Privacy Notice
Partner Tech UK Privacy Notice
Introduction
How can you contact us?
How do we define certain terms?
Which personal data are processed by us?
Why and on what legal basis do we store personal data?
How do we use cookies, analysis and tracking tools as well as social media registrations?
To whom do we disclose your personal data?
How do we work together with partners for you?
What do we use international partners for?
What adjustments can you make regarding data protection?
How can you revoke your consent?
What rights do you have?
How do we protect your personal data?
Introduction
The present data protection regulations have the purpose of informing you regarding the processing of personal data at our company. We hereby comply with our duties from the European Data Protection Basic Ordinance (EU-GDPR, EU 2016/679), in particular Articles 13 and 14, as well as Article 26. Sect. 2 and the Data Protection Act 2018.
Please read the present regulations carefully. Should you have further questions, please contact us at security@partnertechuk.com;
For Partner Tech UK Corp Ltd as the data controller, protection of your privacy and thus of your personal data, is top priority at all times.
The present regulations describe our handling of this information on you, which may constitute personal data.
In this document we also explain how we use cookies and analysis tools on our entire website.
We abide at all times by the applicable Data Protection Law and the present Data Protection Regulations. We only disclose data in cases listed in the present regulations.
How can you contact us?
You can reach us at the following address:
Partner Tech UK Corp Ltd
Unit 8 Berkeley Court
Runcorn
Cheshire
WA7 1TQ
Security@partnertechuk.com
How do we define certain terms?
Personal data
Information which concerns a specific or identifiable physical, living entity. However, this does not include information on legal entities.
Which personal data are processed by us?
When you visit our websites, show interest in us/conduct business with us we process different data. This may be directly or indirectly personal, i.e. with the effect of other data sources. Much of this data is recorded in anonymized form. This includes the following information:
Data categories:
• Account data
• Personal data
• Address data
• Bank data
• Contact data
• RMA data
Information when visiting our websites:
When you visit our website, we may store information on the region from which you are retrieving the page, information on your device, operating system and browser, on the use of our site and where applicable if you have already visited us.
When you open a contact enquiry or RMA log on our website, we process the corresponding data provided by you such as e.g. contact data, address data.
Support enquiries:
When you contact us, e.g. in order to place a support enquiry, we store your data on this enquiry such as e.g. contact data, data on your hardware and software and log-data. Beyond this, you may provide us with files for inspection for handling the support case.
Why and on which legal foundation do we store personal data?
Processing purpose:
We process your data regardless of whether they can be allocated to a person or not, for the following purposes:
• In order to comply with our contractual duties toward you.
• In order to facilitate convenient and easy use of our website.
• For administrative purposes.
• For marketing purposes on the basis of your legitimate interest as a client.
Contract initiation and performance
We only store data which we need for the fulfillment of our contractual duties toward you.
Legitimate interest
We will be processing data on the basis of your legitimate interest. We are obligated in this context to disclose our interest and to weigh our interests and yours.
Storage duration and deletion deadlines
We store the personal data only to the extent necessary for fulfillment of our contractual obligations. The length of storage will be based on our Data Retention Schedule Policy.
Should the data no longer be used, it will be anonymised and/or deleted in line with our Data Retention and Deletion Policy.
Where we receive a request to erase and/or remove personal information from a data subject, the below process is followed: –
1. The request is allocated to the Compliance Officer and recorded on the Erasure Request Register
2. The Compliance Officer (CO) locates all personal information relating to the data subject and reviews it to see if it is still being processed and is still necessary for the legal basis and purpose it was originally intended
3. The request is reviewed to ensure it complies with one or more of the grounds for erasure: –
a. the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
b. the data subject has withdrawn consent on which the processing is based and where there is no other legal ground for the processing
c. the data subject objects to the processing and there are no overriding legitimate grounds for the processing
d. the personal data has been unlawfully processed
e. the personal data must be erased for compliance with a legal obligation
f. the personal data has been collected in relation to the offer of information society services to a child
4. If the erasure request complies with one of the above grounds, it is erased within 30 days of the request being received
5. The CO writes to the data subject and notifies them in writing that the right to erasure has been granted and provides details of the information erased and the date of erasure
6. Where the Company has made any of the personal data public and erasure is granted, we will take every reasonable step and measure to remove public references, links and copies of data and to contact related controllers and/or processors and inform them of the data subjects request to erase such personal data
If for any reason, we are unable to act in response to a request for erasure, we always provide a written explanation to the individual and inform them of their right to complain to the Supervisory Authority and to a judicial remedy. Such refusals to erase data include: –
• Exercising the right of freedom of expression and information
• Compliance with a legal obligation for the performance of a task carried out in the public interest
• For reasons of public interest in the area of public health
• For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing
• For the establishment, exercise or defence of legal claims
Please be further advised that after confirmation of the order for deletion, there will no longer be any possibility of recovering your data.
How do we use cookies, analysis and tracking tools?
When you use a product or service for the first time, cookies will be uploaded to your browser. Your browser may be identified through the cookies so that our website can be displayed correctly. Furthermore, we deposit cookies at several places on our website in order to analyse the use of our website and to thereby optimize it.
For marketing purposes and in order to make your visit to our website more user-friendly, we use Google Analytics & Pardot.
To whom do we disclose personal data?
There will be no disclosure of your personal data to third parties for reasons other than those cited below.
We only disclose your personal data to third parties if:
• You gave your express consent to the underlying processing,
• This is permitted by law and is necessary for performing our contract with you,
• Disclosure of the data is based on a statutory obligation and
We disclose data on the above grounds to the following recipients/categories of recipients:
• Employees (internal and external)
• IT-infrastructure service providers
• Payment processors, factoring companies
• Service providers for support handling
• Software service providers
• Providers of analysis tools
• Other service providers
What do we use international partners for?
We use a global network of IT infrastructure to render our services such as e.g. computer, cloud-based servers, networks and software solutions.
These partners are domiciled in different countries, in part also outside of the European Union. The same data protection level as in the European Union is not always prescribed by law and established in these countries. For this reason, we took a number of measures, in order to ensure the highest degree of protection possible for your personal data. These are:
• Cooperation with companies in a country recognized by an adequacy decision by the European Union
• Cooperation with companies according to the EU-US-Privacy-Shield
• Cooperation with companies on the basis of the EU standard contract clauses
• Cooperation with companies on the basis of agreed guarantees
We have these measures guaranteed by our partners within the scope of statutory regulations.
Beyond this, in special cases there is the possibility of disclosing the data on the basis of your explicit consent.
Which adjustments can you make with regard to data protection?
On our website you have several options regarding which data you communicate to us. It may be possible that through the change of settings/failure to enter information, specific services no longer function properly.
How can you revoke your consent?
If you gave your consent to specific instances of data processing, e.g. subscription to a newsletter, you have the right to revoke this consent, also partially. Please contact us in this case.
Should the processing of the data be carried out on the basis of weighing of interests pursuant to Art. 6 Sect. 1 of the GDPR, you also have the right here to lodge an objection against the processing if there are reasons arising from your specific situation or it concerns direct advertising.
In the case of direct advertising, you have a general right of objection without being required to provide details on the specific situation. Please notify us of your objection.
Which rights do you have?
Subject to the proviso of potential legal restrictions, you have the following rights which you may exercise:
The right to information, correction, deletion, restriction of processing, data transferability and objection.
Please be advised here that, as prescribed by law, we reserve the right to corresponding identification and to any further measures for the definite inspection of the identification.
Right to information:
If you would like information on the personal data being stored, please request this from us. For security reasons and due to regulations, we may redact specific data such as credit card information.
Right to correction:
In the administration area of our software, you are offered an overview of the master data stored by us, such as name, e-mail address and address. Should you determine that this information is not accurate, you can change it yourself. For all other correction requests, please contact us.
Right to deletion:
Should you wish to have your data deleted, please inform us. We may delete your data in accordance with the statutory provisions.
However, we would already like to point out here that on the basis of statutory provisions we are obligated to store specific data for a longer period, such as the preservation periods for accounting documents of currently 7 years (in line with Tax Ordinance) in line with our Data Retention Policy.
We will immediately stop processing your data, due to technical restrictions it can take up to 16 days until we have finally deleted the data.
Please be further advised that after confirmation of the deletion order, it is no longer possible to recover your data.
Right to restriction of processing:
You have the right to restrict the processing of data. Please tell us the affected data categories from your perspective and the reasons for your request. We will review the facts thoroughly and inform you of the result.
Right to data transferability:
Please inform us in writing which data you want to transfer to whom. We will review your request immediately and inform you of the result.
Right of complaint:
Should you be dissatisfied in the context of data protection, you have the right to file a complaint with the relevant supervisory agency for data protection in your country. For Partner Tech UK Corp Ltd the UK Representative for Data Protection and Freedom of Information is
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
How do we protect personal data?
In order to protect your personal data, Partner Tech UK Corp Ltd took measures compliant with data protection law and the latest technical regulations in the sector. The latter are continuously revised and adjusted where necessary. The objective is to protect your data against accidental or willful manipulations, partial or entire loss, destruction or unauthorized access by third parties.
Communication is encrypted according to the SSL procedure (Secure Socket Layer) for the transmission of data between our websites, applications and our internal systems.
We protect the systems and processing through a series of technical and organizational measures. This includes data encryption, anonymization, logical and physical access restriction and control, firewalls and recovery systems, vulnerability testing.
Our staff are trained on a regular basis for handling sensitive personal data and subjected to compliance with data secrecy in accordance with the legal provisions.
As per: May 25, 2018
Introduction
How can you contact us?
How do we define certain terms?
Which personal data are processed by us?
Why and on what legal basis do we store personal data?
How do we use cookies, analysis and tracking tools as well as social media registrations?
To whom do we disclose your personal data?
How do we work together with partners for you?
What do we use international partners for?
What adjustments can you make regarding data protection?
How can you revoke your consent?
What rights do you have?
How do we protect your personal data?
Introduction
The present data protection regulations have the purpose of informing you regarding the processing of personal data at our company. We hereby comply with our duties from the European Data Protection Basic Ordinance (EU-GDPR, EU 2016/679), in particular Articles 13 and 14, as well as Article 26. Sect. 2 and the Data Protection Act 2018.
Please read the present regulations carefully. Should you have further questions, please contact us at security@partnertechuk.com;
For Partner Tech UK Corp Ltd as the data controller, protection of your privacy and thus of your personal data, is top priority at all times.
The present regulations describe our handling of this information on you, which may constitute personal data.
In this document we also explain how we use cookies and analysis tools on our entire website.
We abide at all times by the applicable Data Protection Law and the present Data Protection Regulations. We only disclose data in cases listed in the present regulations.
How can you contact us?
You can reach us at the following address:
Partner Tech UK Corp Ltd
Unit 8 Berkeley Court
Runcorn
Cheshire
WA7 1TQ
Security@partnertechuk.com
How do we define certain terms?
Personal data
Information which concerns a specific or identifiable physical, living entity. However, this does not include information on legal entities.
Which personal data are processed by us?
When you visit our websites, show interest in us/conduct business with us we process different data. This may be directly or indirectly personal, i.e. with the effect of other data sources. Much of this data is recorded in anonymized form. This includes the following information:
Data categories:
• Account data
• Personal data
• Address data
• Bank data
• Contact data
• RMA data
Information when visiting our websites:
When you visit our website, we may store information on the region from which you are retrieving the page, information on your device, operating system and browser, on the use of our site and where applicable if you have already visited us.
When you open a contact enquiry or RMA log on our website, we process the corresponding data provided by you such as e.g. contact data, address data.
Support enquiries:
When you contact us, e.g. in order to place a support enquiry, we store your data on this enquiry such as e.g. contact data, data on your hardware and software and log-data. Beyond this, you may provide us with files for inspection for handling the support case.
Why and on which legal foundation do we store personal data?
Processing purpose:
We process your data regardless of whether they can be allocated to a person or not, for the following purposes:
• In order to comply with our contractual duties toward you.
• In order to facilitate convenient and easy use of our website.
• For administrative purposes.
• For marketing purposes on the basis of your legitimate interest as a client.
Contract initiation and performance
We only store data which we need for the fulfillment of our contractual duties toward you.
Legitimate interest
We will be processing data on the basis of your legitimate interest. We are obligated in this context to disclose our interest and to weigh our interests and yours.
Storage duration and deletion deadlines
We store the personal data only to the extent necessary for fulfillment of our contractual obligations. The length of storage will be based on our Data Retention Schedule Policy.
Should the data no longer be used, it will be anonymised and/or deleted in line with our Data Retention and Deletion Policy.
Where we receive a request to erase and/or remove personal information from a data subject, the below process is followed: –
1. The request is allocated to the Compliance Officer and recorded on the Erasure Request Register
2. The Compliance Officer (CO) locates all personal information relating to the data subject and reviews it to see if it is still being processed and is still necessary for the legal basis and purpose it was originally intended
3. The request is reviewed to ensure it complies with one or more of the grounds for erasure: –
a. the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
b. the data subject has withdrawn consent on which the processing is based and where there is no other legal ground for the processing
c. the data subject objects to the processing and there are no overriding legitimate grounds for the processing
d. the personal data has been unlawfully processed
e. the personal data must be erased for compliance with a legal obligation
f. the personal data has been collected in relation to the offer of information society services to a child
4. If the erasure request complies with one of the above grounds, it is erased within 30 days of the request being received
5. The CO writes to the data subject and notifies them in writing that the right to erasure has been granted and provides details of the information erased and the date of erasure
6. Where the Company has made any of the personal data public and erasure is granted, we will take every reasonable step and measure to remove public references, links and copies of data and to contact related controllers and/or processors and inform them of the data subjects request to erase such personal data
If for any reason, we are unable to act in response to a request for erasure, we always provide a written explanation to the individual and inform them of their right to complain to the Supervisory Authority and to a judicial remedy. Such refusals to erase data include: –
• Exercising the right of freedom of expression and information
• Compliance with a legal obligation for the performance of a task carried out in the public interest
• For reasons of public interest in the area of public health
• For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing
• For the establishment, exercise or defence of legal claims
Please be further advised that after confirmation of the order for deletion, there will no longer be any possibility of recovering your data.
How do we use cookies, analysis and tracking tools?
When you use a product or service for the first time, cookies will be uploaded to your browser. Your browser may be identified through the cookies so that our website can be displayed correctly. Furthermore, we deposit cookies at several places on our website in order to analyse the use of our website and to thereby optimize it.
For marketing purposes and in order to make your visit to our website more user-friendly, we use Google Analytics & Pardot.
To whom do we disclose personal data?
There will be no disclosure of your personal data to third parties for reasons other than those cited below.
We only disclose your personal data to third parties if:
• You gave your express consent to the underlying processing,
• This is permitted by law and is necessary for performing our contract with you,
• Disclosure of the data is based on a statutory obligation and
We disclose data on the above grounds to the following recipients/categories of recipients:
• Employees (internal and external)
• IT-infrastructure service providers
• Payment processors, factoring companies
• Service providers for support handling
• Software service providers
• Providers of analysis tools
• Other service providers
What do we use international partners for?
We use a global network of IT infrastructure to render our services such as e.g. computer, cloud-based servers, networks and software solutions.
These partners are domiciled in different countries, in part also outside of the European Union. The same data protection level as in the European Union is not always prescribed by law and established in these countries. For this reason, we took a number of measures, in order to ensure the highest degree of protection possible for your personal data. These are:
• Cooperation with companies in a country recognized by an adequacy decision by the European Union
• Cooperation with companies according to the EU-US-Privacy-Shield
• Cooperation with companies on the basis of the EU standard contract clauses
• Cooperation with companies on the basis of agreed guarantees
We have these measures guaranteed by our partners within the scope of statutory regulations.
Beyond this, in special cases there is the possibility of disclosing the data on the basis of your explicit consent.
Which adjustments can you make with regard to data protection?
On our website you have several options regarding which data you communicate to us. It may be possible that through the change of settings/failure to enter information, specific services no longer function properly.
How can you revoke your consent?
If you gave your consent to specific instances of data processing, e.g. subscription to a newsletter, you have the right to revoke this consent, also partially. Please contact us in this case.
Should the processing of the data be carried out on the basis of weighing of interests pursuant to Art. 6 Sect. 1 of the GDPR, you also have the right here to lodge an objection against the processing if there are reasons arising from your specific situation or it concerns direct advertising.
In the case of direct advertising, you have a general right of objection without being required to provide details on the specific situation. Please notify us of your objection.
Which rights do you have?
Subject to the proviso of potential legal restrictions, you have the following rights which you may exercise:
The right to information, correction, deletion, restriction of processing, data transferability and objection.
Please be advised here that, as prescribed by law, we reserve the right to corresponding identification and to any further measures for the definite inspection of the identification.
Right to information:
If you would like information on the personal data being stored, please request this from us. For security reasons and due to regulations, we may redact specific data such as credit card information.
Right to correction:
In the administration area of our software, you are offered an overview of the master data stored by us, such as name, e-mail address and address. Should you determine that this information is not accurate, you can change it yourself. For all other correction requests, please contact us.
Right to deletion:
Should you wish to have your data deleted, please inform us. We may delete your data in accordance with the statutory provisions.
However, we would already like to point out here that on the basis of statutory provisions we are obligated to store specific data for a longer period, such as the preservation periods for accounting documents of currently 7 years (in line with Tax Ordinance) in line with our Data Retention Policy.
We will immediately stop processing your data, due to technical restrictions it can take up to 16 days until we have finally deleted the data.
Please be further advised that after confirmation of the deletion order, it is no longer possible to recover your data.
Right to restriction of processing:
You have the right to restrict the processing of data. Please tell us the affected data categories from your perspective and the reasons for your request. We will review the facts thoroughly and inform you of the result.
Right to data transferability:
Please inform us in writing which data you want to transfer to whom. We will review your request immediately and inform you of the result.
Right of complaint:
Should you be dissatisfied in the context of data protection, you have the right to file a complaint with the relevant supervisory agency for data protection in your country. For Partner Tech UK Corp Ltd the UK Representative for Data Protection and Freedom of Information is
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
How do we protect personal data?
In order to protect your personal data, Partner Tech UK Corp Ltd took measures compliant with data protection law and the latest technical regulations in the sector. The latter are continuously revised and adjusted where necessary. The objective is to protect your data against accidental or willful manipulations, partial or entire loss, destruction or unauthorized access by third parties.
Communication is encrypted according to the SSL procedure (Secure Socket Layer) for the transmission of data between our websites, applications and our internal systems.
We protect the systems and processing through a series of technical and organizational measures. This includes data encryption, anonymization, logical and physical access restriction and control, firewalls and recovery systems, vulnerability testing.
Our staff are trained on a regular basis for handling sensitive personal data and subjected to compliance with data secrecy in accordance with the legal provisions.
As per: May 25, 2018