Privacy Policy

365 Response Limited (or ‘The Company’) is committed to protecting the privacy of individuals who visit the Company’s Websites (“Visitors”), and individuals who register to use the Services or request information about the services as defined below.  This Privacy Statement describes 365 Response privacy practices in relation to the use of the Company’s Websites and the related applications, services, and programs offered by 365 Response (collectively, the “Services”), as well as individuals choices regarding use, access and correction of personal information.

If you have questions or complaints regarding 365 Response Privacy Statement or associated practices, or if you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact us by emailing datasecurity@365response.org

 

  1. Services covered

This Privacy Statement covers the information practices, including how the Company collects, uses, shares and secures the personal information you provide, and of Websites that link to this Privacy Statement.

365 Response Websites may contain links to other Websites. The information practices or the content of such other Websites is governed by the privacy statements of such other Websites. The Company encourages you to review the privacy statements of other Websites to understand their information practices.

 

  1. Information collected

When expressing an interest in obtaining additional information about the Services, or registering to use the Websites or other Services, 365 Response requires you to provide the Company with personal contact information, such as name, company name, address, phone number, and email address.

When purchasing the Services, 365 Response may also require you to provide the Company with financial and billing information, such as billing name and address, credit card number, and the number of employees within the organisation that will be using the Services

365 Response may also ask you to provide additional information, such as company annual revenues, number of employees, or industry.

When applying for a job with the Company 365 Response may also require you to submit additional personal information as well as a resume or curriculum vitae.

We also may store as part of our service details on your customers including special categories of data. We retain this information in line with our retention policy which is available on request.

Data is stored on our Cloud Based Encrypted systems:

 

  • Microsoft Office 365
  • Azure
  • Autotask

 

As you navigate the Company’s Websites, 365 Response may also collect information through the use of commonly-used information-gathering tools, such as cookies and Web beacons (“Web Site Navigational Information”). Web Site Navigational Information includes standard information from your Web browser (such as browser type and browser language), your Internet Protocol (“IP”) address, and the actions you take on the Company’s Websites (such as the Web pages viewed and the links clicked).

 

  1. Use of information collected

The Company uses Data about 365 Response Customers to perform the services requested. For example, if you fill out our Contact Web form, the Company will use the information provided to contact you about your interest in the Services.

The Company may also use Data about customers for marketing purposes.  For example, the Company may use the information you provide to contact you to further discuss your interest in the Services and to send you information regarding the Company and information about products or services.

365 Response may also receive information about Customers from other sources, including third parties from whom we have purchased data, and combine this information with Data we already have about you.

365 Response uses Web Site Navigational Information to operate and improve the Company’s Websites. The Company may also use Web Site Navigational Information alone or in combination with Data about 365 Response Customers and Data about 365 Response Attendees to provide personalised information about the Company.

 

  1. Web Site Navigational Information

Cookies, Web Beacons and IP Addresses

365 Response uses commonly-used information-gathering tools, such as cookies and Web beacons, to collect information as you navigate the Company’s Websites (“Web Site Navigational Information”). As described more fully below, we use these cookies or similar technologies to analyse trends, administer Websites and Services, track users’ movements around our Websites and Services, and gather demographic information about our user base as a whole.  This section describes the types of Web Site Navigational Information used on the Company’s Websites and Services, and how this information may be used.

Cookies

365 Response uses cookies to make interactions with the Company’s Websites easy and meaningful. When you visit the Company’s Websites, 365 Response’s servers send a cookie to your computer or device. Standing alone, cookies do not personally identify you; they merely recognize your Web browser. Unless you choose to identify yourself to 365 Response, either by filling out a Web form or have previously identified yourself to 365 Response, you remain anonymous to the Company.

365 Response uses cookies that are session-based and persistent-based. Session cookies exist only during one session. They disappear from your computer or device when you close your browser software or turn off your computer. Persistent cookies remain on your computer or device after you close your browser or turn off your computer. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Websites or Services.

The following sets out how 365 Response uses different categories of cookies and your options for managing cookies’ settings:

Type of Cookies Description Managing Settings
Required cookies Required cookies enable you to navigate the Company’s Websites and use its features, such as accessing secure areas of the Websites and using 365 Response Services. Because required cookies are essential to operating the Company’s Websites and the Services, there is no option to opt out of these cookies.
Functionality cookies Functionality cookies allow the Company’s Websites and Services to remember information you have entered or choices you make (such as your username, and provide enhanced, more personal features.  These cookies also enable you to optimize your use of 365 Response’s Websites and Services after logging in. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize.

 

To manage the use of functionality cookies on this Website, or to opt out of their use, click “Cookie Preferences” in the footer of this page. Note that opting out may impact the functionality you receive when using 365 Response’s Websites and Services.

Log Files, IP Addresses, URLs and Other Data

As is true of most Websites, we gather certain information automatically to analyse trends in the aggregate and administer our Websites and Services.  This information may include your Internet Protocol (IP) address (or the proxy server you use to access the World Wide Web), device and application identification numbers, your location, your browser type, your Internet service provider and/or mobile carrier, the pages and files you viewed, your searches, your operating system and system configuration information, and date/time stamps associated with your usage. Due to Internet communications standards, when you visit or use the Company’s Web sites and Services, we automatically receive the URL of the website from which you came and the website to which you go when you leave our Website. This information is used to analyse overall trends, to help us improve our Websites and Services, to track and aggregate non-personal information, and to provide the Websites and Services. For example, 365 Response uses IP addresses to monitor the regions from which Customers and Visitors navigate the Company’s Website. 365 Response also collects IP addresses from Customers when they log into the Services as part of the Company’s “Identity Confirmation” and “IP Range Restrictions” security features.

Social Media Features and Single Sign-on

The Company’s Websitemay use social media features. These features may collect your IP address and which page you are visiting on the Company’s Web site and may set a cookie to enable the feature to function properly. You may be given the option by such Social Media Features to post information about your activities on the Company’s Web site to a profile page of yours that is provided by a third party social media network in order to share with others within your network. Social Media Features are either hosted by a third party or hosted directly on the Company’s Web site. Your interactions with these features are governed by the privacy policy of the company providing the relevant Social Media Features.

Do Not Track

Currently, various browsers — including Internet Explorer, Firefox, and Safari — offer a “do not track” or “DNT” option that relies on a technology known as a DNT header, which sends a signal to Websites’ visited by the user about the user’s browser DNT preference setting. 365 Response does not currently commit to responding to browsers’ DNT signals with respect to the Company’s Websites, in part, because no common industry standard for DNT has been adopted by industry groups, technology companies or regulators, including no consistent standard of interpreting user intent. 365 Response takes privacy and meaningful choice seriously and will make efforts to continue to monitor developments around DNT browser technology and the implementation of a standard.

 

Customer Testimonials

365 Response may post a list of Customers and testimonials on the Company’s Website that contain information such as Customer names and titles. 365 Response obtains the consent of each Customer prior to posting any information on such a list or posting testimonials.

 

  1. Sharing of information collected

Service Providers

365 Response may share Data about 365 Response Visitors, Customers with the Company’s contracted service providers so that these service providers can provide services on our behalf. These service providers are authorised to use your personal information only as necessary to provide the requested services to us.  Without limiting the foregoing, 365 Response may also share Data about 365 Response Visitors, and customers with the Company’s service providers to ensure the quality of information provided, and with third-party social networking and media Websites, such as LinkedIn, for marketing and advertising on those Websites. Unless described in this Privacy Statement, 365 Response does not share, sell, rent, or trade any information with third parties for their promotional purposes.

Compelled Disclosure

365 Response reserves the right to use or disclose information provided if required by law or if the Company reasonably believes that use or disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process.

 

  1. International transfer of information collected

The Company primarily stores Data about 365 Response Customers and Data about 365 Response Attendees in the United Kingdom. To facilitate 365 Response’s global operations, the Company may transfer and access such information from around the world, including from other countries in which the Company has operations. This Privacy Statement shall apply even if 365 Response transfers Data about 365 Response Customers or Data about 365 Response Attendees to other countries.

 

  1. Correcting and updating your information

365 Response may retain your information for a period of time consistent with the original purpose of collection. For instance, we may retain your information during the time in which you have an account to use our Website or Services and for a reasonable period of time afterwards. We also may retain your information during the period of time needed for 365 Response to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

You may request to review, correct, delete or otherwise modify any of the personal information that you have previously provided to us through the Company’s Website and Services.  To update your billing information, and/or request return or deletion of Your Data associated with your account, please contact us. For other requests to access, correct, modify or delete Your Data, please email:

datasecurity@365response.org

Requests to access, change, or delete your information will be addressed within a reasonable timeframe.

 

  1. Customer Data

365 Response acknowledges that you have the right to access your personal information.  If personal information pertaining to you as an individual has been submitted to us by an 365 Response customer and you wish to exercise any rights you may have to access, correct, amend, or delete such data, please inquire with our customer directly. Because 365 Response personnel have limited ability to access data our customers submit to our Services, if you wish to make your request directly to 365 Response, please provide the name of the 365 Response customer who submitted your data to our Services.  We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.

 

  1. Security

365 Response uses appropriate technical and organisational security measures to protect Data about 365 Response Customers.

365 Response has achieved certification in, or are registered to the following standards, we are audited annually for the ISO certification by a UKAS accredited certification body

 

  • ISO 27001 – Information Security Management
  • ISO 9001:2015 – Quality Management
  • National Cyber Security Centre – Cyber Essentials
  • IASME Consortium – GDPR Governance Standard
  • Health and Social Care Information Centre (HSCIC NHS) Information Governance Level 2
  • Health and Social Care Information Centre (HSCIC NHS) Information Governance Level 3

 

These accreditations are closely aligned to the requirements of GDPR and demonstrate that our buildings, infrastructure, systems, policies, processes, procedures and controls are adequately robust to protect all personal data that we process

365 Response Limited are subject to an annual penetration test by an external, independent third party.  Any vulnerabilities or exploits identified are fully investigated and the appropriate action is taken to resolve them immediately.

All laptops and desktops run the latest security patches and antivirus software.  They are also encrypted.

Personal data is encrypted at rest on our servers as well as in transit. All 365 Response servers are located in the UK.

Disaster Recover is in place for our critical systems and is regularly tested.

We ensure that all our suppliers who may have exposure to confidential information have signed confidentiality/non-disclosure agreements.

 

  1. Changes to this Privacy Statement

365 Response reserves the right to change this Privacy Statement.

 

  1. Contacting us

Questions regarding this Privacy Statement or the information practices of the Company’s Websites and Services should be directed to:

datasecurity@365response.org