Incorvus’ privacy notice & policy
Identity and contact details of the controller
Incorvus Ltd. (together referred to as “we” or “us”) is committed to respecting the requirements of The Data Protection Act 1998 (DPA), EU General Data Protection Regulation (GDPR), Privacy and Electronic Communications Regulations (PECR), the forthcoming EU ePrivacy Regulation and any other applicable national or international laws having regard to the privacy of personal data, electronic communications and data protection. Our website address is: https://www.incorvus.com and, cognisant of those laws, the data controller of this website is Incorvus Ltd.
How to contact us
Reg. Co. No. 5203890
Registered office: 5 Calico Row, Plantation Wharf, London, SW11 3YH.
T: +44 (0)20 8538 9898
What personal data we collect and why we collect it
Purpose of the processing and the legal basis for the processing
We only collect and process personal data where we have a legitimate business interest in so doing. This may be through various means: face-to-face, online, via email, phone or post. We may collect personal data such as your name, company position, address, telephone number, mobile number, email address or IP address. Such personal data may include the following:
- First name and surname;
- Postal and/or email address;
- Country of residence and/or nationality;
- Unique identifier information (e.g. a username or number and password);
- Some details provided by your device such as IP address, device ID, device type, and location data.
We may use the personal data we collect and process about you in order to:
- Provide you with access to our website or other systems;
- Communicate legitimately with you and your organisation;
- Provide you with information you have requested, including without limitation, quotations, service documentation, brochures, newsletters and responses to applications (which includes carrying out any obligations arising from any contracts entered into between you and us);
- Provide you with information by post, email, telephone or otherwise about products and services of a similar nature to those you have previously purchased or expressed an interest in which are offered by us and which we think may be of interest to you. You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by contacting us by phone, post or email using the details in the “Contact Us” section below. You can also unsubscribe from emails by following the unsubscribe (link) instructions included in every email;
- Respond to any enquiries from you regarding our products and services;
- Improve our sites to ensure that content is presented in the most effective manner for you and for your computer;
- Measure or understand the effectiveness of content we serve to you and others, and to deliver relevant content to you;
- Obtain your feedback on a product, service or our site;
- Allow you to participate in interactive features of our sites, when you choose to do so;
- Provide you with information about certain other suggested goods and services which we believe may be of interest to you;
- Administer our sites and for internal operations, including troubleshooting, data analysis, load management, testing, research, statistical and survey purposes;
- Conduct standard business tasks such as the issuance of payment due reminders;
- To notify you about changes to our service;
- Meet our legal, statutory and regulatory obligations.
Every time you connect to our site, we, or our internet provider, may store a log of your visit that shows the unique identifier of your machine. This records, inter alia, what your machine has looked at, whether the page request was successful or not and which browser your machine used to view the pages. This data is used for statistical purposes and helps us to understand which areas of the site are of particular interest, which pages are not being requested, and how many people are visiting the site in total. It also helps us to determine which products and services may be of specific interest to you. We may attempt to contact you through these details if necessary, including, without limitation, when you are using the wrong paths to access the site or are breaching restrictions on the use of the site. We may also use this information to block IP addresses where there is a breach of the Terms and Conditions regarding use of the site, as may, for instance, be the case with spamming or attempted penetration activity.
- Media file uploads: there are currently disabled on our site. If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website;
- Contact forms: we use third party contact forms by Forminator which enables us to specify how long form data, such as email or IP addresses, plus the submission itself, is retained for. We keep such data for 7 days after which it is deleted. You may also request erasure at any time. When visitors or users submit a form, we capture the IP Address for spam protection. We also capture the email address and might capture other personal data included in the Form fields so that we can reply to you and be sure we respond to the right person. Following form submission, your details may need to be provided to workers or contractors to perform necessary actions based on the form submission, per your request;
- Cookies: please see our Cookie Declaration for details. No contact form is submitted until you positively opt in to consent. If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These sorts of cookies will last for one year. If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. These are known as session cookies because they are not persistent. Incorvus has minimised the use of persistent cookies which are restricted to those that promote user convenience or experience. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day;
- Who we share your data with: if you request a password reset, your IP address will be included in the reset email;
- Data retention: if you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue. For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information. Regarding forms, submitted data is retained for a maximum of 7 days and erasure may be requested at any time;
- Analytics & tracking cookies: we (or other selected third parties acting on our behalf) may contact you from time to time in order to provide you with information about products and services that may be of interest to you. All marketing emails that we send to you will follow the email guidelines described below. You have the right to ask us not to process your personal data for marketing purposes, but if you do so, we may need to share your contact information with third parties for the limited purpose of ensuring that you do not receive marketing communications from them on our behalf.
When you visit our site we may automatically collect the following information:
- technical information, including the Internet Protocol (IP) address used to connect your computer to the internet;
- your login information, your geographic location, browser type and version, browser plug-in types and versions, operating system and platform; and information about your visit, including the source of your visit, the full click path, mouse movement, through our sites (including date and time);
- services you viewed, searches made on our sites, page response times, download errors, length of visits to certain pages, page interaction information (such as page scrolling, mouse clicks, mouse movements and keyed text), and methods used to browse away from the page;
- if you consented to participate in surveys, we may use your personal data to carry out market research. This research is conducted for our internal business and training purposes and will improve our understanding of our users’ demographics, interests and behaviour.
If you use our services, we may collect the following types of information:
- browser type, browser version, and operating systems being used;
- page load times;
- customer username; and
- IP address (of relevant devices).
We may use such information for purposes which include but are not limited to:
- providing the products/services and any associated maintenance and technical support;
- providing incident and other alerts, and information about product upgrades, updates, renewals and product lifecycle changes;
- providing maintenance and technical support;
- providing information about product upgrades, updates and renewals;
- generating logs, statistics and reports on service usage, and service performance;
- evaluating, developing and enhancing products, services, and our infrastructure;
- planning development roadmaps and product lifecycle strategies.
Certain services may include features that collect additional personal data for other purposes, as described below. For detailed information, please also refer to the applicable product or service description. If you obtain products or services from us, we may use your contact details for the purposes of (i) providing training, customer support and account management, (ii) order processing and billing, (iii) verifying your usage of the products and services in accordance with the terms and conditions of your agreement with us, (iv) carrying out end user compliance checks for export control purposes; (v) issuing license expiry, renewal and other related notices; and (vi) maintaining our company accounts and records. Incorvus does not use automated decision-making.
Finally, if you are making a job application or enquiry, you may provide us with a CV or other relevant information which will include personal data. We may use this information for the purpose of considering your application or inquiry or for vetting. You are consenting to us sharing this information with third parties for the specific purpose of managing our recruitment activities which may store data outside the UK. Except when you explicitly request otherwise, we may keep this information on file for future reference and as it is regarded as highly confidential and sensitive, access to it is restricted.
The legitimate interests of the controller or third party
Incorvus Ltd. seeks to do business with other businesses, not consumers. We therefore regard communication and interaction with other businesses, even at an individual level, as a legitimate interest fundamental to our ability to conduct business. It therefore follows that in the pursuance of that aim, it is impossible not to gather and hold a level of personal information about the people, businesses and other relevant contacts that we engage with. If you provide personal data to us, we will collect that information, respect your privacy, and use it for the purposes for which you have provided it and in accordance with this Notice. This privacy notice applies to personal data collected by us. If an email or site contains links to a third party site, please be aware that we are not responsible for the content or privacy practices of such sites.
Recipient or categories of recipients of the personal data
We will not share your personal data with anyone else unless you agree to this, or such sharing is necessary to fulfil our contract with you, or we are legally allowed or required to do so. Moreover, your personal data will only be shared with selected organisations which comply with our security procedures and policies. We will never sell, trade, or rent your personal information to others however, we may share your information with selected third parties including:
- our partners, suppliers, sub-contractors or associates for the performance of any contract we enter into with them or you; where they us help provide our services to you; or to enforce or apply our statutory disclosures or any other agreement or to protect the rights, property or safety of our sites, our users or others;
- governmental, regulatory authorities, judicial bodies or agencies to comply with our legal and regulatory obligations;
- fraud prevention or debt collection agencies when required to protect our legitimate interests; other companies and organisations where we are bound to prevent or detect financial and other crime;
- services, software and other providers that assist us with our business, including our sites and systems.
Some of the above organisations may be based in a country outside the European Economic Area or where different data privacy laws apply. We will only transfer your personal data to that country if they ensure an adequate level of protection of your rights and freedoms, or you have given us your consent, or that organisation is contractually bound to meet European Economic Area data protection law.
Transfers to third countries and safeguards
- emails will clearly identify us as the sender;
- emails sent to you for marketing purposes will include an option to unsubscribe from future email messages;
- you may unsubscribe from all mailing lists, with the exception of any emails regarding legal notices, invoicing, or license renewals;
- any third parties who send emails on our behalf will be required to assert that they comply with legislative requirements on unsolicited emails and the use of personal data.
We do not store any information ourselves in third countries, nor would we buy from, or sell your data to, third countries. It is however possible that your data may be transferred to, stored at, and processed at a destination inside or outside the European Economic Area by our partners, suppliers or service providers. By submitting your personal data to us, you agree to this transfer, storing or processing. Our procedure regarding data transfer or sharing, is to seek prior consent.
Retention period, criteria used to determine the retention period
We will only keep your personal data for as long as it is needed for the purposes for which it was collected and we will remove from our systems all personal data which is no longer required. We will only retain your personal data after this time where we are required to do so, in order to meet a regulatory or legal obligation. We handle your personal data in accordance with adequate and reasonable procedures and technologies in order to maintain and protect its security, availability, confidentiality and integrity, and prevent its unlawful or unauthorised processing, accidental loss or damage, from its collection until its destruction.
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Under current regulations, data subjects (i.e. you) have:
- The right to be informed how their personal data is used;
- The right to access their personal data;
- The right to be forgotten and have their data deleted in specific circumstances;
- The right to data portability to transfer their data to another service provider;
- The right to have information corrected if it’s out of date, incomplete or incorrect;
- The right to object to, or stop, their data being processed on certain grounds;
- The right to restrict processing, meaning they can request that their data is only kept on file and not used for processing;
- Rights in relation to automated decision making and profiling, meaning that in some cases individuals have the right not to be subject to a decision that is based on an automated process.
You have the right at any time and free of charge to access your personal data in the following ways:
- Request a copy of the personal data we hold about you. We do this willingly but can refuse to give you this information if your requests are clearly vexatious;
- Have your personal data corrected if it is inaccurate or incomplete;
- Request the deletion of your personal data where it is no longer necessary for us to keep it for the purpose for which it was originally collected or processed, unless we have a legal or regulatory obligation to retain the personal data;
- Restrict further processing of your personal data. Where you have previously entered into a contracted service or product with us, this may imply cancelling the contracted service or product;
- If provided, to withdraw or amend your agreement to direct marketing, including profiling;
- Obtain and reuse your personal data for your own purposes subject to certain conditions of portability.
You also have the right to raise a complaint with a supervisory authority such as the ICO. Clearly, the provision of certain types of personal data e.g. contact details, is a necessary part of business communications, contracts and services without which it may well not be possible to conduct such activities, or even engage. We do not ask for contact details frivolously – they are required to make things happen!