Privacy

Privacy Policy

SenseOn takes the privacy of individual personal information seriously.  This Privacy Policy describes how SenseOn processes and protects such information.

Introduction – General Data Protection Regulation (“GDPR”)

SenseOn is committed to ensuring it is compliant with Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data, the General Data Protection Regulation or “GDPR” and the UK Data Protection Act 2018 which reflects the GDPR (“DPA”).  The GDPR and DPA are referred to together in this Privacy Policy as the “Data Protection Legislation.” 

This Privacy Policy applies to all individuals with whom SenseOn comes into contact in the course of its business (except for SenseOn’s own employees).  This includes individuals employed by Senseon’s customers, suppliers or other third parties with whom SenseOn deals. 

Interpretation

In this Privacy Policy, we refer to:

Personal Data” or “Personal Information”:  this means information capable of identifying an individual, being “personal data” as defined in the Data Protection Legislation. 

Processing” and related expressions:  this means any operation SenseOn performs on Personal Data, such as collection, organising, storing, updating, using, disclosing and erasing it. 

You”, “your” and/or the “Data Subject”:  this means an individual who can be identified from or as a result of the Personal Data.

 Who we are and How to Contact Us

This Privacy Policy is issued by SenseOn Tech Limited incorporated and registered in England and Wales with company number 11032394 whose registered office is at 8 St James’s Square, London, SW1Y 4JU and referred to in this Privacy Policy as “SenseOn”, “we” or “us”. 

SenseOn is the data controller (as defined in the Data Protection Legislation) of the Personal Data which it processes as described in this Privacy Policy. 

In relation to SenseOn’s processing of Personal Data or for any other data protection or data privacy matters, SenseOn contact details are as follows: brad@Senseon.io.

Typical Data Subjects

SenseOn typically (but without limitation) processes Personal Information relating to the following categories of data subject:

  • individuals employed or otherwise engaged by its customers, suppliers and other businesses, organisations or authorities with whom it deals; and

  • individuals whose details we collect from sources in a B2B context and contact because it is in our legitimate interests; and

  • individuals who interact with SenseOn on their own account. 

Types of Personal Data Typically Processed

SenseOn typically (but without limitation) processes Personal Data consisting of contact information, such as name, email address, physical address and, where the data subjects are themselves its customers or suppliers, bank account and payment card information. 

Purposes for which SenseOn Processes Personal Data

SenseOn processes Personal Data for the following purposes.

  • to manage its business and its relationship with its customers, including providing them with products and/or services, communicating with them and maintaining its relationship with them you effectively, lawfully and appropriately.

  • to manage its relationship with its suppliers, including procuring products and/or services from them, communicating with them and maintaining its relationship with them

  • to manage relationships with authorities, intermediaries and other third parties

  • to inform customers and potential customers about its products and services, including by direct marketing

  • to invite relevant individuals to events

  • to inform suppliers and potential suppliers about its requirements

  • to provide features on its websites

  • to develop and improve its products and services

  • for account and promotional purposes

  • to comply with any legal obligations it may have including requests from Governmental Authorities, law enforcement agencies or to comply with legal processes

  • for internal administration

  • to detect and prevent fraud

  • to ensure information and networking security

  • to exercise its rights

  • to protect the rights, property or personal safety of its employees, third parties, business partners and the general public

  • in relation to its proposed corporate activities, such as a sale or merger

  • in relation to recruitment processes.

These are referred to in this Privacy Policy as the purposes of processing.

Use of Intercom Services

We use third-party analytics services to help understand your usage of our services. In particular, we provide a limited amount of your information (such as sign-up date and some personal information like your email address) to Intercom, Inc. (“Intercom”) and utilize Intercom to collect data for analytics purposes when you visit our website or use our product. As a data processor acting on our behalf, Intercom analyzes your use of our website and/or product and tracks our relationship by way of cookies and similar technologies so that we can improve our service to you. For more information on Intercom’s use of cookies, please visit https://www.intercom.com/terms-and-policies#cookie-policy. We may also use Intercom as a medium for communications, either through email, or through messages within our product(s). As part of our service agreements, Intercom collects publicly available contact and social information related to you, such as your email address, gender, company, job title, photos, website URLs, social network handles and physical addresses, to enhance your user experience. For more information on the privacy practices of Intercom, please visit https://www.intercom.com/terms-and-policies#privacy. Intercom’s services are governed by Intercom’s terms of use which can be found at https://www.intercom.com/terms-and-policies#terms. If you would like to opt out of having this information collected by or submitted to Intercom, please contact us.

Link – https://www.intercom.com/help/pricing-privacy-and-terms/privacy/updating-your-privacy-policy

Use of Fullstory Services

We use third-party analytics services to help understand your usage of our services. The FullStory Services utilize a powerful script that creates a new level of ease for website owners to understand the usability of their websites. Website or product owners who use FullStory Services can watch a DVR-like video playback of user sessions on their website, enabling meaningful insight into their users’ experience, as an effective way to identify usability problems and other areas for improvement. FullStory exists to make the web better for end-users, and it is only available to websites that share that goal. FullStory Services use first-party cookies and local storage to maintain a coherent scope for a user session across multiple pages on a single website. For more information on Intercom’s use of cookies, please visit https://www.fullstory.com/legal/privacy/FullStory Services do not and will not ever attempt to identify the same person across disparate, unrelated domains. FullStory takes pains in its engineering choices to differentiate itself from ad-tracking software. It is a violation of Fullstory’s Acceptable Use Policy for their customers (e.g. SenseOn) to attempt to build multi-site user profiles for the intent of selling or exchanging lists of users or demographic information.  

Legal bases for SenseOn’s processing of Personal Data

The legal bases on which SenseOn processes Personal Data are as follows, depending on the purpose of the processing:

  • Legitimate Interests. In most cases, the purposes set out above represent the legitimate interests of SenseOn in operating its business and the processing is necessary to achieve them and does not override the interests, fundamental rights or freedoms of the individuals concerned.

  • Performance of a contract.  In certain cases, SenseOn needs to process Personal Data to perform a contract to which the data subject is a party or to take steps at the data subject’s request before entering into a contract, for example to provide goods or services to customers who are individuals or to purchase goods or services from suppliers who are individuals.

  • Legal Obligation.  SenseOn may need to process Personal Data to comply with a legal obligation, such as an enforceable request from Government.

  • Consent  – in certain specific situations, SenseOn may process Personal Data as a result of having obtained the specific freely given consent of the individual concerned.  When doing so, SenseOn will inform the individual of the purpose of the processing and the individual can withdraw consent at any time.

Recipients of Personal Data

SenseOn may disclose or transfer Personal Data to the following recipients:

  • third-party service providers for the purposes of providing services to SenseOn itself

  • third-party service providers for the purposes of providing services to the customers and suppliers of SenseOn or other persons with whom it deals;

  • [companies or organisations which are affiliated to SenseOn, for example affiliates or subsidiary companies or other companies or organisations under common ownership with Senseon, in either case for administrative or internal purposes [and/or so that they can contact individuals or those engaging them with information about products or services which may be of interest to them]

  • authorities and other bodies who can compel SenseOn to do so under applicable law.

Transfer of Personal Data outside the UK

SenseOn may transfer Personal Data outside the UK, for example where any of the recipients described above are located outside the UK, where we share Personal Data within SenseOn group (including transfer of data to our USA branch) or in respect of any operations of SenseOn outside the UK from time to time. Whenever we transfer Personal Data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • The transfer is to a country that has been deemed to provide an adequate level of protection for Personal Data by the European Commission (e.g. any EU member-state); or

  • Where we use certain service providers or transfer Personal Data within SenseOn group, we may use specific contracts approved for use in the UK which give Personal Data the same protection it has in the UK (such as standard contractual clauses).

Please contact us if you want further information on the specific mechanism used by us when transferring Personal Data out of the UK.

Period of storage of Personal Data

SenseOn only keeps Personal Data for the period necessary for the purposes for which it processes it.  This is determined in accordance with its retention policy.

The criteria used to determine the retention periods of SenseOn include: (i) the nature of the Personal Data; (ii) the length of time SenseOn has a continuing relationship with the individual or the organisation engaging the individual; (iii) whether there is a legal obligation to which SenseOn is subject requiring it to retain the Personal Data (iv) whether retention for a period is advisable in light of the SenseOn’s legitimate interests (such as with regard to applicable statutes of limitations or regulatory investigations).  

Based on the above, SenseOn’s policy is to retain Personal Data about individuals for 2 (two) years from the last contact with the individual or organisation concerned except where it relates to a transaction or includes financial data in which case SenseOn retains it for up to seven (7) years from the data of the transaction or last active use of the financial data, except where statutory, regulatory, legal or security reasons require a longer period.

Personal Data relating to recruitment processes will be kept for no longer than is necessary.

Rights of Individuals in relation to their Personal Data

Individuals have the following rights where SenseOn processes their Personal Data:

  • to obtain confirmation as to whether or not SenseOn processes their Personal Data;

  • to access a copy of their Personal Data that SenseOn does process;

  • to request the correction of inaccurate Personal Data held by SenseOn;

  • to request that SenseOn erases their data or to object to SenseOn continuing to process it;

  • where SenseOn relies on having obtained consent for the purposes of the processing, the right to withdraw such consent, without affecting the lawfulness of processing before such withdrawal;

  • in certain cases to receive Personal Data, which they have provided to SenseOn, in a structured, commonly used and machine readable format and to transmit it to another controller or have it directly so transmitted;

  • to lodge a complaint with their local data protection regulator — in the UK, this is the Information Commissioner’s Office, https://ico.org.uk/.

Europe 17260364v.1