Effective 25th May 2018
The most important fact is that it’s your personal data. We have complete respect for your rights and we will only use it where necessary to deliver, protect and improve our services, to keep you up to date about developments in our products, and to fulfil any legal or regulatory obligations we may have.
We review this policy regularly and may update it from time to time. The latest version will always be available here.
The data controller for the purpose of this policy is Sipcentric Limited (t/a Nimvelo), Faraday Wharf, Holt Street, Birmingham, B7 4BB. Our company number is 7365592 and our registration number with the Information Commissioner’s Office is ZA234403.
If you want to contact us about any of the points on this policy, or just generally about how we protect your privacy, please email us at firstname.lastname@example.org.
If you’re someone who doesn’t have a direct relationship with us, but believe that a Nimvelo customer or partner has entered your personal data into our websites or services, you’ll need to contact that customer or partner regarding any questions you have about your personal data (including where you want to access, correct, amend, or request that your personal data be deleted). See “Information for End Users” below for more information.
We collect information from three types of individuals:
You are not required to provide any data to us. However, if you do not do so, you may not be able to make full use of our services.
The personal data we process depends on how you interact with Nimvelo, and your relationship with us (see above).
We do not use End User information for marketing purposes.
We use a number of different service providers (acting as “data processors”) to enable us to operate our business and the services we provide. For example, your personal data may be transferred to (and stored by) a third party data processor in order for us to:
We may also share your personal data with the following third parties in certain circumstances:
We will not sell or rent your information to third parties and we will never share your information with third parties for marketing purposes other than our own marketing activity.
Many of our data processors operate “cloud-based systems”, which means the information is held in information data centres in different locations. Some of the cloud-based systems we use reserve the right to hold copies of your personal information outside the EEA.
In each case we and/or our processors use one or more of the following means that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of abuse:
Please contact us at email@example.com if you want further information on the specific mechanisms used by our data processors when transferring your personal data out of the EEA.
The personal data we hold about you is your data, so you have certain rights over them. This section summarises your rights. You can exercise any or all these rights when you choose, and the easiest way is by dropping us an email at firstname.lastname@example.org.
Where we are processing your data based on your consent (e.g. for marketing purposes) you can withdraw that consent and we must immediately stop processing your data. Please note that up to that point, we’re acting lawfully with your consent, withdrawal of consent cannot be backdated.
You have the right to request a copy of all personal data we hold relating to you and we must provide this within 30 days. You also have the right to require us to correct any records that are wrong.
You have the right to require us to erase personal data and we must comply unless we need it for one of the purposes described above. We also retain the right to keep data that is needed to establish, exercise or defend a legal claim.
Where we process your data based on a “legitimate interest” you still have the right to object to our processing of that data. From that point, we must stop processing your data until we have determined whether your rights override our interests.
Finally, you may have the right to have your personal data transferred to another organisation, and we’re obliged to provide it to you in a clear and reasonable format.
At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO at https://ico.org.uk/concerns/ or by calling them on 0303 123 1113.
Of course, we hope that we can resolve your issue quickly and fairly – you can contact us at email@example.com.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Where our services are used by companies or organisations, the company or organisation (“the administrator”) is responsible for your use of the services and any questions with regard to your own data privacy should be addressed to that administrator, which will have its own data security and privacy policies. We have no control over any decision by any such administrator to, for example, access your account, change the nature of your account access (including termination, suspension or restriction) and/or amend your information (such as your profile or e-mail address).
For the purposes of this section, an administrator may mean a company or organisation who provides you with your email address and owns the associated domain (such as an employer) who asserts control over your account or (in which case you will be advised) at some later date.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it – for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements.
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s securely deleted or anonymised.
We are committed to ensuring that your information is secure. In order to prevent unauthorised
access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
All of our methods meet the GDPR compliance requirement.
A cookie is a small piece of text that our web server stores on your computer or mobile device, which your browser sends to us when you return to our site. Cookies do not necessarily identify you if you are merely visiting our website; however, a cookie may store a unique identifier for each logged-in user. Some of the cookies we set are essential for the operation of our website, or are used for performance or functionality. By using our website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept cookies, you may not be able to log in or use our services.
Where we have your consent – which we will ask for on your first visit – we use Google Analytics as a third party tracking service, but we don’t use it to track you individually or collect personal information. We use Google Analytics to collect information about how our website performs and how our users, in general, navigate through and use our services. This helps us to compile statistical reports on activity; and improve our content and website performance.
Google Analytics gathers certain simple, non-personally identifying information over time, such as your browser type, which site you were referred by, entry and exit pages, timestamp, and similar data about your use of our site. We do not link this information to any of your personal information such as your username.
Certain pages on our site may set other third-party cookies. For example, we may embed content, such as videos, from another site that sets a cookie. While we try to minimise these third party cookies, we can’t always control what cookies this third-party content sets.
We process some personal data on the basis of consent. We obtain this consent by opt-in means only at the time of creating your account, subscribing to one or more of our mailing lists, or by specific request.
You may withdraw this consent at any time.
If you have any questions, concerns or just want some more information about our privacy management, drop us a line at firstname.lastname@example.org.
Easy, flexible communication
© 2010 - 2019 Sipcentric Ltd. Company registered in England & Wales no. 7365592.
The Nimvelo name, logo and icon are registered trademarks. All rights reserved.