Privacy

Schiltron IO Privacy Policy

Introduction

1.1 Schiltron IO Limited (“we”, “us”, “our”) is committed to respecting and safeguarding your privacy. This privacy policy (“Privacy Policy”) sets out the ways in which we collect and use your personal data (your personal information). It also explains what rights you have to access or change your personal data.

Who We Are (Identity and Contact Details of the Controller)

Schiltron IO is controller of personal data for UK data protection purposes whose registered office address Heathmans House 19 Heathmans Road London, SW6 4TJ.   Schiltron IO Limited’s ICO registration number is C1485315

1. Information We Collect

We may collect certain personal information from you when you interact with our website, products, services, or communicate with us. The types of personal information we collect may include:

(a) Name, address, and contact information (e.g., email address, phone number).

(b) Payment details (e.g., credit card information. Note: Any credit card transactions would only be handled via a PCI compliant third party application).

(c) Information about your business or organisation.

(d) Communication preferences and marketing opt-ins.

(e) Information you provide when contacting our customer support or submitting inquiries.

2. How We Use Your Information

We use the personal information we collect for the following purposes:

• To provide our services: to provide our services, or otherwise take steps as set out in our website (on the basis of performing our contract with you, or otherwise on the basis of our legitimate interest to conduct our business);
• To respond to enquiries: to respond to any enquires you make over the phone, by email, or via our website, in particular when you make inquiries about the provision of our legal services to you (on the basis of your consent, on the basis of our legitimate interest to respond to inquiries from prospective clients and to operate a lawful business, or otherwise to comply with our legal obligations);
• To provide access to our website: to provide access to our website in a manner convenient and optimal (on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner);
• Customer management: to manage our relationship with you, including by maintaining our database of contacts, notifying you about changes to our, terms of use, and/or privacy policy (on the basis of performing our contract with you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our website and services are used);
• User and customer support: to provide customer service and support in relation to your use of our website (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), and to deal with enquiries or complaints about the website (on the basis of our legitimate interest in providing the correct services to our website users and to comply with our legal obligations);
• Recruitment: to process any job applications you submit to us, whether directly or via an agent or recruiter (on the basis of our legitimate interest to recruit new employees or contractors);
• Marketing: to keep in contact with you about our news, events, new website features, and services that we believe may interest you, provided that we have the requisite permission to do so (either on the basis of your consent where we have requested it, or our legitimate interests to provide you with marketing communications where we may lawfully do so);
• Analytics: to use data analytics to optimising the use of our website, to improve our website, products/services, marketing, customer relationships and experiences (on the basis of our legitimate interests in personalising, enhancing, modifying or otherwise improving the services and/or communications that we provide to you, developing our business, and informing our marketing strategy);
• Fraud and unlawful activity detection: to protect, investigate, and deter against fraudulent, unauthorised, or illegal activity, including identity fraud (on the basis of our legitimate interests to detect and prevent fraud and to operate a safe and lawful business or where we have a legal obligation to do so); and
• Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).

Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).

3. Legal Basis for Processing Personal Information

We rely on the following legal bases for processing your personal information:

(a) Performance of a contract: We process personal data to fulfil our contractual obligations to you, such as providing services and delivering products.

(b) Legitimate interests: We process personal data based on our legitimate business interests, such as improving our services, marketing our products, and preventing fraud.

(c) Consent: We will seek your consent for certain processing activities, such as sending promotional communications. You have the right to withdraw your consent at any time.

4. Data Retention

We will retain your personal information for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When we no longer need your information, we will securely dispose of it.

5. Use of cookies by Schiltron IO Limited

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.

We use cookies to improve the user experience of this website, tell us which parts of the websites the users have visited, provide enhanced services and remember the location and language settings for individual users.

Most web browsers allow some control of most cookies through the browser settings. You may refuse to accept cookies by activating the settings on your browser. However, if you select this setting, you may be unable to access certain parts of our site.

6. Data Sharing, Disclosure & Third-Party Cookies

This website uses technology by which anonymous data is collected and saved for marketing and optimisation purposes.  Cookies may be used to collect and save this data, but the data is not personally identifiable. The data will not be used to identify a visitor personally and is not aggregated with any personal data. The collection and storage of data may be refused at any time, with effect for the future.

In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties such as:

• Our service providers: Service providers we work with to deliver our business, such as IT, and security services based in the EU and New Zealand, identity verification, fraud prevention and detection services and recruitment service providers.
• Regulators and governmental bodies: HM Revenue & Customs, governmental bodies and other authorities who require reporting of processing activities in certain circumstances.
• Marketing parties: any selected third party that you consent to our sharing your information with for marketing purposes;
• Prospective buyers of our business: any prospective buyer of our business or assets, only in the event that we decide to sell our business or assets; and
• Recruitment: As part of any recruitment process, we collect and process personal data relating to job applicants. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations.  The Recruitment Privacy Policy only applies to personal data of job applicants and potential candidates that We collect in connection with online or offline recruitment activities.
• Other third parties (including professional advisers): any other third parties (including legal or other advisors, regulatory authorities, courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property, or safety of our employees, or where such disclosure may be permitted or required by law.

We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.

7. Security Measures

This website has security measures in place to protect the loss, misuse and alteration of the information under our control. All account information you use or supply on Schiltron IO’s website when ordering or tracking products is completely secure. We use the most advanced encryption technology to protect you from unauthorised use of information supplied on our website.

(b) We restrict access to personal information only to authorised personnel who require access to perform their designated tasks. Our employees undergo regular training on data protection and privacy practices.

(c) We conduct regular security assessments and audits to identify and address potential vulnerabilities and ensure ongoing compliance with industry standards.

(d) We collect and retain only the minimum amount of personal information necessary to fulfil the purposes outlined in this Privacy Policy.

(e) In the event of a data breach or security incident, we have procedures in place to promptly investigate, mitigate, and notify affected individuals and relevant authorities as required by applicable laws.

Unfortunately the transmission of data via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information we will use strict procedures and security features to try to prevent unauthorised access.

8. Your Rights

You have certain rights regarding your personal information under the GDPR, including:

(a) Right to access: You can request a copy of the personal information we hold about you.

(b) Right to rectification: You can update or correct your personal information if it is inaccurate or incomplete.

(c) Right to erasure: You can request the deletion of your personal information under certain circumstances.

(d) Right to restrict processing: You can request the limitation of processing your personal information under certain circumstances.

(e) Right to data portability: You can request a copy of your personal information in a commonly used electronic format.

(f) Right to object: You can object to the processing of your personal information under certain circumstances.

(g) Right to withdraw consent: If we rely on your consent for processing, you have the right to withdraw it at any time.

To exercise your rights or if you have any questions or concerns about the processing of your personal information, please contact us using the information provided below.

International Data Transfers

We primarily store and process personal information within the United Kingdom.  However, in certain circumstances, your personal data may be transferred to and processed in other countries outside the European Economic Area (EEA) including New Zealand.  Any such transfers will be in compliance with applicable data protection laws and based on appropriate safeguards, such as standard contractual clauses or an adequacy decision by the European Commission.

Contacting Us and Changes to Individuals’ Personal Data:

If any individual whose personal data we process (as described in this policy) has any questions or concerns about this policy or their personal data, please contact us at contact@schiltron-io.com.

It is important that the personal data we hold about individuals is accurate and up to date.  We encourage individuals to notify us by email or post with any changes to their personal data.

Updates to this Privacy Policy:

This policy was last updated on the 11^th June 2024.  Any changes we may make to this policy in the future will be posted on this page and, where appropriate, notified by email.  Please check back regularly to keep informed of updates or changes to this policy.  Earlier versions of this policy may be obtained by contacting us.