Website Privacy Notice
This Privacy Notice was last changed on 1st January 2019 and will be reviewed every 12 months.
Who we are
Your personal information is collected by Smoothwall Limited (company registration number 04298247) and its affiliates (“we”/”us”/”our”). You can contact us on the contact details below.
Regulation (EU) 2016/679 of the European Parliament (the General Data Protection Regulation (‘GDPR’)) and the Data Protection Act 2018 (referred to as Data Protection Law) oblige us to provide you with information about how and why we use personal data. We recognise our obligations and your legal rights set out in the Data Protection Law.
Smoothwall acts as both a controller and processor. We are committed to protecting and respecting your privacy and complying with the principles of the GDPR. We are registered with the Information Commissioner’s Office under Payment Tier 1, Z6048580.
Data collection and usage
We will collect store and use your personal information to allow you to access parts of our website, register for an account, to provide our solutions and for the purposes set out in more detail in this section.
Your information may be shared with members of our group and some third parties as is set out in more detail below.
We have identified here the types of information we may collect or receive, how we will use it and why we will use it.
|What information we collect||How we use your data||Why we use your information|
|1||Information you provide when you complete a contact form (e.g. to book a free trial or a demo) or correspond with us (by phone, email or via our social media pages) including your:||We use this information, including to:||1. Legitimate interests including to:|
|2||Information you provide when you complete the Partner Enquiry form including your:||We use this information, including to:|
· To communicate with you regarding your application / interest in becoming a partner.
|1. Legitimate interests including to:|
|3||Information you provide when you provide blocklist feedback including your:||We use this information, including to:||1. Legitimate interests including to:|
|4||Information you provide when you log in or register for our support portal including:|
|We use this information, including to:||1. Legitimate interests including to:|
|5||Information you provide when you live chat with us including:|
|We use this information, including to:||1. Legitimate interests including to:|
|6||Information you provide when you purchase one of our solutions including:|
|We use this information, including to:|
|1. Performance of the contract between us:|
· Steps taken to enter into or in order to fulfil the contract for services that we have with our customers, failure to provide the information necessary to enter a contract with us means that you will be unable to work with us.
|7||Information that we collect through your use of our Website where cookies are enabled including:||We use this information, including to:|
|1. Legitimate Interest including to:|
Whether or not you provide us with your personal information is your choice; however, in many instances your information is required so that we can correspond with you, provide our solutions or allow you to gain access to certain content on our website.
In some cases, we need to collect or retain personal information to fulfil our legal obligations.
Your personal information may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency, in the defence of legal claims or in order to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats, to the physical safety of any person or violations of any of our website terms. We will not delete personal information if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
How long do we keep your information
We generally keep information as needed to provide services and to deal with legal claims.
We will keep your information for as long as it is reasonably necessary to provide our services to you, to comply with legal, tax, accounting or reporting requirements and to protect and defend against legal claims. The time period will depend on factors such as whether you have registered an account with us, are a current customer or are a third-party partner.
We will retain a copy of your contact details if you object or opt-out of receiving direct marketing communications from us for the purposes of suppressing your records from any direct marketing activity. This is to ensure we comply with your request not to be communicated with in this way.
Our client data is retained for up to 15 months, with the ability for retention period to be set by the customer on our product roadmap.
Information we share
There are certain circumstances where we transfer your personal data to employees, partners and to other parties.
- We share information about you with other members of our group of companies, and business partners so we can provide the best service (including support services) across our group. They are bound to keep and use your information in accordance with this Privacy Notice.
- We also share your information with certain contractors or service providers including, analytics / assessment suppliers, IT suppliers, database providers, and backup and disaster recovery specialists. Our suppliers and service providers will be required to meet our standards on processing information and security. The information we provide them, including your information, will only be provided in connection with the performance of their function. They will not be permitted to use your information for any purposes other than those outlined in this Privacy Notice.
Your personal information may be transferred to other third-party organisations in certain scenarios:
- If we discuss selling or transferring part or all of our business – the information may be transferred to prospective purchasers under suitable terms as to confidentiality;
- If we sell or purchase any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
- If we’re required to by law, or under any regulatory code or practice we follow, or if we are asked by any public or regulatory authority – for example the police;
- If we are defending a legal claim, our property, our website or other users, your information may be transferred as required in connection with defending such claim.
- If there is an emergency which requires us to share your data including for the protection and the health and safety of our website’s users or the general public.
Your personal data may be shared if it is made anonymous and aggregated, as in such circumstances the information will cease to be personal data.
Where your information will be held
Your information may be transferred outside the European Economic Area.
The information that we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”), including to the USA, and which does not have equivalent data protection laws to those applicable to Europe. It may also be processed by staff operating outside the EEA who work for us or for one of our affiliated companies.
However, to ensure your personal information is properly protected in line with EU and UK data protection law, the transfer of this information is governed by a contract including Standard Contractual Clauses (SCCs) approved by the European Commission in accordance with Article 46(2)(c) of the General Data Protection Regulation.
We will only transfer data to jurisdictions outside the scope of the European General Data Protection Regulation (GDPR) where the appropriate safeguards set out in the GDPR are in place.
If you would like to obtain copies of the regulator-approved SSCs please contact us on the contact details below.
We act as a processor for the majority of the services we provide to our clients (Smoothwall Filter, Smoothwall Firewall, Smoothwall Monitor and Smoothwall Classroom Manager).
We collect personal data on behalf of our clients (controllers) for the purposes of safeguarding, enhancing information security, acceptable use enforcement and enforcing the restriction of access to unauthorised material.
We collect personal data via the interception of web traffic at the network perimeter, key logging and from our applications installed on client devices.
We fulfil our processor responsibilities under a written data processing agreement and do not make any decisions on the means or purposes of processing. It is the responsibility of the controller to provide privacy information at the point of data capture.
You may have certain rights in relation to your information. The availability of these rights and the ways in which you can use them are set out below in more detail.
Some of these rights will only apply in certain circumstances. If you would like to exercise, or discuss, your rights below please contact us at firstname.lastname@example.org.
- Access: you are entitled to ask us if we are processing your information and, if we are, you can request access to your personal information. This enables you to receive a copy of the personal information we hold about you and certain other information about it.
- Correction: you are entitled to request that any incomplete or inaccurate personal information we hold about you is corrected.
- Erasure: you are entitled to ask us to delete or remove personal information in certain circumstances. There are also certain exceptions where we may refuse a request for erasure, for example, where the personal data is required for compliance with law or in connection with claims.
- Restriction: you are entitled to ask us to suspend the processing of certain of your personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Transfer: you may request the transfer of certain of your personal information to another party.
- Objection: where we are processing your personal information based on a legitimate interest (or those of a third party) you may challenge this. However, we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims.
- Automated decision making and profiling: we do not perform any automated decision-making based on personal data that produces legal effects or similarly significantly affects you.
You also have a right to lodge a complaint with a supervisory authority, in particular in the Member State in the European Union where you are habitually resident where we are based or where an alleged infringement of Data Protection law has taken place.
You can opt-out of receiving direct marketing from us at any time.
If you do not want to receive direct marketing communications from us, please email email@example.com.
Analysis and advertising
We use third party tools to analyse web traffic to our site and to serve targeted adverts (for example via LinkedIn).
Cookies and Similar Technologies
Cookies collect and store information when you visit our website including information about:
- how you use our website;
- your location;
- IP address; and
- what content is more relevant to you.
Cookies make which it is possible to monitor your use of the website, as well as provide you with a better service and experience when browsing the website. The personal data we collect through these technologies will also be used to manage your session.
Web beacons (also known as “single pixel GIFs”, “clear GIFs” or “tags”) are small graphic images that may be included on our website. Web beacons:
- allow us to optimise our products and services; and
- provide us with analytics information, such as how many visitors our website receives;
- We also work with other organisations to place our web beacons on their websites or in their advertisements.
We do this to helps us develop statistics and develop our website.
For more information about cookies and web beacons and how we use them please see our Cookie Notice.
We are committed to keeping your personal information safe. We have physical, technical and administrative measures in place to prevent unauthorised access or use of your information. Please note that no data transmission or storage can be guaranteed to be 100% secure. We want you to feel confident using our website, but we cannot ensure of warrant the security of any information you transmit.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential.
Links to third party websites
Our website, may, from time to time, contain links to and from the website to third party websites.
The personal data that you provide to third party websites is not subject to this Privacy Notice and the treatment of your personal data by such websites is not our responsibility. If you follow a link to any of these websites, please note that they have their own privacy notices.
For more information about the purpose and scope of data collection and processing in connection with social sharing features, please visit the privacy notices of entities through which you chose to share.
We have no control over third parties’ websites and resources and accept no responsibility for them or for any loss or damage that may arise from your use of them.
We do not knowingly collect information from children or other persons who are under 13 years old via our website. If you are under 13 years old, you may not submit any personal information to us directly or subscribe for our services.
Changes to this Notice
This notice will be changed from time to time.
If we change anything important about this notice (the information we collect, how we use it or why) we will provide a prominent link to it for a reasonable length of time following the change on the website or notify you by email.
If you would like to access previous versions of this notice, please click on the link to archived policies at the top of this page or contact us on the contact details below.
How to contact us
If you have any questions about this Notice or if you require more information, please contact our Data Protection Officer: firstname.lastname@example.org.
The postal address is Data Protection Officer, Avalon House, 1 Savannah Way, Leeds Valley Park, LS10 1AB, Leeds, United Kingdom.
Right to lodge a complaint
You have a right to lodge a complaint with the Supervisory Authority should you feel that we have not handled your information in line with legislative and regulatory requirements. This is the Information Commissioner’s Office (ICO) in the UK:
Information Commissioner’s Office
(t) 0303 123 1113
Smoothwall Group Companies
Smoothwall Inc. is a North Carolina Corporation (ID Number: 1053114) of: 8008 Corporate Center Drive, Ste 410 Charlotte North Carolina 28226-4489 United States of America
Smoothwall Limited is registered in the United Kingdom under Company Number 4298247. The Registered Address is Avalon House, 1 Savannah Way, Leeds Valley Park, LS10 1AB, Leeds, United Kingdom. The VAT Registration Number is GB 282 7111 11.