background

Catapult's privacy policy

  • 1. Introduction
    This Privacy Policy will help you understand what information Catapult CX Limited’s (hereafter called CCL) collects from you and processes using this website, how we obtain it, and what choices and rights you have about your personal data. This Privacy Policy refers to CCL’s website available at the following URL: https://catapult.cx. Here are our key beliefs with regards to this privacy policy: - User privacy and data protection are human rights. - Personal data is a liability, it should only be collected, processed and stored when absolutely necessary, and should be protected with adequate security measures. - We will never sell, rent or otherwise distribute or make public your personal information. Please do not submit or provide any personal or private data to the CCL without having read, understood, and accepted this Privacy Policy in full. If you are outside the European Economic Area (EEA), by accessing files, browsing, or otherwise using CCL’s website, you have agreed to the use of your data as described in this Privacy Policy. If you are in the EEA, by accessing CCL’s website, you have agreed to the use of your data as described in this Privacy Policy. It also describes the choices regarding use, access and collection of personal information as well as your rights to your personal data that we process. If you do not agree with the terms, please do not access or use CCL’s website.
  • 2. Controller and owner
    Catapult CX Limited, (company number 11381539)10 Brick Street, London, W1J 7HQ, United Kingdom Tel.: +44 (0)20 7961 0790 Website: https://catapult.cx Controller and owner: Alex Fishlock CEO – dataprotection@catapult.cx Even with the best of intentions, CLL knows things can go wrong. So, if for any reason you are not entirely satisfied with any aspect of our information rights practices, please let us know as soon as possible. CCL will investigate the situation and where necessary, set about putting things right as quickly as possible. CCL will also take steps to avoid similar problems happening in the future. For further information please follow CCL’s General Data Processing Regulation Complaints procedure found in section 16 of this policy. Please note, all electronic correspondence, including emails, are subject to the terms of this privacy notice.
  • 3. Legal basis
    CCL is designed to comply its business, internal computer systems and this website with the following national and international legislation with regards to data protection and user privacy: - UK Data Protection Act 1988 (DPA) - EU Data Protection Directive 1995 (DPD) - EU General Data Protection Regulation 2016 (GDPR)
  • 4. Collected data
    4.1 Data sent via this website Personal information sent via this website when seeking more information via CCL’s online contact form, requesting to attend one of our events, applying for job postings or for other similar purposes. Your decision to disclose your personal data is entirely voluntary, and by doing so, you are providing CCL with specific consent to use your personal data only for the purposes for which you have disclosed it to us. CCL may access and use your customer data only for the purposes for which you have submitted it to (a) provide information to you, (b) make contact with you, (c) provide services to you, or (d) maintain the operations and security of the website and services CCL provides to you. CCL will not use your personal information for any other purposes, for example the communication of marketing material, unless CCL has your specific consent to do so. CCL will at all times handle and store your personal data in accordance with industry best practice aligned with ISO27001, the international standard for information security. This includes the activities and procedures undertaken by CCL’s own personnel and authorised third parties (see section 9 of this policy), and the technical controls which we have implemented to prevent unauthorised access, compromise or theft of information from CCL’s applications, supporting computer systems and premises. 4.2 Personal information of our customers’ clients and employees CCL collects information under the direction of our customers and has no direct relationship with the individuals whose personal data it processes on behalf of such customers. When CCL provides services to its customers, in some instances it processes personal information about their clients or employees on their behalf. In these situations, it is CCL’s customers rather than CCL who decides the reasons for which the client Information will be processed. If you are a client or employee of one of CCL’s customers and would no longer like to be contacted by one of CCL’s customers that use our service or for details of how the client information will be used and protected, and details of how to access or correct the information, please refer to the privacy statement of the CCL’s customer to which you submitted your personal information. CCL may transfer personal information to companies that help provide CCL’s service. Transfers to subsequent third parties are covered by the service agreements with CCL’s customers. CCL acknowledges that you have the right to access your personal information. An individual who seeks access, or who seeks to correct, amend, or delete data should directly query CCL’s customer. If requested to remove data, CCL will respond within the applicable legal timeframe. CCL will retain personal data CCL processes on behalf of its customers for as long as needed to provide services to its customers at their instruction. CCL may also retain this personal information as necessary to comply with its legal obligations, resolve disputes, and enforce its agreements. 4.3 Sensitive personal data GDPR specifies a set of personal data categories which are considered to be “sensitive”, and which require special consideration by Data Controllers. This website, and any services available from this website, do not knowingly collect or process any sensitive personal data, and supporting Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR). 4.a Children’s personal data This website, and any services available from this website, are not directed to children under the age of 13. If you learn that a child under the age of 13 has provided us with their personal information without having parental consent, please contact the CCL controller and owner (see section 2 of this policy) immediately so that we can take appropriate action.
  • 5. Data rights
    You have several rights connected to the provision of your personal data to CCL using this website. These include your rights to request that CCL: - confirms to you what personal data CCL may hold about you, if any, and for what purposes; - changes the consent which you have provided in relation to your personal data; - corrects any inaccurate or incomplete personal data which may be held about you; - provides you with a complete copy of your personal data for you to move elsewhere; - stops processing your personal data, whilst an objection from you is being resolved; - permanently erases all your personal data promptly, and confirms to you that it has done so (there may be reasons why we may be unable to do this); To contact CCL, please see section 2 above. If CCL does not address your request or fails to provide you with a valid reason why it is unable to do so, you have the right to contact the Information Commissioner’s Office to make a complaint. They can be contacted via their website (www.ico.org.uk) or by telephone 0303 123 1113.
  • 6. Data breaches
    CCL will report any unlawful data breach any of its third-party data processors to all relevant persons and authorities within 72 hours of becoming aware of the breach, where feasible.
  • 7. Personal information collected by Catapult's website
    CCL collects personal information on its website via the following ways: 7.1 Site visitation tracking CCL’s website uses Google Analytics (GA) to track user interaction and to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website. Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to CCL. GA also records your computer’s IP address which could be used to personally identify you, but Google does not grant CCL access to this. CCL considers Google to be a third party data processor (as defined below). GA makes use of cookies, details of which can be found on Google’s developer guides. CCL’s website uses the analytics.js implementation of GA. Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website. 7.2 Contact forms and email links Should you choose to contact CCL using the online contact form on our Contact Us page, the data that you supply will be forwarded to one of CCL’s team members acting under this email address: dataprotection@catapult.cx. If you are requesting services CCL might add your information under Pipedrive. Pipedrive provide us with CRM services and we consider Salesforce to be a third-party processor. The contact details you submit will not be stored on CCL’s website database. Should you choose to contact us via email, the data you supply will be processed in Google mail and Google Drive.
  • 8. CCL’s website server
    This website is hosted by Amazon Web Services (AWS) within a secure UK based data centre. We consider AWS to be a third-party data processor (see below). All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
  • 9. Third party data sub processors
    CCL uses a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out - Google (for website analytics) https://www.google.com/intl/en... - AWS (for hosting this website) https://aws.amazon.com/privacy... - Pipedrive (for sales administration and account management purposes): https://www.pipedrive.com/en/privacy - LinkedIn (social media) https://www.linkedin.com/stati... - Facebook (social media) https://www.facebook.com/about... - Twitter (social media) https://twitter.com/privacy - Instagram (social media) https://www.instagram.com/abou... - Google Adwords and remarketing (digital advertising) https://policies.google.com/te... The activities within which each of these Data Processors participates have been recorded within the applicable Privacy Impact Assessments (also known as Data Protection Impact Assessments under GDPR).
  • 10. Collection of information using cookies and other tools
    CCL’s website uses cookies and other tools to enhance the users experience when visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with current legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer / device. CCL uses both session-based and persistent cookies, dependent upon how you use or interact with CCL’s website. Cookies are small files saved to the user’s computer or mobile device that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser deletes them, or until they expire. The cookies in use to deliver Google Analytics service are described in the table below. Cookie: __utma__utmb __utmc __utmv __utmz Title: Google Analytics Description: These cookies are used to store information, such as what time your current visit occurred, whether you have been to the site before, and what site referred you to the web page. These cookies contain no personally identifiable information, but they will use your computer’s IP address to know from where in the world you are accessing the Internet. Google stores the information collected by these cookies on servers in the United States. Google may transfer this information to third-parties where required to do so by law, or where such third-parties process the information on Google’s behalf. Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected. 10.1 Cookies opt-out In order to provide website visitors with more choice on how data is collected by Google Analytics, Google has developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to stop data being sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not affect usage of the website in any other way. A link to further information on the Google Analytics Opt-out Browser Add-on is provided below for your convenience. http://tools.google.com/dlpage... For more information on the usage of cookies by Google Analytics please see the Google website. A link to the privacy advice for this product is provided below for your convenience. http://www.google.com/analytic... 10.2 Disabling Cookies If you would like to restrict the use of cookies you can control this in your Internet browser. Links to advice on how to do this for the most popular Internet browsers are provided below for convenience and will be available for the Internet browser of your choice either online or via the software help (normally available via key F1). - Internet Explorer http://windows.microsoft.com/e... - Google Chrome https://support.google.com/chr... - Mozilla Firefox http://support.mozilla.org/en-... - Apple Safari http://docs.info.apple.com/art...
  • 11. External links
    Although CCL’s website only looks to include quality, safe and relevant external links, users are advised adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; google.com or facebook.com.) CCL’s website owner cannot guarantee or verify the contents of any externally linked website despite his best efforts. Users should therefore note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
  • 12. Adverts and sponsored links
    CCL’s website may contain sponsored links and adverts. These will typically be served through advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve. Clicking on any such adverts will send you to the advertisers’ website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computer’s hard drive. Users should therefore note they click on sponsored external links at their own risk and CCL’s website and its owner cannot be held liable for any damages or implications caused by visiting any external links mentioned.
  • 13. Social media platforms
    Communication, engagement and actions taken through external social media platforms that CCL’s website and its owner participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively. Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. CCL’s website nor its owner will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email. This website may use social sharing buttons from LinkedIn, Facebook, Instagram and Twitter which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account. We consider LinkedIn, Instagram, Facebook and Twitter to be third party data processors (see section 9 above).
  • 14. Shortened links in social media
    CCL’s website and its owner through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy urls [web addresses] (this is an example: https://bit.ly/2jP0mdn). Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by CCL’s website and its owner. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore CCL’s website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
  • 15. Changes to our privacy policy
    This privacy policy may change from time to time in line with legislation or industry developments. CCL will not explicitly inform clients or website users of these changes. Instead, CCL recommends that you check this page occasionally for any policy changes.
  • 16. GDPR complaints process
    CCL will always try to resolve your concerns there and then. If this is not possible, CCL will fully investigate all the issues you have raised and aim to resolve them as quickly as possible, without undue delay, by speaking with you or writing to you. CCL aims to answer all complaints about your information rights within 28 calendar days. If there are exceptional circumstances, CCL may take up to 84 calendar days to complete your request, however CCL will contact you with 28 days with an update. The Information Commissioner’s Office provide guidance about how to raise a concern with us. Please refer to https://ico.org.uk/for-the-pub... Where you are not satisfied with how your complaint has been handled or you are not satisfied with CCL’s final response or failure to respond in the timescales above, you may lodge a further complaint to us using the email above. Alternatively, you can refer your complaint to CCL’s GDPR supervisory authority, the Information Commissioner’s Office (ICO). Website: https://ico.org.uk/concerns For further information on the scope of the Information Commissioner’s Office please refer to https://ico.org.uk/
  • 17. Email disclaimer
    Email is an informal medium and information provided is based solely on an initial review. In many cases such information does not give a complete picture of the issues involved and therefore no liability is assumed by the writer or the firm for information provided. The information in this e-mail and any attached files is confidential and may be legally privileged or prohibited from disclosure and unauthorised use. The views of the author may not necessarily reflect those of Catapult CX Limited. It is intended solely for the addressee, or the employee or agent responsible for delivering such materials to the addressee. If you have received this message in error, please forward it to Catapult at info@catapult.cx then delete the email and destroy any copies of it. If you are not the intended recipient, any form of reproduction, dissemination, copying, disclosure, modification, distribution and/or publication or any action taken or omitted to be taken in reliance upon this message or its attachments is prohibited and may be unlawful. The integrity of e-mail across the Internet cannot be guaranteed and messages sent via this medium are potentially at risk or could contain viruses. All liability is excluded to the extent permitted by law for any claims arising as a result of the use of this medium to transmit information..