We may change this policy from time to time, so please check this page occasionally to ensure that you’re happy with any changes. By using our website, you are agreeing to be bound by this policy.
Any questions regarding this policy and privacy practices should be sent by email to email@example.com
How do we collect information from you?
We obtain information about you when you use our website, for example, when you contact us about products and services, download content from our knowledge base, access our newsletter, register for an event, use live chat, complete a web form or apply for a job.
We also obtain information from third-party data vendors – these organizations have provided Cintra assurances and policy statements that they have obtained all the necessary privileges to re-sell your personal information to us under legislation such as the European Union (EU) General Data Protection Regulation (GDPR) and/or other jurisdictions.
From a historical context, Cintra also holds data that pre-dates EU GDPR. Under GDPR and the Privacy and Electronics Regulation, Cintra’s lawful basis for processing this data is ‘legitimate interests’ – the processing of personal data for direct marketing purposes may be regarded as being carried out for a legitimate interest.
Cintra has applied a three-part test and can demonstrate it has fully considered and protected individuals’ rights and interests. The three-part test covers:
- Why we hold personal data, what we’re trying to achieve and who benefits;
- Necessity: Does processing the data we hold further that interest and is it reasonable? and;
- Balance: What is the nature of our relationship with the individual, would they expect data to be used in this way, is Cintra happy to explain to them its position, are people likely to object or find it intrusive, what is the possible impact on the individual and can we offer an opt-out?
What type of information is collected from you?
The personal information we collect might include your name, business address, email address, IP address, phone number and information regarding what webpages are being accessed and when.
We do not collect payment information, such as credit or debit cards details.
How is your information used?
We may use your information to:
- Process orders you may have submitted;
- Carry out our obligations arising from any contracts entered by you or us;
- Deal with any enquiries from Live Chat or any completed online webform;
- Seek your views or comments on the services we provide – via email or telephone;
- Notify you of changes to our services;
- Send you communications that you have opted into receiving and that may be of interest to you. These may include information relating to events, products and services, news articles, videos and other campaign material;
- Process a job application.
We review our retention periods for personal information on a regular basis. On occasions we are legally required to hold some types of information to fulfill our statutory obligations. We will hold your personal information on our systems for as long as necessary for the relevant activity, or if set out in any relevant contract you hold with us.
Who has access to your information?
We will not sell or resell your information to third parties. We do not share your information with third parties for marketing purposes.
You have a choice about whether you wish to receive information from us. If you do not want to receive direct marketing communications from us about the products and services we provide, you can make your choices by leaving unticked the relevant boxes on the form where which we collect your information.
We will not contact you for marketing purposes by email, phone, post or text unless you have given you prior consent (except for where we rely on legitimate interests – used for historical data only).
You can change your marketing preferences at any time by contacting us by email: firstname.lastname@example.org
How you can access and update your information
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. If any of the information we hold on you is inaccurate or out of date, please email us at email@example.com
EU and UK citizens, under GDPR, have the right to ask for a copy of the information that Cintra holds about you. This is free to EU and UK residents and will be supplied to an appropriate email address within 30 days of receiving a request. To request a copy of the data Cintra holds, please contact firstname.lastname@example.org
Similar requests for non-EU and non-UK citizens will be charged US$250, payable in advance. This charge is to cover the administration cost. To request a copy of the data Cintra holds and for details on how to pay, please contact email@example.com
Right to be forgotten
Under EU GDPR, citizens of the EU and UK have the right to be forgotten. Once a request is made to Cintra, Cintra has an obligation to erase all personal data concerning the individual without undue delay – normally within, but not exceeding, 30 working days of receipt of the request.
Requests to have personal data removed must be made in writing and sent to firstname.lastname@example.org. Once a request is made, Cintra will seek express permission to retain your email address, only to ensure third-party vendors don’t inadvertently re-populate your personal data into our systems. Retaining an email address enables us to ensure you won’t be contacted or receive Cintra marketing or sales calls.
Security precaution in place to protect the loss, misuse or alteration of your information
When you give us personal information, we take steps to ensure that is it treated securely – please note that Cintra does not take payments online (so we do not collect credit card or debit card details).
Non-sensitive details (your email address etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, whilst we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk.
Once we receive your information, we make our best efforts to ensure its security on our systems.
We may analyze your personal information to create a profile of your interest and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively.
Use of ‘cookies’
Whilst cookies do not identity you as an individual, when linked to a third-party system, such as a marketing automation tool, they can in some instances identify you as an individual. Using such tools allows us to profile an individual’s behavior patterns, present dynamic web content and to send them tailored and relevant emails.
It is possible to switch off cookies by setting your browser preferences. Turning off cookies may result in a loss of functionality when using our website and others.
Links to other websites
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
Transferring your information outside of the EU and UK
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside of the EU and UK. By way of example, this may happen if any of our servers are, from time to time, located in a country outside of the EU. These countries may not have similar data protection laws to the EU and UK. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EU and UK in this way, we will take steps to ensure that appropriate security measures are taken, with the aim of ensuring that your privacy rights continue to be protected as outlined in this Policy.
When we transfer data between the EU/UK and the USA we apply the Privacy Shield Framework – a recognized mechanism for complying data protection requirements.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated in May 2018.