Privacy Policy
Introduction
We know how important it is for you to understand how we use your data. This Privacy Policy sets out how and why we collect, store, process and share your personal data. We will always be transparent with you about what we do with your personal data. We would like to encourage you to read this Privacy Policy when using our website or services, or transacting business with us. By using our websites, our applications or otherwise sending us your data, you are accepting the practices described in this Privacy Policy.
- General Data Protection Regulation
- How we use the personal data we collect about you
- Cookies & collected data
- How long we retain your information
- How we secure your information
- Transfers of your personal data outside the European Economic Area (EEA)
- Your rights to your personal data
- Your right to object to the processing of your personal data
- Sensitive personal information
General Data Protection Regulation
The General Data Protection Regulation (GDPR) came into force on the 25th May 2018. This new European Union (EU) framework for data protection laws replaced the Data Protection Act 1998. The main concepts and principles of the GDPR are much the same as those in the previous Data Protection Act. However, GDPR provides better control over how businesses use people data by additionally taking into account many new ways of identifying an individual (biometric data, genetic material, location data, IP address, and social media identity are all now included as personal data).
How we use the personal data we collect about you
We collect your data only if is required to contact you, this includes the following situations:
- To fulfil a contract with you.
- When you purchase products and services from us.
- To contact you when you send us your job application.
- When you subscribe to our mailing list.
- When you are part of our team.
Cookies & collected data
We use cookies at CMCL to improve our service for you. Some cookies we use are essential for some services to work, others are used to collect information of the use of the website (statistics) so that we can make the site more convenient and useful for you. Some cookies are temporary and will disappear when you close your browser, others are persistent and will stay on your computer for some time.
Functional cookies are used to:
- Make sure that the web site looks consistent
- Remember previous viewing settings
Performance cookies are used to:
- Enhance the performance of the web site
- Enhance the user experience
CMCL do not collect any Cookies containing personally identifiable data (e.g. your name, email address, geographical location etc.).
If you choose not to use cookies during your visit, you should be aware that certain functions and pages will not work as expected. As an example, previously visited pages may ‘forget’ which content sections you had selected/expanded.
If you want to delete any cookies already on your computer, please refer to your browser vendor’s instructions by clicking “Help” in your browser menu. You can also find out more about cookies and how to delete and control them on www.aboutcookies.org or click “Help” in your browser menu.
How long we retain your information
We retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with the following specific retention periods:
- Customer information. When you place an order for products and services we retain information about you subject to legal obligation and for business purposes.
- Correspondence and enquiries. When you make and enquiry or contact us by email or via our web contact form, we will retain your information for as long as it takes to resolve your enquiry, and for up to twenty-four (24) further months, after which we will delete your information.
- Mailing subscribers. We retain the information you used to sign-up to our mailing list for as long as you remain subscribed (i.e. you do not unsubscribe) or if we decide to cancel our mailing list service, whichever occurs first. Your contact details will be promptly deleted upon subscription.
- Present and previous employees’ information. Subject to legal obligation.
- Jobs applicant’s information. Up to twenty-four (24) months after the position is closed, after which we will delete your information.
How we secure your information
We take the security of your personal data very seriously. We have implemented various strategies, controls, policies and measures to keep your data secure and keep these measures under close review. We protect your data by using secure servers to store your information and specialized technology such as firewalls and password protection. Tangible data are stored in a secure metal cabinet, with limited personnel access. This means that your data is protected and only accessible to co-workers who need it to carry out their job responsibilities, subject to confidentiality restrictions where appropriate and on an anonymised basis wherever possible. We also ensure that there are strict physical controls in our buildings which restricts access to your personal data to keep it safe.
Transfers of your personal data outside the European Economic Area (EEA)
In certain cases we may need to transfer your personal data outside of the European Economic Area (EEA) for business purposes, for example, to our official software distributors (with established Software Distribution Agreements) worldwide. Some countries may not have the same data protection laws as the UK and the EEA and so your personal data may not be subject to the same protections. However, in such cases, we will make sure that any transfer of your personal data to countries outside the EEA is subject to appropriate safeguards as if it were being processed inside the EEA and under the guiding principles set out in this privacy policy.
Your rights to your personal data
The GDPR grants individuals the right:
- To be informed how their personal data are being used.
- Of access to their personal data.
- To rectification of their personal data.
- To erasure their personal data.
- To restrict processing their personal data.
- To data portability, which is the right to receive copies of their personal data.
- To object their personal data.
- Not to be subject to automated decision-making including profiling.
Your right to object to the processing of your personal data
Sensitive personal information
We do not knowingly or intentionally collect sensitive personal data from individuals, and we ask you to not send such information to us.
GDPR defines sensitive personal information as data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.