Systech Privacy Statement
Last Updated: February 2020
Your privacy is important to us. This privacy statement explains the personal data Systech processes, how Systech processes it and for what purposes.
Contact us if you have a privacy concern, complaint or question for the Systech Data Protection Officer, please contact us by using our web form. For more information about contacting Systech, see the How to contact us section of this privacy statement.
Personal data we collect
Systech collects data from you, through our interactions with you for a variety of purposes described below, including to operate effectively. You provide this data directly, such as when joining the company as an employee or consultant or when we contract with you as a client.
We rely on a variety of legal reasons and permissions to process data, including with your consent, necessity to enter into contracts and compliance with legal obligations, for a variety of purposes described below.
We also obtain data from third parties. We protect data obtained from third parties according to the practices described in this statement, plus any additional restrictions imposed by the source of the data. These third-party sources vary over time and include:
- Suppliers of products and services to Systech;
- Communication services, including email providers and social networks like Linked-in, when you give us permission to access your data on such third-party services or networks.
- Developers who create new Systech software and databases.
When you are asked to provide personal data, you can decline. Where we need to collect personal data by law or to enter into or carry out a contract with you, and you do not provide the data, we will not be able to enter into the contract.
The data we collect can include the following:
Name and contact data. Your first and surname, email address, postal address, phone number and other similar contact data.
Credentials. Passwords, password hints and similar security information used for authentication and account access.
Demographic data & photograph. Data about you such as your age, gender, country and preferred language. A photograph for Profile marketing to clients.
Payment data. Data to process payments, such as your bank account details. Qualifications. Information about your qualifications and professional memberships. Interactions. Examples of interactions data include:
- Device and usage data. Data about your Systech device and features you use, including information about your hardware and software. For example:
- General work activity. Data about the files & folders you visit and update.
- Browse Data about web pages you visit.
Alcohol & Substance Abuse Results. Data elicited from these tests is confidential and will remain on HR record.
How we use personal data
Systech uses data to:
- Provide our services to international.
- Improve and develop our services.
- Recruit appropriately qualified and experienced personnel.
- Advertise and market positions within the Group.
- To use data to operate our business, which includes analysing our performance, meeting our legal obligations, developing our workforce and doing research.
Our processing of personal data for these purposes includes both automated and manual (human) methods of processing. When we process personal data about you, we do so with your consent and/or as required to provide services to you (for example, when recruiting we check previous work history or experience on social networking sites), or to operate our business, meet our contractual and legal obligations, protect the security of our systems and our clients or fulfil other legitimate interests of Systech as described in this section and in the Reasons we share personal data section of this privacy statement. When we transfer personal data from the European Economic Area, we do so based on a variety of legal mechanisms, as described in the Where we store and process personal data section of this privacy statement.
More on the purposes of processing:
- Recruitment. We use personal information including: – name, DOB, photograph, qualifications, previous work experience, historic visa and work permits, references and expert skills and knowledge, to market candidates to ensure Systech’s international clients receive the best technical support possible. Candidate Personal Data Consent Form is accessed here for permission from candidates to retain this information within the Recruitment and HR database, as required.
- HR. In addition to information used during recruitment above, we use personal information including: – bank details. Employee Personal Data Consent Form is accessed here for permission from Employees to retain this information within the HR database, as required.
- Product development. We use data to develop new services. For example, we use data, to enhance and refine the Site Diary App.
- Staff support. We use data to troubleshoot and diagnose IT problems, repair devices and provide IT support services.
- Help secure and troubleshoot. We use data to help secure and troubleshoot our software. This includes using data to protect the security and safety of our services and clients, detecting malware and malicious activities, troubleshooting performance and compatibility issues to help personnel get the most out of their hard and software, and notifying personnel of updates to our IT specifications.
- Promotional communications. We use data we collect to deliver internal promotional communications and news updates.
- Protecting rights and property. We use data to detect and prevent fraud, resolve disputes, enforce agreements and protect our For example, we use data to confirm the validity of certain software licences. We may use automated processes to detect and prevent activities that violate our rights and the rights of others, such as fraud.
- Research. With appropriate technical and organisational measures to safeguard individuals’ rights and freedoms, we use data to conduct market research.
Reasons we share personal data
We share your personal data with your consent or as necessary to complete any transaction you have requested or authorised. For example, we share bank details to enable payments to be made to you with our global bankers.
In addition, we share personal data among Systech-controlled affiliates and subsidiaries. We also share personal data with vendors or agents working on our behalf for the purposes described in this statement. For example, companies we’ve hired to provide IT support or assist in protecting and securing our systems and services may need access to personal data to provide those functions. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets.
Finally, we will retain, access, transfer, disclose and preserve personal data, including your content (such as the content of your emails in Outlook.com, or files in private folders), when we have a good faith belief that doing so is necessary to do any of the following:
- Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.
- Protect our clients, for example, to prevent spam.
- Operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks.
- Protect the rights or property of Systech, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Systech, we will not inspect a client’s private content ourselves, but we may refer the matter to law enforcement.
How to access and control your personal data
You can access and control your personal data that Systech has obtained with tools Systech provides to you, which are described below, or by contacting Systech. For instance:
- If Systech obtained your consent to use your personal data, you can withdraw that consent at any time.
- You can request access to, erasure of and updates to your personal data.
You can also object to or restrict the use of your personal data by Systech. For example, you can object at any time to our use of your personal data:
- For direct marketing purposes.
- Where we are performing a task in the public interest or pursuing our legitimate interests or those of a third party.
You may have these rights under applicable laws, including the EU General Data Protection Regulation (GDPR), but we offer them regardless of your location. In some cases, your ability to access or control your personal data will be limited, as required or permitted by applicable law.
Security of personal data
Systech is committed to protecting the security of your personal data. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, we store the personal data you provide on computer systems that have limited access and are in controlled facilities. When we transmit confidential data (such as a bank account information) over the Internet, we protect it through the use of encryption or directly to the bank via secure interface. Systech complies with applicable data protection laws, including applicable security breach notification laws.
Where we store and process personal data
Personal data collected by Systech may be stored and processed in your region, in the UK, and in any other country where Systech or its subsidiaries operate facilities. Systech maintains major data centres in the United Kingdom and have some data retained in Australia, Brazil, Canada, Hong Kong, Singapore, and the United States. Typically, the primary storage location is in the United Kingdom, often with a backup to a data centre in that region. The storage location(s) are chosen in order to operate efficiently. We take steps to ensure that the data we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the data is located.
We transfer personal data from the European Economic Area, and the United Kingdom to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your data.
Our retention of personal data
Systech retains personal data for as long as necessary to provide the services and fulfil the transactions you have requested, or for other legitimate purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types, the context of our interactions with you or your use of services, actual retention periods can vary significantly.
Other criteria used to determine the retention periods include:
- Do clients provide, create or maintain the data with the expectation we will retain it until they affirmatively remove it? Examples include a document you stored, or an email message you keep in your Outlook.com inbox. In such cases, we would aim to maintain the data until you actively delete it, such as by moving an email from your Outlook.com inbox to the Deleted Items folder, and then emptying that folder (when your Deleted Items folder is emptied, those emptied items remain in our system for up to 30 days before final deletion). (Note that there may be other reasons why the data has to be deleted sooner, for example if you exceed limits on how much data can be stored in your account.)
- Is the personal data of a sensitive type? If so, a shortened retention time would generally be adopted.
- Has the user provided consent for a longer retention period? If so, we will retain data in accordance with your consent.
- Is Systech subject to a legal, contractual or similar obligation to retain or delete the data? Examples can include mandatory data retention laws in the applicable jurisdiction, government orders to preserve data relevant to an investigation or data retained for the purposes of Conversely, if we are required by law to remove unlawful content, we will do so.
Advertising allows us to provide, support and improve some of our services. Systech does not use what you say in email, chat, video calls or voicemail, or your documents, photos or other personal files to do this. We use other data, detailed below, for advertising our services. For example:
- Systech may use data we collect to select and deliver some of the information you see on the Systech web-site.
Changes to this privacy statement
We will update this privacy statement when necessary to provide greater transparency or in response to:
- Feedback from clients, regulators, industry or other stakeholder.
- Changes in our services.
- Changes in our data processing activities or policies.
When we post changes to this statement, we will revise the “last updated” date at the top of the statement and describe the changes on the Change history page. If there are material changes to the statement, such as a change to the purposes of processing of personal data that is not consistent with the purpose for which it was originally collected, we will notify you either by prominently posting a notice of such changes before they take effect or by directly sending you a notification. We encourage you to periodically review this privacy statement to learn how Systech is protecting your information.
How to contact us
If you have a privacy concern, complaint or question for the Systech Data Protection Officer, please contact us by using our web form. We will respond to questions or concerns within 30 days. You can also raise a concern or lodge a complaint with a data protection authority or other official with jurisdiction.
Our address is:
Systech Group Limited, 5th Floor, Chapter House, 18-20 Crucifix Lane London, SE1 3JW
To find the Systech subsidiary in your country or region, see the list of Systech office locations around the world.
Where French law applies, you can also send us specific instructions regarding the use of your personal data after your death, by using our web form.