A reference to ‘JRNI’, ‘we’ or ‘us’ is a reference to JRNI Limited or the relevant JRNI group company involved in the processing activity. Details of our group companies can be found here.
1. WHO IS RESPONSIBLE FOR YOUR INFORMATION?
2. WHAT INFORMATION DO WE COLLECT AND HOW?
2.1 We may collect, store and use the following kinds of personal data:
- Identity Data: name, job title, company name, other identifier;
- Contact Data: email address, telephone number, other contact information;
- Technical Data: internet protocol (IP) address, your login data, browser type and version, timezone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the sites;
- Profile Data: your interests, preferences, feedback and survey responses;
- Usage Data: information about how you use our sites or services;
- Marketing and Communications Data: your preferences in receiving marketing from us and if applicable our third parties and your communication preferences; and
- Other: any other information you choose to send or otherwise make available to us.
2.2 We use different methods to collect personal data from and about you as follows:
Direct Interactions: We may collect your personal data directly from you when you:
- Interact with the sites or emails including when you use our “speak to an expert”, website chat or similar contact function on our sites;
- request a demo or additional information about our services;
- access and download certain content from our sites (e.g. blogs);
- subscribe to our newsletter and other marketing communications;
- sign up for / attend an event or webinar.
- enter a competition or promotion or fill out a survey;
- visit our offices andregister as a visitor;
- give us feedback, report a problem with our sites or services or otherwise contact us by email, phone, in person or by any other means.
Third parties or publicly available sources: We may receive personal data about you from various third parties for example: Technical Data from search information providers, advertising networks and analytics providers such as Google.
2.3 We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.
3. HOW DO WE USE YOUR PERSONAL DATA?
3.1 We may collect and use your personal data for the purposes identified below:
- to operate and administer our sites and to provide you with the content you access and request (e.g. to download content from the sites)
- to provide you with services you may have requested from us and/or to enter into or perform a contract with you or your business;
- to deal with your enquiries and provide you with information about us and to demonstrate our services;
- to develop and improve our sites and services, for example to analyze trends and track your usage and interactions with our sites and services to the extent necessary for our legitimate interest in developing and improving our sites and services and providing our users with more relevant content and service offerings, or, if applicable, where we seek your valid consent;
- to ask you to leave a review, carry out a survey and for us to conduct market research and advertise our sites and services;
- to assess new potential customer opportunities to the extent it is in our legitimate interest to ensure that we are meeting the demands of our customers and their users’ experiences;
- to register office visitors and manage non-disclosure agreements that visitors may be required to sign, to the extent that such processing is necessary for our legitimate interest in protecting against unauthorized access;
- to send you marketing communications containing marketing information and product recommendations (for example marketing newsletters, telemarketing calls, SMS) about us and our partners including information about our products, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent that you have provided your prior consent (see section 4 Marketing below);
- to send you email notifications you have specifically requested;
- to monitor or record your communications with us (including emails, telephone calls, online live chat) to assist us with the development of our sites and services; to train our staff; and if so requested by order of a court, regulatory body or law enforcement organization;
- to deal with any complaints lodged by you;
- to comply with our legal obligations, for example when we are required to cooperate with public and government authorities, courts or regulators under applicable laws to the extent that this requires the disclosure of personal data; and
- to protect our rights as necessary for our legitimate interest in the protection against misuse of our sites and services, personal property or safety and to pursue remedies available to us / limit our damages.
4.1 We may use your personal data to form a view on what products, services and offers may be of interest to you ("marketing").
4.2 You will receive marketing communications from us if you have requested information from us or purchased servicesfrom us and you have not opted out of receiving that marketing.
4.3 We will always obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.
4.4 You can ask us or, if applicable, our third parties to stop sending you marketing messages at any time by followingthe opt-out links on any marketing message sent to you at any time.
5. LAWFUL BASIS FOR USING YOUR PERSONAL DATA
5.1 We process your personal data based on the lawful bases set out below or as more specifically outlined at section 3 above. We may process information you provide based on more than one lawful basis depending on the specific purpose for which we are using it.
- Contract: To enter into a contract with you and fulfill our contractual obligations to you (e.g. to provide you with services which you have subscribed for)
- Consent: Where you have consented to our use of your personal data, for example where you opt-in to receive relevant marketing communications from us.
- Legal Obligation: Where processing is necessary to comply with legal or statutory requirements on us. This may include cooperating with law enforcement in relation to their investigations.
- Legitimate interest: Where processing is necessary for our legitimate interests (or those of a third party) provided that these do not conflict with your interests or fundamental rights.
6. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
6.2 We may share your personal data as follows:
- with any of our Group Companies from time to time for the purposes and pursuant to the lawful bases described above. You can see a list of our current Group Companies here;
- with our contracted third party service providers for services such as IT, systems administration and hosting, research and analytics, CRM, marketing and customer support for the purposes and pursuant to the legal bases described above;
- with our professional advisors, acting as processors or joint controllers such as our lawyers, bankers, auditors, insurers based in the countries in which we operate;
- to the extent that we are required to do so by law, or in connection with any legal or criminal or law enforcement proceedings;
- to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing credit risk); and
- in the event that we sell or buy any business or assets, to the prospective buyer or seller of such business and assets and their advisers. If our business is sold your details may be passed on to the new owner of the business.
6.3 We may also share anonymous usage data with our service providers for the purpose of analysis and improvements to our sites, services and marketing, however, this will not identify you personally. We may also share such anonymous usage data on an aggregate basis in the normal course of operating our business.
7. STORING AND TRANSFERRING YOUR DATA
7.1 Your personal data may be collected by our Group Companies (as disclosed in section 6) in the United Kingdom, Australia or in the United States according to the location where you are based and may be transferred to and stored by another Group Company as well as the third parties disclosed in section 6 in locations which may be outside of your jurisdiction, for the purposes and pursuant to the lawful bases set out in this policy.
7.2 Your personal data may therefore be processed outside of your jurisdiction and in countries that are not subject to an adequacy decision by the European Commission or, as the case may be, your local regulator/competent body and that may not provide the same level of data protection as your jurisdiction, for example in the EEA. As such, we put in place adequate measures to ensure that any transfer of personal data outside of your jurisdiction is protected according to the applicable data protection laws including, as required, to ensure that a similar degree of protection is afforded to the transferred data by the recipient. Such safeguarding measures may include:
- putting in place back-to-back agreements and, if required, standard contractual clauses as approved by the European Commission (Art 46 GDPR) or such similar model clauses as may be adopted from time to time; and
- where we use third party service providers based in the United States, we may transfer data to them if they are certified with the US Privacy Shield scheme which requires the US recipient to provide similar protection to personal data shared between Europe and the US or similar or replacement scheme from time to time.
7.3 Please contact us as set out in section 14 below if you would like further information on the specific mechanisms used by us when transferring your personal data outside of your jurisdiction.
8. SECURITY OF YOUR PERSONAL DATA
8.1 Data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.
8.2 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, interfered with, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instruction and they are subject to a duty of confidentiality.
8.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8.4 You are responsible for keeping your password and user details confidential. We will not ask you for your password.
9. RETENTION PERIOD
9.1 We will process personal data for as long as necessary to fulfill the purpose we collected it for, including the purpose of legal, accounting and reporting requirements, and for as long as necessary for the prevention and detection of criminal activity. The period for which we process and store the personal data varies depending on the use you make of the sites and services we offer. Where you or your business subscribes for a service we will retain your personal data for as long as necessary to continue to provide you with the service and for a further period thereafter to enable us to satisfy our legal, accounting and reporting requirements.
9.2 In some circumstances you can ask us to delete your data: see Right to be forgotten below for further information.
9.3 In some circumstances we may anonymize your personal data (so that it can no longer identify or be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice.
10. YOUR RIGHTS
10.1 At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you. In the event that we refuse your request under rights of access, we will provide you with a reason as to why;
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete;
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records;
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing;
- Right of portability – in certain circumstances you have the right to have the data we hold about you transferred to another organization;
- Right to object – you have the right to object to certain types of processing such as direct marketing, automated processing or profiling; and
- Right to complain to the supervisory authority – you have the right to complain as outlined in section 14 below.
10.2 You can exercise your rights above by emailing firstname.lastname@example.org or as set out at section 14 below. All requests will be forwarded on should there be a third party involved in the processing of your personal data as specified in section 6. We may not discriminate against you for exercising any of your rights listed above.
11. UPDATING INFORMATION
11.1 Please let us know if the personal data that we hold about you needs to be corrected or updated (using the contact details at section 14 below).
12. POLICY AMENDMENTS
13. THIRD PARTY WEBSITES
14. CONTACT AND COMPLAINTS
phone: if you are based in UK, Australia or anywhere outside of the United States: 020 7101 9303.
phone: if you are based in the United States: 857.305.6509.
14.2 We are committed to working with you to resolve any issue or complaint you may have. However, if you believe that we have not been able to assist you, you have the right to complain to your local supervisory body or regulator:
If you are located in the EEA, you can find further information about lodging a complaint with your local supervisory authority here: https://edps.europa.eu/node/75_en; and
If you are located in Australia, you can visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints to obtain the relevant complaint forms, or contact the Australian Information Commissioner’s office.
Updated February 20, 2020