If at any time you have questions about our practices or any of your rights described below, you may reach our Data Protection Officer (“DPO”) and our dedicated team that supports this office by contacting us at email@example.com. This inbox is actively monitored and managed so that we can deliver an experience that you can confidently trust.
We collect personal data so that we can provide the best possible experience when you utilise our Services. Much of what you likely consider personal data is collected directly from you when you:
However, we also collect additional personal data when delivering our Services to you to ensure necessary and optimal performance. These methods of collection may not be as obvious to you, so we wanted to highlight and explain below a bit more about what these might be (as they vary from time to time) and how they work:
We strongly believe in both minimising the personal data we collect and limiting its use and purpose to only that (1) for which we have been given permission, (2) as necessary to deliver the Services you purchase or interact with, or (3) as we might be required or permitted for legal compliance or other lawful purposes. These uses include:
These third parties (and any subcontractors they may be permitted to use) have agreed not to share, use or retain your personal data for any purpose other than as necessary for the provision of Services. For further information on our sub-processors please refer to our list of Third-Party Data Processors.
We will also disclose your personal data to third parties:
in the event that we sell or buy any business or assets (whether a result of liquidation, bankruptcy or otherwise), in which case we will disclose your personal data to the prospective seller or buyer of such business or assets; or
if we sell, buy, merge, are acquired by, or partner with other companies or businesses, or sell some or all of our assets. In such transactions, your personal data may be among the transferred assets.
We may contact you directly or through a third-party service provider regarding products or services you have signed up to or purchased from us, such as necessary to deliver transactional or service related communications. We may also contact you with offers for additional services we think you’ll find valuable if you give us consent, or where allowed based upon legitimate interests. You don’t need to provide consent as a condition to purchase our goods or services. These contacts may include:
If you utilise our Services from a country other than the country where our servers are located, your communications with us may result in transferring your personal data across international borders, which will only be done when necessary for the performance of our contract with you, when we have your consent to do so, or when the Standard Contractual Clauses approved by the European Commission, a copy of which can be found here, are in place. Also, when you call us or initiate a chat, we may provide you with support from one of our global locations outside your country of origin.
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We will disclose any personal data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are legally required to provide your personal data to third parties.
To easily access, view, update, delete or port your personal data (where available), or to update your subscription preferences, please sign into your Account and visit “Account Settings.”
If you make a request to delete your personal data and that personal data is necessary for the products or services you have purchased, the request will be honoured only to the extent it is no longer necessary for any Services purchased or required for our legitimate business purposes or legal or contractual record keeping requirements.
If you are unable for any reason to access your Account Settings, you may also contact us by one of the methods described in the “Contact Us” section on our website.
We follow generally accepted standards to store and protect the personal data we collect, both during transmission and once received and stored, including utilisation of encryption where appropriate.
We retain personal data only for as long as necessary to provide the Services you have requested and thereafter for a variety of legitimate legal or business purposes. These might include retention periods:
If you have any questions about the security or retention of your personal data, you can contact us at firstname.lastname@example.org
Some browsers allow you to automatically notify websites you visit not to track you using a “Do Not Track” signal. There is no consensus among industry participants as to what “Do Not Track” means in this context. Like many websites and online services, we currently do not alter our practices when we receive a “Do Not Track” signal from a visitor’s browser. To find out more about “Do Not Track,” you may wish to visit www.allaboutdnt.com.
Our Services are available for purchase only for those over the age of 18. Our Services are not targeted to, intended to be consumed by or designed to entice individuals under the age of 18. If you know of or have reason to believe anyone under the age of 18 has provided us with any personal data, please contact us.
We will respond to all requests, inquiries or concerns within 30 days.
If you are not satisfied with our response, you may direct privacy complaints to the Information Commissioner’s Office. Osiris Consultants Limited is the data controller for www.osiris.co.uk and www.sofexchange.com and is registered on the Information Commissioner’s Office’s Register of Data Controllers.