1.1 Northrow takes your privacy seriously. We ask that you read this Privacy Notice carefully as it contains important information about what to expect when we collect personal information about you, and how we, and members of the Northrow Group, will use your personal data.
1.2 The Northrow Group comprises Contego Solutions Limited (trading as Northrow) and its wholly owned subsidiary Working Status Limited (together ‘we’, ‘us’ or ‘our’). Further details for each entity are at paragraph 17.
1.3 This Notice applies to information we collect about:
· Visitors to our website or other third party websites or platforms where our material is made available
· Those who contact us in relation to our services, or as a potential employee or supplier
· Those who access gated content on our website or other platforms
- Customers who access our Services through secure.contego.com or workingstatus.com or who contact our Customer Support.
2. VISITORS TO OUR WEBSITE
3. CONTACTING US THROUGH OUR WEBSITE AND OTHER PLATFORMS
When you contact us through our website using the ‘Contact Us’ page, we collect your name, phone, business email address, and any message. If you contact us through our instant messaging pop-up, we may collect your IP address, and we will collect any information you provide in the message. If you contact us through a third party website or platform (such as LinkedIn), we collect your name, job title, company name and business e mail address.
We only use this information to respond to your message, and as further provided in this policy.
4. ACCESS TO GATED CONTENT ON OUR WEBSITE AND FROM OTHER PLATFORMS
To enable you to better understand our services, we provide access to Client Case Studies and White Papers through our website and through other third party websites or platforms (such as LinkedIn). To access this content, you will be asked to provide contact details for your organisation and we may contact you after your visit to discuss your organisation’s requirements and any questions you may have about our services.
5. CLIENTS AND PROSPECTIVE CLIENTS
5.1 If you contact us in relation to our services, we will use the information you provide for the purpose of contracting for, and performing, the requested service; to manage and administer our business; and to fulfil any legal or regulatory requirements. We will retain the information you provide in relation to the provision of the services for six years from the conclusion of the services or termination of the contract.
5.2 If we have previously provided you with services, we may, from time to time, provide you with information on similar services unless you opt-out from receiving these. You can do this at any time by clicking on the link at the bottom of any of our communications.
5.3 In any other case where you provide contact details to us through our website or via a third party website or platform (including LinkedIn) on behalf of your business, we may, from time to time, provide our newsletter and other information to you (as a representative of your business) in relation to our services. You may opt out from receiving these communications at any time by clicking on the link at the bottom of any of our communications.
6. PROSPECTIVE EMPLOYEES
If you contact us in relation to prospective employment we will only use the information you provide for the purpose of progressing your application and to fulfil legal or regulatory requirements. We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes. We will use the contact details you provide to progress your application and the other information you provide to assess your suitability for employment with us. If we make a conditional offer of employment we may ask you for further information to carry out any required pre-employment checks. If we employ you, we will retain the information you have provided during the application process as part of your employee file for the duration of your employment plus six years after the end of your employment. If we do not employ you, the information you have provided in your application, or at a later stage of the recruitment process, will be retained for six months.
7. PROSPECTIVE SUPPLIERS
If you contact us in relation to your services, we will use the information you provide for the purpose of considering and, if relevant, contracting for your services; to manage and administer our business; and to fulfil any legal or regulatory requirements.
8. ACCESS TO CUSTOMER SUPPORT SERVICES
If you are a staff member of a NorthRow Customer, you may access Customer Support in relation to our services through secure.contego.com or workingstatus.com. We collect identification and authentication information to enable you to use this service. We will only use such information for the purpose of providing the support service and to fulfil any legal or regulatory requirements.
9. INFORMATION COLLECTED FROM THIRD PARTIES
Occasionally we may receive and use information about you from other sources (such as credit reference agencies, referees, professional advisors or other similar bodies) which we will add to the information which we already hold about you in order to help us provide the required services or comply with our legal and regulatory obligations, in particular regarding anti-money laundering, bribery or criminal finances legislation.
10. HOW WE USE AND SHARE YOUR INFORMATION WITHIN THE NORTHROW GROUP
If you apply for a position, request a service, contract with us as a supplier, or otherwise contact us, your personal information will be used and shared within the Northrow Group in accordance with your requirements and our operational arrangements.
11. HOW WE USE AND SHARE YOUR INFORMATION WITH OTHER PARTIES.
We may share your information with third parties if this is required by law or our insurance requirements. We may also share information with third parties who provide data processing services for Northrow, but only where such third parties are subject to a contract that prevents them using the data other than as instructed by us, restricts the sharing of the data, and requires them to hold the data securely and for the period we instruct. If we use third party data processors outside the European Economic Area (EEA) we only do so where they have safeguards in place that meet the requirements of European data protection laws.
12. TRANSFERS OF PERSONAL DATA OUT OF THE EUROPEAN ECONOMIC AREA (EEA)
We will only transfer your personal data to data controllers outside of the EEA where this is specifically authorised by data protection law, such as for the exercise of legal claims or for important reason of public interest.
13. HOW WE PROTECT YOUR INFORMATION
13.1 We have put in place various security procedures and technical and organisational measures to safeguard your personal information e.g. we are ISO27001 certified, and Cyber Essentials plus certified. Our security and privacy policies are regularly reviewed.
13.2 We will use all reasonable efforts to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
14. YOUR RIGHTS
14.1 You have the right to request details of the information that we hold about you. If you would like a copy of some or all of your personal information, please send an email or letter using the contact details provided below. We are entitled to charge a fee for this service if requests are manifestly unfounded, repetitive or excessive.
14.2 We want to ensure that your personal information is accurate and up to date. If any of the information that you have provided to us changes, for example if you change your email address or name, please let us know the correct details by contacting us at the details below. You may ask us, or we may ask you, to correct information you or we think is inaccurate.
14.3 You may have other rights in relation to the personal data we hold about you, including, in some circumstances, a right to restrict or object to processing, to seek erasure of your data or transfer your data to another provider. Full details of these rights, and the conditions in which they are available, can be viewed at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/. You have a right to complain to the Information Commissioner’s Office if you do not believe we are respecting your rights.
We keep our Privacy Notice under regular review. If we change our Privacy Notice we will post the changes on this page, and place notices on other pages of the website, so that you may be aware of change. This Privacy Notice was last updated on 15 January, 2019.
16. LINKS TO OTHER WEBSITES
Our website may contain links to other websites. This Privacy Notice applies only to our website so when you access links to other websites you should read their own privacy notices.
17. DETAILS FOR THE NORTHROW GROUP
How to contact us:
How to contact us:
Chief Operating Officer, Northrow, 99 Park Drive, Milton Park, Abingdon, Oxfordshire, OX14 4RY