- This Policy provides information in relation to the basis upon which we collect, hold, use and disclose your Personal Data. Personal Data is data relating to an individual which can be used to identify that individual or which is linked to an identified individual, and any other data that is defined as personal data by any relevant law.
- This Policy applies to your use of our website https://www.chiptech.uk. Where you work for one of our customer organisations, this Policy also applies to our Web Portal, our SmartCareTM software services or other services relating to our telecare products (together the “services”). By accessing or using our website or services you agree to the terms of this Policy.
- This Policy also applies to Personal Data provided to us in the course of our relationship with our customer organisations.
1. Updates to this Policy
- We will review this Policy from time to time to make sure it takes into account new laws and technology, and any changes to how we operate.
- Should we decide to change our Policy we will post all changes on our website so that you are always kept up to date.
- Use and disclosure of Personal Data collected from you is subject to the Policy in effect at the time such Personal Data is collected, unless otherwise agreed.
2. Collection of Personal Data
- The Personal Data we collect and hold includes (but is not limited to): your login details (for the Web Portal and relevant SmartCareTM software services), name, email, phone number, address and organisation name. We may also collect any Personal Data contained in the content of your communications with us.
- We collect your Personal Data when you provide it to us, when you contact us, including if you use the query form on our website, when you use our services, and when you interact with the surveys or marketing communications we send you. Our website and services may automatically collect log information about your access to our services, including time of access, IP address, browser type, device identifiers and error messages. This information may be collected through third party tools.
- Your Personal Data may also be collected from your organisation, where it is authorised by you to provide such data, or as otherwise permitted by any relevant privacy laws.
- Our website or services may also state other ways in which we collect data from you, for example when you use SmartCareTM Locate, we may request to collect your device location.
- If you do not provide the Personal Data we ask you to provide, or the data is incorrect, we may not be able to provide the requested services, respond to an enquiry, or contact you.
3. Personal Data of Others
- If you provide us with Personal Data relating to someone else in your organisation you warrant you are authorised to do so and that you have ensured the individual is aware of the information in this Policy. If you provide us Personal Data about others, or if others give us your data, we will only use that data for the specific reason for which it was provided to us, or as otherwise permitted by relevant privacy laws.
4. Social Media
- We also use third party social media services like Linkedin and Twitter. Your use of these third party services is entirely optional. We may make use of any information that you make available to use or which you make public when you use any such third party services for the purposes of our business.
- All third party services are governed by the privacy policies and/or practices of the relevant third party, for which we are not responsible. If you do not want to provide Personal Data to any of those third parties, or make information available to us and others, you should not use their particular service.
5. Purposes for which we collect, hold, use and disclose your Personal Data
- We may collect, hold use and disclose your Personal Data for the following purposes:
- where it is necessary for the performance of our contract with your organisation, or to take steps to enter such a contract, including to contact you, provide you with the services you have requested on behalf of your organisation, and manage those services;
- where it is necessary for our legitimate interests of conducting our business, which may include:
- making available to you relevant documents from the Web Portal, or other services you have requested;
- meeting our obligations in, exercising our rights under, or enforcing our terms and conditions or the contract with your organisation;
- selling a substantial part or all of our business to a third party; and
- for the purposes of carrying out the matters noted in the section below on the ‘Management of Personal Data’;
- where we have your consent in accordance with the relevant law, for the purpose of sending you our newsletters, surveys or marketing communications, to keep you updated with our services and to provide our marketing material to you;
- to otherwise protect our vital interests in our property, our legal rights, or those of others, including to detect, investigate, prevent or address fraud, security or technical issues, or if we have good reason to believe there is an imminent threat of death or injury or a serious threat to health and safety;
- any other lawful purpose made known to you when collecting the Personal Data.
- Other sections of this Policy also set out other specific situations in which your data is collected, used and disclosed.
- We may use and disclose your Personal Data for any of these purposes, in any circumstances authorised by applicable data protection laws, or in any other manner with your consent.
6. Surveys and Marketing Communications
- We use third parties to assist us to send you our surveys and marketing communications. We provide those third parties with your name and relevant contact information. Such third parties may be offshore. Some countries where such third party service providers are based may not have an adequacy decision by the European Commission.
- Where surveys and marketing communications we initiate are sent by electronic means the relevant third party (where applicable) will collect your responses to the survey and information about your interaction with the communication. The information collected includes whether you opened the email, the links you clicked on, the webpages viewed and the dates and times of such access and activity. Information about the device used to access the survey or marketing communication may also be collected. The third party provides or makes available this information to us for the various purposes outlined in this Policy. They may also hold this information on our behalf.
- While these third parties are primarily collecting this information on our behalf, some of these third parties also use the information that we provide them and which is collected from your interaction with our surveys and marketing communications for their legitimate business interests, such as to provide, support and improve the services they provide and to undertake data analytics projects. However, we do not permit them to use your Personal Information to market their or any other person’s services to you.
- The third parties that we currently use for these purposes are SurveyMonkey and MailChimp. SurveyMonkey and MailChimp are both located in the United States, which does not have an adequacy decision by the European Commission. Our agreements with SurveyMonkey and MailChimp contain appropriate safe-guards in respect of your Personal Data, as they include standard data protection clauses. If you would like further information regarding how our agreements with SurveyMonkey or MailChimp protect your personal data, please contact us.
- To understand the ways SurveyMonkey and MailChimp collect, hold, use and disclose such Personal Data, please read their privacy policies:
- Where we obtained your consent to receiving marketing communications you may withdraw your consent at any time.
- If you do not agree with how MailChimp will handle your Personal Data then you will need to unsubscribe from receiving marketing communications from us. You may unsubscribe from receiving marketing communications from us in accordance with the unsubscribe facility in any email sending you marketing communications.
- If you do not agree with how SurveyMonkey will handle your Personal Data then you will need to contact us in accordance with the Your Rights section below to confirm you wish to be removed from our survey list.
- We will not be able to provide surveys or marketing communications to you if you unsubscribe or do not agree to our use of third parties to assist us with our surveys or marketing communications.
8. Management of Personal Data
- Except as otherwise stated in this Policy, your Personal Data we collect is held by us. Our address is set out below.
- We may transfer data about you to our New Zealand based parent company, Chiptech Limited, to perform services on our behalf or to the extent necessary for the performance of any contract between us and your organisation. New Zealand has an adequacy decision by the European Commission.
- We may also transfer Personal Data to other third parties (including technology providers, providers of business and marketing services and providers of software tools used by us in our business) to perform services on our behalf, to process the information for us, or hold it on our behalf. These third parties may be based in countries that do not have an adequacy decision by the European Commission, including Australia and the United States. We will not authorise any such third party to use such data for their own purposes.
- To the extent any transfer occurs, we have agreements in place with the relevant third party that includes standard data protection clauses or which use an approved protection method. If you would like further information regarding how our agreements with such third parties protect your Personal Data, please contact us.
- We take reasonable steps to protect the Personal Data we hold from misuse, loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records. Our personnel are required to respect the confidentiality of Personal Data and the privacy of individuals.
- We will retain your data for as long as needed to provide you or your organisation our services, to be able to address any claim that might be made after we stop providing services to your organisation, or to meet any legal obligations we have to retain such data, including managing our obligations to you in respect of these services. Where we no longer require your Personal Data for a permitted purpose, we will take reasonable steps to delete it.
9. Your Rights
- You have the right to request access to or correction of your Personal Data, restrict the processing of your Personal Data, to object to processing of your Personal Data, to the portability of your Personal Data, and to obtain erasure of your Personal Data.
- To exercise any of your above rights, please contact our us as follows:
Phone: +44 (0)1524 544427
Address: Chiptech International Limited, Church Rigg, St Michaels Lane, Bolton Le Sands, LA58DP, United Kingdom.
- We endeavour to ensure that the Personal Data we hold is accurate, complete and up-to-date. If any of the Personal Data that you have provided to us changes we encourage you to contact us to update that Personal Data.
- If a dispute arises between us and we cannot resolve it with you, then you may lodge a complaint with our supervisory authority, the UK Information Commissioner’s Office.