BPMS PRIVACY STATEMENT
Your privacy is important to Business Process Management Solutions Limited (BPMS). So, we’ve developed a Privacy Statement that covers how we collect, use, disclose, transfer, and store your information. Please take a moment to familiarise yourself with our privacy practices and let us know if you have any questions.
BPMS rely on a different legal basis for collecting and using personal data in different situations. In most cases, the legal basis for processing personal information will be: (i) is necessary for our legitimate interests in carrying out our business, including to grow and improve our Services, provided those interests are not outweighed by your rights and interests, (ii) is necessary to perform a contract with you, or (iii) we have a legal obligation to carry out the processing. Where processing is based on your consent, we will identify the processing purposes and provide you with relevant information to make the processing fair and transparent. The reason we collect personal data and how it is used is included in this Privacy Statement under ‘How we use your personal information‘. You have the right to withdraw your consent at any time.
Collection and Use of Personal Information
Personal information is data that can be used to identify or contact a single person. You may be asked to provide your personal information anytime you are in contact with BPMS. BPMS may share this personal information with affiliated companies and use it in a manner consistent with this Privacy Statement. We may also combine it with other information to provide and improve our products, services, content and advertising. You are not required to provide the personal information that we have requested but, if you chose not to do so, in some cases we will not be able to provide you with our products or services or respond to queries you may have.
Here are some examples of the types of personal information BPMS may collect and how we may use it;
What personal information we collect:
- When you create an account, purchase a product, contact us or participate in an online survey, we may collect a variety of information, including your name, mailing address, phone number, email address and contact preferences.
- If you visit our storage facility some personal data may be collected from monitoring devices and systems, such as closed-circuit TV (CCTV) and door entry systems at the site. It is a key feature of our storage service that we operate CCTV within the storage facility. We collect and process CCTV images:
- So that we can fulfil our contractual obligation to deliver a secure environment
- To assist in the establishment of an investigation or defence of any crime or other investigation
How we use your personal information:
- The personal information we collect allows us to complete transactions, support the products or services you purchase, keep you posted on BPMS’s latest product announcements, service updates, and upcoming events. If you don’t want to be on our mailing list, you can opt out anytime by updating your preferences.
- We also use personal information to help us create, develop, operate, deliver, and improve our products, services, content and advertising, and for loss prevention and anti-fraud purposes.
- We may use your personal information to verify identity, assist with identification of users, and to determine appropriate services.
- From time to time, we may use your personal information to send important notices such as communications about purchases and changes to our terms, conditions, and policies. Because this information is important to your interaction with BPMS, you may not opt out of receiving these communications.
- We may also use personal information for internal purposes such as auditing, data analysis, and research to improve BPMS products, services, and customer communications.
Collection and Use of Non-Personal Information
We also collect data in a form that does not, on its own, permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:
- We may collect information such as occupation, language, post code, area code, referrer URL, location, and the time zone where a BPMS product is used so that we can better understand customer behaviour and improve our products, services, and advertising.
- We may collect information regarding customer activities on our website, cloud services and from our other products and services. This information is aggregated and used to help us provide more useful information to our customers and to understand which parts of our website, products, and services are of most interest. Aggregated data is considered non‑personal information for the purposes of this Privacy Statement.
- We may collect and store details of how you use our services including search queries. This information may be used to improve the relevancy of results provided by our services. Except in limited instances to ensure quality of our services over the internet, such information will not be associated with your IP address.
If we do combine non-personal information with personal information the combined information will be treated as personal information for as long as it remains combined.
In the case of electronic direct marketing we will provide you with a method to opt out of receiving further marketing materials or with a method to opt in if required by law.
Cookies and Other Technologies
The BPMS website, online services, interactive applications, email messages and advertisements may use “cookies” and other technologies. These technologies help us better understand user behaviour, tell us which parts of our websites people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as non‑personal information. However, to the extent that Internet Protocol (IP) addresses or similar identifiers are considered personal information by local law, we also treat these identifiers as personal information. Similarly, to the extent that non-personal information is combined with personal information, we treat the combined information as personal information for the purposes of this Privacy Statement.
If you want to disable cookies check with your provider to find out how to disable cookies. Please note that certain features of the BPMS website will not be available once cookies are disabled.
As is true of most internet services, we gather some information automatically and store it in log files. This information includes IP addresses, browser type and language, internet service provider (ISP), referring and exit websites and applications, operating system, date/time stamp, and clickstream data. We use this information to understand and analyse trends, to administer the site, to learn about user behaviour on the site, to improve our product and services, and to gather demographic information about our user base. BPMS may use this information in our marketing and advertising services.
In some of our email messages, we use a “click-through URL” linked to content on the BPMS website. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on our website. We track this click-through data to help us determine interest in particular topics and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
Protection of Personal Information
BPMS takes the security of your personal information very seriously. BPMS online services such as the AnnualLeave.com and Fileweb protect your personal information during transit using encryption such as Transport Layer Security (TLS) and Secure Socket Layer (SSL). When your personal data is stored by BPMS, we use computer systems with limited access housed in facilities using physical and digital security measures.
We use security safeguards to protect personal data from unauthorised access. We have policies and procedures in place to set forth physical, administrative and technological safeguards around data security. We train our employees in these policies and procedures.
When you use some BPMS products, services or applications or post on a BPMS forum, chat or social networking service, the personal information and content you share is visible to other users and can be read, collected, or used by them. You are responsible for the personal information you choose to share or submit in these instances, for example, if you list your name and email address in a forum posting that information is public. Please take care when using these features.
Disclosure to Third Parties
To efficiently conduct our business, information may be shared with or obtained by processors/third-party service providers who provide us with services such as database hosting, credit card processing, credit checks etc.
For example, when you purchase a storage service you authorise BPMS and your bank to exchange the information you provide to pay for the service. If you are approved for service your account will be governed by BPMS and your bank’s respective privacy policies. Personal information will only be shared by BPMS to provide or improve our products, services and advertising; it will not be shared with third parties for their marketing purposes.
BPMS shares personal information with companies who provide services such as information processing, delivering products to you, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. These companies are obligated to protect your information and may be located wherever BPMS operates.
We only use providers that have shown through various means that they will take the same care and precautions with your personal data as we do and will restrict the use of your personal data to the purposes for which it was provided to them.
We may disclose your personal data to:
- Our company solicitors and legal representation;
- Our insurers and insurance broker;
- Law enforcement or government agencies in connection with any investigation to help prevent or detect unlawful activity;
- Any person or agency if we need to share that information to comply with the law or to enforce any agreement we may have with you or to protect the health and safety of any person;
- Any person you have named as a person we can contact to discuss your account;
- Any person who is your agent or representative, such as the holder of a power of attorney, a legal guardian or a person administering a will;
- Any person who we are negotiating with as a potential buyer of our business or property or in the event of a reorganisation, merger, disposal or transfer of trade
Integrity and Retention of Personal Information
BPMS makes it easy for you to keep your personal information accurate, complete, and up to date. We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Statement unless a longer retention period is required or permitted by law. Past that period, records, both physical and electronic, are destroyed.
Access to Personal Information
You can help ensure that your contact information and preferences are accurate, complete, and up to date by logging in to your account where relevant. For other personal information we hold, we will provide you with access (including a copy) for any purpose including to request that we correct the data if it is inaccurate or delete the data if BPMS is not required to retain it by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. Access, correction or deletion requests can be made through BPMS’s Data Protection Officer (DPO).
Children & Education
We understand the importance of taking extra precautions to protect the privacy and safety of children. Children under the age of 13, or equivalent minimum age in the relevant jurisdiction, are not permitted to create their own BPMS accounts. BPMS products and services are not readily available to children. BPMS products and services are not targeted at children.
Third‑Party Sites and Services
The BPMS website, products, applications, and services may contain links to third-party websites, products, and services. Our products and services may also use or offer products or services from third parties − for example, a third‑party supporting service. Information collected by third parties, which may include such things as location data or contact details, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
Transfers of Your Personal Information Out of the EEA
We may transfer your personal data to the United States, which is located outside the European Economic Area, for the purpose of cloud-based CRM. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data and only with your expressed permission. If you would like further information, please contact us (see how to contact us below).
Our Companywide Commitment to Your Privacy
To make sure your personal information is secure, we communicate our privacy and security guidelines to BPMS employees and strictly enforce privacy safeguards within the company.
If you have any questions or concerns regarding BPMS‘s Privacy Statement or data processing or if you would like to make a complaint about a possible breach of local privacy laws, please contact us.
Customers can contact us at any time to review, update and/or correct any personal data that we may have. You may contact our data protection officer by email at email@example.com or by telephone at 0333 772 1631 or write to us at Office of DPO, Business Process Management Solutions Limited, White Building Studios, 1 – 4 Cumberland Place, Southampton,SO15 2NP.
When a privacy question or access request is received, we have a dedicated team which triages the contact and seeks to address the specific concern or query which you are seeking to raise. Where your issue may be more substantive in nature, more information may be sought from you. All such substantive contacts receive a response. If you are unsatisfied with the reply received, you may refer your complaint to the relevant regulator in your jurisdiction. If you ask us, we will endeavour to provide you with information about relevant complaint avenues which may be applicable to your circumstances.
BPMS may update its Privacy Statement from time to time. When we change the policy in a material way, a notice will be posted on our website along with the updated Privacy Statement.
Last updated June 14th 2020.