Cookies and Privacy Notice
We are Gradeon Limited a company registered in England and Wales with company number 09820075 and whose registered office is at 11 Cumberland Place, Office 11, Southampton, SO15 2BH. (We, Us, Our) and are committed to protecting and respecting your privacy.
This Privacy Notice applies to Gradeon Ltd. and its affiliated companies (collectively “Gradeon”).
Gradeon understands that your privacy is important to you and is committed to safeguarding the confidentiality and privacy of personal information entrusted to it.
This Privacy Notice describes how Gradeon handles and protects your personal information in connection with the hosting of this website, and the provision of its diverse business advisory services in the fields of corporate business and IT consulting and technology (“Services”), as explained in more detail here: https//:www.gradeon.co.uk/
Scope of this Notice
This Notice applies to personal information, which is collected and/or used by Gradeon in its capacity as a controller as that term (or another term with equivalent meaning) is defined in the UK Data Protection Act 2018, the EU General Data Protection Regulation (GDPR) and other similar laws. The contexts in which this might occur are explored under “Information We May Collect” below.
When we provide Services to clients, we sometimes handle personal information as a processor (for example, the hosting of client data on our platforms). This means that we process the information solely on the instructions of our clients, who retain control of the information.
Therefore, if our use of your personal information is not covered by this Notice, you may need to contact the client (and controller) on whose behalf the processing of your information is carried out.
Gradeon collects personal information from and on behalf of its clients (e.g. about their employees and customers) to provide business advisory services to those clients. It also processes client personal information to manage its relationship with those clients. Further, Gradeon also collects some personal information from visitors to this website, recruitment applicants (applicants privacy notice), and attendees at Gradeon events.
Gradeon uses personal information to deliver its Services to clients. For its own purposes, it also uses personal information to analyse and improve how it delivers those services, to contact representatives of its clients or prospective clients and to market to them, and to administer recruitment and events.
If Gradeon uses your personal information, you may have certain important rights which you can exercise. The rights you will be able to exercise will depend on how and why Gradeon uses your information.
The primary point of contact at Gradeon for questions regarding your personal information is [email protected]
Who is your controller?
The Gradeon entity responsible for your personal information will be the entity that originally collected information from or about you. If you have a direct interaction with Gradeon, the identity of your controller may be disclosed to you in connection with that interaction. If we process your personal information in the course of providing our Services to clients, your controller will be the Gradeon entity providing the Services (assuming those Services are provided as a controller, see above for an explanation). Please note that the contact details for all Gradeon entities in respect of data protection or privacy issues are the same, and are as set out below.
Please read the following carefully to understand Our views and practices regarding your personal data and how We will treat it. By continuing to use Our Site or any of the functionalities displayed on it you are accepting and consenting to the practices described in this Notice.
Information We may collect from you
We may collect and process the following data about you:
- Information you give Us. You may give Us information about you by filling in forms on Our Site or by corresponding with Us by phone, e-mail or otherwise. This includes information you provide when you use the contact functionalities via Our Site, participate in any interactive services which We operate via Our Site or social media platforms, enter a competition, promotion or survey, and when you report a problem with Our Site. The information you give Us may include without limitation your name, address, e-mail address and phone number, financial and credit card information, membership details, lifestyle and social circumstances, education and employment details, racial or ethnic origin, religious or other beliefs of a similar nature, personal description and photograph.
- Information We collect about you. With regard to each of your visits to Our Site We may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from Our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call Our customer service number.
- Information We receive from other sources. We may receive information about you if you use any of the other websites We operate from time to time or the other services We provide. We may also work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, survey and research organisations, professional advisors, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
- We also keep a record of merchant company information, address details and primary/support contacts within your user profile section. All data held is accessible to Our merchant customers through their unique secure login.
A cookie is a small file of letters and numbers that We store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of Our Site. They include, for example, cookies that enable you to log into secure areas of Our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. They allow Us to recognise and count the number of visitors and to see how visitors move around Our Site when they are using it. This helps Us to improve the way Our Site works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to Our Site. This enables Us to personalise Our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting/Analytics cookies. These cookies record your visit to Our Site, the pages you have visited and the links you have followed. We will use this information to make Our Site and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose. If you don’t want analytics cookies to be used when visiting Our Site then you can remove them by following these steps: (a) click ‘Tools’ and select ‘Internet Options’; (b) click the ‘Privacy’ tab and select ‘Advanced’; (c) click ‘Override automatic cookie handling’; and (d) specify how you wish to handle cookies from first and third party websites.
- Session cookies. These cookies store your browsing information and will be active until you leave Our Site and close your browser at which point they are erased. We use these to enable selected purchases to be carried over to subsequent web pages to speed up the process of your transaction.
- Persistent cookies. These cookies stay in one of a browser’s subfolders until they are deleted manually or your browser deletes them based on the duration period contained within the persistent cookie’s file. You can set your browser to automatically remove these cookies.
- Social sharing. These cookies enable you to share any of Our content that you may find interesting with friends via email and social media platforms.
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of Our Site.
For more information about cookies, please visit: http://www.allaboutcookies.org.
Uses made of the information
We use information held about you in the following ways:
- Information you give to Us. We will use this information:
- to carry out Our obligations arising from any contracts entered into between you and Us and to provide you with the information, products and services that you request from Us;
- to maintain Our accounts and records, undertake research and to support and manage Our employees;
- to provide you with information about other products and services We offer that are similar to those that you have already purchased or enquired about (where and to the extent that you have positively opted-in to receive the same);
- (where and to the extent that you have positively opted-in to receive the same) to provide you, or permit selected third parties to provide you, with information about products or services We feel may interest you. If you are an existing customer, We will only contact you by electronic means (e-mail or SMS) with information about products and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where We permit selected third parties to use your data, We (or they) will contact you by electronic means only if you have consented to this. If you do not want Us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which We collect your data or otherwise notify Us in writing;
- to notify you about changes to Our service;
- to ensure that content from Our Site is presented in the most effective manner for you and for your computer.
- Information We collect about you. We will use this information:
- to administer Our Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve Our Site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of Our service, when you choose to do so;
- as part of Our efforts to keep Our Site safe and secure;
- to measure or understand the effectiveness of advertising We serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of Our Site about products or services that may interest you or them.
- Information We receive from other sources. We may combine this information with information you give to Us and information We collect about you. We may Us this information and the combined information for the purposes set out above (depending on the types of information We receive and where applicable, where and to the extent that you have positively opted-in to receive the same).
Disclosure of your information
Where and to the extent that you have positively opted-in to permit Us to do so, We may share your personal information with any member of Our group from time to time, which means Our subsidiaries, Our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
Where and to the extent that you have positively opted-in to permit Us to do so, We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract We enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. Analytics and search engine providers that assist Us in the improvement and optimisation of Our Site.
- Survey and research organisations.
- Credit reference agencies for the purpose of assessing your credit score where this is a condition of Us entering into a contract with you.
We may disclose your personal information to third parties:
- In the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets, where and to the extent that you have positively opted-in to permit Us to do so.
- If We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply contractual agreements; or to protect Our rights, property, or safety and those of Our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
International Hosting and Transfer of Information
Gradeon is not a global organisation but may transfer certain personal information collected on its websites across geographical borders to Gradeon personnel, or third parties located throughout the world. Gradeon may also store such information in a jurisdiction other than where you are based including outside of the European Economic Area (“EEA”).
Gradeon will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
Transfers of personal information to Gradeon are protected through contractual commitments (such as the Standard Contractual Clauses).
Where we transfer your personal information outside Gradeon to third parties who help provide us with any of the activities described in this policy, we obtain contractual commitments (such as the Standard Contractual Clauses) from them in order to protect your personal information.
Where we receive requests for information from law enforcement, courts or regulators (who may be based overseas), we carefully validate these requests before any personal information are disclosed.
You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.
Where We store your personal data
Whilst not presently the case, the data that We collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for Us or for one of Our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Notice and in the event that this ever becomes necessary shall ensure that this is carried out subject to a Data Transfer Agreement for compliance with the Act.
All information you provide to Us is stored on Our secure servers.
Where We have given you (or where you have chosen) a password which enables you to access certain parts of Our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Gradeon has reasonable technical safeguards, security policies and procedures in place to protect personal information from unauthorised loss, misuse, alteration, or destruction.
Measures we take include placing confidentiality requirements on our staff members and service providers, limiting access to your personal information on a “need to know” basis, and providing training to appropriate Gradeon personnel. Despite Gradeon’s best efforts, however, security cannot be absolutely guaranteed against all threats.
The transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted to Our Site; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access.
Retention of your personal information
Gradeon retains your personal information for the period of time required for the purposes for which it was collected, any compatible purposes which we subsequently establish, or any new purposes to which you subsequently consent, or to comply with legal, regulatory and Gradeon policy requirements. This period of time will usually be the period of your, or the relevant client’s, relationship or contract with Gradeon plus a period reflecting the length of time for which legal claims may be made following the termination of such relationship or contract. Some information (such as call recordings, tax records and certain information required to demonstrate regulatory compliance) may need to be kept for longer. Personal information will be kept for a shorter or longer period of time if so required by law or an Gradeon policy, if the information becomes subject to a legal hold (for example, following a communication from our regulator) or if we have identified through a data protection impact assessment that a different retention period is appropriate.
Your Rights in Jurisdictions Covered by the GDPR and Similar Laws
If your personal information is processed by an Gradeon entity in the EEA, Brazil or another jurisdiction that has adopted the GDPR or similar rules, then, subject to certain exemptions, and dependent on how and why we use it, you have certain rights in relation to your personal information. The rights described below may vary depending on the specific laws that apply to you.
We may ask you for additional information to confirm your identity before disclosing any personal information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Right to Access
You have the right to access personal information, which Gradeon holds about you, together with certain information about how and why your personal information is processed.
Right to Rectification
You have a right to request us to correct your personal information where it is inaccurate or out of date.
Right to be Forgotten (Right to Erasure)
You have the right under certain circumstances to have your personal information erased. Your information can only be erased if it is no longer necessary for the purpose for which it was collected, and we have no other legal ground for processing the information.
Right to Restrict Processing
You have the right to restrict the processing of your personal information, but only where:
its accuracy is contested, to allow us to verify its accuracy; or
the processing is unlawful, but you do not want it erased; or
it is no longer needed for the purposes for which it was collected, but we still need it to establish, exercise or defend legal claims; or
you have exercised the right to object, and verification of overriding grounds is pending.
Right to Data Portability
You have the right to data portability, which requires us to provide personal information to you or another controller in a commonly used, machine readable format, but only where the processing of that information is based on (i) consent; or (ii) the performance of a contract to which you are a party. Please note that Gradeon rarely relies upon consent as a legal basis, and the performance of a contract basis will only be relevant to the extent that you, as an individual, are party to a contract with Gradeon or a client, and our use of your personal information is necessary for the performance of that contract.
Right to Object to Processing
You have the right to object to the processing of your personal information at any time, but only where that processing is based on our legitimate interests. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
If you reside in the European Economic Area (EEA) or the UK and would like to exercise your right to access, review, correct or discuss how your personal information is processed by Gradeon please contact us at [email protected].
If you reside outside of the EEA you can also make a request to update or remove information about you by contacting [email protected]. Gradeon will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.
In addition, under applicable local law you may have the legal right to lodge a complaint with the relevant supervisory authority or local data protection authority.
Our Site may, from time to time, contain links to and from the websites of Our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that We do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you think Our collection or use of personal information is unfair, misleading or inappropriate or if you have concerns about the security of your personal information, you also have the right to make a complaint to the Information Commissioner’s Office. You can contact the Information Commissioner’s Office at the following address:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Access to information
You can find out if We hold any personal information about you by making a ‘subject access request’ under the DP Legislation. If We do hold information about you, We will:
- Give you a description of it;
- Tell you why We are holding;
- Tell you who it has been disclosed to; and
- Let you have a copy of the information in an intelligible form.
You may also have the right for your personal information to be transmitted electronically to another organisation in certain circumstances.
You can request access to the information we hold about you at any time by contacting [email protected].
Changes to this Notice
Any changes We may make to this Notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to this Notice.
Questions, comments and requests regarding this Notice are welcomed and should be addressed to [email protected]