Effective Date: May 17, 2018
Sepha, Ltd. (“Sepha,” we,” “us,” or “our“) is committed to respecting your privacy. In support of our commitment, we developed this privacy notice to be transparent about the data we collect about you and how it is used and shared, as well as the choices and rights available to you with respect to the data we maintain about you. This privacy notice applies to:
Sepha will be the controller of your personal data and responsible for the processing of such data by or on behalf of Sepha.
We collect information that can be used to identify or contact a person (we refer to this as “personal data“). Personal data includes information that does not directly identify you by name or include your contact information, but which may be used to identify that a specific computer or device has accessed our website and online services and which if combined with certain other information could be used to identify you. The types of personal data we collect and process include:
|´ Full name
´ Contact information (work or home postal address; work, mobile or home telephone number; work or personal email address)
´ Employer or agency, industry, and job title
´ Delivery and payment information
´ Survey response data
´ Education and experience information (CV information; professional experience; employment history; education; certifications; personal interests)
|´ Engagement information (order, engagement and collaboration history; contractual relationship information; inquiries, feedback and comments; content contained in email exchanges with us)
´ IP address
´ Log data
´ Cookie data (including third-party cookies and related data)
´ Social media use and utilization
We collect personal data when you provide it to us directly (e.g., when you submit a contact form through our website or provide us with your business card at a trade show); when generated by your activity on our website and online services (e.g., the amount of time spent on a particular page of our website); when shared with us by our business partners (e.g., email marketing vendors, trade show sponsors, or HR staffing agencies); and when available through publicly-available sources (e.g., information shared by you on LinkedIn).
We collect, use, store, organize, structure, disclose, or otherwise process personal data as described below:
The applicable legal bases for our processing of your personal data include the following:
When you use our website and online services, we also collect certain non-personal data that does not, on its own, identify any individual. The types of non-personal data we collect and process include:
We may collect, use, transfer, and disclose non-personal data for any purpose. However, if we combine non-personal data with personal data, the combined information will be treated as personal data for as long as it remains combined. We use non-personal data for a number of legitimate business purposes, some of which are described below:
We may also collect similar data from emails sent to you to help us track which emails are opened and which links are clicked by recipients. In some of our email messages, we use a “click-through URL” linked to content on our website and online services. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on our website and online services. We track this click-through data to help us determine interest in topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
Where permitted by law, we may combine the personal data you provide to us through the website and online services with information we collect through other Sepha website and online services, our offline records, and information provided to us by third parties. Where permitted by law and feasible, we may also combine your personal data with information collected through your use of the website and online services (such as log data, location data, and cookie data), in which case we will treat any information that is combined or associated with your personal data as personal data for as long as it can reasonably be linked with your personal data. We use this consolidated information to improve our website and online services and product offerings, enhance our marketing and research activities, communicate information to you, and for any other legitimate purpose described in this privacy notice.
We disclose your personal data to third parties who provide us with various business services (e.g., monitoring and maintaining our website or internal business applications, preparing newsletters and mailings, and payments of commissions or other amounts). These service providers and contractors are restricted from using this personal data in any way other than to provide services on our behalf and subject to our documented instructions only.
We may also share your personal data with our affiliates (e.g., for internal administrative purposes or where a Sepha affiliate supports one of our business functions). The names and locations of such affiliates can be found here and here.
We may also disclose information we collect to legal counsel, law enforcement, and other appropriate authorities in special cases, including: (i) when we have a reason to believe that such disclosure is necessary to identify, contact, or bring a legal action against someone who may be causing injury to or interference with our rights and property or those of any other person; or (ii) when we believe that it is required by applicable laws, court orders, or government regulations.
If all or part of Sepha is merged into another entity, the information we have about you may be transferred to a third party as part of that transaction. Your information may also be included among the assets affected by financing agreements undertaken by us.
In some instances, the service providers, business partners, Sepha affiliates, and others that we share personal data with are in other countries. The level of protection for your personal data in these other countries may not be the same as the level of protection in your country. In these cases, we protect any information transferred to third countries using appropriate safeguards, such as contractual clauses approved by relevant supervisory authorities (where required and applicable). All Sepha affiliates outside of the European Union that access or receive your personal data are subject to data protection contracts approved by the European Commission and that impose on such affiliates a level of protection for your personal data equivalent to European data protection requirements.
In any event, we only share personal data with our affiliates and third parties performing services on our behalf if such affiliates and third parties provide sufficient guarantees to implement appropriate technical and organizational measures in such a manner that the processing they conduct will meet the requirements of applicable law and ensure the protection of your personal data.
You have various rights with respect to the collection, use, transfer and processing of your personal data, as described below. However, we reserve the right to limit these rights at any time where permitted under applicable law, including where your identity cannot be reasonably verified or to the extent your rights adversely affect the rights and freedoms of others. To exercise any of the rights below, please contact us using the applicable contact information below.
You have the right to obtain confirmation as to whether or not your personal data is being processed by us. Where we are processing your personal data, you have the right to access the data and to obtain certain information about the processing of such data.
You have the right to obtain rectification of any personal data that is inaccurate or incomplete, including by means of providing a supplementary statement.
You have the right to have your personal data erased where one of the following applies:
However, this right to erasure will not apply to the extent the processing is necessary for:
You have the right to restrict the processing of your personal data where one of the following applies:
You have the right to object (on grounds relating to your situation) at any time to the processing of your personal data for direct marketing purposes or where the processing is based on our (or a third party’s) legitimate interest. When objecting to processing based on our legitimate interest, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise, or defense of legal claims.
Where the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time, without affecting the lawfulness of processing based on consent before such withdrawal.
You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format, and have the right to transmit such data to another entity without hindrance from us, where each of the following conditions are met:
You have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal effects concerning you or similarly significantly affects you, unless permitted under applicable law.
You have the right to lodge a complaint with an applicable data protection authority. You have the right to lodge such a compliant in the European country of your habitual residence, place of work, or place of an alleged infringement if you consider that the processing of your personal data infringes applicable EU data protection laws. A list of all European supervisory authorities and their respective contact information is available here.
We provide reasonable technical, physical, and organizational safeguards to protect your personal data, including safeguards designed to protect personal data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed which may lead to physical, material or non-material damage. To the extent appropriate or required by applicable law, these security measures include:
Although we strive to provide reasonable and appropriate security for the personal data we process and maintain, no security system can prevent all potential security breaches. In particular, email or forms sent using our website and online services may not be secure. You should take special care before deciding to send us information via email. Further, if you create an account through our website and online services, it is your responsibility to protect your access credentials from unauthorized access or use.
We implement and maintain reasonable restrictions on the retention of personal data and generally dispose of such personal data once it is no longer necessary for the purposes for which it was collected or further processed. However, we may continue to store archived copies of your personal data for legitimate business purposes and as necessary to comply with applicable law. In addition, we may continue to store anonymous, aggregated or anonymized information for any legitimate business use described in this privacy notice.
If you have any questions about this privacy notice, our use of your personal data, or your rights with respect to such use, you may contact us using the contact information below:
Unit 25 Carrowreagh Business Park
Carrowreagh Road, Dundonald
Belfast BT16 1QQ
+44 (0)2890 484848 • firstname.lastname@example.org
We reserve the right to amend this privacy notice at our discretion and at any time. When we change it, we will post the updated notice on our website and online services, and it will be effective as of the date posted. Your continued use of our website and online services following the posting of changes will constitute your acceptance of such changes.
Cookies and similar technologies used on our website and online services (including the information obtained through such use) fall into four categories:
|Essential||Our website and online services utilize first- and third-party cookies and similar technologies that are necessary to operate our business and maintain our website and online services, including verifying and authenticating website users; preventing fraud and securing our website and online services and databases; payment processing; enabling users to move around our website and online services and use their features; and complying with applicable laws and industry standards. These cookies and similar technologies do not gather information about you that could be used for marketing or tracking your browsing activity. This category of cookies generally cannot be disabled.|
|Performance||Our website and online services may utilize first- and third-party cookies and similar technologies to provide enhanced features and remember user preferences, including identifying return users when visiting our website (e.g., to remember your login credentials); keeping track of user preferences, interests, and past items viewed or utilized (e.g., preferred language or past purchases); and providing social features that allow users to interact with social media services through our website and online services (e.g., Facebook or Twitter, as further described below).|
|Analytics||Our website and online services may utilize first- and third-party cookies and similar technologies for analytics, product development, and market research purposes, including analyzing how users arrive at and engage with our website and online services; tracking and measuring the performance and effectiveness of our website and online services; optimizing the location of ads, website features, and other content on our website and online services; statistical reporting in connection with website activity; analyzing user preferences and behaviors and market characteristics and trends in order to develop and improve our products and services, websites, and ads; segmenting audiences to test features of our website and online services; and conducting research about our consumers, products, and online services.|
|Advertising||Our website and online services may utilize first- and third-party cookies and similar technologies to deliver, track, and measure ads both on and off our website and online services, including ads relevant to your interests (e.g., ads based on your past interaction with our website or based on predictions about your interests derived from your browsing activities on different websites over time); and ads based on your location, demographics, or device characteristics. Cookies are also used for tracking and measuring the reach and frequency of ads and regulating the delivery of such ads (e.g., capping the number of times you see a particular ad).|
For example, we may use third-party cookies to deliver our ads on third-party websites through a common form of online advertising known as “retargeting.” Retargeting works by serving ads on one website based on an individual’s activities on a different website (e.g., if you view a product or service on our website, you may later see ads for our products and services when you visit a third-party website). To do this, we allow our online partners (such as Google or other ad network vendors) to serve their own third-party cookies when users visit our website and online services, allowing these online partners to recognize users who have previously visited our website and online services. When these users visit a third-party website that includes features provided by our online partners (e.g., where our online partners have purchased ad space), our online partners can recognize the users’ interest in our products and services and deliver one of our ads on the third-party website.
Most browsers are set to accept cookies by default. However, browsers typically allow individuals to remove or block browser cookies if they choose. For more information on blocking and removing browser cookies, please review your browser’s Settings or Preferences tab. More information can be found here:
|Google Chrome||Internet Explorer||Mozilla Firefox||Safari (Desktop)|
|Opera||Opera Mobile||Android Browser||Safari (Mobile)|
For other browsers, please consult the documentation that your browser manufacturer provides.
In addition to removing and blocking browser cookies generally, the following opt-out mechanisms may be available if our website and online services utilize the third-party cookies listed below:
The list above identifies some of the third-party cookies we may use on our website and online services. However, we may use other third-party cookies and similar technologies on our website and online services that are not listed here. This list is subject to change at any time and without notice.
There are different ways you can prevent tracking of your online activity. One of them is setting a preference in your browser that alerts websites you visit that you do not want them to collect certain information about you. This is referred to as a Do-Not-Track (“DNT“) signal. Please note that currently our website and online services do not respond to these signals from web browsers. At this time, there is no universally accepted standard for what a company should do when a DNT signal is detected.