us.
In order to carry out our obligations under that contract we must process the information you give us. Some of this information may be personal information.
We may use it in order to:
- verify your identity for security purposes
- sell products to you
- provide you with our services
- provide you with suggestions and advice on products, services and how to obtain the most from using our website
We process this information on the basis there is a contract between us, or that you have requested we use the information before we enter into a legal contract.
We shall continue to process this information until the contract between us ends or is terminated by either party under the terms of the contract.
- Consent Basis:
Through certain actions when otherwise there is no contractual relationship between us, such as when you browse our website or ask us to provide you more information about our business, including job opportunities and our products and services including applying for a job with us, you provide your consent to us to process information that may be personal information.
If you have given us explicit permission to do so, we may from time to time pass your name and contact information to selected associates whom we consider may provide services or products you would find useful.
We continue to process your information on this basis until you withdraw your consent or it can be reasonably assumed that your consent no longer exists.
You may withdraw your consent at any time by instructing us at firstname.lastname@example.org. However, if you do so, you may not be able to use our website or our services further.
- Legitimate Interest basis:
We may process information on the basis there is a legitimate interest, either to you or to us, of doing so.
Where we process your information on this basis, we do after having given careful consideration to:
- whether the same objective could be achieved through other means
- whether processing (or not processing) might cause you harm
- whether you would expect us to process your data, and whether you would, in the round, consider it reasonable to do so
For example, we may process your data on this basis for the purposes of:
- record-keeping for the proper and necessary administration of our organization
- responding to unsolicited communication from you to which we believe you would expect a response
- protecting and asserting the legal rights of any party
- insuring against or obtaining professional advice that is required to manage organisational or business risk
- protecting your interests where we believe we have a duty to do so
- Legal obligation basis:
Sometimes, we must process your information in order to comply with a statutory obligation.
For example, we may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order. This may include your personal information.
Complaints regarding content on our Website:
If you complain about any of the content on our website, we shall investigate your complaint.
If we feel it is justified or if we believe the law requires us to do so, we shall remove the content while we investigate.
Free speech is a fundamental right, so we have to make a judgment as to whose right will be obstructed: yours, or that of the person who posted the content that offends you.
If we think your complaint is vexatious or without any basis, we shall not correspond with you about it.
Job Application and Employment
If you send us information in connection with a job application, we may keep it for up to 1 year, in case we decide to contact you at a later date.
If we employ you, we collect information about you and your work from time to time throughout the period of your employment. This information will be used only for purposes directly relevant to your employment. After your employment has ended, we will keep your file for 1 year, before destroying or deleting it.
Communicating with Us
When you contact us, whether by telephone, through our website or by e-mail, we collect the data you have given to us in order to reply with the information you need.
We record your request and our reply in order to increase the efficiency of our organization.
We do not keep any personally identifiable information associated with your message, such as your name or email address unless you have chosen to include such details in your message itself.
When we receive a complaint, we record all the information you have given to us.
We use that information to resolve your complaint.
If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and if we do, what that information is.
We may also compile statistics showing information obtained from this source to assess the level of service we provide, but not in a way that could identify you or any other person.
Some cookies are required to enjoy and use the full functionality of this website.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, otherwise contact the EMS provider.
We hold the following information about you within our EMS system, unless you have opted out;
- Email address
- I.P address
- Subscription time & date
- [list other data that is stored]
Data may be processed outside the European Union
Our group and associate companies are located in USA, Singapore and India. We may also use outsourced services in countries outside the European Union from time to time in other aspects of our business.
Accordingly, data obtained within the UK or any other country could be processed outside the European Union.
For example, some of the software our website uses may have been developed in the United States of America or in India
We use the following safeguards with respect to data transferred outside the European Union:
- the processor is within the same corporate group as our business or organisation and abides by the same binding corporate rules regarding data processing.
- the data protection clauses in our contracts with data processors include transfer clauses written by or approved by a supervisory authority in the European Union specifically that in United Kingdom
- we comply with a code of conduct approved by a supervisory authority in the European Union specifically that in United Kingdom
- both our organisation and the processor enter into either a legally binding agreement or administrative arrangements relating to protection of your information
How you can complain
If a dispute is not settled, then we hope you will agree to attempt to resolve it by engaging in good faith with us in a process of mediation or arbitration.
If you are in any way dissatisfied about how we process your personal information, you have a right to lodge a complaint with the Information Commissioner’s Office (ICO). This can be done at https://ico.org.uk/make-a-complaint/. We would, however, appreciate the opportunity to talk to you about your concern before you approach the ICO.
Retention period for personal data
Except as otherwise mentioned in this privacy notice, we keep your personal information only for as long as required by us:
- to provide you with the services you have requested;
- to comply with other law, including for the period demanded by our tax authorities;
- to support a claim or defence in court.
Compliance with the law
If you wish to submit a subject access request, please do so here.