This Policy is issued on behalf of CyberOwl (meaning CyberOwl Limited, a limited company registered in England under 10031742, whose registered address is No 1 Colmore Square, Birmingham, B4 6AA, United Kingdom and whose main trading address is 14 East Bay Lane, London, E15 2GW, United Kingdom, its affiliates and subsidiaries) so when we mention “CyberOwl”, “we”, “us” or “our”, we are referring to the relevant entities in CyberOwl responsible for processing your personal data.
CyberOwl understands that protecting your privacy is important to you and that you care about how your information is used and shared online. CyberOwl collects, uses and keeps information in compliance with the UK Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003, the General Data Protection Regulation (“GDPR”) and all relevant regulations.
Information CyberOwl may collect from you
Some data will be collected automatically by our website and partner websites, other data will only be collected if you voluntarily submit it. We may collect some or all of the following data:
- Contact and identity data such as your name, email, job title, company and phone number.
- Technical data including your IP address, operating system, web browser type, traffic data, location data and other communication data, as well as the resources you access.
- Usage data including how you use our website, partner websites, products and services.
- Marketing and Communications Data including your preferences in receiving marketing and communications from us.
How CyberOwl may collect your personal data
CyberOwl may collect your personal data when you:
- Contact us.
- Provide contact details (e.g. giving business cards) at a marketing event.
- Request and receive marketing communications.
- Submit a job application: You may provide us with a copy of your CV or other relevant information. We may use this information for the purpose of considering your application. Except when you explicitly request otherwise, we may keep this information on file for future reference.
- Purchase our products and services: We may use this information for purposes which include but are not limited to verifying your credentials, carrying out end-user compliance checks, processing orders and generating billing information.
- Through our business relationships and contacts.
How CyberOwl may use your personal data
CyberOwl may use the personal data held about you in the following circumstances:
- To perform a contract we are about to enter into or have entered into with you, including notification of changes to our products and services.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
- To provide you with information, products or services that you request from us, or which CyberOwl feel may interest you, where you have consented to be contacted for such purposes.
- Market research.
- Analysing your use of our services and gathering feedback to enable us to continually improve our website/partner websites and your user experience.
With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email/post with information, news and offers on our products, services and articles. We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure we fully protect your rights to comply under the UK Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and GDPR.
Where your personal data is stored
We only keep your data for as long as we need to in order to use it as described in this Policy, and/or for as long as we have your permission to keep it. Your data will primarily be stored within the European Economic Area (“the EEA”).
As a global company, CyberOwl has international sites and users across the world. When you give us personal data, that data may be used, processed or stored anywhere in the world, including countries outside the EEA. It may also be processed by staff operating outside the EEA, who work for us or for one of our suppliers. If we do store or transfer your data outside of the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under the Data Protection Act 1998. Such steps may include, but not be limited to, the use of legally binding contractual terms between us and any third parties we engage to use.
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected. Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet.
Disclosure of your information
We may share or disclose your personal data with the parties set out below:
- Within the CyberOwl group. This includes our holding company and its subsidiaries.
- We may sometimes contract with third parties to supply products and services to you on our behalf. These may include payment processing, delivery of goods, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely and in accordance with your rights, our obligations and the obligations of the third party under law.
- We may compile statistics about the use of our website/partner websites including data on traffic, usage patterns, user numbers, sales and other information. All such data will be anonymised and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners and advertisers. Data will only be shared and used within the bounds of the law.
- In certain circumstances we may be legally required to share certain data held by us, which may include your personal information, for example, where we are involved in legal proceedings, where we are complying with the requirements of legislation, a court order, or governmental authority. We do not require any further consent from you in order to share your data in such circumstances and will comply as required with any legally binding request that is made of us.
Your legal rights
GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with GDPR.
You have the right to request by contacting firstname.lastname@example.org:
- information about how your personal data is processed;
- a copy of your personal data;
- an immediate correction to your personal data.
You can also:
- raise an objection about how your personal data is processed;
- request that your personal data is erased if there is no longer a justification for it;
- ask that the processing of your personal data is restricted in certain circumstances;
- opt-out of the use of your personal data for any purposes or a specific purpose.
This policy was last amended on 14 July 2021.