Date Last Updated
This document informs you of our policies regarding the collection, use, and disclosure of personal data and the choices you have associated with that data.
“Microdec”, “we,” or “us” mean Microdec Plc.
“Client” and “Clients” means a customer of Microdec.
“Client Data“ means all data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service or provides to Microdec for processing.
“Personal Data” means information that specifically identifies an individual or that is linked to information that identifies a specific individual.
“Service” is the software (however deployed or hosted), database mobile applications, cloud-hosted infrastructure, websites and other services provided by us.
“User” means an employee, agent, or representative of a Client, who primarily uses recruitment software and services in such capacity.
“Visitor” means an individual who accesses the Microdec website or any other portal but is not a User.
4.1. The information we collect
We collect different types of information from or through our website, through general course of business and via the Service. As the provider of software solutions and services to recruitment companies, we rely upon the balanced legitimate interests of ourselves, and our Clients (or prospective clients) as our legal base to control and process the information set out below. Where we are the data processor on behalf of our Clients that use the Service, we will act under performance of a contract as our legal base for processing.
User-provided Information. When you use the Service, as a User or as a website visitor, you may provide, and we may collect Personal Data. Examples of Personal Data include name, email address, mailing address, phone numbers, and credit card or other billing information. Personal Data also includes other information, such as geographic area or preferences, when any such information is linked to information that identifies a specific individual. You may provide us with your own or third party Personal Data in various ways on the Service.
Information Collected by Clients. A Client or User may store or upload into the Service, personal data relating to their clients, candidates or other third parties. Microdec has no direct relationship with the individuals whose Personal Data it hosts as part of Client Data. Each Client is responsible for providing notice to its customers and third persons concerning the purpose for which the Client collects their Personal Data and how this Personal Data is processed in or through the Service as part of Client Data.
“Automatically Collected" Information. When a User or Visitor uses the Microdec website or Service, we may automatically record certain information from the User’s or Visitor’s device by using various types of technology, including cookies. This “automatically collected" information may include IP address or other device address or ID, web browser and/or device type, the web pages or sites visited just before or just after using the Service, the pages or other content the User or Visitor views or interacts with on the Service, and the dates and times of the visit, access, or use of the Service. We also may use these technologies to collect information regarding a Visitor or User’s use of the service. This information is gathered from all Users and Visitors and is aggregated for analysis.
Information from other sources. You may be able to access other products and services through an integration of the Service with a third-party provider or service. Personal data may be exchanged between the services for login, identification and security purposes and will usually be a personal login ID. Data exchanged between the services is prescribed in the specification and documentation supporting the integration and is processed under the direction of the applicable Client or User.
4.2.How we use the information we collect
We use the information that we collect in a variety of ways in providing the Service and operating our business, including the following:
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Service, to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Service. We process Client Data solely in accordance with the provision of the Service as specified in our terms and conditions; and under directions provided by the applicable Client or User.
We use the information – other than Client Data - to understand and analyse the usage trends and preferences of our Visitors and Users, to improve the Service, and to develop new products, services, features, and functionality.
We may use a Visitor’s or User’s email address or other information – other than Client Data – to contact that Visitor or User (i) for administrative purposes such as customer service, to address issues related to the Service or Client Data posted on the Service or (ii) with updates on promotions and events, relating to products and services offered by us and by third parties we work with. You have the ability to opt-out of receiving any promotional communications as described below under “Your Choices”.
Website Cookies and Tracking Technologies
We use automatically collected information and other information collected on the Service through cookies and similar technologies to: (i) personalize our Service, such as remembering a User’s or Visitor’s information so that the User or Visitor will not have to re-enter it during a visit or on subsequent visits; (ii) provide customized advertisements, content, and information; (iii) monitor and analyse the effectiveness of marketing activities; (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed.
We take measures to protect the technical information collected by our use of Google Analytics. The data collected will only be used on a need to know basis to resolve technical issues, administer the Site and identify visitor preferences; but in this case, the data will be in non-identifiable form. We do not use any of this information to identify individual Visitors or Users. Non-aggregated Google Analytics data will be removed after 38 months.
4.3.To whom we disclose information
Except as described in this Policy, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
We work with third party service providers who provide websites, business management tools, hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the security and confidentiality of such information.
Law Enforcement, Legal Process and Compliance
We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial warrant, or to otherwise cooperate with law enforcement or other governmental department or agency.
We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. If you wish to access or amend any other Personal Data we hold about you, or to request that we delete any information about you that we hold, you may contact us as set out in the “How to Contact Us” section towards the end of this document.
Please note that while any changes you request will be reflected in active databases within a reasonable period of time, we may retain information for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some of the features and functionality of the Service.
At any time, you may object to the processing of your Personal Data on legitimate grounds, except if otherwise permitted by applicable law.
If you believe that Microdec has not complied with your data protection rights, you should in the first instance contact our Data Protection Officer at firstname.lastname@example.org. In the event you are not satisfied with the outcome of this process, you can complain to the Information Commissioner.
4.5.Opting-out from Commercial Communications
If you receive commercial emails from us, you may unsubscribe at any time by following the instructions contained within the email or by sending an email to the address provided in the “How to Contact Us” section.
Please be aware that if you opt-out of receiving commercial email from us or otherwise modify the nature or frequency of promotional communications you receive from us, it may take up to ten (10) business days for us to process your request. Additionally, even after you opt-out from receiving commercial marketing messages from us, you will continue to receive administrative messages from us regarding the Service.
Microdec has no direct relationship with a Client’s customers, candidates or third parties whose Personal Data it may process on behalf of a Client. An individual who seeks access, or who seeks to correct, amend, delete inaccurate data or withdraw consent for further contact should direct his or her query to the Client they deal with directly.
The Service may contain features or links to web sites and services provided by third parties. Any information you provide on third-party sites or services is provided directly to the operators of such services and is subject to those operators’ policies, if any, governing privacy and security, even if accessed through the Service. We are not responsible for the content or privacy and security practices and policies of third-party sites or services to which links or access are provided through the Service. We encourage you to learn about third parties’ privacy and security policies before providing them with information.
4.7.Minors and Children’s Privacy
Protecting the privacy of young children is especially important. Our Service is not directed to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If we learn that Personal Data has been collected on the Service about persons under 18 years of age and without verifiable parental consent, then we will take the appropriate steps to arrange for the removal of this information.
We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain appropriate administrative, technical and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. This includes, for example, firewalls, password protection and other access and authentication controls.
However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards. If you believe your Personal Data or Client Data has been compromised, please contact us as set forth in the “How to Contact Us” section.
If we learn of a security systems breach, we will inform the effected parties of the occurrence of the breach in accordance with applicable law.
We only retain Client Data and Personal Data for as long as we provide an active Service or otherwise for a limited period of time as long as we need it to fulfil the purposes for which we have initially collected it, unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
- billing information is retained for a period of seven (7) years as of their provision to Microdec in accordance with UK accounting and tax laws.
- information on legal transactions between Client and Microdec is retained for a period of ten (10) years in accordance with the general limitation period set under UK law.
For prospective clients whose data we have gathered for marketing purposes, we will retain your data for a maximum of four (4) years from collection or last meaningful contact.
The Service is hosted in the UK. If you choose to use the Service from other regions of the world with laws governing data collection and use that may differ from UK or EU law, then please note that you are transferring your Client Data and Personal Data outside of those regions to the UK for storage and processing. By providing any information, including Client Data and Personal Data, on or to the Service, you consent to such transfer, storage, and processing.
4.12.Data Controller and Data Processor
Microdec does not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. Microdec is largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide the Services to the Client and its Users.
The Client or the User is the data controller under GDPR for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.
Microdec is not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client or User nor is Microdec responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.
5.CHANGES AND UPDATES TO THIS POLICY
Please revisit this page/document periodically to stay aware of any changes to this Policy, which we may update from time to time. If we modify the Policy, we will make it available through our website and the Service, and indicate the date of the latest revision, and will comply with applicable law. Your continued use of the Service after the revised Policy has become effective indicates that you have read, understood and agreed to the current version of the Policy.
6.HOW TO CONTACT US
Unauthorised publication or distribution is prohibited.
All Right Reserved
Copyright Microdec © 2018