Pirum is a company registered in England and our address is 2 Copthall Avenue, London, EC2R 7DA
We take your privacy seriously and are committed to processing your personal data fairly and lawfully in compliance with Data Protection Laws.
"Data Protection Laws" means all applicable laws relating to privacy or data protection the United Kingdom, including the UK GDPR and the Data Protection Act 2018.
Responsibility for our data protection compliance lies with Eva Luterkort (email@example.com) as General Counsel & Counsel (“GC/CO"). Please see her full contact details below. For more information please also refer to our Data Protection Policy.
The Personal Information We Collect About You
“Personal data” means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We will typically collect, store and use all or some of the following categories of personal information about you:
- Contact details such as name, title, work addresses, work telephone numbers, work email addresses and other business information.
- Business details such as business name, job title, business contact details and trader ID.
- Website access details including your computers unique identifier (e.g. IP Address), the date and time you accessed the website, passwords to access alerts preferences.
- Marketing data including your preferences in receiving marketing from us and our third parties (please note that we only undertake business to business marketing).
- CCTV recordings and images.
- responses, comments, views and opinions when you communicate with us.
Special Category Personal Data & Criminal Offence Data
Typically, we will not intentionally or systematically seek to collect, store or otherwise use information about you classed as special category personal data or criminal offence data (e.g. information relating to your ethnic origin, health or sexual orientation or criminal history).
How We Collect Personal Data
We collect personal information directly from you through our website, from the appointed administrator at your employer or by direct personal request. Some information may be collected from publicly available third-party sources.
How & Why We Use Personal Data
Data Protection Laws require companies to have a "legal basis" to collect and use your personal information . Most commonly, we will use your personal information in the following circumstances:
- To comply with our legal and regulatory obligations; or
- Where it is necessary for legitimate interests pursued by us or a third party and your interests and fundamental rights do not override those interests.
Purpose & Legal Basis
We will process your personal data in connection your personal data for the following purposes and on the following legal bases:
We may use your personal information to contact you with marketing on a business-to-business basis. You may opt out from receiving such marketing by contacting Pirum at firstname.lastname@example.org.
Failure to Provide Information
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with our client and/or provide the services to you.
Accuracy & Completeness
We make every effort to maintain the accuracy and completeness of your personal data which we store and to ensure all of your personal data is up to date. However, you can assist us with this considerably by promptly contacting us if there are any changes to your personal data or if you become aware that we have inaccurate personal data relating to you (see Contact Us section below). We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
Disclosure / Data Sharing
We may have to share your data with third parties, including: (i) third-party service providers (including contractors and designated agents); (ii) other entities in the group; (iii) in the context of a sale of the business; (iv) with a regulator or to otherwise comply with the law; (v) our insurers; and/or (vi) professional advisers to manage risks and/or legal disputes.
We do this (i) where necessary to provide services in accordance with our contract with our client; (ii) where required by law; or (iii) where we have another legitimate interest in doing so.
We require third parties to respect the security of your data and to treat it in accordance with applicable law.
Transfers of Data Outside of the UK
We may transfer the personal information we collect about you outside the UK and EEA in order to perform our contract with our client. We use Microsoft Office 365 and NetSuite which cover our email servers and client relationship management systems. For further information please contact us using the details in the Contact Us section below.
Copies of the relevant safeguard documents are available through contacting the GC/CO. Please see their contact details below.
Protecting Your Personal Data
We are committed to safeguarding and protecting all personal data provided to us and will implement and maintain appropriate technical and organisational measures to ensure an appropriate level of security to protect such personal data transmitted, stored or otherwise processed by us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
We will only retain your personal data for as long as necessary to fulfill the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements. We will generally keep your personal data in accordance with any applicable limitation period (as set out in applicable law) plus one (1) year, to allow reasonable time for review and deletion or anonymisation of the personal information held. This will usually be seven (7) years following the expiry of our relationship with your employer (our client).
Under Data Protection Laws, you have certain legal rights in respect of your personal data, such rights include:
- Request access to your personal information (commonly known as a ‘data subject access request’). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, e.g. if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
- Request a copy, or reference to, safeguards such as ‘standard contractual clauses’ used for transfers outside the EU (we may redact data transfer agreements to protect commercial terms).
- Request to withdraw consentin the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time (where the legal basis for processing is solely justified on the grounds of consent).
You can request this by contacting us using the details in the Contact Us section below. We endeavour to respond to such requests within a month or less, although we reserve the right to extend this period for complex requests.
If you have any queries about the contents of this Privacy Notice, wish to inform us of a change or correction to your personal data, would like a copy of the data we collect on you or would like to raise a complaint or comment, please contact us using the details set out below:
Post: Pirum Systems Limited
Att: Eva Luterkort, General Counsel & Compliance Officer
2 Copthall Avenue, London, EC2R 7DA
How to Lodge a Complaint with the Regulator
We would be happy to address any concerns you have about your data privacy directly, and we encourage you to contact us in the first instance with your queries. However, you are entitled to lodge a complaint with our data protection regulator if you consider that we have breached your data protection rights. Our data protection regulator is the Information Commissioner's Office, which can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF and email@example.com
Changes to this Privacy Notice
This Privacy Notice was last updated in December 2022.
We may change or update parts of this Privacy Notice in order to maintain our compliance with applicable law and regulation or following an update to our internal practices. We reserve the right to make such updates to this Privacy Notice at any time. We will do this by updating the Privacy Notice held on Pirum's website www.pirum.com. You will not necessarily be directly notified of such a change. Therefore, please ensure that you regularly check this Privacy Notice, so you are fully aware of any changes or updates.
We may also notify you in other ways from time to time about the processing of your personal information in addition to providing the details of processing in this Privacy Notice.