This Privacy Notice explains how Open International (company registration no. 5716519) and Open GI Limited (company registration no. 1519547) of Buckholt Drive, Warndon, Worcester, WR4 9SR (Open GI) use your personal information, which you provide to us.
Open GI protects the personal information that you provide to us and is committed to complying with all relevant Data Protection Laws. We are registered with the UK Information Commissioners Office (ICO) as a data processor for the processing of our customers’ data, but we also act as a data controller in relation to information that we gather from job applicants and our own staff. We comply with the UK Data Protection Act 2018 (DPA 2018), the EU General Data Protection Regulation (GDPR), and any other relevant data privacy laws.
If you have any queries regarding this Privacy Notice, you should first contact our Group Data Protection Officer via email: firstname.lastname@example.org. If you do not receive a reply within two working days, please telephone us on UK +44 (0)1905 754455 and request to speak to our Data Protection Officer.
Customers and potential customers
Customers and potential customers may contact us through our website using the Contact Us forms or buttons. When you do this, you will be asked to provide your business contact details such as your email address and telephone number. You will also be asked to consent to our using your information. This information will then be passed either to our marketing or sales teams to contact you to assist you with your enquiry.
In the course of assisting you with your enquiry, we may ask for your consent to use your details for further purposes such as marketing. When we do this, you will be clearly advised and your specific consent will be required before we can use your information for any follow-up purpose.
On our website you may apply for a position in our organisation – Visit our Careers page.
If you decide to do this, then you will be required to submit your personal details including previous employment experience and qualifications. This information is used for the specific purpose of assessing your suitability for a position in our business and you will be required to consent to the use of your personal data for this purpose. If you do not consent to our processing your data for this purpose, then our ability to consider your application may be limited.
As part of the service that we provide to our customers we are required to collect, process or store the personal information of clients of our customers (e.g. policyholders). All this information is processed strictly in accordance with the instructions of our customers and is stored securely on servers located within the EEA.
We will only share your information with parties that you have agreed we can share it with. There are, however, certain scenarios where we may have to share your data with other parties where this is required to comply with applicable laws and government or regulatory bodies’ lawful requests for information. Examples of these scenarios are:
- For legal reasons, we may be required to share your data with law enforcement agencies, governments, etc. This may be as part of an investigation, or it may be as part of service such as fraud prevention.
- Where your data may be required to protect against harm to the rights of property or person as permitted by law.
- Where your data may be required to prevent or protect serious physical harm to an individual.
- If Open GI is involved in an acquisition, a merger, sale of assets, or liquidation.
We use Hotjar in order to better understand our users’ needs and to optimise this service and experience.
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
Open GI works very hard to ensure the protection of your information against unauthorised access, alteration, destruction, disclosure or use. In order to ensure the level of security your information deserves, Open GI will:
- Ensure that any data that moves across an untrusted network (such as the Internet), will be encrypted using strong methods. Unfortunately though, the transmission of information via the internet cannot be guaranteed due to the scale and nature of it. We will do our best to protect your personal data but cannot guarantee the security of your data whilst in transit to our site(s). Any transmission to us is at your own risk. Once we have received your information, we use strict procedures and security features to protect it against unauthorised access as reasonably as we can.
- Ensure that all our staff who may come into contact with your data or the systems that process your data have sufficient knowledge and training to handle it in a confidential and secure manner.
- Ensure that we have appropriate policies and procedures in place which instructs our staff on how to handle your data securely.
- Ensuring that we minimise access to your information to only the minimal staff and systems that need it in order to perform the service we are offering you.
- Any information that we receive from you will be stored depending on the service, but in all cases, it will be within the EEA, and within highly secured data centres with multiple layers of technical and organisational controls.
- As part of our service to you, we employ the services of professional hackers to test our systems for vulnerabilities which allows us to better protect your information. Don’t worry though, these are friendly hackers with whom we have very strict contractual and non-disclosure agreements with.
You have the right to ask us for a copy of the personal information we hold on you via a “subject access request”. You have the right to have any inaccuracies corrected or removed, or to instruct us to cease processing your data if no longer relevant, or if there are no other legal or contractual obligations for us to do so. There is no fee for this. However, subsequent copies of such information within an unreasonably short period may be chargeable.
To request a copy of the personal data that we hold on you please contact our Group Data Protection Officer using one of the methods below:
By post: The Data Protection Officer, Open GI Limited, Buckholt Drive, Warndon, Worcester, WR4 9SR.
By email: email@example.com
Please do not send us personal or sensitive data over and above the minimum requirements (such as your name and contact details) via fax or email without prior notification and agreement, or unless explicitly requested.
Please note that unless specifically instructed, your information will be sent using the same format as that of the request. i.e. if the request was received via email, the information will normally be sent back to you via secure email unless you explicitly request otherwise. Your information will be returned within one (1) month, and in a secure manner. No information will be released, and the clock will not start until your identity has been confirmed. This needs to be photographic evidence and evidence of occupancy. This can either be sent with your request or could follow.
If the data you need sight of is specific, it would help us to respond in a faster time if you were to identify exactly what data or which particular area you are looking for. For example, all personal data we hold on you about your marketing preferences, or all data you have given us in relation to careers at Open GI.
All data we collect from you here and subsequently process will be done so in the EEA. If it becomes necessary to process data outside the EEA, we ensure that the relevant third party processing the data gives the required contractual undertakings as specified by the EU, and that we make it clear to you that this will take place.
We hold your data only for as long as is necessary for specified purpose. Open GI has an internal Data Retention Policy which sets a framework around retention to ensure we are not storing data that we no longer need or should still have.
Some of the information we collect via our website is submitted to us via electronic mail. Our policy states that we retain all emails for a 7-year period after which time they are automatically deleted.
If you choose to exercise your right to erasure (also known as the right to be forgotten), we will need to retain some basic information in order to avoid sending you unwanted material or correspondence at a later date.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and/or dynamic adjustments of page layouts to improve your experience on our site.
A “cookie” is a small piece of text that is sent by a site you visit and stored in your web browser. Cookies may enable the service or third party to recognise you and make your next visit easier and the service more useful by giving you tailored options based on the information it has stored about your last visit, or it can be used to save display preferences between visits.
Cookies can be persistent cookies (they remain on your device for a fixed time after you leave our site) or session cookies (they only remain on your device while you are browsing our site). When you use and access this site, we may place a number of cookie files in your web browser.
IP addresses allow us to anonymously track usage on our website. Your IP address is not connected to any personally identifiable or online contact information like a name and address, so you will remain anonymous at all times.
We use the following cookies on our website:
|quform-session||Session||24 hours||Quform. Used to maintain sessions between page changes. No personal data is stored.|
|PHPSESSID||Session||End of current session||Random string. Keeps you logged in as you move from page to page. No personal data is stored.|
|_gat||Session||1 minute||Google Analytics. Used to throttle request rate. No personal data is stored.|
|_gid||Session||24 hours||Google Analytics. Used to distinguish users. The stored cookie value consists of a version number, domain identifier, a randomly generated session ID number and a timestamp. No personal data is stored|
|_ga||Persistent||2 years||Google Analytics. The stored cookie value consists of a version number, domain identifier, a randomly generated user ID number and a timestamp. No personal data is stored.|
|_hjClosedSurveyInvites||Persistent||365 days||Hotjar. This cookie is set once a visitor interacts with a Survey invitation modal popup. It is used to ensure that the same invite does not re-appear if it has already been shown.|
|_hjDonePolls||Persistent||365 days||Hotjar. This cookie is set once a visitor completes a poll using the Feedback Poll widget. It is used to ensure that the same poll does not re-appear if it has already been filled in.|
|_hjMinimizedPolls||Persistent||365 days||Hotjar. This cookie is set once a visitor minimises a Feedback Poll widget. It is used to ensure that the widget stays minimises when the visitor navigates through your site.|
|_hjDoneTestersWidgets||Persistent||365 days||Hotjar. This cookie is set once a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not re-appear if it has already been filled in.|
|_hjMinimizedTestersWidgets||Persistent||365 days||Hotjar. This cookie is set once a visitor minimises a Recruit User Testers widget. It is used to ensure that the widget stays minimises when the visitor navigates through your site.|
|_hjIncludedInSample||Persistent||365 days||Hotjar. This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels.|
|_hjShownFeedbackMessage||Persistent||365 days||Hotjar. This cookie is set when a visitor minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if they navigate to another page where it is set to show.|
We may make changes to our Privacy Notice in the future. Any updates or changes will be posted on this page and will be reflected in the version date.
Our website may have links to other websites. This Privacy Notice only applies to this website. You should therefore read the privacy policies of the other websites when you are using those sites.
Page last updated: April 2019