This policy applies to all personal data collected or processed by Arcturis Data Limited or its group companies.
- About Us
We are the ‘Arcturis Group’ of companies (together ‘Arcturis’), including: Arcturis Data Limited (company number 11425451), Arcturis Data Holdings Limited (company number 09427409), Arcturis Data (UK) Limited (company number 11240986) all of Building One, Oxford Technology Park, Technology Drive, Kidlington, Oxfordshire OX5 1GN . ‘We’, ‘us’ and ‘our’ refers to one or more or all of the Arcturis Group as the context requires.
- Data We Collect
Your personal data will be collected when you use one or more of Arcturis’s website, services or contact us through any means. You may provide such personal data to us directly and sometimes we may be given the data by a third party, for example in a ‘refer a friend’ program.
Such personal data could include your name, telephone number and email address and, depending on your query or the service you are using, we may require other information such as your age range. Using the definitions in EU law, we will be the ‘data controller’ of personal data we collect and use for our own marketing and account management purposes (‘Account Data’) and the ‘data processor’ of personal data collected through your use of a Website or services, such as data about your device model, operating system or browser, IP address and, if you have enabled tracking for a particular Service, data about your location (‘Service Data’).
When you provide us with personal data about yourself or another person, you are confirming to us that you are authorised to provide us with that information and that any personal data you give us is accurate and up to date.
- Location Data
- Special Category Data
‘Special Category data’ is defined under EU and UK law as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
We only collect Special Category Data where we are the ‘processors’ and have a legal basis and permission to do so by the ‘Controller’ of that data or where we have a legal basis as ‘Controller’ such as explicit consent or where processing is necessary for reasons of public interest and public health.
Where we collect or process Special Category personal data as identified above, we only do so in accordance with applicable Data Protection Law.
- Using Personal Data
We will use your personal data for the purposes stated in any data collection notice and in the normal, legitimate, course of our business, including the following required purposes:
– when you contact us, to respond to your message
– when you sign-up to a service, to confirm that you are eligible to receive that service
– to deliver the Websites and services including to contact you about your account, to ensure that the Websites and services are functioning correctly, and to monitor, investigate any bug with, and improve the Websites and services
– to improve your user experience through monitoring traffic on our websites and services.We may also use your personal data for the following ancillary purposes:
– to inform you about any of our products or services which are similar or connected to the Website or services that you are using; and
– inform you about the Arcturis Group, our activities, and services.
- Sharing Data
We shall only share personal data in the limited circumstances below:
– in order to provide, maintain and otherwise deliver the Websites and Services, we may share the minimum personal data necessary within the Arcturis Group and with trusted service providers (who may be outside your jurisdiction, including outside the EEA) for them to deliver the Website or services, and technical, IT, logistical, marketing, promotional or administrative services and process the data for us in accordance with our instructions, and we shall ensure that the recipient has appropriate security and confidentiality measures in place to protect the personal data;
– to the extent required or authorised by law including to comply with a legal obligation such as a court order or binding decision of a legally competent authority, to protect or enforce our legal rights, or to protect the health or life of an individual;
– if we undertake a transaction, or preparations for a transaction, such as a business sale, we may share the personal data to the extent required with the other party to the transaction and only after ensuring that the recipient has appropriate security and confidentiality measures in place to protect the personal data.
Other than for the examples set out above, we shall not share your personal data with other companies or organisations without your prior consent.
If you make a positive, public remark about us, a website or services, for example on social media, you agree that we may use that remark as a testimonial.
- Non-personal or Anonymised Data
We may process personal data to create non-personal or anonymised data. According to the ICO guidelines, in order to be truly anonymised under the GDPR, data must be stripped of sufficient elements that mean the individual can no longer be identified.
The security of your personal data is of paramount importance to us. We shall use appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access.
- Your Rights
You are entitled to know if we are processing any personal data about you and, if we are, with certain limitations, to a copy of that personal data. You can also ask us to limit the use and disclosure of your personal data, ask that we do not use your details to contact you for marketing purposes, ask us to remove or correct inaccurate personal data, or revoke your consent in relation to any processing of your personal data. We’ll ask you to prove your identity when you make such a request. We will respond to your request as soon as reasonably possible and in any event, in accordance with any local legal requirement.
For any question or request under this policy, you may contact us by post or by email at firstname.lastname@example.org marked for the attention of the Data Protection Officer.