When we refer to Our website we are referring to any website in the domain siruss.co.uk and the website www.siruss.co.uk
WHAT ARE COOKIES?
Cookies are one of the building blocks of most websites for enhancing the user experience of the website visitor. These small text files on users’ computers allow websites to store information.
Cookies can allow websites to remember that a user is logged in, what they have added to their shopping basket and the current ‘state’ of a webpage. They are also used to produce targeted advertising based on users’ behaviour and assist statistics packages such as Google Analytics.
We use them to remember that you are logged in after you enter your username and password and then navigate to a different page. They also enable Us to generate statistics about the number of visitors We have and how they use Our websites and the internet – this allows Us to constantly improve Our website and services.
You can set your browser to reject Our cookies if you wish, but this might restrict your use of Our and other websites. For instructions on deleting or controlling cookies please consult your browser help section or see http://www.allaboutcookies.org.
DEFINITION OF COOKIES AND THEIR FUNCTION
i. Session cookies
These are temporary cookie files, which are erased when you close your browser. They are used to store your browsing information while you are using Our websites and will be active until you leave the website and close your browser.
ii. Persistent cookies
Persistent cookies help Us remember your information and settings for any future visits. This results in faster and more convenient access. On your first visit, the website is presented in default mode. During your visit, you select your preferences and these preferences are remembered, through the use of the persistent cookie, for the next time you visit the website. A persistent cookie enables a website to remember you on subsequent visits, speeding up or enhancing your experience of services or functions offered.
iii. CMS specific - session cookies
iv. CMS specific - persistent cookies
These types of cookies are placed by our content management software (CMS) to remember your display preferences.
v. Google Analytics (3rd party) cookies
These cookies are used to collect information about how visitors use Our websites. We use the information to compile reports and to help improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.
An overview of privacy at Google can be found here http://www.google.com/analytics/learn/privacy.html
vi. Google Ads
Google Ad Manager uses a cookie to be able to manage the frequency you see each advert.
vii. Third party cookies
To improve your experience of using Our website, We sometimes embed content or functionality from third party websites. Pages with this embedded content may present cookies from these websites. We do not control the dissemination of these cookies. You should check the relevant third party website for more information about these. Examples of such third party cookies are:
YouTube: Clicking on an embedded YouTube video may set a cookie on your computer, but YouTube will not store personally-identifiable cookie information for playbacks of embedded videos using the privacy-enhanced mode. To find out more please visit YouTube’s embedding videos information page.
COOKIES IN USE
|ccShowCookieIcon||Implemented by the Cookie Control module and records whether or not to show the Cookie Control icon – expiry 90 days|
|<name>_cookiecontrol||Implemented by the Cookie Control module and records the fact that you as a user have agreed to accept cookies from this site – expiry 90 days|
|SESS<random string>||Only set when logged in - Identifies the user's session|
|Drupal.toolbar.collapsed||Only set when logged in - Determines the display preference of the toolbar for the user|
|_gat||Cookies set by Google Analytics and is used to throttle requests and has an expiration of 1-minute|
|_ga||Cookie set by Google Analytics and is used to distinguish users and has an expiration of 2-years|
|_gid||Cookie set by Google Analytics and is used to distinguish users and has an expiration of 24-hours|
|_gac_<property-id>||Contains campaign related information for the user. If you have linked your Google Analytics and AdWords accounts, AdWords website conversion tags will read this cookie unless you opt-out|
|__utmt||Used to throttle request rate|
|__utmc||Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit|
|__uset||Set by the Share This widget - Determines whether a cookie has been set – expires 4hrs|
|__stid||Set by the Share This widget - Tracking for statistics – expires 1 year|
We are firmly committed to respecting your privacy and complying with applicable data protection and privacy laws.
We wish to help you make informed decisions, so please take a few moments to read the sections below and learn how We use your personal information.
PERSONAL INFORMATION COLLECTION
We endeavour to collect and use your personal information only with your knowledge and consent.
On Our website, We may collect your personal information for the following:
Product & Services Sales
Mailing List Sign-Ups
Submit a Job Application
The type of personal information We collect could include, for example, your name and postal address, date of birth, telephone number, email address or other general information.
We will not process any personal data collected through the Website unless We have first told you that We are going to do so, and it is clear how We will use it.
NON-PERSONAL INFORMATION COLLECTION
We may collect information about the software on your computer (your browser version etc.) and your IP address (your connection with the internet) in order to improve your interaction with the Website. This may happen automatically without you being aware of it.
Cookies also enable Us to generate statistics about the number of visitors We have and how they use the Website and the internet to improve the service We provide. You can set your browser to reject Our cookies if you wish (you should consult your browser help section for details), but this might restrict your use of the Website and other websites. For more information about cookies, please see our cookies statement.
From time to time, if you consented accordingly We may also store and use your information to contact you for market research and marketing purposes. We may contact you by email, phone or mail.
HOW WILL WE USE YOUR INFORMATION?
We use personal data for the following purposes:
• Managing or administering your account
• To provide you with the services you have requested through the Website
• Responding to complaints or account enquiries
• To respond to requests for information submitted by you on the website
• For research purposes and to improve the services We offer
• In order to comply with Our legal obligations.
• In order to protect Our contractual and other rights. For example, we may pass your details onto a third party should We believe that you have used another person's credit card fraudulently.
We may also undertake market and product analysis based on your use of Our services and products and contact you with information about new developments, products, services and special offers by post, telephone and automated means such as Email and the internet (subject to any preferences expressed by you).
If you have consented to receive details of products and services, events and training or have signed up to Our newsletter, you can contact Us at any time to have your details removed from lists used by Us for any or all of those purposes.
To update your marketing preferences please email [email protected] using the email address you registered with and, if applicable, quote your account number in the body of the email and tell Us what you want Us to do - i.e. 'I wish to opt out of receiving your newsletter’.
DISCLOSURE OF YOUR PERSONAL DATA
We will not sell or pass your personal information to third parties, unless you have given Us permission or unless it is strictly necessary to deliver products or services ordered or used by you and you are notified beforehand.
For example, we may disclose your data to a credit card company to validate your credit card details and obtain payment when you buy a product or service.
We may be obliged to disclose personal data to a third party if We have a legal or regulatory obligation to do so, for example to comply with a court order, or meet obligations in accordance with applicable law.
SOCIAL MEDIA, BLOGS, REVIEWS
Any social media posts or comments you send to Us (on Our Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g. Facebook / Twitter) on which they are written and could be made public.
Other people, not Us, control these platforms. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use. That way, you will understand how they will use your information, what information relating to you they will place in the public domain, and how you can stop them from doing so if you are unhappy about it.
Any blog, review or other posts or comments you make about Us, Our products and services on any of Our blogs, reviews or user community services will be shared with all other members of that service and the public at large.
Any comments you make on these services and on social media in general must be not offensive, insulting or defamatory. You are responsible for ensuring that any comments you make comply with any relevant policy on acceptable use of those services.
We are continuously striving to improve our services. To help us find out about what works and what doesn’t work on our website, we use Google Analytics, an anonymous analytics service provided by Google which tracks and reports website traffic. Google Analytics does not store any personally identifiable information, this is clearly stated in their terms and conditions. https://www.google.com/analytics/terms/us.html
For more information on how Google uses and stores your data see: https://support.google.com/analytics/topic/2919631?hl=en&ref_topic=1008008
Anonymised reporting data is retained for a period of 26 months. When data reaches the end of the retention period, it is deleted automatically on a monthly basis.
By accepting the terms of this policy, you are agreeing to the terms and conditions of Google Analytics. https://support.google.com/analytics/answer/181881?hl=en
HOW LONG DO WE KEEP YOUR INFORMATION FOR?
To make sure We meet Our legal data protection and privacy obligations, We only hold on to your information for as long as We actually need it for the purposes We acquired it for in the first place.
In most cases, this means We will keep your information for as long as you continue to use Our services and are deemed a client, and for a reasonable period of time afterwards if you stop doing so, to see if We can persuade you to come back to Us.
After that We will delete it other than where We lawfully can keep any data for audit or legal reasons.
We shall keep your personal information on Our database for not longer than 1 year/s from receipt, subject to an individual’s right to unsubscribe or be forgotten at any time.
REQUESTING REMOVAL OF YOUR INFORMATION
You can write to Us at any time to request removal of the personal information We may hold about you. Please write to: [email protected] or the Data Protection Officer, Siruss Ltd, Windsor House, Windsor Place, Shrewsbury, Shropshire, SY1 2BY.
Please quote your name and address together with your account number, if relevant. We would be grateful if could also provide brief details of why you wish to have your details removed from Our database, however, this is not a requirement.
We will not make any charge for removing any personal information We hold about you.
We may take reasonable steps to confirm your identity before removing the personal information We may hold about you, this is for your security.
ACCESS TO YOUR INFORMATION
You can write to Us at any time to obtain details of the personal information We may hold about you. Please write to: [email protected] or the Data Protection Officer, Siruss Ltd, Windsor House, Windsor Place, Shrewsbury, Shropshire, SY1 2BY
Please quote your name and address together with your account number, if relevant. We would be grateful if could also provide brief details of what information you want a copy of - this will help Us to more readily locate your information.
We will not make any charge for providing you with a copy of the personal information We hold about you.
We will take all reasonable steps to confirm your identity before providing you with details of any personal information We may hold about you.
We recognise that people are becoming increasingly concerned about how companies protect personal information from misuse and abuse and about privacy in general.
All personal data that you supply Us with from Our website is stored on servers provided by Our hosting provider. We understand that Our hosting provider (UKFast) only employs servers sited in data centres that have the highest level of security accreditation at the time of implementation. For your protection, We never store any payment details and where possible We store personal data such as passwords, encrypted.
We use industry standard TLS certificates to provide encryption of data in transit, for example, all access to Our website is covered by HTTPS.
Please also be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the World Wide Web/Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond Our control.
THIRD PARTY SOFTWARE PROVIDERS & DATA HANDLERS
Below is a list of software we use to process business and personal data to allow us to carry out normal business activities in relation to services we provide to you – or in the case of suppliers, services which you supply to us.
All our third party software is carefully selected with both operational functionality and security/confidentiality as equal priorities. We have reviewed the privacy policies of each supplier and at the time of writing we are confident that they are working strongly toward GDPR compliance and have provided as secure a software as possible.
Where data is stored in the US, we have ensured that the third party supplier fully complies with the EU-US. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.
To learn more about the Privacy Shield program, and to view the certification of the suppliers listed below, where relevant, please visit https://www.privacyshield.gov.
We use Insightly as our Customer Relationship Management (CRM) software. We hold data about your company and individuals within your company to enable us to make contact and perform development or SEO services on your behalf.
The information we hold in regards to your company and employees may include the following:
• Your general company details including company name, addresses and general telephone numbers.
• Details of individuals within your organisation who we identify as our point of contact. Details including name, email address, position and direct telephone number.
• Website username & login details for website administration purposes.
• Login details for 3rd party service supplier related to integrations in your website, for example; MailChimp or Google Analytics.
• Meeting notes and notes regarding development or SEO/Digital Marketing work we provide to you.
We use Teamwork PM as our project management software. We hold data about your company and individuals within your company to enable us keep you updated on the progress of a web development project.
The information we hold in regard to your company and employees may include the following:
• Company name
• Details of individuals within your organisation who have been identified by your company as being involved in the progress of the project. These details will include the individual’s name and email address.
• Project documentation and agreements specific to an individual project.
We use QuickBooks as our accounting software. We hold data about your company and individuals within your company to enable us to manage your financial accounts with Siruss, this includes issue invoices, credits and estimates for work that have been requested by your company for us to supply.
The information we hold in regard to your company and employees may include the following:
• Company details, including; company name, address, general telephone and registration and VAT numbers.
• Details of individuals within your organisation who we have been allocated by your company as being the point of contact for accounts. This information may include; individual names, direct telephone line, email address and position in the company.
• We store records of all financial transactions between us and your company. These are stored digitally within the software and are not stored as hard-copy. These are store for general accounting purposes for our financial records.
We use ‘G Suite’ Business for all our file and correspondence activities. Part of ‘G Suite’ Business is Google Drive; we use Google Drive for storage of documentation relative to any service we may provide to you.
The information we hold that may contain references to your company or employees may include the following:
• Project documentation
• Documentation you have sent to us in relation to a service we are providing to you
• Digital documentation that you have sent to us in relation to services we are providing to you
• Digitised copies of hard copy documentation that you have sent to us in relation to services we are providing to you
We use ‘G Suite’ Business for all our file and correspondence activities. Part of ‘G Suite’ Business is Gmail. We use Gmail as our email provider, we may store, within Gmail, emails that contain references to your company or its employees.
All emails stored in Gmail are in relation to general business activities and conversation relative to services we provide to you.
We may also store contact details for your employees, if the employee has corresponded with a member of our team. This may include, the individual’s name, email address and telephone number. This information is stored in a contacts address book.
SIRUSS – STORED DATA ACCESS
During our normal working operations, Siruss staff members will be required to have access to our third party software to perform business functions in relation to providing a service to you or to request a service from you, if you are a supplier.
Siruss developers, marketers and general management have access to only the following third party software:
• Teamwork PM
• Google Drive
This access is via individual username/password combinations with a restriction imposed on the minimum length of password of 8 characters.
Siruss staff are required to change their passwords every 26 weeks.
Where portions or segments of the software need to be separated to protect what we would class as sensitive data*, access restrictions can be applied within the software to restrict access to senior management, accounts staff and directors of the company.
* We class sensitive data as data that is only relevant to senior management, accounts staff and directors of the company. This data is not required by developers, marketers and general management to be able to perform their daily duties in relation to any service we provide to you, or any service we request from you, if you are a supplier.
Siruss do not store any sensitive data as identified in Article 9 of GDPR, these types of data are - genetic data, and biometric data where processed to uniquely identify an individual. Other examples include racial and ethnic origin, sexual orientation, health data, trade union membership, political opinions, religious or philosophical beliefs.
Former employees of Siruss do not have access to any data we have stored. All access for former employees is removed immediately on termination or cessation of their employment.
You can find out more about your rights from the Information Commissioner, who regulates data protection and privacy. The Information Commissioner's website is https://ico.org.uk/.