SMRS Privacy Notice
SMRS (referred to as “our”, “us” and “we” in this notice) is an education, employer and youth marketing business who partners with educators and employers to provide communication and branding solutions. As a business, we take seriously our responsibilities under privacy and data protection laws and are committed to protecting the privacy of those with whom we interact.
This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. SMRS is the data controller of any personal data you provide to us, including in relation to this website.
This Privacy Notice explains the following:
· Information we may collect
· How we use this information
· How we store your personal data
· How we secure your personal data
· Information sharing and disclosure
· International transfers
· Your rights
· Our responsibility for website links
· How to contact us
In the Supplementary Information section of this Privacy Notice, we explain what is meant by “personal data” and other terms used in this notice.
1. Information we may collect
The type of information we collect will depend on the circumstances and the service you are using. Generally speaking, we will collect information relating to you and/or your use of our services in the following ways:
Information relating to your use of the website
We collect information about how you use our website. This includes information relating to the pages you visit on our website, the services or information your search for and the links and content you choose to access. We may also use the personal information you provide through your use of our website to provide you with relevant content and to inform our marketing strategy. This type of activity is known as “profiling” – using automated means to process your personal data to analyse or predict your personal preferences, interest or behaviours. You can object to profiling (see section 7 of this Notice, below).
We collect information about the device(s) you use to access our site. This includes collecting unique mobile device ID or the internet protocol (IP) address online identifiers, which are numbers that can uniquely identify a specific computer or other network device on the internet. This information is linked to a cookie ID, which we receive and process. You may find more information on the cookies we use and the purposes for which we use them on our separate Cookie Notice.
We collect contact details when you sign-up to receive email alerts, attend one of our events, download our content, subscribe to our newsletters or where you ask us to respond to a query you have. The personal data we collect includes your name, email address, job title, and location.
Marketing and communications data
We collect information about your preferences in receiving marketing information from us and your communication preferences.
We do not actively seek to collect information about children aged 16 or under. If you have any concerns about your child’s privacy in relation to our services, or if you believe that your child may have entered personal data onto our website, please contact us at firstname.lastname@example.org. We will delete such information from our records within a reasonable time.
2. How we use this information
Except where required by law, we use the personal data you provide for the following purposes:
· to deliver the specific information or services you have requested;
· to enable the download of our content;
· send you newsletters and information relating to our brands and services;
· respond to your requests and feedback; and
· analyse and/or improve our services.
Under data protection law we are required to advise you on the legal basis for processing your personal data. For the most part, the processing of your personal information is based either your consent. In the table below we set out further information about the purposes for which we use your personal data.
|Purpose/Activity||Type of Personal Data Processed|
To send you information about our services:
To send you information which you have requested e.g. newsletters or publications in accordance with your specified preferences
|Name and email address|
To improve and develop our website:
We conduct statistical analysis on your usage of the website e.g. to enable us to improve our website, offer new features and material etc.
|Technical and usage|
To deliver relevant content to you and measure or understand the effectiveness of the content we serve to you.
|Name and email address Technical|
To respond to any enquiries or feedback that you send us
|Name and email address|
To reach out with information on our products and services relevant to your needs
|Name and email address|
To share information with our service providers.
|Name and email address
Technical and usage
To share information with other third parties, such as regulator and law enforcement agencies, to ensure compliance with our legal obligations.
|Name and email address
Technical and usage
3. How long we will keep your information
We will keep your personal data for as long as is necessary for the relevant service, in accordance with our legal obligations. After this time, your personal data will either be securely deleted or anonymised so that it can be used for analytical purposes. You may request further information via the contact details given in this Privacy Notice.
4. How we secure your information
We maintain appropriate organisational and technological safeguards to help protect against unauthorised use, access to or accidental loss, alteration or destruction of personal data. We also seek to ensure our service providers do the same.
5. Information Sharing and Disclosure
Information shared with our third-party service providers We use a number of third parties to perform business functions on our behalf, such as sending our newsletters and hosting our online services and customer relationship management. We will only disclose the information necessary to enable these third parties to perform their services. Our service providers are contracted to comply with our instructions and we require that they do not use your personal data for their own business purpose.
Information shared with other parties
Where required or permitted by law, personal data may be provided to others, such as regulator and law enforcement agencies, for example in response to a court order or a subpoena, or in response to a law enforcement agency’s request, or where we believe it is necessary to investigate, prevent or take action regarding illegal activities, and as otherwise required by law.
We do not sell or rent any personal data about you to any third party.
6. International transfers
We will only transfer your personal data outside the EU, where we are satisfied that adequate levels of protection are in place to protect the integrity and security of any information being processed and compliance with applicable privacy and data protection laws. These measures may include the use of standard contractual/data protection clauses adopted by the European Commission and where transfers are to the United States of America, the EU-US Privacy Shield, Swiss-US Privacy Shield or your consent.
You may request further information on the measures used for such transfers via the contact details given in this Privacy Notice.
7. Your rights
Object to our processing of your personal data where we are relying on legitimate interest (or those of a third-party), and you want to object to processing on this ground, as you feel it impacts on your fundamental rights and freedoms. You also have a right to object where we are processing your personal data for the purposes of direct marketing or profiling. You can object at any time and we shall stop processing the information you have objected to, unless we can show compelling legitimate grounds to continue that processing.
Access your personal data. If you make this kind of request and we hold personal data about you. We are required to provide you with information on it, including a description and copy of the personal data and why we are processing it. We will require you to prove your identity before granting access to your personal data. We will process your request within the timeframe required under the relevant law.
Request the transfer of your personal data. We will provide to you or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Please note, this right applies to the personal data you have provided to us; and if we use your personal data on the basis of consent or where we used the information to perform a contract with you.
Request erasure (deletion) of your personal data. You have a right to ask us to delete or remove your data where you have successfully exercised your right to object (see above), or where we are required to erase your personal data to comply with local law. Please note, we may be required to retain certain information by law and/or for our own legitimate business purpose. But when we do so, we will inform you
Request correction or updating of your personal data. This enables you to have any incomplete or inaccurate data we hold about you corrected. Request the restriction of our processing of your personal data in some situations. If you request this, we can continue to store your personal data but are restricted from processing it while the restriction is in place.
Withdraw your consent. Where you have provided your consent to our processing of your personal data you can withdraw your consent at any time. If you do withdraw consent, that will not affect the lawfulness of what we have done with your personal data before you withdrew consent.
Make a Complaint. We will do our best to resolve any complaint. However, if you feel we have not resolved your complaint, you have a right to make a complaint to your local data protection authority. For example, in the UK, the local data protection authority is the UK Information Commissioner's Office.
If you exercise the rights above and there is any question about who you are, we may require you to provide information from which we can satisfy ourselves as to your identity.
8. Our responsibility for website links
This Privacy Notice is limited to the personal data collected by SMRS. We do provide links within this site to other websites, including social media sites such as Facebook, Twitter and LinkedIn. If you follow these links, you should use these sites in conjunction with their applicable user and privacy notices as their data practices fall outside the scope of this Privacy Notice. Furthermore, we can have no responsibility for or control over the information collected by any third-party website and we cannot be responsible for the protection and privacy of any information which you may provide on such websites.
This Privacy Notice may be updated from time to time to reflect changes in law, best practice or a change in our practices regarding the treatment of personal data. The date of the most recent revision will appear at the top of this page. If you do not agree to the changes, please do not continue to use our services and please refrain from sharing your personal data with us. You should check this notice frequently for updates.
If you have any questions about this Privacy Notice, our approach to privacy or you would like to exercise any of the rights mentioned in this Privacy Notice you can contact our Data Protection Officer in any of the following ways:
Address: Data Protection Officer, SMRS Limited, Express Networks 2, 3 George Leigh Street, Manchester M4 6BD
Telephone: (+44) (0) 161 200 1444
In this Supplementary Information section, we explain some of terminology used in this Privacy Notice.
“data controller” – the person or company that controls the purposes and means of processing personal data.
”personal data” – any information that relates to you (or from which you can be identified).
“processing” – means doing anything with data. For example, it includescollecting it, holding it, disclosing it and deleting it.
“profiling”- using automated means to process personal data in order to work out certain things about people, like analysing or predicting their performance at work, reliability, economic situation, personal preferences, interests, behaviour, location or movements.
”transfer” – sending personal information outside the European Economic Area (e.g. by storing it on equipment located outside the European Economic Area), or allowing someone from outside the European Economic Area to access the personal information.