iPath Solutions treats the privacy of its customers and website users very seriously and takes appropriate security measures to safeguard your privacy. This Privacy Notice explains how we protect and manage any personal data you share with us and that we hold about you, including how we collect, process, protect and share that data.
HOW WE OBTAIN YOUR DATA?
Information provided by you
You provide us with personal data through correspondence via email or post, phone or website enquiry, face to face meeting or in the process of mobilising a contract. Personal data we would typically hold may include your name, email address, job title and work address.
Information we get from other sources
Information shall only be obtained from reputable third parties operating in accordance with GDPR. You will have already submitted your personal data to these companies and specifically given consent to allow them to pass this information to other companies, such as ourselves, where there is a legitimate reason to do so.
HOW WE USE YOUR PERSONAL DATA?
We are committed to collecting and processing your personal data in a fair and transparent manner in keeping with GDPR. We undertake at all times to safeguard your personal data against unauthorised disclosure and take reasonable security measures to protect this information whilst at rest.
Do we use your personal data for marketing purposes?
Any information that you choose to give us will only be used for marketing purposes if we have received explicit consent from you to do so.
Information about cookies
We may on occasion gather information regarding your computer whilst you are on our website. This enables us to improve our services and to gather statistical information regarding the use of our website.
Such information will not identify you personally; it is statistical data about our visitors and their use of our site. This data does not contain or identify any personal details.
Similarly to the above, we may gather information about your general internet use by using a cookie file. Where used, these cookies are downloaded to your computer hard drive automatically. This cookie file helps us to improve our website and the services that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our website.
We will keep information about you confidential and will from time to time share your information with other Group members where there is a legitimate reason to do so. We will only disclose your information with other third parties with your express consent with the exception of the following categories of third parties:
- Insurance companies, loss assessors, regulatory authorities and other fraud prevention agencies for the purpose of fraud prevention and to comply with any legal and regulatory issues and disclosures
- Anyone to whom we may transfer our rights and duties under any agreement we may have with you
- Any legal or crime prevention agencies and/or to satisfy any regulatory request if we have a duty to do so or the law allows us to do so
Information we get from other sources
Information shall only be obtained from reputable third parties that operate in accordance with GDPR. You will have already submitted your personal data to these companies and specifically given consent to allow them to pass this information to other companies, such as ourselves, where there is a legitimate reason to do so.
Transfer of your personal data outside of the Europoean Economic Area (EEA)
Data may be transferred outside the EEA in certain circumstances where we partner with third parties to improve the service we provide to our clients. In such cases, in order to fulfil our obligations to you, we will ensure the receiver agrees to provide the same or similar protection as we do and that they only use your personal data in accordance with our instructions.
How long do we keep this information about you?
We keep information in line with the retention policy of iPath Solutions. These retention periods are in line with the length of time we need to keep your personal information in order to fulfil our contractual and financial obligations to our clients. They also take into account our need to meet any legal, statutory and regulatory obligations.
DATA SUBJECT RIGHTS
Subject access rights
GDPR grants you, the data subject, the right to access particular personal data that we hold about you. This is referred to as a Data Subject Access Request (DSAR) and the form can be requested by emailing email@example.com including ‘Data Subject Access Request’ in the subject.
We shall respond promptly and complete any DSAR process within one calendar month from the point of the requestor’s identity being verified. Our formal response shall include some of the personal data we hold about you, including the following:
- Purpose(s) for processing your information
- Source of the data (if not collected from the data subject)
- Persons or entities with which we are sharing the information
Right to rectification
You have the right to obtain from us the rectification of inaccurate and incomplete personal data we hold concerning you.
Right to erasure
Subject to there being no overriding legitimate grounds for processing, you have the right to request erasure of any personal information we hold concerning you.
Right to restriction of processing
Subject to exemptions you shall have the right to obtain from us restriction of processing where one of the following applies:
- Accuracy is contested
- Processing is unlawful
- We no longer need the personal data but the data is required by you for the establishment, exercise or defence of legal claims
- You have objected to us processing your data pending the verification of whether the legitimate grounds for us to override these objections
Notification obligation regarding rectification or erasure of personal data, or restriction of processing
We shall communicate any rectification or erasure of personal data or restriction of processing as described above to each recipient to whom the personal data has been disclosed unless this proves impossible or involves disproportionate effort. we shall provide you, the data subject, with information about those recipients if you request it.
Right to data portability
You have the right to receive from us personal data we have received from you. We shall ensure any personal data we provide is delivered in a structured, commonly used, machine-readable format and you have the right to transfer data to another controller without hindrance from us.
Right to object
You have the right to object to the processing of personal data concerning you where we are processing to fulfil our organisations legitimate business interests including profiling and direct marketing. We shall no longer process the data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you, or for the establishment, exercise or defence of legal claims.
Accuracy of information
In order to provide an effective service to our clients and contractors, we endeavour to take all reasonable steps to ensure the accuracy of all personal data we obtain.
Questions and queries
Should you have any questions or queries which are not answered by this Privacy Notice, or have any concerns about how we may use the personal data we hold, please write to the Data Protection Office at 505, Mauryansh Elanza, Nr. Parekh Hospital, Shyamal Cross Road, Ahmedabad (380015), Gujarat.
Privacy notice changes
This Privacy Notice is reviewed regularly to make sure we continue to meet the highest standards to protect your privacy. We reserve the right at all times to update, modify or amend this notice. The latest version of this notice can be accessed through the home page on our corporate website.
If you have a complaint
If you have a complaint regarding the use of your personal data, please contact us by email at firstname.lastname@example.org or in writing to the Data Protection Office at 505, Mauryansh Elanza, Nr. Parekh Hospital, Shyamal Cross Road, Ahmedabad (380015), Gujarat.
If your complaint is not resolved to your satisfaction and you wish to make a formal complaint to the Information Commissioners Office (ICO), you can contact them on +91 79-66631063 or +44 1625 326 920. You also have the right to a judicial remedy against a legally binding decision of the ICO where you consider your rights under this regulation have been infringed as a result of the processing of your personal data. You have the right to appoint a third party to lodge the complaint on your behalf and exercise your right to seek compensation.