DataSpike is a brand of Right & Data ltd which reserves the right to change, modify, add or remove portions of these policy at any time for any reason. Right & Data ltd. may review and update this policy from time to time to take account of new laws, technology, changes to our operations, and the changing business environment. We suggest that you review this policy periodically for changes. such changes shall be effective immediately upon posting.
Right & Data ltd is located at:
Agias Fylaxeos, 131
3083, Limassol, Cyprus
Right & Data ltd is committed to protecting the privacy of individuals whose information is collected including information contained in our databases, and to assisting in resolving any issues that may arise in relation to this information. This policy describes how Right & Data ltd handles personal information collected.
Right & Data ltd is dedicated to being transparent about what personal information we collect and how we use it.
We’ve written this policy to help you understand “what” personal information we collect,“how” we process it,“where” it is stored and how you can access or request deletion of your personal data.
We comply with the European Community’s Directive 95/46/EC and Directive 2002/58/EC, including, but not limited to, the DPA and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
As of 25th May 2018 this incorporates Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (“GDPR”).
How we collect and use personal information
What personal information do we collect?
The databases maintained by Right & Data ltd. contain personal information about individuals. Right & Data ltd. obtains personal information for its databases from Watchlists and from Clients regarding their Members. This information may typically include an individual’s names, date of birth, residential address, a client number allocated to the individual and gender. The information received from Watchlists may also include information about criminal records, personal relationships and other publicly available information. Right & Data ltd. seeks assurances from all its data sources that the information has been collected and is held in accordance with applicable privacy laws. Because of the nature of the Right & Data ltd. service it is not possible to collect this information directly from the individual.
Right & Data ltd. will not use this personal information for any purpose other than to assist its Clients to meet their obligations under their AML/CTF legislation. Right & Data ltd. maintains strict security over this personal information.
Right & Data ltd. also collects personal information from Clients permitted to use the Right & Data ltd. service when the Client registers with the service and a Client contact logs in for the first time. This information may include the Client contacts’ name and contact details. Where there are several users in a Client’s organisation those users’ names and contact details will also be collected and may be provided by another user in the Client organisation. If this information is not provided you cannot use the Right & Data ltd. service. This information is used only to track users of the Right & Data ltd. service.
If we hold your personal information through Watchlists or Clients, this is not controlled by us and you should refer to their respective privacy policies.
Right & Data ltd. databases are held and stored by Right & Data ltd. or a cloud services provider.
Our service is not intended for anyone under the age of sixteen, and we do not knowingly collect or solicit personal data pertaining to children. In the event we have collected and identified data for anybody under the age of sixteen without parental consent, we will proceed to delete this information as quickly as possible.
Right & Data ltd. do not collect or process special categories of personal data, as defined under GDPR.
How we use this personal information
We will use your personal information:
- To fulfil a contract, or take steps linked to a contract: in particular, in facilitating and processing transactions that take place on our website, such as where you register with the site or purchase name checks.
- Where this is necessary for purposes which are in Our, or third parties, legitimate interests. These interests include:
- operating the website;
- providing you with services described on the website;
- verifying your identity when you sign in to our website;
- responding to support tickets, and helping facilitate the resolution of any disputes;
- updating you with operational news and information about our website and services e.g. to notify you about changes to our services, website disruptions or security updates;
- carrying out technical analysis to determine how to improve the website and services we provide;
- monitoring activity on the website, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the website;
- managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the website or asking for your feedback;
- managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
- training Right & Data ltd. staff about how to best serve our user community;
- improving our products and services; and
- providing general administrative and performance functions and activities.
- Where you give us consent to provide you with marketing information about products and services which we feel may interest you
- For purposes which are required by law
- For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
With whom do we share information?
Right & Data ltd. will share personal information collected for our databases with its Clients and users of the Right & Data ltd. service or as required by law, and only for the above (or related) purposes. Right & Data ltd. may also disclose the information to its related entities for purposes associated with running the Right & Data ltd. service or other usual business activities.
Whenever we entrust your data with an outsourcing partner, we always carry out thorough due diligence and ongoing monitoring to ensure that appropriate privacy controls are in place and maintained at all times.
Personal information from Watchlists held in our databases may be disclosed to overseas recipients as part of the Right & Data ltd. service. The recipients could be located in any country and it is not practicable to specify those countries in this policy.
Retention and deletion of personal information
Personal information collected from Clients who use the Right & Data ltd. service is retained only for the duration of the Client's subscription and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we will make sure it is deleted or anonymised.
If you are a registered user of the Right & Data ltd. service you have various rights in relation to your personal information and we respect those rights. With regards to marketing emails, you can request us not to send you these at any time – just follow the 'update your preferences' or 'unsubscribe' from this list' options at the end of the email. You may still receive important account and service related information email notifications. We will use your personal information:
- request a copy of personal information we hold about you;
- update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
- object to our processing of your personal information; and
- be forgotten - delete your personal information subject to our legal rights and obligations to retain the same.
Deleting your Data (Right to Erasure)
Upon request, we will physically delete all Personal Data entered into your account. This can be instructed from the Account Settings section in your account.
Under the provisions of Article 17 of the GDPR Legislation, you also have the right to request that any Personal Data (Notwithstanding those exemptions listed under Article 17, Paragraph 3) be permanently deleted. Upon receipt of such a request, we will take all reasonable steps to ensure that this is completed in an expeditious manner.
Depending on your jurisdiction you will likely be obligated to retain all business accounting records for a set period of time. We advise you to execute a backup of your account before instructing any deletion of your Data. Once we have received a request to delete your data we will be unable to reverse this process.
Other Business Collections
What personal information do we collect?
We may collect personal information for our other business activities such as interactions with suppliers, responding to general business enquiries, recruitment activities or resolving complaints. This information is generally only contact information (name, address, email and telephone numbers) collected directly from you or someone you have permitted to provide the information to us. If the information is provided for recruitment purposes, we might collect more detailed information about you that is relevant for assessing your suitability for a position with us such as any personal information contained in your resume including your employment history. If you provide referee details you must have the referee’s consent to do so. Referee details will only be used for reference checking.
If you do not provide the information required, we may not be able to respond or interact with you or, in the case of recruitment, to consider your application.
Also, if you use our website we will record your contact details, which may include your name, email address, address and phone number if you send them to us in an email or complete an online contact or demo request form. We will use your personal information to deal with your specific enquiry. If you do not provide this information we may not be able to respond to your enquiry.
How we use this personal information?
We will only use the information provided for the purposes for which it was collected unless you have consented to us using, or would reasonably expect us to use, the information for a different purpose or as permitted by law.
Your contact details, including email address, may be added to our mailing list and your consent requested for us to use it for direct marketing purposes.
With whom do we share information?
Personal information collected for these other business activities will only be disclosed to our related entities and our and their personnel, our contractors, suppliers, service providers, business partners, recruiters, referees, or others as you would reasonably expect for the above (or related) purposes and only otherwise disclosed as required by law.
Retention and deletion of personal information
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it is deleted or anonymised.
You have various rights in relation to your personal information and we respect those rights. With regards to marketing emails, you can request us not to send you these at any time – just follow the 'update your preferences' or 'unsubscribe' from this list' options at the end of the marketing email.
You also have rights to:
- unsubscribe from any promotional materials that we may send from time to time, by way of email, SMS, post, phone or any other medium. You will also receive general notifications about account activity such as when an invoice is paid by your client or when a subscription is due for renewal. If you would also wish to cease receiving this type of correspondence we ask that you close your Right & Data ltd. account.
- Right to Erasure - You have the right to request that your Personal Data is deleted (notwithstanding those exemptions allowed under GDPR). You will be able to request removal of all applicable Personal Data and Financial Data from the section within your account.
- Right to Rectification - You have the right to request that any incorrect Personal Data we hold about you is corrected if that information is inaccurate or incomplete. If you are unable to make the necessary rectification from within your account please contact us.
- Right to Data Portability - You have the right to request a machine-readable export of all Personal Data we hold about you. This will be delivered as a ZIP file containing multiple CSV files.
- Right to Object - In certain circumstances, you may object to our processing of your personal data. If you wish to lodge an objection, then please contact us.
- Right to restrict processing - You can request that we restrict the processing of personal data we hold about you in certain circumstances. If you wish to lodge such a request, then please contact us.
If you communicate with us through a social networking service, the social network provider and its partners may collect and hold your personal information overseas. This is not controlled by us and you should review their privacy policies.
- your server address
- your top-level domain (for example .com, .gov, .net etc.)
- the pages you accessed and the documents downloaded
- the previous site you have visited
- the type of web browser you are using.
This information is however anonymous.
Right & Data ltd. will track the pages you visit via Google Analytics. This information is disclosed to Google Analytics when you visit our site and may be stored overseas in multiple countries.
Links to other websites
How do we store and secure information?
We take reasonable steps to protect all information which we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. However, as the transmission of data over the internet is not totally secure, we cannot guarantee the security of your data during transmission. All personal information held electronically is kept on secure servers and protected by firewall security systems. As noted above we may use a third party cloud service provider to store our information. We may also hold some personal information in hard copy. This may include client files, invoices and business cards. This information is subject to restricted access.
You own all of the Data you enter into Right & Data ltd. More specifically we recognise the owner of an account and the data contained therein as the individual or entity that controls access to the email supplied as part of your login credentials.
In cases where a dispute arises between personnel within your organisation or a third-party, we will play no role in arbitrating such disputes and will acknowledge the email owner as the account holder.
Should a dispute over account ownership arise, we ask that you resolve this by establishing control over the Right & Data ltd. login email address via your hosting company or IT service provider. When you have relinquished control over the login email address, you may then proceed to initiate a password reset to regain access to an account.
Accessing your Personal Information, Other Enquiries or Complaints
If you wish to access the personal information we hold about you or you think that your personal information is inaccurate and needs correction, please contact us. We will take reasonable steps to keep your personal information accurate, complete and up-to-date. If you have a complaint concerning your privacy please contact us in writing. Any complaint will be investigated by our Privacy Officer and responded to in a reasonable time.