Privacy Policy

We collect and use information when

• You visit and interact with our website,
• You contact us by email, contact form, phone or post,
• You place an order on our website.
• We might occasionally receive your information from a third party.

In order to provide you with goods or services or taking steps at your request prior to providing you with goods and services, we will collect several information such as your name, contact details, payment information, IP address, information from cookies, etc.

We will use this information for administrative and business purposes (particularly to contact you and process orders you place on our website), to improve our business and website, to fulfil our contractual obligations, to advertise our goods and services, and to analyse your use of our website.

We do not sell your information to third parties other than in the course of a business sell or purchase or similar event.

Web server log information

We use a third-party server to host our website which is located in the USA. Our third-party hosting provider collects and stores server logs to ensure network and IT security and so that the server and website remain uncompromised. This includes analysing log files to help identify and prevent unauthorised access to our network, the distribution of malicious code, denial of services attacks and other cyber-attacks, by detecting unusual or suspicious activity.

Cookies and similar technologies

We use cookies and similar technologies on our website. You can reject some or all of the cookies we use on or via our website by changing your browser settings or by using our cookie control tool but doing so can impair your ability to use our website or some or all of its features. For further information on how we use cookies, please see our cookies policy or visit www.allaboutcookies.org.

E-Newsletter

We use a third-party service to send out our e-newsletter and administer our mailing list, Mailchimp. We collect your name and email address when you sign up for our e-newsletter on our website or opt to receive news and offers from us. Subscribing to our newsletter consist of you giving your consent to us sending you our e-newsletter or news and offers from us. For further information, you can view the Hubspot privacy policy.

When you contact us using our contact forms, or by email, phone or post, we collect your email address and any other information you provide such as your name, telephone number, company name. This is in order to respond to your enquiry and message we receive and keep records of the correspondence.

Where your message relates to us providing you with goods or services or taking steps at your request prior to providing you with our goods and services (for example, providing you with information about such goods and services), we will process your information in order to do so.

Information collected when you place an order

When you place an order for goods or services on our website, we collect your name, email address, billing address, shipping address, company name (if applicable), VAT number (if applicable). This information is mandatory: if you do not provide this information, you will not be able to purchase goods or services from us on our website or enter into a contract with us.

Processing your payment

After you place an order on our website you will need to make payment for the goods or services you have ordered. In order to process your payment, we use a third-party payment processor, Worldpay, who will process your payment. Worldpay collects, uses and processes your information, including payment information, in accordance with their privacy policies. For further information, you can view the Worldpay privacy policy.

Information received from third parties

Generally, we do not receive information about you from third parties. The third parties from which we receive information about you will generally include our distributors or integration partners. It is also possible that third parties with whom we have had no prior contact may provide us with information about you.

Information we obtain from third parties will generally be your name and contact details but will include any additional information about you which they provide to us.

Where we receive information about you in error

If we receive information about you from a third party in error and/or we do not have a legal basis for processing that information, we will delete your information.

Information obtained by us from third parties

In certain circumstances (for example, to verify the information we hold about you or obtain missing information we require to provide you with a service) we will obtain information about you from certain publicly accessible sources, both EU and non-EU, such as Companies House, online customer databases, business directories, media publications, social media, and websites (including your own website if you have one).

In certain circumstances we will also obtain information about you from private sources, both EU and non-EU, such as credit reference agencies.

We use automated decision-making and profiling on our website in order to track information about your behaviour and device on our website.

You have the right to object by opting out of cookies and similar technologies in accordance with the method described in the relevant section below. If you do not want us to process your actual IP address (usually the IP address assigned to you by your Internet Service Provider) when you visit our website, you can use a Virtual Private Network (VPN) or a free service such as Tor.

You can find out more about our use of cookies and similar technologies (including how we use them) and how to opt out from them in our Cookies Policy.

Automated decision making

Automated decision-making is decision making by technological means (i.e. by a machine) without human involvement. We use this technology to automate the display of advertisements containing our products and services on other websites you visit, based on the fact that you have visited our website using cookies.

Profiling

Profiling is any form of automated processing of your information to evaluate personal aspects about you, in particular to analyse or predict things like your behaviour on our website and with our social media.

Use of profiling for web analytics

We use two web analytics services, Google Analytics and Lead Forensics. They collect information such as your location (based on your IP address) and your behaviour (based on cookies) when you access our website (such as the pages you visit and what you click on). We will only process information from cookies if you have consented to us setting cookies on your computer in accordance with our Cookies Policy.

Information collected by Google Analytics (your IP address and actions you take in relation to our website) is transferred outside the EEA and stored on Google’s servers. For further information, please visit Google’s privacy policy.

Use of profiling in marketing emails

We use web beacons in our marketing emails to analyse who opens our emails and what actions they take (for example, what they click on). We will only process this information if you have consented to their use in accordance with our Cookies Policy.

We will keep your data safely and securely for as long as necessary or according to your instructions, and we review the data we hold at least once every two years. If you’d like more information about how we store your data, please contact us directly.

Retention periods

Order information:

When you place an order for goods and services, we retain that information for six years following the end of the financial year in which you placed your order, in accordance with our legal obligation to keep records for tax purposes.

Correspondence and enquiries:

When you make an enquiry or correspond with us for any reason, whether by email or via our contact form or by phone, we will retain your information for as long as it takes to respond to and resolve your enquiry, and for three years after which point we will delete your information.

E-Newsletter:

We retain the information you used to sign up for our e-newsletter for as long as you remain subscribed (i.e. you do not unsubscribe) or if we decide to cancel our e-newsletter service, whichever comes earlier.

We take appropriate technical and organisational measures to secure your information and to protect it against unauthorised or unlawful use and accidental loss or destruction, including:

• only sharing and providing access to your information to the minimum extent necessary, subject to confidentiality restrictions where appropriate, and on an anonymised basis wherever possible;
• using secure servers to store your information
• verifying the identity of any individual who requests access to information prior to granting them access to information;
• and using Secure Sockets Layer (SSL) software to encrypt any information you submit to us via any forms on our website and any payment transactions you make on or via our website.

Subject to certain limitations on certain rights, you have the following rights in relation to your information, which you can exercise by writing to The Data Protection Officer, FT Technologies, Sunbury House, Brooklands Close, Sunbury-on-Thames, TW16 7DX, United Kingdom or sending an email to legalteam@fttechnologies.com:

• to request access to your information and information related to our use and processing of your information;
• to request the correction or deletion of your information;
• to request that we restrict our use of your information;
• to receive information which you have provided to us in a structured, commonly used and machine-readable format (e.g. a CSV file) and the right to have that information transferred to another data controller (including a third-party data controller);
• to object to the processing of your information for certain purposes (for further information, see the section below entitled Your right to object to the processing of your information for certain purposes); and
• to withdraw your consent to our use of your information at any time where we rely on your consent to use or process that information. Please note that if you withdraw your consent, this will not affect the lawfulness of our use and processing of your information on the basis of your consent before the point in time when you withdraw your consent.

In accordance with Article 77 of the General Data Protection Regulation, you also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or of an alleged infringement of the General Data Protection Regulation.

For the purposes of the UK, the supervisory authority is the Information Commissioner’s Office (ICO), the contact details of which are available here: https://ico.org.uk/global/contact-us/

Verifying your identity where you request access to your information

Where you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so. These measures are designed to protect your information and to reduce the risk of identity fraud, identity theft or general unauthorised access to your information.

Where we possess appropriate information about you on file, we will attempt to verify your identity using that information. If it is not possible to identity you from such information, or if we have insufficient information about you, we may require original or certified copies of certain documentation in order to be able to verify your identity before we are able to provide you with access to your information.

We will be able to confirm the precise information we require to verify your identity in your specific circumstances if and when you make such a request.

Your right to object to the processing of your information for certain purposes

You have the following rights in relation to your information, which you may exercise in the same way as you may exercise by writing to The Data Protection Officer:

• to object to us using or processing your information where we use or process it in order to carry out a task in the public interest or for our legitimate interests, including ‘profiling’ (i.e. analysing or predicting your behaviour based on your information) based on any of these purposes; and
• to object to us using or processing your information for direct marketing purposes (including any profiling we engage in that is related to such direct marketing).

You may also exercise your right to object to us using or processing your information for direct marketing purposes by:

• clicking the unsubscribe link contained at the bottom of any marketing email we send to you and following the instructions which appear in your browser following your clicking on that link;
• sending an email to sales@fttechnologies.com asking that we stop sending you marketing communications or by including the words “OPT OUT”.

For more information on how to object to our use of information collected from cookies and similar technologies, please see our Cookies Policy.

Making a Complaint

1.1 Data subjects and third parties may make a complaint relating to the FT Technologies use of personal data. Complaints should be sent directly to the HR Team hrteam@fttechnologies.com. We will normally acknowledge the complaint within 30 days. We will begin the investigation of the complaint without undue delay after it’s receipt and will issue a response within reasonable timeframe. We will ensure we make an appropriate level of enquiries based on the circumstances of each complaint and will keep the person making the complaint updated on the progress of the investigation without undue delay.

1.2 Although a complaint may be brought at any time, there may be limits as to what FT Technologies can do in historic cases.

1.3. FT Technologies will only accept a complaint from a data subject’s representative if the representative provides the data subject’s written consent authorising the representative to act on the data subject’s behalf in relation to the complaint.

1.4. If there is any doubt about the identity of the complainant, we will first seek to verify the data subject’s identity or third party’s entitlement to act on behalf of the individual. The forms of identification that are acceptable from a data subject are as follows;

a. Passport

b. Driving Licence

c. For third parties the identification requirements will vary dependent on their relationship to the data subject. Therefore these will be assessed on a case by case basis.

1.5. Once all identification requirements have been met, the investigation will be carried out normally within 30 days. If further clarification is required from the complainant or more time is required for the response to be completed, FT Technologies will inform the complainant prior to the original deadline.

1.6. The complaint outcome will be communicated to the complainant in writing, normally by email.

1.7 If the complainant does not agree with the outcome, a review of the decision can be requested. This request must be made within 14 days of the original decision being communicated and should be sent to the Data Protection Officer legalteam@fttechnologies.com. The decision will be internally reviewed by the Data Protection Officer normally within 30 days from the receipt of the request for Review.

1.8 Once the internal review has been completed, FT Technologies will communicate the outcome in writing, normally by email.

1.9. If the complainant remains dissatisfied, the complaint can be escalated to the Information Commissioner’s Office (the “ICO”). Information about how to make a complaint to the ICO can be found here: Make a complaint | ICO.

We update and amend our Privacy Policy from time to time.

Where we make minor changes to our Privacy Policy, we will update our Privacy Policy with a new effective date stated at the beginning of it. Our processing of your information will be governed by the practices set out in that new version of the Privacy Policy from its effective date onwards.

Where we make major changes to our Privacy Policy or intend to use your information for a new purpose or a different purpose than the purposes for which we originally collected it, we will notify you by email (where possible) or by posting a notice on our website. We will provide you with the information about the change in question and the purpose and any other relevant information before we use your information for that new purpose.

Wherever required, we will obtain your prior consent before using your information for a purpose that is different from the purposes for which we originally collected it.