Thruvision Group PLC Privacy Policy

Thruvision Group plc, Thruvision Limited and Thruvision Inc (‘’Thruvision’’) values the privacy of those who provide personal information to us. This privacy policy (the “Policy”) describes how and why we collect, store and use personal information, and provides information about individual’s rights.

This Policy applies to both personal information supplied to us either by an individual or by others. We may use personal information supplied to us for any of the purposes as set out in this Policy, or as otherwise disclosed at the point of collection.

This Policy is an important document. We recommend that you read it carefully and print and keep a copy for your future reference.

In this Policy, we use the terms:

“we”, “us”, and “our” (and other similar terms) to refer to Thruvision which will be the data controller (the “Data Controller”);

“Personal Information” is any information relating to an identified or identifiable natural person;

“identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors; and

“you” and “your” (and other similar terms) refer to our clients, individuals associated with our clients, contacts, suppliers, job applicants, staff and visitors to the Thruvision website www.thruvision.com , or to the Thruvision technical support site at thruvisionsupport.freshdesk.com

Your rights in relation to Personal Information and how to exercise them

Under certain circumstances you have the following rights:

  • the right to ask us to provide you, or a third party, with copies of the Personal Information we hold about you at any time and to be informed of the contents and origin, verify its accuracy, or else request that such information be supplemented, updated or rectified according to the provisions of local law;
  • the right to request erasure, anonymisation or blocking of your Personal Information that is processed in breach of the law;
  • the right to object on legitimate grounds to the processing of your Personal Information. In certain circumstances we may not be able to stop using your Personal Information, if that is the case, we’ll let you know why; and
  • withdrawal of consent – when Personal Information is processed based on consent an individual may withdraw consent at any time (this may apply to processing of special categories of Personal Information where you have instructed us to act on your behalf and includes the following: racial/ethnic origin, political opinions, religious or philosophical beliefs and trade union membership). If you no longer want to receive any marketing material from us, please contact the sender or contract the Data Controller as set out below.

To exercise such rights and if you have any questions about how we collect, store and use Personal Information, then please contact us using the details as set out in the “Data Controller contact information” section below.

What basis do we have for processing your Personal Information?

We will only process personal Information where we have a lawful reason for doing so. The lawful basis for processing Personal Information by us will be one of the following:

  • the processing is necessary for the performance of a contract you are party to or to take steps at your request prior to you entering into a contract;
  • the processing is necessary for us to comply with our legal obligations;
  • the processing is necessary for the pursuit of our legitimate business interests (including that
    of the delivery and the promotion of our services); and
  • processing is necessary for the establishment, exercise or defence of legal claims; and
  • the data subject has given consent to the processing of his or her personal information for one or more specific purposes.

What Personal Information do we Collect and process?

We aim to be transparent about why and how we process Personal Information. For further information on our processing activities please review the relevant section below:

Business contacts

Collection:

Thruvision process Personal Information about contacts using a CRM tool, Pipedrive and a support service via Freshdesk. Personal Information is collected and added to the system and may include: name, email address, job title, telephone number, area of business, job role, jurisdiction, language, seniority and other business contact information. The Personal Information may also be collected by virtue of us providing our services to you or at a networking event and may be collected via the website www.thruvision.com

Use:

  • For contact and communication purposes: we may use your contact information to send you updates on the products and services we offer, news about any events we are organising or participating in, and/or other information about us and the products and services that we believe may be of interest to you. You can specify your contact preferences when registering online to receive communications from us (for example, through the Thruvision website, www.thruvision.com or by subsequently advising us of your contact preferences by contacting your Thruvision point of contact or the Data Controller.
  • In the case of Freshdesk we will use the data to Contact you to resolve the issues that have been raised. We may from time to time use the data to contact you to inform you of important information regarding our products, for example the availability of critical software updates.

Retention:

Personal Information is retained on Pipedrive and Freshdesk for as long as it is necessary for the purposes set out above. If a business contact requests to be forgotten their contact details will be deleted from the system. If a business contact opts out of receiving marketing materials their details will still be retained but marketing materials will no longer be sent.

Clients and individuals associated with clients

Collection:

We request that our clients only provide Personal Information which is necessary for us to carry out our business.

If we need Personal Information in respect of individuals associated with clients to provide our services, we ask our clients to provide this Policy to the data subjects.

In the majority of circumstances, we will collect Personal Information from our clients or from third parties acting on behalf of our clients.

Use:

  • Providing products and services: we will use and disclose Personal Information in such a manner as we believe is reasonably necessary to provide our products and services to you.
  • Administration: to collect amounts due from clients in respect of Products and Services provided. we will use Personal Information to agree payment arrangements, and to collect amounts due to us in connection with the contract.
  • Managing client relationships: providing clients with information on our products and services that we consider may be relevant to them; arranging and hosting events; and identifying where we may make improvements in product and service delivery.
  • Client Diligence: As part of our client on – boarding process we may carry out certain background searches to verify whether or not there are any potential issues that may mean we cannot work with a particular person or organisation (to identify criminal convictions, politically exposed persons, sanctions or other potential reputation issues).
  • Compliance with anti-money laundering regulation: we may use your Personal Information (e.g. evidence of your identity) in order to fulfil our obligations to check the identity of our clients in compliance with anti-money laundering law and regulations.

Retention:

Our general retention period for documentation created for the purpose of providing our products and services is 12 years. In some instances, there are legal and regulatory exceptions which may require documentation to be held for longer or shorter periods. If you require further information, please contact us using the details as set out in the “Data Controller contact information” section below.

Job Applicants

Please refer to information made available when applying online for further details as to how Personal Information is collected, processed and how long it is retained for.

Suppliers (including individual contractors)

Collection:

Personal Information, including name, email address, telephone number and other business contact information, is collected to receive services from suppliers, to manage the relationship with the supplier, and for the provision of products and services to our clients.

Use:

  • To receive goods and services from our suppliers: please note that we will use and disclose their Personal Information in such manner as we believe is reasonably necessary to receive and to review the provision of those services from suppliers.
  • Services to clients: if a supplier is assisting us in delivering services to our clients we will process Personal Information to manage that relationship.
  • Administration: to agree payment arrangements with our suppliers, and to make payments to them.

Retention:

A general retention period of 12 years will be applied unless there are any legal and or regulatory exceptions which may require documentation to be held for shorter or longer periods. If you require further information, please contact us using the details as set out in the “Data Controller contact information” section below.

Staff

Personal Information in relation to staff will be held on various internal systems and applications. A privacy notice which sets out the purposes for which Personal Information will be processed and contains information on data subject rights is provided to staff at the commencement of employment. If further information is required, please contact the Company Secretary.

Visitors to the Thruvision Website

Collection:

Personal Information will be collected if you sign up to attend any of our events, receive our marketing literature or request any other information about the company or its products and services.

Use:

  • Business contacts: If you receive our marketing literature or other information please see the paragraph above headed ‘Business contacts’.

Who else may have access to your Personal Information?

On occasion, we may need to share your Personal Information with third parties. We will only share Personal Information where we are legally permitted to do so.

Where you supply us with Personal Information as a client, we will assume, unless you instruct us otherwise in writing, that we can disclose your Personal Information in such manner as we believe is reasonably necessary to provide our products and services (including as described in this Policy), or as is required under applicable law. This might be because, for example, we may pass your Personal Information to third parties such as:

  • credit-checking agencies for credit control reasons;
  • events: we may need to pass on your Personal Information (e.g. name, company, occupation) to a third party in connection with management of an event, in which case the details will only be used by the third party for that specific purpose;
  • business partners, service providers and other affiliated third parties: to enable us to provide our services to you, we may need to share your Personal Information with our business partners (including other professional advisers such as accountants or auditors), external service providers and/or overseas business partners. Our arrangements with external service providers currently cover the provision of support services, outsourced manufacturing, events management, business and market research, marketing and business development and facilities management; and
  • disclosures required by law or regulation: in certain circumstances, please note that we may be required to disclose Personal Information under applicable law or regulation, including to law enforcement agencies or in connection with proposed or actual legal proceedings.

International transfers of Personal Information (including to outsourced service providers)

From time to time, we may need to transfer your Personal Information to other Thruvision trading entities, in particular in the USA in order to provide you with the products and services required.

Please note that the legal regimes of some territories outside of the EEA do not always offer the same standard of data protection as those inside the EEA, although we will ensure that your Personal Information is only ever treated in accordance with this Policy.

How we look after your Personal Information

We have in place appropriate technical and organisational security measures to protect your Personal Information against unauthorised or unlawful use, and against accidental loss, damage or destruction.

We put in place strict confidentiality agreements (including data protection obligations) with our third-party service providers.

Links to other websites

The Thruvision website, www.thruvision.com, may link to other, unaffiliated third-party
websites. Please note that Thruvision is not, and cannot, control or be responsible for the content or privacy and confidentiality practices of any third-party websites. You must always carefully review the privacy and confidentiality policy of any third-party website that you may visit in order to understand how the operators of that website may collect, store and use your Personal Information.

Updates to this Policy

This Policy was last updated in May 2018. Please check back regularly to keep informed of updates to this Policy.

Data Controller contact information

Each Thruvision company is a Data Controller:

UK and USA subsidiary companies

Thruvision Group plc and Thruvision Limited
121, Olympic Avenue, Milton Park
Abingdon
Oxon OX14 4SA

Thruvision Inc
21440, Ashburn Crossing Drive Suite 140
Ashburn
VA 20147

Complaints

While we hope that you will not need to, if you want to complain about our use of Personal Information please send an email detailing your complaint to the Privacy Officer at john.woollhead@thruvision.com

You also have the right to lodge a complaint with the relevant supervisory authority. Please see further details below:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow
Cheshire
SK9 5AF
www.ico.org.uk
Tel: 0303 123 1113
Tel: 029 2067 8400 (calls in Welsh)
Email: casework@ico.org.uk

Dated: 25 May 2018