Otentico Limited takes personal data seriously. This notice explains how we look after your personal data and tells you about your privacy rights and how the law protects you.
Our clients using the Otentico platform are responsible for their own data. Otentico will not sell or use contact details clients use on our portal for anything other than the purposes required within the portal. Clients are responsible for ensuring they have suitable permissions to handle the data they upload to and save on our platform and handle all sensitive data with the suitable care.
Information we may collect from You
When you use our website or our products and services, we may collect and process the following data about you:
a) Information that you give us
You may give us information about you by corresponding with us by phone, email or otherwise. This includes information that you provide when you register to use our website, subscribe to our services, including setting up a client account, place an order with us, engage in online or mobile chat with us for the purpose of customer support and education or when you report a problem with our website, platform or services. The information you give us may include your name, organization, job title, address, email address, phone number, username, financial and credit card information (including billing address). We also ask for and collect personal data such as an email address and a name from any individual that you authorise to use our products and services such as your employees, representatives or affiliates.
Our products and services enable our clients to create and administer digital records of their own products and make certain information about these products available via mobile apps. We may host our clients’ data on our servers and collect some information about interactions with their products via mobile apps, our website or otherwise. Our clients may also use this data to carry out business analysis , produce reports and if you provided them with your private information contact you in the course of conducting their own businesses. As a result, if you are a client of us using our services:
in accordance with our Terms and Conditions of Service. We do not use the data or information ourselves or provide it to third parties, except in the limited circumstances described below.
If you are a customer of one of our clients, or a user of one of our mobile apps, our platform may collect and store anonymised information about your interaction with our client(s)’ products, and may carry out an analysis of this data to produce a report to our client. Please note that our client, with which product you interacted with, remines that data controller and responsible for this data and its management, as explained below in ‘How We Use the Information’.
b) Information that we collect about youWe use Google Analytics and its cookies on our website. When you visit our website, we may automatically collect anonymised information about your visit such as the webpages you viewed, length of visits to certain pages, and the times and dates of these visits. We may also collect data from the device and application that you use to access our website and mobile apps, including your browser type, IP address and internet service provider, from both of which we may infer your geographic location, and GPS location when you use our mobile apps and authorised our apps to access that information. If you arrive at our website from an external source (such as a link on another website or in an email) we may record that source (i.e. referral link).
We may also automatically collect information about the usage of our software, including the version of mobile app(s) you use and, if any, crash or error reports generated while using our mobile apps.
c) Information that we receive from other sources
We may receive information about you from our clients, third parties with whom we work, including our business partners, sub–contractors in technical, payment and delivery services, analytics providers, search information providers and our group companies.
How we use the information
We use the information held about you in the following ways:
We may use information collected about your use of our software or services to provide you with the benefits of any updated feature and improvements, or to ensure that you are using our platform in accordance with our Terms and Conditions of Service.
Legal basis for processing (EEA only):
where your data is processed by Otentico Limited or if you are an individual from the EEA, our legal basis for collecting and using your personal data when we act as data controller will depend on the personal data concerned and the specific context in which we collect it. However, we will normally collect personal data from you only:
If we ask you to provide personal data to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not.
If you have any questions about or require further information concerning the legal basis on which we collect and use your personal data, please contact us using the contact details above.
Use of client survey data – clients: we will use your data to hold, store and process it in accordance with your instructions, our service and Terms and Conditions of Service. We use the data purely to provide our service to you and will only use it for our own purposes if we are required to do so by law.
Disclosure or sharing of your information
We will not disclose your personal information in any circumstance except as described below:
In relation to data collected from interactions with our clients’ products, we will not provide any such data to anyone other than our relevant client (i.e. the data controller), or to the relevant law enforcement authority if required to do so by law.
Updating your information
If you wish to update, amend or request deletion of your personal information or data you may do so by making the change within your account once logged in, or by emailing us at email@example.com. We will respond to your request within 30 days.
Your rights as a data subject
On your request we will provide you with information about whether we hold any of your personal information, but if you are a customer or user of our client(s), please see below. To request this information please contact us at firstname.lastname@example.org. You may update, amend or request deletion of your information as described above.
If you are a customer of any of our clients, or a user of our mobile apps, and wish to access, correct, or delete any data about you stored or processed by us on behalf of one of our clients, or exercise the rights described below, you should contact the relevant client as data controller in the first instance. Where needed, we will provide assistance to our clients to deal with your request.
Where your data is processed by Otentico Limited or if you are from the EEA you may have the right to exercise additional rights available to you, including:
Right of Erasure: in certain circumstances you have the right to erasure of personal data held about you, although this may be qualified where e.g. it is necessary for that data to be retained for record keeping purposes or compliance with our obligations.
Right to Object: you have the right to opt-out, if you have opted-in in the first place.
Right of Restriction: you may have to right to request that we restrict the processing of your personal data (e.g. where you believe that the personal data we hold about you is inaccurate or unlawfully held).
Right to Data Portability: you may have the right to be provided with your personal data in a structured, machine readable and commonly used format and to request that we transfer the personal information provided by you to another data controller where and if appropriate.
If you would like to exercise such rights, please contact us at email@example.com. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
You also have the right to complain to a data protection authority about our collection and use of your personal data. For more information, please contact your local data protection authority. In the UK, this is the Information Commissioner’s Office (https://ico.org.uk).
We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
Our retention of data related to interactions with our clients’ products is governed by the Terms and Conditions of Service that our clients agree to. As data controllers, our clients are responsible for the management of their data and can download that data to their own systems or delete it at any time. Where needed, we will help our clients to deal with such tasks.
Cookies and other tracking technologies
Links to other websites
Our website may but not necessarily contain links to and from third party websites. The information practices and the content of such other websites are governed by their privacy policies. If you click on a link to those websites you will leave our website to go to the website that you selected. Please note that we cannot accept responsibility or liability for any use of your personal information by such third parties and cannot guarantee that they will adhere to the same privacy practices as us.
Social media features and widgets
Storage and security
All information that you provide to us is stored on secure servers. When you enter personal information within the customer login area of the site, we encrypt that information using secure socket layer technology (SSL). Where you use a password to access your account and certain areas of our website and services you are responsible for keeping this password confidential and must not share it with anyone.
No method of transmission over the internet, or method of electronic storage, is 100% secure, however. Therefore, while we will do our best to protect your personal information, we cannot guarantee its absolute security, and any transmission of data to our website or services is at your own risk.
Last Updated: 13 November 2018