This Privacy Policy describes the ways in which information about you may be collected, used, disclosed, transferred and stored by or on behalf of Allwand. Allwand includes the entities listed in section 1 of this Privacy Policy.
This Privacy Policy applies to any interaction with Allwand, including through any websites, platforms or applications (together hereinafter referred to as the “Site” or “Sites”).
Contents
This Privacy Policy consists of the sections set out below. For ease of reference, please click on the relevant section to go directly to that section.
- 1. Who we are
- 2. Purpose of this Privacy Policy
- 3. Children
- 4. What data we may collect from you
- 5. How we collect information from you
- 6. How we use your personal data
- 7. Sharing your personal data with third parties
- 8. Marketing
- 9. Retention of your data
- 10. Accuracy of your data
- 11. Security of your data
- 12. Transfer of your data to third parties, international transfers of personal data and sharing your data
- 13. Third-party links
- 14. Your UK/EEA/Switzerland Rights
- 15. USA Residents – Exercising Your Rights
- 16. Cookies
- 17. Amendments to this Privacy Policy
- 18. How to contact us
1. Who we are
When we refer to the “Company”, “we“, “us”, or “our” in this Privacy Policy, we are referring to the relevant Allwand entity that is processing your personal data.
We are a full-service global consulting firm that provides integrated and innovative solutions around digital transformation, products, cloud, and technology. Our core solutions include Enterprise Agility and business technology tools consulting, custom software development, value-added reselling of third-party software licenses and end-to-end global talent solutions for enhancing tech teams. In addition, Allwand provides training solutions through its extensive training course library or the development of a custom curriculum. Allwand can provide training in Agile, Atlassian, Business Analysis, Cloud & IT Services, Cybersecurity, Data and analytics, DevOps, Management, Product Management, Project and Program Management, Scrum, Software Development and Software Testing & QA either through live classroom training, workshops at businesses and multimedia presentations and course materials that can be downloaded or accessed via the internet. Allwand is also a reseller of, and facilitates access to courses and associated products, services, and course materials offered by other service providers.
2. Purpose of this Privacy Policy
We ask that you read this Privacy Policy carefully as it contains important information about:
- what personal data we may collect from you or third parties;
- how we will use, store and protect your personal data;
- with whom we may share personal data and
- your rights under relevant data protection laws.
It is important that you read this Privacy Policy and any other privacy notice or fair processing notice we provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.
This Privacy Policy sits alongside the Terms and Conditions of our Sites, which we also encourage you to read.
3. Children
Our Sites are intended for use by adults, and we do not knowingly collect information from or about children. If you are a parent or guardian and your child who is under 18 (or other ages as appropriate by country) may have provided personal data to our Site, please Contact Us. The age of consent for processing personal data varies from country to country and state to state.
4. What personal data we may collect from you
We may collect and process the following personal data:
- Identity data: your full name, title, username, gender, job title, company name, occupation, national insurance number / social security number, passport number, driver’s licence number and situational photos.
- Contact data: billing address, delivery address (which could be your office address), personal email address, company email address, personal telephone number (mobile and landline) and company telephone number.
- Financial data: bank account and payment card details.
- Transaction data: details about payments to and from you, placed orders, order history and other details about the products and services you have purchased or downloaded from us.
- Technical data: device Internet Protocol (IP) address, geolocation, your behaviour on the Site (e.g. number of visits, information about how you access our Sites, your domains of origin as well as what content you read and click), your login data, browser type and version, routing number, cookies, time zone setting and location (including geolocation), browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Site.
- Profile data: your username and password, purchases or orders made by you, date, duration and time of your calls, a record of calls made to, or by, you, your interests and preferences and your feedback and survey responses.
- Employment and educational data: your course or training record, your curriculum vitae, your business division, your employer’s or contractor’s details, your role or position within an organisation, past occupations, details of your employment, superannuation account, residency status, contact details of your next of kin, office location and educational institution.
- Usage data: information about how you use our Site, products and services.
- Marketing and communications data: your preferences in receiving marketing from us and our business partners and your communication preferences.
- Visitor data: information about your visits, including date and time, account of any accidents and video footage from CCTV surveillance (if you visit one of our offices or course venues).
- Job applicant data: any information you or a recruitment agency provides us regarding your job application, information from any referees and the referee’s details.
5. How we collect information from you
We collect your personal data in a number of ways, including as follows:
- Automatically: as you browse our Sites, certain information relating to your browsing patterns and technical data about the equipment you use to access the Site is automatically collected using cookies, server logs and other similar technologies. Please see our Cookie Policy for further information.
- Directly from you: contact details, financial, identity data, transaction data, profile data or any other information directly provided by you when you request our services, you use our services, register for an account, create or modify your profile, set preferences, you fill in online forms or communicate with us in any way, for example, when:
- you contact us in connection with our services;
- you enter into a contract with us (or someone does so on your behalf);
- creating and logging on online accounts;
- applying or registering for or requesting our courses and other services;
- you visit our premises or venues where we provide our courses and other services;
- submitting a query;
- requesting or consenting to marketing materials being sent to you;
- providing us with feedback, contacting us for any reason, or
- your job application or any enquiry relating to job vacancies and recruitment process.
- From third parties:
- Business partners or other organisations who provide us information about you when you have been enrolled on our courses through our business partners or third-party organisations, including advertising and market research partners. Such third parties should have informed you that your information would be provided to us and directed you to this Privacy Policy;
- third-party service providers and business partners engaged by us to provide courses and other services to you;
- an organisation that has sold us marketing lists containing your contact details. Such third parties should have informed you that your information would be provided to us and directed you to this Privacy Policy;
- affiliates and group companies, and
- recruitment agencies, credit reference agencies, background check agencies and your referees.
- Publicly available sources include third-party and regulatory body websites, social media and public databases.
6. How we use your personal data
Below, we have briefly set out the purposes for which we may use your personal data. We have also identified one or more legal bases on which we rely for processing your personal data.
- To provide the requested services to you or our customers, including enrollment on and provision of online courses and class-based courses, course materials, and course enrollment. We may use instructors who are independent contractors or consultants to provide and deliver our courses to you. These individuals (and any related entities) may have access to your personal data only as needed to perform their functions and are obligated to maintain the confidentiality of your personal data. If you work for one of our customers, suppliers or business partners, the information we collect about you may include your personal data (such as contact information, details of your employment and our relationship with you). This information may be collected directly from you or provided by your organisation. Your organisation should have informed you that your information would be provided to us, and directed you to this Privacy Policy: Legal bases: performance of a contract with you, to comply with a legal obligation (including health and safety), our and third party legitimate interests (performance of a contract with a third party like your employer, to provide services and support to you, deal with any customer complaints, administer customer orders and accounts, manage our business relationship with you and third parties, to keep our records updated and to study how customers use our services). We may also share such details if you provide written permission to us to transmit this information on your behalf.
- To monitor and record your training/course and class performance, including evaluating and recording your performance and providing such information to you: Legal bases: performance of a contract with you, our legitimate interests (performance of a contract with a third party like a reseller of our courses, to manage our business relationship with you and third parties, to keep our records updated and to study how customers use our services).
- Processing of invoices/payment and collection of payments due to us: Legal bases: performance of a contract with you, our legitimate interests (performance of a contract with a third party like a reseller of our courses, to manage our business relationship with you and third parties, to recover amounts due to us, to keep our records updated).
- To improve our services and for quality and training purposes: Legal bases: our legitimate interests (to improve our business and services and to study how customers use our services/ to develop them and grow our business).
- For benchmarking and statistical purposes: Legal bases: our legitimate interests (to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To personalise your experience on our Sites and optimize and develop user experience on our Sites: Legal bases: consent when we use cookies and our legitimate interests (to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To provide customer service, including responding to your enquiries and fulfilling any of your requests for information or provision of services: Legal bases: performance of a contract with you, our legitimate interests (performance of a contract with a third party like a reseller of our courses, to manage our business relationship with you and third parties, to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To send you important information regarding our services and/or other technical notices, updates, security alerts, and support and administrative messages: Legal bases: to comply with a legal obligation, our legitimate interests (to improve our business and services, to keep our Sites updated and relevant, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To enable monitoring of behaviour and trends that can support us in improving our content and services: Legal bases: consent when we use cookies, to comply with a legal obligation, our legitimate interests (to improve our business and services, to keep our Sites updated and relevant, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- For monitoring and evaluation of the sales of our services as well as marketing actions: Legal bases: your consent, our legitimate interests (to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To track and monitor usage and performance of our services so that we can improve our services and their delivery to you: Legal bases: our legitimate interests (to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- For marketing purposes, we sometimes take situational photos or videos at events and course sessions (showing the event/session as such, not individual participants), which we can then present on our website or social media. Legal bases: your consent, our legitimate interests (to improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To perform our contractual obligations to you or a third party (e.g. your employer): Legal bases: performance of a contract with you, our and third party legitimate interests (performance of a contract with a third party like your employer and to manage our business relationship with you and third parties).
- To manage and protect our business and affairs: Legal bases: to comply with a legal obligation, our legitimate interests (to operate and manage our business, in the context of any purchase or sale of our business or company or any business or group restructuring or reorganisation, improve our business and services, to study how customers use our services/ to develop them and grow our business).
- To buy or sell any business, assets or shares or for our internal business and group restructurings: Legal bases: to comply with a legal obligation, our legitimate interests (to operate and manage our business, in the context of any purchase or sale of our business or company or any business or group restructuring or reorganisation, improve our business and services, to study how customers use our services/ to develop them and grow our business).
- For marketing purposes to personalize your experience and to allow us to deliver the type of content and service offerings in which you are most interested: Legal bases: your consent, our legitimate interests (to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To administer and protect our Sites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data): Legal bases: to comply with a legal obligation, our legitimate interests (for provision of administration and online services and network security, to prevent fraud, to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business).
- To deliver relevant Site content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you: Legal bases: consent when we use cookies, our legitimate interests (for provision of administration and online services and network security, to prevent fraud, to perform our contract with a third party, to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To use data analytics to improve our Sites, services, marketing, customer relationships and experiences: Legal bases: consent when we use cookies, to comply with a legal obligation, our legitimate interests (for provision of administration and online services and network security, to prevent fraud, to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business).
- To show you relevant advertisements while you are browsing the internet or using social media: Legal bases: your consent, our legitimate interests (to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business, to improve marketing of our business and services).
- To process any job application and/or deal with any recruitment or background check process and enter into any employment relationship: Legal bases: to take steps at your request before entering into a contract with you, to comply with a legal obligation and our legitimate interests (to assess and evaluate job applicants and record our recruitment activities, to comply with any legal obligation, to prevent fraud, to operate and manage our business).
- As we believe to be necessary or appropriate:
- to comply with a legal obligation. This applies where the processing is necessary for us to comply with the law, regulations or any guidance or direction from any supervisory authority. Legal bases: to comply with a legal obligation;
- to enforce or apply this Privacy Policy: Legal bases: to comply with a legal obligation, our legitimate interests (for provision of administration and online services and network security, to prevent fraud, to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business); and
- to protect our legitimate rights, privacy, property or safety, and/or those of a third party as long as your rights do not override those interests: Legal bases: to comply with a legal obligation, our legitimate interests (for provision of administration and online services and network security, to prevent fraud, to operate and manage our business, improve our business and services, to study how customers use our services/ to develop them and grow our business).
7. Sharing your personal data with third parties
We are not in the business of selling information about you to advertisers or other third parties. However, there are times when we might share your information with our local or international business partners and service providers to make sure we can provide you with our products and services or communicate with you.
Third parties we may need to share information with include:
- Where you attend a certified training course, the certification organisation, which may be located overseas;
- Third parties that help us operate, provide, improve, integrate, customise, support and market our products and/or services (e.g. our cloud service providers that host our services);
- Third parties when you give us consent to do so (e.g. pension or medical benefits provider);
- Where we must comply with enforcement requests and applicable laws or enforce our rights and
- Our affiliated companies (this policy applies to the information we share with them).
8. Marketing
We may collect or purchase your identity and contact details (such as your name, email address, phone number, or address) to send you information about our products and services that you might be interested in. We may collect this directly from you or through a third party (including by acquiring a marketing list or database). If a third party collects your identity and contact details, we will process your data based on legitimate interests to send you a fair processing notice and then respect any communication preferences you give us.
You always have the right to “opt-out” of receiving our marketing. You can exercise the right at any time by Contacting Us. If we send you any marketing emails, we will obtain your consent where necessary, and we will always provide an unsubscribe option to allow you to opt out of any further marketing emails. If you “opt-out” of our marketing materials, you will be added to our suppression list. We keep that suppression list indefinitely to comply with our legal obligations to ensure we don’t accidentally send you further marketing.
Where you unsubscribe from any postal marketing, you may initially still receive some content which has already been printed or sent, but we will remove you from any future promotions/offers. We may still need to contact you for administrative or operational purposes, but we will ensure those communications do not include direct marketing.
If you are an existing customer or are acting as a business, we use your contact details as necessary for our legitimate interests in marketing to you and maintaining a list of potential customers.
We never share your name or contact details with third parties for marketing purposes. We use third-party service providers to send out our marketing, and we only allow them to use that information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
You can change your mind regarding your marketing preferences at any time by Contacting Us.
9. Retention of your data
We will retain your personal data for as long as it is required to provide you with services or is necessary for legal reasons. When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention periods. Using these criteria, we regularly review the personal data which we hold and the purposes for which it is held and processed. After we cease to provide you with services, your data will be processed only for technical reasons (system integrity, backups) while it remains inactive in our systems.
Where we need to retain your personal data to comply with our legal obligations, we will retain such personal data for the duration necessary to comply with such legal obligations.
We store your personal data as long as you wish to receive marketing content from us (you have the right to withdraw your consent or object processing at any time).
We retain the details of your contract and the history of your purchases and courses for at least 7 years (or such longer period as required by applicable laws) after your account is closed so that you can have access to this information for future use and to enable us to deal with any after sales enquiries or claims and as required for tax purposes. This information may be stored in our archive for reference purposes for as long as our business needs require, which we will review after 7 years.
Visitor data and CCTV recordings are retained for the maximum periods permissible under applicable laws.
We retain information collected by a cookie until that cookie expires or is disabled by you. For further information on cookies used, please refer to our Cookie Policy.
10. Accuracy of your data
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. Please contact us if you need to update your contact details we hold.
11. Security of your data
To protect your personal data, we put in place appropriate organisational and technical security measures. These measures include ensuring our internal IT systems are suitably secure and implementing procedures to deal with any suspected data breach.
In the unlikely event of a data breach, we will take steps to mitigate any loss or destruction of data and, if required by law, will notify you and any applicable authority of such a breach.
Although we use appropriate security measures once we have received your personal data, you will appreciate that data transmission over the internet (including by e-mail) is never completely secure. We endeavour to protect personal data but cannot guarantee the security of data transmitted to or by us.
12. Transfer of your data to third parties, international transfers of personal data and sharing your personal data
Please read this section if you are accessing our services from the UK, the European Economic Area (the “EEA”) or Switzerland. Our business and that of the third parties we use to deliver our services to you is international in nature. Allwand is a global brand, and Allwand entities operate from a number of locations around the world. Consequently, Allwand entities may transfer data between them to ensure the most efficient data processing. However, Allwand entities will comply with national and other regulations and ensure adequate and appropriate technical, organizational and legal safeguards for international data transfers.
Our business and operations (including data servers) are primarily based in the USA. When you access our services, register for our courses, and provide us with your details (by logging in online), you will, in effect, provide us with your personal data for processing in the USA.
If we transfer data to countries or organisations outside of the UK, the EEA or Switzerland, which the EU or the UK do not consider to have an adequate data protection regime in place, we will ensure that appropriate safeguards (for example, standard contractual clauses approved by the EU, UK or a data protection authority) are put in place where required. If you would like more information regarding the safeguards we put in place for international data transfers from the UK, EEA or Switzerland, please contact us.
Your personal data is shared with third-party service providers who process such information on our behalf so that we can provide our services to you. Our third-party providers may use their own subcontractors, who may be given access to your personal data to provide our services to you. Our main third-party providers are located outside of the UK, EEA and Switzerland; therefore, your personal data will be transferred to countries outside the UK, EEA and Switzerland.
For example, we may share your personal data with other third parties in the context of the possible sale or restructuring of our business or organisational structure. We may also need to share your personal data with a regulator or otherwise comply with the law.
13. Third-party links
Our Sites contain links to and from other applications, plug-ins and websites of other networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that they (and any services that may be accessible through them) have their own privacy policies, and, unless we have expressly agreed otherwise with you, we do not accept any responsibility or liability for the content of these applications or websites or their policies or for any personal data that may be collected through these applications, websites or services. We encourage you to read these privacy policies before you submit any personal data to these applications or websites or use such services.
14. Your United Kingdom, European Economic Area and Switzerland Rights
If you are located in the UK, the EEA or Switzerland, you may have certain rights in relation to the personal data we process and hold about you. These rights are:
- Right of access: you have the right to request access to personal data that we may process about you.
- Right to rectification: you have the right to require us to correct any inaccuracies in your personal data.
- Right to erasure: you have the right to require us to delete your personal data, subject to certain legal requirements.
- Right to restriction of processing: you have the right to require us to restrict the way in which we process your personal data. You may wish to restrict processing if, for example:
- you contest the accuracy of the data and wish to have it corrected; or
- you would prefer restriction to erasure.
- Right to object to processing: you have the right to object to our processing of your personal data.
- Right to data portability: you have the right to obtain from us the personal data we hold on you.
- Right to withdraw consent: where we have relied upon your consent to process your personal data, you have the right at any time to withdraw your consent.
- Right to lodge a complaint with a supervisory authority: you have the right to complain to a supervisory authority (the Information Commissioner’s Office is the relevant supervisory authority in the UK or the Finnish Data Protection Ombudsman in Finland or the Office of the Australian Information Commissioner in Australia).
With the exception of lodging a compliant directly with a supervisory authority (such as the Information Commissioner’s Office or the Finnish Data Protection Ombudsman), if you would like to contact us to exercise any of the other rights set out above, please put your request in writing; include proof of your identity (such as a copy of your driving licence or passport) and address (such as a recent utility or credit card bill) and specify the right you wish to exercise.
15. USA Residents
If you are a resident of USA your state may afford you certain rights with respect to knowing whether we hold your personal data, what personal data we hold about you, accessing your personal data, requesting copies, correcting errors, and in some cases requesting it be deleted. Please see below for more information in this regard, including your California privacy rights. Updates to this Privacy Policy will be referenced by the “Last Updated ” date shown above.
15.1 Definitions.
For the purposes of this Section 14, the following definitions govern:
“Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular person or household. “Personal Information” does not include: (i) publicly available information or lawfully obtained, truthful information that is a matter of public concern; or (ii) information that is deidentified or aggregate information.
“Sensitive Personal Information” means Personal Information that reveals information such as: (a) social security, driver’s license, state identification card, or passport number; (b) account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; (c) precise geolocation; (d) racial or ethnic origin, religious or philosophical beliefs, or union membership; (e) the contents of an mail, email, and text messages unless we are the intended recipient of the communication; (f) genetic data; and (g) information about a known child. Sensitive Personal Information includes the processing of biometric information for the purpose of uniquely identifying an individual, Personal Information collected and analyzed concerning an individual’s mental or physical health and Personal Information collected and analyzed concerning an individual’s sex life or sexual orientation. Sensitive Personal Information that is publicly available is not considered Sensitive Personal Information or Personal Information.
15.2 Information We Collect, the Categories of Source of Collection and the Purpose for Collection.
Set forth below are the categories of Personal Information we collect and that have collected in the preceding 12 months, the categories of sources from which the Personal Information was collected and the business or commercial purpose for such collection. Please see Sections 3, 4 and 5 for additional and more detailed information.
Category of Personal Information | What We Collect | Categories of Sources from which Personal Information Collected | Business or Commercial Purposes for Collection |
PERSONAL INFORMATION | |||
Identifiers | Real name Alias Postal address Unique personal identifier Online identifier Internet protocol address Email address Phone number Account name Social security number Driver’s license number Passport number Other similar identifiers | Directly from you Automatically, such as when you visit our website (e.g., cookies on our Sites) *** Our service providers Our resellers Our vendors | To present and perform our services To contact you to provide you with information or services that you request from us To fulfill or meet the reason you provided the information To process your requests, transactions and payments and prevent transactional fraud To carry out our obligations and enforce our rights arising from any contracts entered into between you and us To provide customer support, troubleshoot issues, manage accounts, and respond to requests, questions or comments, including to investigate and address your complaints and monitor and improve our responses To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services To maintain your contact information For recruitment purposes To assess your employment application For internal administrative and auditing purposes To comply with law or legal process such as reporting, and record-keeping requirements To detect security incidents and protect against malicious, deceptive, fraudulent or illegal activity, including, when necessary, to prosecute those responsible for such activities |
Section 1798.80 Identifiers Not Included in Other Rows | Signature Characteristics or description Telephone number Insurance policy number Bank account number Credit card number Debit card number Other financial information | Directly from you Automatically*** Our service providers | Same as previous row |
Protected Characteristics | Race Color Sex/gender Gender identity, gender expression Military or veteran status Disability (mental and physical including HIV/AIDS, cancer, and genetic characteristics) | Directly from you Automatically*** Our service providers | To comply with demographic reporting requirement For recruitment purposes To assess your employment application For internal administrative and auditing purposes To comply with law or legal process such as reporting, and record-keeping requirements |
Commercial Information | Records of personal property, products or services purchased, obtained, or considered Other purchasing or consuming histories or tendencies. | Directly from you Automatically during a purchasing transaction or during a period of support for services purchased*** | To present and perform our services To contact you to provide you with information or services that you request from us To fulfill or meet the reason you provided the information To process your requests, transactions and payments and prevent transactional fraud To carry out our obligations and enforce our rights arising from any contracts entered into between you and us To provide customer support, troubleshoot issues, manage accounts, and respond to requests, questions or comments, including to investigate and address your complaints and monitor and improve our responses To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services |
Biometric Information | We do not collect or have access to any of your biometric information. To the extent that any entity with which we work collects any biometric information from you regarding your interaction with us, you should review their privacy policies. | ||
Internet Information | Electronic network activity information Browsing history Search history Information regarding interaction with a website, application, or advertisement Company device activity | Directly from you Automatically*** Our service providers | To advertise opportunities, services or special events that we think may be of interest to you To manage workforce activities and personnel Operate and manage IT and communications systems and facilities To maintain security on our Sites and Internet-connected assets |
Geolocation Data | Internet protocol address | Automatically*** | To manage workforce activities and personnel Operate and manage IT and communications systems and facilities To maintain security on our Sites and Internet-connected assets For security purposes To advertise opportunities, services or special events that we think may be of interest to you To manage and secure corporate computing devices |
Audiovisual Information | Electronic information (e.g., meeting recordings) Visual information (e.g., camera footage) | Directly from you Automatically*** | To keep record of meetings in case necessary to refer to such information To manage workforce activities and personnel For security purposes To manage access to company assets |
Professional or Employment-Information | Professional history Employment history | Directly from you Our service providers | To recruit candidates and perform background screening To assess your candidacy for employment |
Education Information | Educational history | Directly from you Our service providers | To recruit candidates and perform background screening To assess your candidacy for employment |
Inferences | Records of personal property, products or services purchased, obtained, or considered Other purchasing or consuming histories or tendencies. | Directly from you Automatically during a purchasing transaction or during a period of support for services purchased*** | To contact you to provide you with information To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services |
SENSITIVE PERSONAL INFORMATION | |||
Sensitive Identifiers | Social security number Driver’s license number State identification card number Passport number | Directly from you | To recruit candidates and perform background screening To perform identity verification, accounting, audit and other internal functions To process payroll or make other remittances |
Account Information Note: This consists of log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account | Bank account number Credit card number Debit card number Other financial information Account log-in information | Directly from you Our service providers | To present and perform our services To process your requests, transactions and payments and prevent transactional fraud To carry out our obligations and enforce our rights arising from any contracts entered into between you and us |
Precise Geolocation | Security camera footage | Directly from you Automatically*** | To manage workforce activities and personnel For security purposes |
Sensitive Characteristics | Racial origin Ethnic origin | Directly from you Our service providers | To comply with demographic reporting requirement For recruitment purposes To assess your employment application For internal administrative and auditing purposes To comply with law or legal process such as reporting, and record-keeping requirements |
*** See Sections 13 and 16 for more information.
15.3 Personal Information We Sell, Share or Disclose and the Purpose for It.
We do not sell Personal Information as that term is commonly understood. We do, however, share with others certain Personal Information we have collected from you for cross-context behavioral advertising and our activities may be considered a sale under California law. For purposes of California law:
- “Share,” “shared,” or “sharing” means sharing, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s Personal Information by the business to a third party for cross-context behavioral advertising, whether or not for monetary or other valuable consideration, including transactions between a business and a third party for cross-context behavioral advertising for the benefit of a business in which no money is exchanged.
- “Sell,” “selling,” “sale,” or “sold,’’ means selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s Personal Information by the business to a third party for monetary or other valuable consideration.
The chart below shows the categories of Personal Information we sell (again as defined under California law) or share or that we have sold or shared in the past 12 months, the categories of third parties to whom we have sold or shared Personal Information and the business purpose for the sale or sharing of the Personal Information.
Categories of Personal Information that We Have Sold or Shared in the Past 12 Months | Categories of Third Parties to Whom We Have Sold or Shared Personal Information | Business Purposes for Sale or Sharing of Personal Information |
PERSONAL INFORMATION | ||
Identifiers | To our affiliate entities Data analytics providers like Google Analytics Third party advertising partners Third parties for marketing purposes | To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services For recruitment purposes |
Commercial Information | Data analytics providers like Google Analytics Third party advertising partners Third parties for marketing purposes | To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services |
Inferences | Data analytics providers like Google Analytics Third party advertising partners Third parties for marketing purposes | To advertise opportunities, services or special events that we think may be of interest to you To notify you about any additions, upgrades or changes in our services |
We use third party advertising companies to place ads on other sites. We do this by allowing our advertising and social media partners to place their cookies on a browser of an individual who visits our sites and accepts the use of cookies. The data received by our third party advertising and social media partners allows them to measure the effectiveness of such advertising and to provide advertisements on other websites about our services which are tailored to your interests.
We use Google Analytics to ensure website functionality and improve our Site and services. This software may record information such as your IP address, location, age and gender, browser type and language, operating system, access time, duration of visit, pages you view within our Site, search terms you enter and other actions you take while visiting us, the pages you view immediately before and after you access the services, how often you use our Services, aggregated usage and performance data, app errors and debugging information. Google Analytics is owned and controlled by Google LLC. Data collected by Google is subject to its privacy policy. To learn how Google uses data related to website analytics, please click here. You may opt-out of having your activity on our Site made available to Google Analytics by installing the Google Analytics browser add-on, available here.
Under California law, the disclosure of data received by our third party advertising and social media partners may be considered a sale of Personal Information.
This Site is not intended for anyone under 18 years old. We do not have actual knowledge that we sell or share the Personal Information of consumers under 16 years of age.
Please see Sections 6 and 7 for additional information.
In addition, we disclose and have disclosed in the preceding 12 months Personal Information to our service providers and contractors for the following business purposes.
- Auditing of Ad Impression: We disclose Personal Information for auditing purposes related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Security and Fraud Detection: We disclose Personal Information for our security and fraud detection services including detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity; and prosecuting those responsible for that activity.
- Functionality & Debugging: We disclose Personal Information to engage in debugging to identify and repair errors that impair existing intended functionality.
- Short-Term / Transient Use: We disclose Personal Information for short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business, provided that the consumer’s Personal Information is not disclosed to another third party and is not used to build a profile about the consumer or otherwise alter the consumer’s experience outside the current interaction with the business.
- Services on Our Behalf: We disclose Personal Information in order to receive services performed on our behalf, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on our behalf.
- Advertising and Marketing Services: We disclose Personal Information to provide advertising or marketing services on our own behalf.
- Research & Development: We disclose Personal Information for internal research related to technological development and demonstration.
- Quality Control &Improvement of Products and Services: We disclose Personal Information to verify, maintain, and improve our products and services.
The following chart sets forth the categories of Personal Information we disclose for a business purpose.
Categories of Personal Information that We Disclose | Business Purposes for the Disclosure of Personal Information |
PERSONAL INFORMATION | |
Identifiers | Auditing of Ad Impression Security and Fraud Detection Functionality & Debugging Short-Term / Transient Use Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services |
Section 1798.80 Identifiers Not Included in Other Rows | Auditing of Ad Impression Security and Fraud Detection Functionality & Debugging Short-Term / Transient Use Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services |
Protected Characteristics | Security and Fraud Detection Services on Our Behalf |
Commercial Information | Auditing of Ad Impression Security and Fraud Detection Functionality & Debugging Short-Term / Transient Use Services on Our Behalf Advertising and Marketing Services Research & Development Quality Control & Improvement of Products and Services |
Biometric Information | Security and Fraud Detection Services on Our Behalf |
Internet Information | Auditing of Ad Impression Security and Fraud Detection Functionality & Debugging Short-Term / Transient Use Services on Our Behalf Advertising and Marketing Services Quality Control & Improvement of Products and Services |
Geolocation Data | Auditing of Ad Impression Security and Fraud Detection Functionality & Debugging Short-Term / Transient Use Services on Our Behalf Advertising and Marketing Services Quality Control & Improvement of Products and Services |
Audiovisual Information | Security and Fraud Detection Functionality & Debugging Services on Our Behalf |
Professional or Employment-Information | Services on Our Behalf |
Education Information | Services on Our Behalf |
SENSITIVE PERSONAL INFORMATION | |
Sensitive Identifiers | Security and Fraud Detection Services on Our Behalf |
Account Information | Security and Fraud Detection Services on Our Behalf |
Precise Geolocation | Security and Fraud Detection Services on Our Behalf |
Sensitive Characteristics | Security and Fraud Detection Services on Our Behalf |
Sensitive Biometric Information | Security and Fraud Detection Services on Our Behalf |
As Necessary: We may also disclose Personal Information, as necessary: (a) to comply with any legal process; (b) to respond to requests from public and government authorities; (c) to enforce our terms and conditions; (d) to protect our operations and protect our rights, privacy, safety or property, and/or that of you or others; and (e) to allow us to pursue available remedies or limit the damages that we may sustain. We may also disclose Personal Information to our clients, customers and industry partners to comply with our contractual obligations to them if you are assigned to provide services to them. We may also disclose Personal Information in connection with or during the negotiation of any reorganization, acquisition, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).
We only use Sensitive Personal Information for purposes disclosed herein. We do not use or disclose Sensitive Personal Information for purposes other than those specified herein.
15.4 Certain Rights for California Residents.
California residents may exercise certain privacy rights pursuant to the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2023, and related regulations. Your right to submit certain requests as a California resident are described below. Please note that these rights are subject to certain exceptions and certain of these rights are subject to verification mechanisms.
- Right to Know Personal Information Collected About You. You have the right to know: (1) the categories of Personal Information we have collected about you; (2) the categories of sources from which the Personal Information is collected; (3) the business or commercial purpose for collecting, selling, or sharing Personal Information; (4) the categories of third parties to whom we disclose Personal Information; and (5) the specific pieces of Personal Information we have collected about you. You also have the right to know the list of all third parties to whom we have disclosed Personal Information, as defined under California Civil Code Section 1798.83(e) (a/k/a the “Shine the Light Law”), during the preceding year for third-party direct marketing purposes. You may submit a request by emailing us at privacy@allwand.com.
- Right to Know Personal Information Disclosed, Sold or Shared and to Whom. You have the right to request that we disclose to you: (1) the categories of Personal Information that we collected about you; (2) the categories of Personal Information that we sold or shared about you and the categories of third parties to whom the Personal Information was sold or shared, by category or categories of Personal Information for each category of third parties to whom the Personal Information was sold or shared; and (3) the categories of Personal Information that we disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose. You may submit a request by calling us at (877) 800-5221 or emailing us at privacy@allwand.com.
- Right to Request Deletion of Your Personal Information. You have the right to request that we delete your Personal Information, subject to a number of exceptions. Following receipt of a request, we will let you know what if any, Personal Information we can delete from our records. If we cannot delete all of your Personal Information, we will let you know the reason. You may submit a request by calling us at (877) 800-5221 or emailing us at privacy@allwand.com.
- Right to Correct Inaccurate Information. If you believe that any of the Personal Information we maintain about you is inaccurate, you have the right to submit a request for us to correct that information. Upon receipt of a request, we will use commercially reasonable efforts to correct the information as you direct. You may submit a request by calling us at (877) 800-5221 or emailing us at privacy@allwand.com.
- Right to Opt-Out of the Sale and Sharing of Your Personal Information. You may opt-out of the sale or sharing of your Personal Information, to the extent appliable, by clicking here.
- Right to Limit the Use of Your Sensitive Personal Information. California residents have the right to limit the use of Sensitive Personal Information under circumstances. You do not have this right where we use your Sensitive Personal Information for the following purposes: (i) to that use which is necessary to perform the services or provide the goods reasonably expected by you; (ii) to help to ensure security and integrity; (iii) to perform services on our behalf; (iv) to undertake activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by us; and (v) to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by us. Given the nature of our use of your Sensitive Personal Information, this right does not apply to you.
- Right to Non-Discrimination for Exercising Your Rights. If you choose to exercise any of your rights, you have the right to not receive discriminatory treatment by us.
When you make a request to know, delete and/or correct, to help protect your privacy and maintain security, we will take steps to verify your identity. Our verification procedure may differ depending on whether you have an account with us or not and the request you are making. The following generally describes the verification processes we use:
- Password Protected Accounts. If you have a password-protected account with us, we may use existing authentication practices to verify your identity but will require re-authentication before disclosing, correcting or deleting data. If we suspect fraudulent or malicious activity relating to your account, we will require further verification (as described below) before complying with a request to know or delete.
- Verification for Non-Accountholders. If you do not have or cannot access, a password-protected account with us, we will generally verify your identity as follows:
- For requests to know categories of Personal Information, we will verify your identity to a reasonable degree of certainty by matching at least two data points provided by you with reliable data points maintained by us.
- For requests to know specific pieces of Personal Information, we will verify your identity to a reasonably high degree of certainty by matching at least three data points provided by you with reliable data points maintained by us. We will also require a declaration, signed under penalty of perjury, that the person requesting the information is the person whose information is the subject of the request or that person’s authorized representative. We will maintain all signed declarations as part of our records.
- For requests to correct or delete Personal Information, we will verify your identity to a reasonable degree or a reasonably high degree of certainty depending on the sensitivity of the Personal Information and the risk of harm posed by unauthorized deletion. We will act in good faith when determining the appropriate standard to apply.
If there is no reasonable method by which we can verify your identity, we will state so in response to a request to know or delete Personal Information, including an explanation of why we have no reasonable method to verify your identity.
If you use an authorized agent to submit a request to know, delete or correct, we may require the authorized agent to provide proof that you gave the agent signed permission to submit the request. We may also require you to do either of the following: (a) verify your own identity directly with us; or (b) directly confirm with us that you provided the authorized agent permission to submit the request. This requirement does not apply if you have provided the authorized agent with power of attorney pursuant to California Probate Code sections 4121 to 4130.
We will respond to requests to know, requests to delete and / or delete no later than 45 calendar days. If we cannot verify your request within 45 days, we may deny your request. If necessary, we may take up to an additional 45 days to respond to your request but in such an event will provide you a notice and an explanation of the reason that we will take more than 45 days to respond to your request.
15.5 Nevada Privacy Notice
Nevada law provides that Nevada residents may opt out of the “sale” of “covered information” to third parties, including but not limited to name, address, social security number, and online service activity. Our uses of your personal information are not sales under Nevada law, so no opt-out is required.
16. Cookies
We employ “cookies” to provide visitors with tailored information to facilitate your use of the Site. A “cookie” is an element of data that a website sends to a visitor’s browser which, in turn, may store that element on the visitor’s hard drive or memory. Any cookies sent by us will be marked so that they will be accessible only by our Sites. A visitor may block or delete our cookies from the hard drive. However, by disabling cookies, certain features and functionality of our Sites may no longer work properly, or at all. See our Cookie Policy for more information about data collected online from cookies and similar technologies.
17. Amendments to this Privacy Policy
We may at any time change, modify, or otherwise update this Privacy Policy without prior notification. The latest applicable version can be accessed at all times at https://www.allwand.com/privacy-policy/.
This Privacy Policy was last updated: 11-12-2023
18. How to contact us
You should be aware that you have the right to raise any concerns with a data protection supervisory authority, including the Information Commissioner’s Office in relation to how we process your personal data if you are in the UK or, with your local supervisory authority if you are anywhere else in the EEA or Switzerland.
Alternatively, you may also contact us if you have questions or concerns about this Privacy Policy, our Terms and Conditions, this Site or if you wish to update, correct or delete any information you have provided to us. Please feel free to contact us by email at privacy@allwand.com or by mail or telephone at the details provided below:
Allwand B.V.
Databankweg 26, 3821 AL Amersfoort
The Netherlands