Last Updated: 24 May 2018

Optial Privacy Notice

Optial UK Limited (referred to as “Optial”, "we", "us" or "our" in this privacy notice) respects your privacy and is committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.

Purpose of this privacy notice

This privacy notice aims to give you information on how Optial collects and processes your personal data, including any data you may provide through this website for example when completing an online contact form.

This website is not intended for children and we do not knowingly collect data relating to children. We do not intentionally collect or maintain, and do not want you to provide, any information regarding your medical or health condition, race or ethnic origin, political opinions, religious or philosophical beliefs or other sensitive information.   

We use cookies and similar technologies. Our Cookie Policy describes what we do in that regard.

What kind of personal data do we collect:

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data includes first name, last name, Company name or similar identifier.
  • Contact Data includes email address and telephone numbers.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version.
  • Usage Data includes information about how you use our website.

How we collect personal information

We obtain personal information from various sources. We do this in three main ways:

  • You provide some of it directly (such as by registering for a demonstration of our software, by applying for a job with us or when we provide services for you under a contract).
  • We record some of it automatically when you use our site (including with technologies like cookies).
  • We receive some of it from third parties (Google Analytics, Social Media such as Facebook or LinkedIn or our third party vendors such as referral partners or recruiters).

How we use your data

We use the personal information we obtain about you to:

  • Communicating with you. Communicate with you in relation to the requests you have made, including by sending you emails.
  • Performance of a contract.  To perform our contracts with you or take steps at your request before entering into a contract.
  • Manage our everyday business needs. Administer and manage our business; train our employees; help promote compliance with our terms of service or any other contracts between us; allow you to apply for a job; carry out research and development; carry out other purposes that are disclosed to you and to which you consent.
  • Enforcement. Enforce our Terms of Service and other legal terms and policies.
  • Protection. Protect our and others’ interests, rights and property (e.g., to protect our Users from abuse).
  • Complying with law. Comply with applicable legal requirements, such as government regulations and industry standards, contracts and law enforcement requests.

Legal basis for using your personal data

  • Consent. You have consented to the use of your personal information in a particular way. When you consent, you can change your mind at any time.  
  • Performance of a contract. We need your personal information to provide you with services and products requested by you, or to respond to your inquiries. In other words, so we can perform our contract with you or take steps at your request before entering into one.
  • Legal obligation. We have a legal obligation to use your personal information, such as to comply with applicable tax and other government regulations or to comply with a court order or binding law enforcement request.
  • Legitimate interests. We have a legitimate interest in using your personal information. In particular, we have a legitimate interest in the following case:
    • You, have requested information or a demonstration of our software. We have assumed a legitimate interest because of this request. Please note we have a legitimate interest to process and retain your personal data to enable the communications with you to establish and provide software demonstrations.
    • To operate our business and provide you with compliance and risk management software and other related services.
    • To analyze and improve the safety and security of our Services - we do this as it is necessary to pursue our legitimate interests in ensuring our services are secure, such as by implementing and enhancing security measures and protections and protecting against fraud, spam and abuse.
    • To provide and improve our services, including any personalized services - we do this as it is necessary to pursue our legitimate interests of providing, where possible, an innovative and tailored offering to our customers.
    • To share your personal information with our affiliates that help us provide and improve the Services.
    • To anonymize and subsequently use anonymized information.

How we protect your data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, affiliates or third party vendors who have a business need to know. Typically, this is to engage with our Sales team to meet your requests or to negotiate or perform a contract

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

When and why we share your information

We do not sell your information.

We may share your personal information with our affiliates or third party vendors when it is reasonably necessary or desirable to-

  • Help provide services to you or analyze, improve or tailor the services we provide to you.
  • Carry out our everyday business operations

We may also share your personal information if we are required to do so by law or to protect rights and interests of others or if we are in involved in a reorganization, merger, acquisition or sale of some or all of our assets.

Data transfers

Personal information that you submit through the Website or as obtained by us may be transferred to countries other than where you live, such as, for example, on our CRM system that is based on servers in the U.S.
Your personal information may be transferred by our third party vendors to countries that do not have the same data protection laws as the country in which you initially provided the information.

We have our third party vendors rely upon a number of means to protect that personal information transferred which is subject to the European General Data Protection Regulation (“GDPR”).  These include:

  • Privacy Shield.  In accordance with Article 45 of the GDPR, personal information to companies that have certified their compliance with the EU-U.S. or Swiss-U.S. Privacy Shield Frameworks (each individually and jointly, the “Privacy Shield”), including Squarespace, Inc.
  • Standard data protection clauses.  In accordance with Article 46 of the GDPR, transfer personal information to recipients that have entered into the European Commission approved contract for the transfer of personal data outside the European Economic Area.  
  • Other means. In accordance with Articles 45 and 46 of the GDPR, transfer personal information to recipients that are in a country the European Commission or a European data protection supervisory authority has confirmed, by decision, offers an adequate level of data protection, pursuant to an approved certification mechanism or code of conduct, together with binding enforcement commitments from the recipient to apply the appropriate safeguards, including as regards data subjects’ rights, or to processors which have committed to comply with binding corporate rules.

Optial engages the following third party vendors to assist in providing services to its customers or to assist Optial in carrying out its everyday business operations. These third party vendors may sub process your personal information or transfer it outside of the jurisdiction in which you live -

  1. Rackspace International GmbH and its group members for its hosting and related services. Rackspace USA Inc. has certified its compliance to the Privacy Shield. See https://www.rackspace.com/en-gb/information/legal/privacystatement
  2. Squarespace.com, Inc. and its group members for its Website and related services. Squarespace has certified its compliance to the Privacy Shield. See https://www.squarespace.com/privacy
  3. Salesforce.com and its groups members for its Customer Relationship Software and related services. Salesforce has certified its compliance to the Privacy Shield. See https://www.salesforce.com/uk/company/privacy/

You can learn more about the privacy shield by visiting https://www.privacyshield.gov/.

By providing your personal information to Optial you consent to the transfer of your information as described above.

Data retention

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for or as required by law

Firstly, this will be to contact you to discuss your particular business needs and the reason for your enquiry. Should following that discussion or series of discussions, we identify that there is no further relationship between Optial and yourself possible, we will remove the personal data. Where we cannot contact you immediately we will retain data until such time as we are able to contact you.

Where we have entered into a contract with you to provide services to you, we will retain personal information obtained as a result of performing the contract as is set out in the contract or in accordance with our standard retention policies.

Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data. You have the following rights:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data]
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

You have a right to lodge a complaint with your local data protection supervisory authority at any time. See  http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

Use of Cookies

The Optial website use "cookies" to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a Web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you, and can only be read by a web server in the domain that issued the cookie to you.One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize Optial pages, or register with Optial site or services, a cookie helps Optial to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Optial website, the information you previously provided can be retrieved, so you can easily use the Optial features that you customized. You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Optial services or websites you visit. 

How to contact us

If you have questions or comments about this Privacy Policy or our privacy practices or if you would like to exercise your rights and choices, please email us at request@optial.com or write to us at the addresses below:

Optial UK Ltd
1 Red Place
London
W1K 6PL
United Kingdom

Changes to this Policy

Our Privacy Statement may need to be changed from time to time as the Optial business changes. The “Last Updated” section at the top of this page states when this Privacy Statement was last revised.
If any change materially affects the privacy of your Personal Information, we will notify you by posting a notice to this site and give you a reasonable period of time to object to any changes.  
We encourage you to periodically review this Privacy Statement to stay informed about how we collect, use and share your personal data.