Privacy Statement

• When you browse any page on our website
• When you register to receive a White Paper, Case Study and other selected content
• When you register to attend one of our Webinars
• When you complete a contact form on the website
• When we acquire business contact information from third parties
• When you engage in web chat with us
• When you follow, message or engage with us via social media
• When you receive an e-mail from us
• When you e-mail us
• When we call you
• When you call us
• When we meet you out and about (eg. trade show or meeting)
• When you add public profile information on LinkedIn
• Using our guest wireless in our office
  

• Business contact details (name, job title, mobile number, e-mail address, organization)
• Browsing behaviour and preferences, browser, and browsing device details
• E-mail interactions and content engagement
• Network traffic
• Authentication data
• Any specific problem you may have with the products and services we supply
• Specifics of requests for information, demonstrations, quotations, or support.
• A request for a quotation
• CCTV Images collected on site at our HQ
• We also profile your data based on the organization you work for, and your Job Title and Job Function, to ensure we can tailor our marketing messages appropriately
  

• Grow activereach as a business
  • Resolve business enquiries
  • Understand business requirements
  • Sell consultatively to business customers
  • Deliver, operate and support network, security and collaboration solutions
  • Improve service for you and more generally for our other customers
• Mitigate risks to activereach’s and our customer data and information systems
• Improve our website, staff skills, collateral, processes, and products

In order to grow as a business, the biggest difficulty we face is getting time with a decision-maker to prove our expertise and demonstrate how we can help solve problems cost-effectively. We do several things to try and contact business decision-makers to sell our services; we run a website, we engage on social media platforms, e-mail, and telephone business people.

We rely on Legitimate Interest as a legal basis for the processing of personal data. This includes the processing of

i) employee, partner, supplier and B2B client data

ii) B2B direct marketing

Growing our business by providing the right solutions to meet a customer’s requirements is our main purpose in collecting and processing business contact information. We believe we have a Legitimate Interest in collecting business contact information and contacting people directly. We thought about how this might affect people’s privacy rights and balanced them against our interests as a business.

We believe that the limited and non-domestic nature of our use of personal information (business-to-business, public records), the lack of special categories of data, the lengths we go to to secure that data, and the tools we provide data subjects to exercise their rights over the data, is sufficient to meet a Legitimate Interest Assessment.

We follow the PECR with regards to electronic communication and ensure any phone numbers we use are pre-screened against domestic and business TPS lists.

You have the right

• to be informed
• of access
• to rectification
• to erasure
• to restrict processing
• to data portability
• to object

Also you have rights in relation to automated decision making and profiling.

You can exercise your rights to your personal information under EU GDPR and UK Data Protection by emailing datacontroller@activereach.net. E-mails to this address are logged on a ticketing system and tracked to closure. activereach aims to resolve any requests within 30 days, but sometimes may seek additional information to verify data subject identity prior to fulfilling requests to disclose, alter or delete information we would otherwise consider confidential.

activereach makes sure that your personal information is collected lawfully and fairly. We try hard to make sure it remains accurate, relevant and is not excessive for the purpose it is collected for. We do not re-purpose personal information we collect. We retain personal information for no longer than is necessary (although the duration varies depending on the nature of the data – CCTV images are not kept as long as e-mail contact details, for example).

Your personal information is held in systems where we employ procedural and technical controls to minimise risks to the security (Confidentiality, Integrity or Availability) of the data. If we are ever breached, we will inform the UK Information Commissioners Office (ICO) within 72 hours of being made aware of the breach – and data subjects that are at risk will also be informed. We use a process of continual security improvement – protection and testing – to minimise risk and ensure that our information systems are resistant to modern cyber threats.

We will comply with all subject access requests to have personal information deleted from our information systems. If we do delete your data following such a request, there is a chance that your personal information may reappear in our information systems during the normal course of our business activities (e.g. in data we purchase from third parties from time to time).

You have the right to lodge a complaint with the supervisory authority, UK ICO, if you are not happy with the processing of your personal data. Please visit the ICO Complaints page for details.

Before it gets to that situation, please make sure you contact our Data Privacy Manager, Lorna Fimia, at datacontroller@activereach.net. if you wish to exercise any of your rights or if you have any questions about the processing of your personal data.

• Contact and enquiry forms on activereach.net allow you to choose whether you wish to receive email marketing communications from activereach.
• All activereach marketing e-mails offer a link to opt-out or unsubscribe from further e-mail messages.
• At any point you can email marketing@activereach.net and send a request to be removed from our marketing lists.
• You can change your browser settings to reject cookies from activereach.net or social media platforms.
• Please allow up to 10 business days for new contact preferences to take effect.
  

We have set internal policies on retention duration which is different for each information flow based on the principle of storage limitation and secure disposal/deletion.  Specific personal data records are kept in line with the following retention policies:

• HR records – for as long as the person is employed, and in accordance with the Data Protection Act, Rehabilitation of Offenders Act, Employment Act and for audit & taxation purposes
• Customer and Supplier data – in accordance with the Data Protection Act and as required for audit and taxation purposes
• Prospect data – is reviewed and audited on an annual basis. Data which is expired, i.e. business to business contacts have moved into roles that are no longer eligible for targeting on the basis of legitimate interest, or have moved companies, and/or their email addresses return a hard bounce and/or are undeliverable are deleted from our CRM system on an annual basis.

Data subjects may request more specific details via a subject access request to datacontroller@activereach.net.

We make use of third-party processors for some of our business-critical applications (e.g. CRM application, e-mail services, web/email hosting) handling personal information flows. These store and process data in servers/data centres located in the UK. One of our sub-processors processes your personal data in the US. Standard contractual clauses are in place to ensure that any transfers to the US are made in accordance with data protection legislation.

We have mapped our information flows and activereach is satisfied that our processors meet the standards for security that we expect for ourselves and our data subjects.

If the personal information is collected as part of a joint marketing activity (e.g. trade show, webinar, hospitality event, or marketing campaign), then one of our “Technology Partner” companies will be collecting the same information we have. They will be a data controller in their own right and your personal information will be processed according to their privacy policy.

Other recipients of data are:

i) Event sponsors. activereach “Technology Partners” may sponsor and co-host an event organised by activereach. activereach and the Event Sponsor(s) may provide you marketing information before, during and following the event. You can withdraw your consent for this marketing by activereach Ltd by emailing marketing@activereach.net. For the purposes of applicable data protection regulations, Event Sponsors will become controllers of your personal information following the event.

ii) Third party service providers/suppliers engaged by us to assist in the administration of a marketing event or marketing campaign.

iii) Third party processors that handle business-critical and marketing applications (e.g. CRM System, Email Marketing Platform, Email/Web Hosting)

iv) Suppliers handling employee data

When you land on our site, we start collecting information about who you are (IP address, browser type, language), when you came to the site, where you came from (URL of the website that referred you), what you are looking for (search terms entered, links and adverts clicked on our site), and where you go when you’re done (URL of the site you go to if you click on an outbound link on our site).

We do this to judge how good our website is, judge the effectiveness of our marketing campaigns, and try to understand, without bothering you, what information you may be looking for and whether you found it OK.

We may share non-personal aggregate statistics (group) data about our site visitors’ traffic patterns with partners or other parties. However, we do not sell or share any information about individuals to third parties.

Many browsers are set to accept cookies by default. You have the ability to accept or decline cookies as you prefer in your browser settings.

The Help portion of your web browser, most likely found on the toolbar, typically tells you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether.

If you allow them in your browser settings, the activereach site will store a persistent ‘cookie’ on your computer. This allows the site to notice when you come back to the site and improve your experience by remembering preferences and options you have selected.

We also use cookies to analyse traffic on Google Analytics.

Social media features are either hosted by a third party or hosted directly on our site and send information to the social media company involved (e.g. Facebook, LinkedIn, Google). Your interactions with these features are governed by the privacy policy of the company providing it.

We get these e-mail addresses from trade shows we attend, direct submission from our web-site or signing up to obtain a white paper. We buy in lists of e-mail addresses for people in particular roles in particular businesses and combine them with information made public through LinkedIn. We use these suppliers and take pains to only work with information providers that collect data lawfully. We also combine contact data with information collected from people browsing our website to try and build a single view of someone’s interactions across a variety of communication methods.

As such, some marketing you receive, including email marketing, may also be personalised based on your visits to activereach.net and your browsing history. In addition, when you click on some links in email marketing you receive, our email service provider may place a cookie on your browser. This type of cookie would be linked to your email address or IP address and used to gather information about the products and services you view on activereach.net. Information gathered may be used to personalize and customize future email marketing messages you receive.

Every marketing e-mail we send has an unsubscribe link that gives you the option to opt out of all future communications and marks a CRM record to not e-mail you. We also have a link to this policy, which describes more about where we got the information, what we do with it, and point data subjects to their rights under EU GDPR or UK Data Protection legislation. We are registered with, and regulated by the Information Commissioner’s Office.

These telephone calls are unsolicited, but as well as making sure all data is screened, we maintain a register of contacts that have told us ‘do not call’ and we make sure we do not call them.

Telephone calls are not automated and we make no efforts to hide our number or our identity. This approach is in line with ICO guidance on compliance with the PECR.

The company is registered with the Data Protection Registrar under reference: Z1684067.