Privacy and Data Protection Policy – Open Network Associates Ltd.
- We (Open Network Associates Ltd., hereafter ONA) do not and shall not in any circumstance sell or give your personal data to third parties, unless required to by a court order, judgement or processing is necessary for compliance with legal obligations, or required to in reference to the six legal conditions known as “Lawfulness of processing conditions”. The only circumstances under which we may authorise third parties to process or store your data on our behalf are outlined below.
- Unless expressly advised to the contrary, we nonetheless reserve the right to mention you in the context of recommending your professional services to third parties if we believe that your services may be of interest or value to them.
- Consent to be added to our newsletter mailing list may be presumed in the absence of express instructions to the contrary if you are an existing customer of ONA or if you have voluntarily given your business card to a representative of ONA or if you have instigated communication in the pursuance of a business relationship. This is in accordance with the General Data Protection Regulation (2016) consideration (47) (p. 27) and Article 6 part 1. (f) (p. 119). Our mailing list data are stored on a third-party server.
- Consent to be included on our newsletter mailing list may be revoked by any subject at any time by expressing to ONA a wish to be removed or unsubscribed from it either in writing or by electronic communication from a verifiable source.
- Consent for us to retain any electronic, postal, telephone-based and live communications made to ONA, and / or notes or other records of these, analogue or digital, in the legitimate interest of our ability to efficiently serve your needs as a customer whether in the present or in the future, will be presumed in the absence of express instructions to the contrary at or after the time that the communications occur.
- Consent for us to retain such communications or records thereof may be revoked by any subject at any time by asserting in writing to ONA the right to be forgotten. In such circumstances, we will make every effort to permanently destroy all such records within a period not exceeding sixty (60) working days. Where appropriate records must be kept for legal obligations for HMRC, VAT and other legal or general business requirements and can’t be revoked for such reasons.
- If in the course of carrying out our services to you as a client we require access to log-in credentials including user names and passwords in order to gain entry to restricted-access areas of websites and other digital media applications on which you have assigned us to work, we shall exercise due care to protect these credentials from all third parties as well as from people who do not require access to them.
- We reserve the right to share data, where that is necessary, with a trusted book-keeping service, payroll provider, accountant or other such appropriate business associations to facilitate our business proceedings.
- We reserve the right to outsource telephone answering duties to a trusted third-party call-minding service at such times that we are not contactable due to meetings, out-of-office hours or being on-site.
- We may on occasion outsource client work or client liaison duties to trusted individuals or companies not in our direct employment. These individuals / companies will have agreed to abide by our own privacy and data protection policy.
- Individuals with whom we have had contact have the right to request obtain confirmation as to whether or not personal data concerning them is being processed as well as access to a copy of the personal data that we hold about them. In such cases, they will be required first to prove their identity in order to protect the true individuals regarding whom such requests are made.
- Privacy by design is achieved by appropriate processes and regular annual training and refresher sessions for our staff to ensure that they are aware of the importance of keeping personal data private, whether the data belong to clients, business contacts, potential clients or anyone else. From April 30th 2018, all our directors as well as all our employees and any non-directly-employed parties represented in clause 10 above will be required to sign a non-disclosure agreement regarding client data to which they may have access in the course of carrying out their duties.
This page was last updated on 09th August, 2018. Updates to this policy may be posted here from time to time.
Return to our main Terms and Conditions page.