The Getech Group Privacy Policy & GDPR

The following Privacy Policy describes how the Getech Group of companies (referred to as “Getech” or “the Getech Group”) handles the personal information of our customers, prospects and visitors to our websites. Companies within the Getech Group include: Getech Group Plc, Getech Inc, Exprodat Ltd and ERCL Ltd.

The GDPR

The General Data Protection Regulation (GDPR) is a European Union (EU) privacy law that regulates how we at Getech will store, process and use the personal information of people located in the EU. Personal data is defined as any piece of data that, used alone or with other data, could identify a person.

Collecting Anonymous Data

We collect data from our website to help us understand how many people access it, how it is used and whether there have been any technical problems. This doesn’t contain any personal information and we cannot link this data to individual visitors. All the information we collect in this way is deleted periodically. The data we collect may include:

  • the visiting IP address or proxy server IP address;
  • domain name requested;
  • the internet service provider’s name is sometimes captured depending on the configuration of your ISP connection;
  • visit date and time;
  • length of session;
  • pages accessed;
  • access visits within any month;
  • referral website; and
  • visiting computer operating system.

Cookies

Cookies are files which can be stored on your computer when you visit a website. These files contain information about the web pages you look at so that the next time you visit the site it can be customised to meet your needs – for more information, please visit: www.allaboutcookies.org

You can reject cookies by changing your browser settings but be aware that this may disable some or all of the functionality on our web site.

Collecting Personal Data

We collect personal information only when you specifically and knowingly give it to us, for example by filling out an online form, giving our staff your business card, connecting to us through a company account on social media or by sending us an email. We record the date and time when you give us this information and keep track of where we send it.

We will use the personal information you give us for the reasons stated when you provided it. We will only use it for other reasons where legally we must or where this is allowed by law.

Data Protection Principles

We will collect, process and use personal data according to six data protection principles:

  • that we have processed the data lawfully, fairly and transparently;
  • that we collected the data only for specific legitimate purposes;
  • that the data is adequate, relevant and limited to what is necessary;
  • that the data is accurate and that we take reasonable action to keep it up to date;
  • that the data is stored only for as long as is necessary; and
  • that we ensure appropriate security, integrity and confidentiality for the data when it is stored and transferred.

Consent to Use Your Personal Data

If you are an EU citizen, we need to have your consent to process your personal data. For it to be verifiable consent, we require a written record of when and how you agreed to let us process your personal data. The consent that you provide to us must be unambiguous and involve a clear affirmative action.

Your Data, Your Rights

Again, if you are an EU citizen, under the GDPR, you have the right to ask us for details about the way Getech uses your personal data and you can ask us to do certain things with that data. These include:

  • correct your personal data;
  • prohibit the use of your personal data for certain tasks;
  • remove your personal data from our records completely; or
  • ask how your personal data is being use.

Where we Use your Data

When you give us consent to use and store your data we will use that information to:

  • manage contracts between our and your company;
  • provide you with marketing information about Getech Group products and services (you can ‘opt-out’ of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself); and
  • respond to requests by government, a court of law or enforcement authority in the pursuit of their investigations.

Keeping Your Personal Information

We retain your personal information for as long as is necessary to provide the services to you and others, and to comply with our legal obligations. If you no longer want us to use your personal information you can request that we erase your personal information. Please note that if you request the erasure of your personal information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the terms of service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.

Accessing your Data

To make an access or correction request, contact our Privacy Data Officer in writing to Getech Plc, Kitson House, Elmete Hall, Leeds, LS8 2LJ.  By telephone on +44 (0)133 322 2200 or using the email address privacydataofficer@getech.com

Updating this policy

We will periodically need to change this policy to comply with the latest legal requirements and any changes to our privacy management practices. When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on the Getech website.

General

For the purposes of applicable EU data protection law (including the General Data Protection Regulation 2016/679 (the “GDPR”), we are a ‘data controller’ of your personal information.

If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority of the country: (i) of your habitual residence; (ii) of your place of work; or (iii) in which you consider the alleged infringement has occurred. In the UK, this is the Information Commissioner’s Office

Both personal information and personal data have the same meaning in the context of this Privacy Policy.