VINX respects your privacy and is committed to ensuring that your personal information is used in accordance with current data protection legislation.
This policy is structured in the following manner to aid your understanding:
- What information do we hold on you?
- How is your data collected?
- How do we use your information?
- Who do we share your information with?
- Information on transfers outside the EEA
- How long do we retain your information?
- What are your rights in relation to your information?
- Contact point in relation to this policy
What information do we hold on you?
We collect your name, role, firm name, email address, LinkedIn profile URL and data and business address.
How is your data collected?
Our staff obtain relevant information from direct interactions or publicly available sources such as company corporate websites, LinkedIn, Twitter, other social media and news alerts. If you have attended an event organised or sponsored by VINX we will have collected your name, firm name, business address and other contact details.
If your company has expressed an interest in VINX services, our staff will collect your name, company name, business address and other contact details.
For clients, we collect personal data of client employees where this is relevant and necessary to providing VINX’s services.
How do we use your information?
For our clients, suppliers and employees, and all others where we have a current or past contractual relationship, we process your data (including that of relevant employees of clients) on the grounds of “legitimate interest”. VINX’s legitimate business interest, and purpose of our processing of your data, is delivering contracted services and providing follow-up services. Such follow up may include the provision of information requested by legally-authorised third parties and may occur a long time after the original contracted services are completed. VINX will also continue to research current and predicted future legislation and business activity relevant to our clients and their employees. On occasion this may require VINX to disclose company and business professional contact information such as name, role, business address, phone number and email address. Where such circumstances arise, VINX’s policy is to verify the legitimate interest of the requesting party and advise the Individual and Company accordingly.
For all others, where we have collected personal information as described above, VINX may make contact with individuals in order to advise them of information or events that VINX feel they may be interested in or to promote VINX services. Where we have obtained contact information without the implication that VINX will make follow up contact, our initial assumption is that contacted individuals will nevertheless find our communication of interest to them. VINX understand the importance of “opting in” to any further contact, and therefore, on the first such unsolicited approach, VINX will request individuals to opt in to further communications. Such “opt in” may be by positively replying to an email, returning a telephone call, or completing an online opt-in form. If an individual to whom VINX has made an unsolicited contact does not respond within 7 days, all that individual’s contact data held by VINX will be destroyed by default.
Who do we share your information with?
VINX stores your data electronically on computers in our offices and using a selected secure cloud hosting provider that may be located in or out of the EU. VINX endeavours to use the most appropriate security features for all the data it holds. To enable us to deliver certain contracted services VINX may need to provide certain personal data to government bodies and recognised non-governmental agencies and may also subcontract specific tasks to trusted third parties that may be in or out of the EU. Any such third parties are required to enter into contractual agreements with VINX to maintain data security at the same levels.
Other than this, VINX will never share personal or contact details with any third party except where a Legitimate Interest (as defined above) exists.
If your firm has expressed an interest in our product(s), our sales team will collect your name, firm name, business address and other contact details.
Transfers outside the EEA
VINX will not ordinarily transfer any personal data relating to EU or EEA nationals, residents or companies outside the EEA. Where VINX is contracted to provide services for international expansion to a non-EEA country, some personal data will necessarily be transferred to relevant local entities and trusted third party subcontractors. VINX will advise clients of this on a case by case basis.
Model clauses permit such transfer under Article 46 of the General Data Protection Regulation (the “GDPR”). You can find a link to the model clauses here: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
What are your rights in relation to our use of your information?
You have rights under data protection law in relation to our use of your information, including to:
- request access to your information, which you can do by emailing [email protected] stating you are submitting a Subject Access Request
- update or amend your information if it is inaccurate or incomplete by emailing [email protected] requesting an update object to certain uses of your personal data (which includes direct marketing and processing based on legitimate interests and processing for purposes of scientific or historical research and statistics) on grounds relating to your particular situation by emailing [email protected].
- request the deletion of your information, or restrict its use, in certain circumstances (for example you can request that we erase your information where the information is no longer necessary for the purpose for which it was collected, unless certain exceptions apply) by emailing [email protected];
- withdraw any consents you have provided in respect of our use of your information either by clicking unsubscribe links in emails or emailing [email protected];
- request the return of information you have provided to us, to use for your own purposes (often called your right to data portability) where the processing is based on your consent or for the performance of a contract, and the processing is carried out by automated means;
- lodge a complaint with the Information Commissioner’s Office (https://www.ico.org.uk/global/contact-us/email/) quoting International Corporate Creations Ltd’s registration number ZA191530.
We may need to ask you for further information and identification to help us to comply with any such request. More information about these rights can be found at https://ico.org.uk/for-the-public/. If you have any questions about these rights, or you would like to exercise any of them, please contact us at [email protected].
How long do we retain your data?
Contact details of Individuals and businesses are stored for varying lengths depending on the nature and purpose for which it was collected. VINX will review your personal data periodically (usually annually) to ensure it is still necessary to be retained for the purpose for which it was collected.
Client data including billing data is kept for the lifetime of our contract with you and then ongoing for seven years to comply with tax legislation (or for one year longer than the Statute of Limitations for the countries to which the contract relates).
Backups of our data are retained for a year. However, we have processes to ensure that, if a restore is required, Subject Rights are maintained.
How to contact us
If you have any questions regarding this policy, please email [email protected].
Changes to this policy
We keep this privacy notice under regular review and we will place any updates on this webpage. We will inform you of any material changes to the privacy notice. This privacy notice was last updated on 10 May 2018.