Last modified: 2 December 2017
Our procedures covering the storage and disclosure of your information are designed to comply with the Data Protection Act 1998 and the General Data Protection Regulation (GDPR).
Our Privacy Principles
Hyperspheric is committed to safeguarding the privacy of your information. By 'your information' we mean any information about you that you or third parties provide to us.
- We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
- We will be transparent in our dealings with you and will tell you about how we will collect and use your information.
- If we have collected your information for a particular purpose, we will not use it for anything else unless you have been informed and, where relevant, your permission obtained.
- We will not ask for more information than we need for the purposes for which we are collecting it.
- We will update our records when you inform us that your details have changed.
- We will continue to review and assess the quality of our information.
- We will implement and adhere to information retention policies relating to your information, and will ensure that your information is securely disposed of at the end of the appropriate retention period.
- We will observe the rights granted to you under applicable privacy and data protection laws, and will ensure that queries relating to privacy issues are promptly and transparently dealt with.
- We will train our staff on their privacy obligations.
- We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it's held.
- We will ensure that when we outsource any processes, the supplier has appropriate security measures in place and will contractually require them to comply with these Privacy Principles.
- We will ensure that suitable safeguards are in place before personal information is transferred to other countries.
Data we collect and process
As appropriate, we may collect:
- Unique personal identifiers and biographical information (e.g. your name, date of birth).
- Details of your education and employment.
- Your contact details (and we update these whenever you let us know that they have changed).
- Details of your interactions with us including records of communications, such as emails and phone calls.
- Details about your family (e.g. your marital status, the name of your partner or spouse).
- Personal data provided by you for a specific purpose (e.g. disability and dietary preferences for event management purposes).
- Your communication preferences, to help us provide tailored and relevant communications.
We also record, where applicable, and in some cases, publicly available information about you.
In order to provide our full range of services, we may also collect the following types of information:
- Log information – When you access our websites, our servers automatically record information that your browser sends whenever you visit a website. These server logs may include information such as your web request, Internet Protocol address, browser type, browser language, the date and time of your request and one or more cookies that may uniquely identify your browser.
- Links – Our systems may present hyperlinks in a format that enables us to keep track of whether these links have been followed. We use this information to improve the quality of our product.
This information is used for the provision of our services and for:
- Auditing, research and analysis in order to maintain, protect and improve our services.
- Ensuring the technical functioning of our service.
- Protecting the rights or property of Hyperspheric Solutions Ltd or our users.
How we process your information
Your data is used by us for a number of interdependent purposes in support of our legitimate business interests. These include:
- Fulfilling our regulatory obligations.
- Supplying you with the goods, services and information which you have requested.
- Providing you with information, products or services that you request from us or which we feel may interest you, unless you have indicated otherwise.
- Notifying you about changes to our services.
- Ensuring that content from our services is presented in the most effective manner for you and for your computer.
- Analysis so that we can administer, support and improve and develop our services.
We may contact you by post, telephone or fax as well as by email and text message. If you change your mind about being contacted in the future by any of these means then please let us know by getting in touch with our Customer Service Team on 01223 967556.
The basis on which data is processed
The legal basis for processing your personal data for the interdependent purposes set out above is that it is necessary for the pursuit of our legitimate interests, or the carrying out of a task in the public interest, or in the exercise of our official authority. We always handle your personal data securely and minimise its use, and there is no overriding prejudice to you by using your personal information for these purposes.
Disclosure of your information
We will not share, sell or distribute any of the information you provide to us without your consent, except where disclosure is:
- Necessary to enforce our rights.
- Required or permitted by law.
We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorised access to systems where we store personal data.
We restrict access to personal information to Hyperspheric employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to discipline, including termination and criminal prosecution, if they fail to meet these obligations.
We do not retain your data for longer than is necessary for the legitimate purposes outlined above.
- Legal, contractual and regulatory requirements - There is a legal/contractual requirement to keep records and data relating to services, payments, etc, for six years.
- Operational records - Data relating to day to day administration will be retained for 3 years.
The General Data Protection Regulation (GDPR) outlines several rights. More information about these rights, including the conditions under which they apply, can be found here
You have the right to:
- Ask us for access to, or rectification or erasure of your data.
- Restrict processing (pending correction or deletion).
- Object to communications or direct marketing.
- Lodge a complaint with the Information Commissioner's Office at https://ico.org.uk/concerns/
None of the data processed by Hyperpsheric is subject to the right for data portability.
Questions and complaints
Hyperspheric Solutions Ltd
Cambridge CB24 9AD
When we receive formal written complaints at this address, it is Hyperspheric's policy to contact the complainant regarding his or her concerns. We will cooperate with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that cannot be resolved between Hyperspheric and an individual.