The privacy and protection of your data are important to us and because of that, this data protection policy explains what personal data Ideqa collects from you, through our interactions with you and through our products, and how we use that data. We offer a wide range of services. References to our services in this statement include Ideqa services and website. This statement applies to our interactions with you and our services. What personal data do we collect/store? We collect data to operate effectively and provide you with information we believe you are seeking. You provide some of this data directly, such as when you use our contact form on our website, Login as a customer to log a support ticket, or download a brochure. We collect names, job titles, company names and contact details. We also record tracking behavior as to how the data subject engages with our website by, for example, using technologies like cookies. This helps us identify which content is most relevant through clicks and time on page and the interest level (marketing potential) of the opportunity. You have choices about the data we collect. When you are asked to provide personal data, you may decline. Have we obtained it fairly? Yes. It is our policy that all data subjects have opted-in to receive our content. We make it easy for all data subjects to withdraw consent at any time; all marketing emails include the option to unsubscribe from our marketing content in the email footer. Why do we collect this data? We collect the data of visitors who are interested in our services so that we can best engage with them on use evaluation and subsequent purchase of our services. In addition, we believe our content can provide useful guidance relating to business continuity and information security best practice. As such, we have a database of those who we believe would benefit from this content. Ideqa uses data for providing and improving the services we offer and perform business operations. This includes conducting research, providing customer support, performing services, maintaining and improving our offerings and developing new services. How do we ensure accuracy of data? We endeavour to ensure that personal data we hold is accurate and up to date. We will check the accuracy of any personal data at point of collection. At the footer of all our marketing communications, we include a link to our communication preferences page. Here, you can contact us and inform us of any rectifications. How do we act upon any withdrawal or amendment of consent? Individuals located in certain countries including the European Economic Area have certain statutory rights, in relation to their personal data. Including the right to access, modify or delete. We act on any change to consent within ten working days. First, we must be notified by the data subject by emailing: privacy@ideqa.com. How do we record consent? We use Oracle Service Cloud as our platform for recording consent. This keeps a track of when consent was received, and how. How does the use of Legitimate Interest apply? Under the General Data Protection Regulation (GDPR), we are a ‘data controller’ of your personal information and have a lawful reason that we can use (or ‘process’) your data once you have initiated and actively expressed an interest in engaging our services. Examples of what we consider to be actively interested – and therefore potential to enter into a contract together – include: registering for a workshop, downloading a brochure, and requesting support or pricing. How long do we hold data for? For prospects: if there has been no engagement with our company – either online or through our website or digital correspondence – then we will delete your record after 600 days. For ex-customers: we will delete your records after seven years. The only exception to these terms are when there is an overriding legislative or legal requirement to store data for a longer period of time. How do we ensure the data is safe and secure? The systems we use which record personal data are housed in cloud environments which are ISO 27001 and SOC 2 Type II Certified. Personal information that we transmit is protected by security and access controls, including username and password authentication, and data encryption where appropriate. If Ideqa learns of a security systems breach, then we will attempt to notify you electronically so that you can take appropriate protective measures. Ideqa will also take necessary measures in compliance with the relevant regulations. To request a copy of our data security protocols, email privacy@ideqa.com. Who else has access to this information? Data is processed by Oracle Service Cloud. You can view Oracle’s security and data protection policy here. Cookies? A cookie is a small text file that a website saves on your computer or mobile device when you visit the site. It enables the website to remember your actions and preferences (such as login, language, font size and other display preferences) over a period of time. This saves you from having to keep re-entering them whenever you come back to the site or browse from one page to another. How do we use cookies? We use both session cookies and persistent cookies on our website. This helps us to optimise the content we produce for you. Session cookies are temporary i.e. they are not stored on your computer. These are typically used as part of the login, authentication and session management flows of SaaS platform website. They are also used to understand if you are a first-time visitor or a returning visitor. Persistent cookies are those placed on your computer for a pre-determined length of time. They are used to understand, via Google Analytics and/or Hotjar, which areas of our website and platform are favoured, and how you engage with them. Also, some videos embedded in our pages use a cookie to anonymously gather statistics on how you got there and what videos you visited. Enabling these cookies is not strictly necessary for the website to work but it will provide you with a better browsing experience. You can delete or block these cookies, but if you do that some features of this site may not work as intended. The cookie-related information is not used to identify you personally and the pattern data is fully under our control. These cookies are not used for any purpose other than those described here. Please note that if you entered our website from another website, the other website may use their own cookies to learn of your visit to us. We have no control over other websites’ use of cookies to collect information. If you do not wish to receive any cookies, you may set your browser to refuse cookies. This may mean you will not be able to take full advantage of the services on the website. How to contact us? To obtain a copy of your personal data, to correct inaccuracies or if you have any queries or concerns about how we handle your personal data, please contact: privacy@ideqa.com.