Privacy Policy

PRIVACY POLICY

We are committed to protecting your personal information and being transparent about the data we hold about you ("personal data"). This privacy policy applies to visitors and users of our website including https://www.jrni.com ("sites") and related services as well as to any personal data you provide by phone, SMS, email, in letters, other correspondence and in person.

Please read this privacy policy carefully to learn how we collect, use, share and otherwise process your personal data and to learn about your rights and choices in relation to it.

A reference to ‘JRNI’, ‘we’ or ‘us’ is a reference to JRNI Limited or the relevant JRNI group company involved in the processing activity. Details of our group companies can be found here.

1. WHO IS RESPONSIBLE FOR YOUR INFORMATION?

1.1 JRNI is the controller of your personal data for the activities described in this privacy policy.

1.2 Please be aware that this privacy policy does not apply to the extent that we process personal data in the role of a processor on behalf of our customers (and/or their affiliates) who act as controller. This includes where we offer our booking platform and related services to our customers (and/or their affiliates) through which they can interact with their own customers, staff, users and other individuals including by (i) enabling them to schedule and manage appointments, events or bookings (ii) sending them electronic communications (iii) selling or offering their own products and services or (iv) otherwise collecting, using sharing or processing personal data via JRNI’s products and services. We are not responsible for the privacy or data security practices of our customers. Where our customer (or their affiliate) is controller as described above, please contact the customer directly for information about how they use and process your personal data.

2. WHAT INFORMATION DO WE COLLECT AND HOW?

2.1 We may collect, store and use the following kinds of personal data:

  • Identity Data: name, job title, company name, other identifier;
  • Contact Data: email address, telephone number, other contact information;
  • Technical Data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access the sites;
  • Profile Data: your interests, preferences, feedback and survey responses;
  • Usage Data: information about how you use our sites or services;
  • Marketing and Communications Data: your preferences in receiving marketing from us and if applicable our third parties and your communication preferences; and
  • Other: any other information you choose to send or otherwise make available to us.
  • Interact with the sites or emails including when you use our “speak to an expert”, website chat or similar contact function on our sites;
  • request a demo or additional information about our services;
  • access and download certain content from our sites (e.g. blogs);
  • subscribe to our newsletter and other marketing communications;
  • sign up for / attend an event or webinar.
  • enter a competition or promotion or fill out a survey;
  • visit our offices and register as a visitor;
  • give us feedback, report a problem with our sites or services or otherwise contact us by email, phone, in person or by any other means.
  • to operate and administer our sites and to provide you with the content you access and request (e.g. to download content from the sites)
  • to provide you with services you may have requested from us and/or to enter into or perform a contract with you or your business;
  • to deal with your enquiries and provide you with information about us and to demonstrate our services;
  • to promote the security of our sites and services by tracking use of our sites and services, creating aggregated, non-personal data, investigating suspicious activity and enforcing our terms of use and policies to the extent necessary for our legitimate interest in promoting the safety and security of our sites and services, systems and applications and in protecting our rights and the rights of others;
  • to develop and improve our sites and services, for example to analyse trends and track your usage and interactions with our sites and services to the extent necessary for our legitimate interest in developing and improving our sites and services and providing our users with more relevant content and service offerings, or, if applicable, where we seek your valid consent;
  • to ask you to leave a review, carry out a survey and for us to conduct market research and advertise our sites and services;
  • to assess new potential customer opportunities to the extent it is in our legitimate interest to ensure that we are meeting the demands of our customers and their users’ experiences;
  • to register office visitors and manage non-disclosure agreements that visitors may be required to sign, to the extent that such processing is necessary for our legitimate interest in protecting against unauthorized access;
  • to send you marketing communications containing marketing information and product recommendations (for example marketing newsletters, telemarketing calls, SMS) about us and our partners including information about our products, promotions or events as necessary for our legitimate interest in conducting direct marketing or to the extent that you have provided your prior consent (see section 4 Marketing below);
  • to send you email notifications you have specifically requested;
  • to monitor or record your communications with us (including emails, telephone calls, online live chat) to assist us with the development of our sites and services; to train our staff; and if requested, by order of a court, regulatory body or law enforcement organization;
  • to deal with any complaints lodged by you;
  • to notify you about changes to our privacy policy;
  • to comply with our legal obligations, for example when we are required to cooperate with public and government authorities, courts or regulators under applicable laws to the extent that this requires the disclosure of personal data; and
  • to protect our rights as necessary for our legitimate interest in the protection against misuse of our sites and services, personal property or safety and to pursue remedies available to us / limit our damages.
  • Contract: To enter into a contract with you and fulfil our contractual obligations to you (e.g. to provide you with services which you have subscribed for)
  • Consent: Where you have consented to our use of your personal data, for example where you opt-in to receive relevant marketing communications from us.
  • Legal Obligation: Where processing is necessary to comply with legal or statutory requirements on us. This may include cooperating with law enforcement in relation to their investigations.
  • Legitimate interest: Where processing is necessary for our legitimate interests (or those of a third party) provided that these do not conflict with your interests or fundamental rights.
  • with any of our Group Companies from time to time for the purposes and pursuant to the lawful bases described above. You can see a list of our current Group Companies here;
  • with our contracted third-party service providers for services such as IT, systems administration and hosting, research and analytics, CRM, marketing and customer support for the purposes and pursuant to the legal bases described above;
  • with our professional advisors, acting as processors or joint controllers such as our lawyers, bankers, auditors, insurers based in the countries in which we operate;
  • to the extent that we are required to do so by law, or in connection with any legal or criminal or law enforcement proceedings;
  • to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing credit risk); and
  • in the event that we sell or buy any business or assets, to the prospective buyer or seller of such business and assets and their advisers. If our business is sold your details may be passed on to the new owner of the business.
  • Right of access – you have the right to request a copy of the information that we hold about you. In the event that we refuse your request under rights of access, we will provide you with a reason as to why;
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete;
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records;
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing;
  • Right of portability – in certain circumstances you have the right to have the data we hold about you transferred to another organization;
  • Right to object – you have the right to object to certain types of processing such as direct marketing, automated processing or profiling; and
  • Right to complain to the supervisory authority – you have the right to complain as outlined in section 14 below.

2.2 We use different methods to collect personal data from and about you as follows:

Direct Interactions: We may collect your personal data directly from you when you:

Automated Technologies or interactions: As you interact with our sites and services, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this data by using cookies and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our Cookie Policy for further details.

Third parties or publicly available sources: We may receive personal data about you from various third parties for example: Technical Data from search information providers, advertising networks and analytics providers such as Google.

2.3 We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offenses.

3. HOW DO WE USE YOUR PERSONAL DATA?

3.1 We may collect and use your personal data for the purposes identified below:

4. MARKETING

4.1 We may use your personal data to form a view on what products, services and offers may be of interest to you ("marketing").

4.2 You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.

4.3 We will always obtain your express opt-in consent before we share your personal data with any third party for marketing purposes.

4.4 You can ask us or, if applicable, our third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you at any time.

5. LAWFUL BASIS FOR USING YOUR PERSONAL DATA

5.1 We process your personal data based on the lawful bases set out below or as more specifically outlined at section 3 above. We may process information you provide based on more than one lawful basis depending on the specific purpose for which we are using it.

6. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

6.1 JRNI does not sell, rent or lease your personal data and will only share your personal data with a third-party as set out in this privacy policy.

6.2 We may share your personal data as follows:

6.3 We may also share anonymous usage data with our service providers for the purpose of analysis and improvements to our sites, services and marketing, however, this will not identify you personally. We may also share such anonymous usage data on an aggregate basis in the normal course of operating our business.

7. STORING AND TRANSFERRING YOUR DATA

7.1 Your personal data may be collected by our Group Companies (as disclosed in section 6) in the United Kingdom, Australia or in the United States according to the location where you are based and may be transferred to and stored by another Group Company as well as the third parties disclosed in section 6 in locations which may be outside of your jurisdiction, for the purposes and pursuant to the lawful bases set out in this policy.

7.2 Your personal data may therefore be processed outside of your jurisdiction and in countries that are not subject to an adequacy decision by the European Commission or, as the case may be, your local regulator/competent body and that may not provide the same level of data protection as your jurisdiction, for example in the EEA. As such, we put in place adequate measures to ensure that any transfer of personal data outside of your jurisdiction is protected according to the applicable data protection laws including, as required, to ensure that a similar degree of protection is afforded to the transferred data by the recipient. Such safeguarding measures may include putting in place back-to-back agreements and, if required, standard contractual clauses as approved by the European Commission (Art 46 GDPR) or such similar model clauses as may be adopted from time to time.

7.3 Please contact us as set out in section 14 below if you would like further information on the specific mechanisms used by us when transferring your personal data outside of your jurisdiction.

8. SECURITY OF YOUR PERSONAL DATA

8.1 Data transmission over the Internet is inherently insecure and we cannot guarantee the security of data sent over the Internet.

8.2 We have put in place appropriate security measures to prevent your personal data from being accidentally lost, interfered with, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instruction and they are subject to a duty of confidentiality.

8.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

8.4 You are responsible for keeping your password and user details confidential. We will not ask you for your password.

9. RETENTION PERIOD

9.1 We will process personal data for as long as necessary to fulfil the purpose we collected it for, including the purpose of legal, accounting and reporting requirements, and for as long as necessary for the prevention and detection of criminal activity. The period for which we process and store the personal data varies depending on the use you make of the sites and services we offer. Where you or your business subscribes for a service we will retain your personal data for as long as necessary to continue to provide you with the service and for a further period thereafter to enable us to satisfy our legal, accounting and reporting requirements.

9.2 In some circumstances you can ask us to delete your data: see Right to be forgotten below for further information.

9.3 In some circumstances we may anonymize your personal data (so that it can no longer identify or be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice.

10. YOUR RIGHTS

10.1 At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

10.2 You can exercise your rights above by emailing infosec@jrni.com or as set out at section 14 below. All requests will be forwarded on should there be a third party involved in the processing of your personal data as specified in section 6. We may not discriminate against you for exercising any of your rights listed above.

11. UPDATING INFORMATION

11.1 Please let us know if the personal data that we hold about you needs to be corrected or updated (using the contact details at section 14 below).

12. POLICY AMENDMENTS

12.1 We may update this privacy policy from time to time by posting a new version on our sites. You should check this page occasionally to ensure you are happy with any changes.

12.2 We may also notify you of changes to our privacy policy by email.

13. THIRD PARTY WEBSITES

13.1 The sites may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

14. CONTACT AND COMPLAINTS

14.1 If you wish to lodge a complaint or raise an issue about this privacy policy or how your personal data is being processed by JRNI, in the first instance, please contact us using the details below:

email: infosec@jrni.com

phone: if you are based in UK, Australia or anywhere outside of the United States: 020 7101 9303.

phone: if you are based in the United States: 857.305.6509.

14.2 We are committed to working with you to resolve any issue or complaint you may have. However, if you believe that we have not been able to assist you, you have the right to complain to your local supervisory body or regulator:

If you are located in the EEA, you can find further information about lodging a complaint with your local supervisory authority here: https://edps.europa.eu/node/75_en; and

If you are located in Australia, you can visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints to obtain the relevant complaint forms, or contact the Australian Information Commissioner’s office.

Updated September 15, 2020