www.herminius.com is brought to you Herminius™ Holdings Limited, a company incorporated and registered in England and Wales under company number 09952294 whose registered office address is 10 Hill Street, London W1J 5NQ.
1. Why should you read this policy
2. How to contact us
3. Personal data we may collect about you
4. How your personal data will be used
5. What is our lawful basis or ground for using your personal data?
6. Marketing and opting out
7. Disclosure of your personal data
8. Keeping your data secure
9. Transfers of data out of the EEA
11. Your rights
12. How long we will store your data
16. Data Protection Aupervisory Authority
WHY YOU SHOULD READ THIS POLICY
We take the privacy of our clients, associates and contacts (you) very seriously.
For the purposes of the General Data Protection Regulation and all other relevant legislation, Herminius™ Holdings Limited (‘we’ or ‘us’) is the ‘data controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
The Data Protection Officer is Helena Lally.
This Policy was last updated on the 08/05/2018.
HOW TO CONTACT US
Any questions regarding our policy on data protection are welcome and should be addressed to the Data Protection Officer by any of the following means:
By phone: 0203 439 1139
By email: firstname.lastname@example.org
By post: 10 Hill Street, Mayfair, London W1J 5NQ
PERSONAL DATA WE MAY COLLECT ABOUT YOU
Information that you provide
Personal information about you (such as your name, email address and contact number) will be obtained when you contact us by phone, email or post or you provide your information to us in person.
We may ask you to provide sensitive personal data from time to time. If such data is requested, you will be given additional information as to why the sensitive personal data is being requested and how it will be used.
We may retain a record of any contact you make with us.
Personal information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
Give consent on his/her behalf to the processing of his/her data;
Receive on his/her behalf and data protection notices;
Give consent to any transfer of his/her data.
Information from third parties
Occasionally we may receive information about you from other sources, which will be added to the information already held about you in order for us to help supply our services to you.
HOW YOUR PERSONAL DATA WILL BE USED
We will use your personal data for the following purposes:
To fulfil any services requested by you;
To request services from you;
To help identify you and any accounts you hold with Herminius™;
Fraud prevention and detection;
Invoicing and order fulfilment;
To notify you of any changes to our services that may affect you.
WHAT IS OUR LAWFUL BASIS OR GROUND FOR USING YOUR PERSONAL DATA?
Under laws that are designed to protect your personal data, we need to have what is called a lawful basis or ground each time we use, share or otherwise process your personal data.
We may also need to process your personal data to comply with any legal obligations which may be applicable.
In most cases, our processing of your personal data is necessary for the performance of our services to you.
Certain uses of your personal data, or other processing activities, may not be strictly necessary to perform our services to you, however, they may be necessary for the purposes of our legitimate interests or the legitimate interests of a third party. They may also be in your interests.
When we say “legitimate interests”, we mean our (or a third party’s) interests in enabling us to provide our services to you as efficiently and securely as possible. For example, we may choose to use a third party to store your personal data; we may do this in part because our use of that service means that your personal data is more secure.
MARKETING AND OPTING OUT
If you have provided your consent to receive marketing communication from us, we may contact you by email, telephone or post about our services and charitable causes that may be of interest to you.
You will always have the ability to revise your consent to marketing communication from us by clicking the ‘unsubscribe’ link in the footer of the email correspondence or by notifying us using the contact details at the beginning of this Policy.
DISCLOSURE OF YOUR PERSONAL DATA
We may disclose your personal data to:
Other companies that become partners or part of a group with Herminius™ Holdings Limited;
A third party who acquires Herminius™ Holdings Limited or acquires substantially all of its assets, in which case the personal data shall be one of the acquired assets;
Our agents and service providers;
Law enforcement and regulatory agencies in connection with anyinvestigation to help prevent unlawful activity or as otherwise required by applicable law.
KEEPING YOUR DATA SECURE
We will use technical and organisational measures to safeguard your personal data, for example we will store your personal data on secure servers.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
TRANSFERS OF DATA OUT OF THE EEA
We will make reasonable efforts to ensure that your data is not transferred outside the European Economic Area (EEA). Where we use data servers that may transfer data out of the EEA we will take steps to ensure adequate protections are in place to ensure the security of your information and give you remedies in the unlikely event of a security breach.
All information you provide to us is stored with secure data processors for the purposes of storing your data and for accounting and administrative purposes. A copy of your information is also stored securely on our internal server and computers where access is restricted.
Please note that we review all processors we utilise and ensure that there are adequate safeguards in place to protect your personal data, such as adherence to binding corporate rules or compliance with the EU-US Privacy Shield Framework, which is a mechanism that ensures compliance with EU data protection requirements when transferring personal data from the European Union to the United States. You can learn more about Privacy Shield here: https://www.privacyshield.gov/welcome
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training, fraud prevention and compliance.
You can change your mind, remove or add your consent at any time.
You have the right of access to your personal records or other informationthat we hold about you. There is no administrative charge for this service.
You have the right to rectify any errors in the data we hold about you.
You have the right to have the data we hold about you erased.
If you wish us to continue to store your information but wish us to keep your data separate and not process it in any way, please let us know.
You have the right to ask us to stop processing your personal data for direct marketing purposes. You may also specify that you object to direct marketing by particular channels such as by email or telephone. If this is the case, please specify the channels you are objecting to in your communications with us.
You have the right to data portability. If you wish to obtain your data foryour own purposes across different services, we will provide this information to you in a CSV file. There is no administrative charge for this service.
To revise your consent, access, amend or remove your records or assert any of your rights set out above, you should send your request in writing to the Data Protection Officer using the contact details at the beginning of this Policy.
These rights may not apply in all situations or in relation to all types of processing.
You will need to provide proof of identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill); and specify the personal data you would like access to, amended or removed.
HOW LONG WE WILL STORE YOUR DATA
We will store your data for as long as necessary for the purpose of processing. The data may be deleted in the following circumstances for example:
You have withdrawn your consent to data processing;
The original purpose for processing the data is no longer relevant or cannot be performed anymore; or The data is no longer up to date or accurate.
Herminius™ Holdings Limited only offers services to individuals over the age of 18. In using our services, you confirm that you have read and consented to this Policy and verify that you are over the age of 18.
Traffic Analytics Google Analytics
This website uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Google Analytics uses so-called “cookies”, text files that are stored on your computer and that allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. IP anonymization is active on this website. Your IP address will be truncated and saved without the last octet. Although we know from which network a request came, but not from which computer. Your IP address will generally be truncated by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data. You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible. http://tools.google.com/dlpage/gaoptout?hl=en.
We may change this Policy from time to time. You should check this policy frequently to ensure you are aware of the most recent version that will apply each time you use the Website.
DATA PROTECTION SUPERVISORY AUTHORITY
The Data Protection Supervisory Authority in the UK is the Information Commissioners Office. Should you have any complaints about the way we handle your data, you may direct them to the ICO. More information on the ICO can be found on their website here: https://ico.org.uk