Privacy Policy
As the operators of the website: www.smartstream-stp.com, SmartStream is committed to protecting and respecting your privacy.
This Privacy and Cookies Policy (together with and any other documents referred to therein) sets out the basis on which the personal data collected from you, or that you provide to us will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (GDPR), from the GDPR implementation date or, until GDPR implementation date, the Data Protection Act 1998, (collectively the Data Protection Laws) the Data Controller is SmartStream Technologies.
YOUR PERSONAL INFORMATION
We collect and process some or all of the following types of information from you in the course of your use of the website or providing our services:
- Information that you provide by filling in forms or using our service. This includes information provided at e.g. the time of registering to use the website in order to register for events, download content, requesting further information or make a meeting request. We may also ask you for information when you report a problem with the website.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
The provision of name, title, job title, company, country, telephone and email address is required from you to enable us to respond to any website query. We will inform you at the point of collecting information from you.
Information We Collect From Other Sources
Where we exhibit at industry events we will also obtain personal data from other sources as follows:
- Information on business cards
- Name and contact details from industry organisers
Google Analytics
This website uses Google Analytics, a web analytics tool from Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA; “Google”). The usage is based on Art. 6 Par. 1 S. 1 lit. of GDPR. Google Analytics uses ‘Cookies’, text files, that are saved on your computer and allow us to analyse the usage of our website. The Information that is tracked is as follows:
- Type of browser and version
- Operating system
- Referring URL (the last visited page)
- Hostname (with anonymized IP address)
- Time of request
This data is usually sent to servers of Google in the USA and stored there. The tracked IP address will not be brought together with other data of Google. We additionally extended the code with “anonymizeIP” which masks IP addresses to anonymize them. Only in exceptional cases full IP addresses will be transferred to the Google servers in the USA and masked there.
I order by the operator of this website, Google will use this information to evaluate the usage of this website, produce reports over the website activities and usage. You can prevent the usage of cookies through certain browser settings, but we need to inform you that some functionality of the website will not work if cookies are turned off completely.
You can restrict the collection and processing of the above data (including the IP address) if you install a browser plugin from the following internet address: http://tools.google.com/dlpage/gaoptout?hl=en.
Alternatively, you can set an opt-out-cookie to disable Google Analytics tracking in your browser. This cookie will only block analytics in the browser you activate it in and will only work for our website. If you delete cookies in your browser, you will need to set it again. Disable Google Analytics now.
We also use Google Analytics to analyse Double-Click and AdWord campaigns we are hosting on Google. You can set your preferences for Google Ads here: http://www.google.com/settings/ads/onweb/?hl=en
USES MADE OF YOUR INFORMATION
Lawful basis for processing
Purposes of processing
We use information held about you in the following ways:
- To contact you about future events
- To contact you with our newsletter
- To provide you with company information we feel may interest you
- To notify you about changes to our service
How we do this
We will contact you by the method you have consented to receive such communication; this will be electronic means (e-mail) and/or a telephone call. If you do not want us to use your data in this way please either 1) tick the relevant box situated on the form on which we collect your data; 2) unsubscribe from our electronic communications using the method indicated in the relevant communication; or 3) inform us at any time by contacting us on the details set out below.
DISCLOSURE OF YOUR INFORMATION
We routinely disclose your personal data to third parties as follows:
- We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf.
- We may disclose your personal data to any member of our corporate group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 (where applicable).
We may also disclose your personal data to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; or
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets; or
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our website Terms and Conditions and subscribing to our service; or
- To protect our rights, property, or safety or that of our affiliated entities and our users and any third party we interact with the to provide the Website; or
- In relation to selected third parties only, only to the extent that you have consented to such selected third parties notifying you about certain goods or services, which may be of interest to you.
Other than as set out above and save insofar as is necessary in order for us to carry out our obligations arising from any contracts entered into between you and us, we will not share your data with third parties unless we have procured your express consent to do so.
STORING YOUR PERSONAL DATA
Security
We take appropriate measures to ensure that any personal data are kept secure, including security measures to prevent personal data from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal data to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Website, you are responsible for keeping this password confidential.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Keeping your personal data up to date
If your personal details change you may update them by e.g. accessing the relevant page of the website, or by contacting us using the contact details below.
If you have any questions about how we use data collected which relates to you, please contact us by using one of our contact methods as stated on our Website.
We will endeavour to update your personal data within seven working days of any new or updated personal data being provided to us, in order to ensure that the personal data we hold about you is as accurate and up to date as possible.
How long we keep your personal data
We will hold personal data for the period we are required to retain this information, in this case for three years.
Where we store your personal data
All information we hold about you is stored on our secure servers within the EEA. The data that we collect from you may be transferred to, and stored at, a destination outside the EEA. It may also be processed by staffs operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your orders. By submitting your personal data, you agree to this transfer, storing or processing.
Such countries do not have the same data protection laws as the EEA. Whilst the European Commission has not given a formal decision that such countries provide an adequate level of data protection similar to those which apply in the EEA, any transfer of your personal data will be subject to suitable relevant safeguards as permitted under Article 46(5) of the General Data Protection Regulation that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal data.
If you would like further information please contact us. We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
PRIVACY NOTICE (GDPR) - JOB APPLICANTS
As part of any recruitment process, the organisation collects and processes personal data relating to job applicants. The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.
Data controller: SmartStream Technologies, St Helen’s, 1 Undershaft, London EC3A 8EE
Representative: David Porter, HR Director
Dated: 24 May 2018 | Version: 1.0
What information does the organisation collect?
The organisation collects a range of information about you. This includes:
- your name, address and contact details, including email address and telephone number;
- details of your qualifications, skills, experience and employment history;
- information about your current level of remuneration, including benefit entitlements;
- whether or not you have a disability for which the organisation needs to make reasonable adjustments during the recruitment process; and
- information about your entitlement to work in the country of your choice as per application.
The organisation may collect this information in a variety of ways. For example, data might be contained in application forms, CVs or resumes, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment, including online tests.
The organisation may also collect personal data about you from third parties, such as references supplied by former employers and information from criminal records checks. The organisation will seek information from third parties only once a job offer to you has been made and will inform you that it is doing so as part of background verification process.
Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).
Why does the organisation process personal data?
The organisation needs to process data to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you.
In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant’s eligibility to work in the country before employment starts.
The organisation has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows the organisation to manage the recruitment process, assess and confirm a candidate’s suitability for employment and decide on whom to offer a job. The organisation may also need to process data from job applicants to respond to and defend against legal claims.
The organisation may process special categories of data, such as information about ethnic origin, sexual orientation or religion or belief, to monitor recruitment statistics. It may also collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. The organisation processes such information to carry out its obligations and exercise specific rights in relation to employment.
For some roles, the organisation is obliged to seek information about criminal convictions and offences. Where the organisation seeks this information, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment.
If your application is unsuccessful, the organisation may keep your personal data on file in case there are future employment opportunities for which you may be suited. The organisation will ask for your consent before it keeps your data for this purpose and you are free to withdraw your consent at any time.
CVs that are sent speculatively may also be kept on file for future recruitment exercises.
Who has access to data?
Your information may be shared internally for the purposes of the recruitment exercise. This includes members of the HR and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles.
The organisation will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. The organisation will then share your data with former employers to obtain references for you and the Disclosure and Barring Service to obtain necessary criminal records checks.
The information which you give to us may be transferred to countries outside the European Union (“EU”). For example, some of our third-party providers, group companies or subsidiaries may be located outside of the EU.
Where this is the case we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy.
By submitting your personal data, you’re agreeing to this transfer, storing or processing. Where our third-party supplies are in the US we have ensured that their services fall under the “Privacy Shield” whereby participating companies are deemed to have adequate protection and therefore facilitate the transfer of information from the EU to the US.
How does the organisation protect data?
The organisation takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees in the proper performance of their duties.
For how long does the organisation keep data?
If your application for employment is unsuccessful, the organisation will hold your data on file for 6 months after the end of the relevant recruitment process. At the end of that period [or once you withdraw your consent], your data is deleted or destroyed.
If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in employee privacy notice.
Your rights
As a data subject, you have a number of rights. You can:
- access and obtain a copy of your data on request;
- require the organisation to change incorrect or incomplete data;
- require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
- object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing.
If you would like to exercise any of these rights, please contact datasubjectrights@smartstream-stp.com.
If you have any concern with your data being misused or leaked by SST, please contact databreach@smartstream-stp.com.
If you believe that the organisation has not complied with your data protection rights, you can complain to the Information Commissioner.
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to the organisation during the recruitment process. However, if you do not provide the information, the organisation may not be able to process your application properly or at all.
YOUR RIGHTS
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- Access to your personal data and to certain other supplementary information that this Policy is already designed to address.
- Require us to correct any mistakes in your information which we hold
- Require the erasure of personal data concerning you in certain situations
- Receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- Object at any time to processing of personal data concerning you for direct marketing
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continued processing of your personal data
- Otherwise restrict our processing of your personal data in certain circumstances
- Claim compensation for damages caused by our breach of any data protection laws
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- Email, call or write to us
- Let us have enough information to identify your name or company
- Let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- Let us know the information to which your request relates
HOW TO COMPLAIN
We hope that we can resolve any query or concern you raise about our use of your information, email: databreach@smartstream-stp.com
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at: https://ico.org.uk/concerns/ or telephone: 0303 123 1113
CHANGES TO OUR PRIVACY POLICY
We reserve the right to modify this policy at any time. Any changes we may make to our policy in the future will be notified and made available to you using the website. Your continued use of the services and the website shall be deemed your acceptance of the varied privacy policy.
INFORMATION ABOUT OUR USE OF COOKIES AND IP ADDRESSES
We use cookies on our sites: www.smartstream-stp.com and www.smartstream.ai for a number of purposes. They help us to provide you with a good experience when you browse our website, and also allow us to improve our site. By continuing to browse the site, you are agreeing to our use of cookies.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website.
- Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users find what they are looking for easily.
- Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed.
You can find more information about the individual cookies we use and the purposes for which we use them below.
First-party cookies (www.smartstream-stp.com and smartsteam.ai)
This website will set some cookies that are essential for the website to operate correctly. These cookies, none of which capture personally identifiable information, are e.g. as follows:
- Visitor ID – this cookie is a numeric value that identifies unique visitors and provides coherence and consistency to a site visit;
- Page Number – this cookie identifies the page you are on;
- Session ID – this cookie identifies your website session;
- Test – this cookie checks whether or not your browser supports cookies;
- Cookie Consent – remembers your agreement that our cookies policy
Third-party cookies
Our websites will set several types of third-party cookie, and we do not control the operation of any of them. The third-party cookies which may be set include:
- Google Analytics – we use Google Analytics to collect data about website usage. This data does not include personally identifiable information. You can view the Google Privacy Policy here: www.google.com/policies/privacy/.
- YouTube – this allows us to display embedded videos on our site. YouTube is setting these cookies to track watched videos and to be able to present appropriate content to you. You can read the YouTube Privacy Policy here: https://www.youtube.com/static?template=privacy_guidelines.
- AddThis – these cookies are used when you use the sharing service on our website to share a link with LinkedIn, Facebook, Twitter, etc. You can read the AddThis Privacy Policy here: http://www.addthis.com/privacy/privacy-policy.
- Google Remarketing / AdWords / DoubleClick – we use Google’s Remarketing / AdWords / DoubleClick cookies to market products and services we think may be of interest to you. You may see our adverts on Google’s Display Advertising Network of partner websites and Google’s own search results pages. We aim to carefully select the products and services we remarket to you, and do so based on the pages you have visited on our website. You can set your Google Ads preferences here: https://adssettings.google.com/authenticated . The Google Ads Privacy Policy can be found here: https://policies.google.com/technologies/ads
- Facebook – we may use a Facebook pixel to obtain information regarding the activities that users engage in while visiting our web pages. For information on Facebook’s Privacy and Cookie policy, visit https://www.facebook.com/policies/cookies/
- Pardot – we use Pardot as our email marketing tool and these cookies allow us to understand how you are interacting with our email communication. The Pardot Privacy Policy can be found here: https://www.pardot.com/legal/
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.
Cookie consent management
To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at https://devowl.io/rcb/data-processing/.
The legal basis for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.
The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.
Some services process personal data in unsecure third countries. By consenting to the use of these services, you also consent to the processing of your data in these unsecure third countries in accordance with Art. 49 (1) lit. a GDPR. This involves risks that your data will be processed by authorities for control and monitoring purposes, perhaps without the possibility of a legal recourse.
You are under 16 years old? Unfortunately, you are not permitted to consent to this service to view this content. Please ask your parents or guardians to agree to the service with you!
By accepting all services, you allow Google Tag Manager (Functional), YouTube (Functional, data processing in unsecure third countries), Buzzsprout Podcasts (Functional), SoundCloud (Functional, Data processing in unsecure third countries), Spotify (Functional), Google Fonts (Functional, Data processing in unsecure third countries), Adobe Fonts (Functional), WordPress Emojis (Functional, Data processing in unsecure third countries), Google reCAPTCHA (Functional, Data processing in unsecure third countries), Consentric (Functional), SmartStream Recruiting Platform (Functional), LinkedIn Insight-Tag (Marketing), Pardot Email Marketing (Marketing) and Pardot Marketing Automation (Marketing) to be loaded. These services are divided into groups Essential, Functional and Marketing according to their purpose (belonging marked with superscript numbers). In addition, Elementor (Essential), WPML (Essential), Wordfence (Essential) and Cloudflare (Essential) are loaded based on a legitimate interest.