Last updated July 2019
Brexit: references in this Policy to “GDPR” will include any “UK GDPR” created by the UK Data Protection Act 2018 on the UK’s exit from the European Union.
This Policy is issued by Nuvola Distribution Ltd (“we,” “us,” “our” or “Nuvola”) of Unit J, Lambs Farm Business Park, Basingstoke Road, Swallowfield, Reading, Berkshire, RG7 1PQ, United Kingdom.
Your privacy is important to us, and we respect the privacy rights of our clients and the importance of protecting the information collected about you and compliance with legal requirements. This Policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be collected, used, disclosed, retained and be protected by us and applies to personal information collected when you use or access our website (www.nuvola distribution.com) or otherwise interact with us. This Policy may be relevant even if you are not a customer of ours and have never used the website or service of ours. We may have your personal information because we have received it from an end-user, application, or service of ours. Please read the following carefully to understand our views and practices regarding your personal information and how we will treat it. This statement also describes your choices regarding use, access, and correction (including deletion and retention) of your personal information. By providing personal information to us, you are accepting and consenting to the practises described in this statement.
If you do not agree with the data practices described in this Policy, then you should not use the Nuvola website or services.
INFORMATION WE COLLECT
We will collect certain information (including personal information) relevant to the services we provide. The types of information we may collect directly from you include your name, telephone number, email address, postal address, transactional information (including services purchased and your billing address), information collected by cookies (if applicable), and any other information you may choose to provide. Please be aware that the information that you choose to provide may reveal or identify information that is not expressly stated (e.g., if you choose to provide your picture, your picture may reveal your gender). We may also store files and other information that you may upload or provide to us in order to be able to provide you with the features of the services we may offer.
We may also collect the following information each time you visit our website, in order to help us understand how to improve our service offering, our website and to ensure the content is presented to you in an effective manner:
· technical information, including the Internet protocol (IP) address used to connect your computer or mobile device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
· information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our office number;
· marketing information including marketing preferences, marketing list assignment, records of permission or marketing objections
This Policy applies to all personal information collected or submitted to us over the phone when you visit us at our offices or via our website. On some pages, you may be able to order products, make requests, and register to receive materials.
PROVIDING US WITH INFORMATION ABOUT OTHERS
If you provide us with personal information about someone else, you are responsible for ensuring that you comply with any obligation and consent obligations under applicable data protection laws in relation to such disclosure. In so far as required by applicable data protection laws, you must ensure that you have provided the required notices and have obtained the individual’s explicit consent or otherwise have a legal basis to provide us with the information and that you explain to them how we collect, use, disclose and retain their personal information or direct them to read our Policy.
HOW WE USE YOUR INFORMATION
We may use the information we collect from you when you register via our website or contact us directly for the limited purpose of providing our services to you, including the following:
- to carry out our obligations arising from any contracts entered into between us and to provide you with the information, products, and services you request from us;
- to provide, maintain and improve the services we offer;
- to improve our website in order to better serve you;
- to respond to comments, questions, and requests and provide support where requested;
- to communicate with you about services, newsletters, events and provide other news or information about us;
- monitor and analyse trends, usage, and activities in connection with the services we provide and for marketing and advertising purposes;
- investigate and prevent fraudulent transactions, unauthorised access to our services and other illegal activities;
- to notify you of any changes to our services;
- to administer our site and for internal operations, including data analysis, troubleshooting, testing, research, surveys;
- for other purposes, about which we notify you.
We have to establish a legal ground to use your personal data, so we will make sure that we only use your personal data for the purposes below:
- we have your explicit consent for the processing; or
- our use of your personal information is necessary to perform a contract or take steps to enter into a contract with you (e.g., to fulfil obligations under the contract signed between you and us), or
- our use of your personal information is necessary to comply with a relevant legal or regulatory obligation that we are subject to, or
- our use of your personal information is necessary to support ‘legitimate interests’ that we have as a business (for example, to improve our services, or to carry out analytics across our datasets), provided it is always carried out in a way that is proportionate, and that respects your privacy rights.
WHO DO WE SHARE YOUR INFORMATION WITH?
We may share your information with third parties to help manage our business and deliver services. These third parties may, from time to time, need to have access to your personal data. These third parties may include:
• Other third parties, for the purposes of detecting, preventing or otherwise addressing fraud, security or technical issues, protecting against harm to the rights, property or safety of our users or the public;
• Solicitors and other professional services firms (including our auditors).
Also, if we were to sell all or part of our businesses, we would need to transfer your personal information to the purchaser.
The security of your information is very important to us, and we endeavour to prevent unauthorised access, maintain data accuracy, and ensure the correct use of information. Therefore, we have put in place appropriate physical, electronic, and managerial procedures that are designed to safeguard and secure the information we collect from loss, theft, misuse, and unauthorised access, disclosure, alteration, and destruction.
In the event that your personal information is acquired, or reasonably believed to have been acquired by an unauthorised person and applicable law requires notification, we will notify you by email or mail. We will give you prompt notice, consistent with the reasonable requirements of the law, and we will investigate to determine the scope of the breach and restore the integrity of the data system.
Nuvola’s servers are based in the United Kingdom, and we may transfer your personal information to service providers that are located outside of Europe. We may also share your personal information overseas, for example, if we receive a legal or regulatory request from a foreign law enforcement body. We will always take steps to ensure that any international transfer of information is carefully managed to protect your rights and interests:
• we will only transfer your personal information to countries which are recognised as providing an adequate level of legal protection; and
• service providers and other third parties will always be protected by contractual commitments for additional security.
You have the right to ask us for more information about the safeguards we have put in place, as mentioned above. Please contact us as set out in section at the end of this Policy if you would like further information.
YOUR INFORMATION AND YOUR RIGHTS
If you are based within the EEA or within another jurisdiction having similar data protection laws, in certain circumstances, you have the following rights:
· the right to be told how we use your information and obtain access to your information;
· the right to have your information rectified or erased or place restrictions on processing your information;
· the right to object to the processing of your information e.g., for direct marketing purposes or where the processing is based on our legitimate interests;
· the right to have any information you provided to us on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another company, where technically feasible (“data portability”);
· where the processing of your information is based on your consent, the right to withdraw that consent subject to legal or contractual restrictions;
· the right to object to any decisions based on the automated processing of your personal data, including profiling; and
· the right to lodge a complaint with the supervisory authority responsible for data protection matters (e.g., in the UK, the Information Commissioner’s Office).
If we hold any information about you, which is incorrect, or if there are any changes to your details, please let us know by so that we can keep our records accurate and up to date.
If you withdraw your consent to the use of your personal information for purposes set out in our Privacy Notice, we may not be able to provide you with access to all or parts of our website, applications, and services.
We will retain your personal information for the duration of our business relationship and afterward, for as long as it is necessary and relevant for our legitimate business purposes, in accordance with the Sage Group Data Retention, Marking and Destruction Policy, or as otherwise permitted by applicable laws and regulations. Where we no longer need your personal information, we will dispose of it in a secure manner (without further notice to you).
We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with the law, court order, or legal process.
HOW TO CONTACT US
Should you have other questions or concerns about these privacy policies, please email firstname.lastname@example.org.
We may update this Policy from time to time. In the event we make any material changes that reduce your rights or our obligations under this Policy, we will post a prominent notice in this section of the Policy and on our website notifying you of the updates.