Privacy Notice

EU General Data Protection Regulation ensure that we comply with a series of data protection principles. These principles are there to protect you and they make sure that we do the following.

  • Process all personal information lawfully, fairly and in a transparent manner;
  • Collect personal information for a specified, explicit and legitimate purpose;
  • Ensure that the personal information processed is adequate, relevant and limited to the purposes for which it was collected;
  • Ensure the personal information is accurate and up to date;
  • Keep your personal information for no longer than is necessary for the purpose(s) for which it was collected; and
  • Keep your personal information securely using appropriate technical or organisational measures.

Being transparent and providing accessible information to you about how we use personal information is a key element of the General Data Protection Regulation (Regulation (EU) 2016/679). The most common way to provide this information is in a privacy notice. This privacy notice explains how we use any personal information we collect about you when you use this website.

Topics

  • What information do we collect about you?
  • How will we use the information about you?
  • What is the legal basis for our processing of personal data?
  • Marketing
  • When do we disclose information about you to third parties?
  • What happens is there are changes to the purposes for which we process information about you?
  • When will we use service or project specific privacy notices?
  • How do we protect your data?
  • For how long will we store information about you?
  • What are your rights in relation to information that we hold and process?
  • How do you make requests or file complaints?
  • How to contact us?
  • Please provide your feedback
  1. What information do we collect about you?

We collect information about you when you register with us, access your account with us or visit our website and other social media tools. We also collect information when you voluntarily complete customer surveys, provide feedback and participate in events that we organize.  Website information is collected using cookies.

The sort of information we hold includes:

  • Your name
  • Your contact details ;
  • Your job title
  1. How will we use the information about you?

We collect information about you when your register with us, visit our website and other social media tools, and to manage your account and, if you agree, to email you about other products and services that we think may be of interest to you.

We use your information collected from the website to personalize your repeat visits to the website.

If you agree we shall pass on your personal information to our group of companies so that they may offer you their products and services.

We will not share your information for marketing purposes with companies outside the Ullink Group.

In processing your order or instructions, we may send your details to and also use information from credit reference agencies, our external advisors, fraud prevention agencies or other regulatory bodies.

  1. What is the legal basis for our processing of personal data?

The processing of your data is based on your consent that must be freely given.

You may withdraw your consent at any time and without any explanation by clicking here.

  1. Marketing

We would like to send you information about products and services of ours and other companies in our group which may be of interest to you.  We would also like to keep you updated of events that we organize or participate in or that relate to products and services of ours and other companies in our group.  If you have consented to receive marketing, you may opt out at a later date.

You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other companies in our group.

If you no longer wish to be contacted for marketing purposes please click here.

  1. When do we disclose information about you to third parties?

We may transfer information about you to other group companies (“Group”) for purposes connected with marketing our products and services to you. In order to ensure an adequate level of protection, Standard Contractual Clauses (model of the European Commission) have been signed between the entities of the Group.

In general, your personal and sensitive data will only be stored and processed on servers based within the European Economic Area (EEA).

In limited and necessary circumstances, your information may be transferred outside of the EEA or to an international organisation to comply with our legal or contractual requirements.  In such cases we will require the same level of protection of your data as that provided by us.  Please review the Privacy Policy on this.  We will only ever share your information if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do.

We will never share your information for marketing purposes without first obtaining your prior consent in writing.

Before sharing information, we will ensure that:

  • Privacy Notices are completed if appropriate,
  • Technical security such as encryption and access controls are in place to keep information secure,
  • Information sharing agreements are completed showing the rules to be adopted by the various organisations involved in the sharing exercise,
  • Privacy impact assessments are completed to assess any risks or potential negative effects,
  • Common retention periods and deletion arrangements are set for the information, and

Your access rights are catered for.

  1. What happens if there are changes to the purposes for which we process information about you?

If in the future we intend to process your personal data for a purpose other than that for which it was collected we will provide you with information on that purpose and any other relevant information.

  1. When will we use service or project specific privacy notices?

Services using large amount of personal or sensitive information will have their own dedicated privacy notice to tell people what information is being shared. These notices will map out how personal information flows through the service or project and how it is processed.

  1. How do we protect your data?

We take the security of your data seriously. We have implemented generally accepted standards of technology and operational security in order to protect personal data from loss, misuse, or unauthorized alteration or destruction.

Please note however that where you are transmitting information to us over the internet this can never be guaranteed to be 100% secure.

We will notify you promptly in the event of any breach of your personal data which might expose you to serious risk.

  1. For how long will we store information about you?

We will only keep your information for as long as it is required to be retained. The retention period is either dictated by law or pursuant to company policy or national regulatory requirements. Each national legislation imposes on companies’ obligations to keep records and maintain data for a number of years.  The company policy on data retention will be defined by reference to the obligations set forth under national legislations.

We will review the personal data that we hold every year to establish whether we should continue to process or store it. If we decide that we should not process it, we will only retain your personal data in an archived form in order to be able to comply with future legal obligations e.g. establishment, exercise or defence of legal claims.

  1. What are your rights in relation to information about you that we hold and process?

Under the General Data Protection Regulation (GDPR) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

The implementation of these rights is as follows.

  • The right of access to any personal information the company holds about yourself. To request a copy of this information you must make a subject access request in writing, either via a letter to Data Protection Team, ULLINK, 21 boulevard Haussmann, 75009 Paris, France, or by email to: dataprotectionrequest@ullink.com or to dataprotectionrequest@itiviti.com. To ensure that we can deal with your request as efficiently as possible you will need to include your current name and address, proof of identity (a copy of your driving licence, passport or two different utility bills that display your name and address). You will receive a copy of your personal data within 40 calendar days of our receipt of your access request.
  • The right of rectification, we must correct inaccurate or incomplete data within one month.
  • The right to erasure. You have the right to have your personal data erased and to prevent processing unless we have a legal obligation to process your personal information.
  • The right to restrict processing. You have the right to suppress processing. We can retain just enough information about you to ensure that the restriction is respected in future.
  • The right to data portability. We can provide you with your personal data in a structured, commonly used, machine readable form when asked.
  • The right to object. You can object to your personal data being used for profiling, direct marketing or research purposes.

You have rights in relation to automated decision making and profiling, to reduce the risk that a potentially damaging decision is taken without human intervention.

If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.

  1. Other websites

Our website contains links to other websites.  This privacy policy only applies to this website so when you link to other websites you should read their own privacy policies.

  1. How do you make requests or file complaints?

If you wish to make a complaint about how the company is processing your data, then please visit send an email to dataprotectionrequest@ullink.com or to dataprotectionrequest@itiviti.com.

If you have made a complaint and after receiving a response are still dissatisfied with how the company has handled your complaint or if you believe that we have not complied with the requirements of the GDPR with respect to your personal data, you may contact the [name of the local data protection authority].

  1. How to contact us?

Please contact us if you have any questions about our privacy policy or information we hold about you:

Contact details for the company’s data controller are:

ULLINK SAS, Group’s Data Protection Team,

21 boulevard Haussmann, 75009 Paris, France

dataprotection@ullink.com or dataprotection@itiviti.com

  1. Please provide feedback

This Privacy Notice is a living document and your feedback is essential to make sure that it is clear, helpful and provides you with all the information that you need in order to protect your rights adequately.  There is always room for improvement so please do not hesitate to send us your comments and suggestions at dataprotection@ullink.com or to dataprotection@itiviti.com.