Last Updated: 07/25/2023
- – if you are a UK resident please also read the UK Recruitment Privacy Notice here
- – if you are a US resident, the California Recruitment Privacy Notice here.
Applicability and Scope
This policy explains who we are, why and how we process personal data and, if you are the subject of any of the personal data concerned, what rights you have and how to get in touch with us if you need to. It explains the rules applicable to processing of personal data by the companies of GlobalLogic group in business, commercial and marketing relations.
Variances to this policy may apply to regulate the processing of personal data in accordance with specific local laws, where they exist. At the end of the Policy, you may find additional information for California and UK residents.
Glossary – Basic Concepts
Personal data / personal information – all information related to you that we process. For example: first name, last name, e-mail address, telephone number, information about your professional experience, etc.
Processing – all activities performed in regard to your personal data. For example: collecting, retaining, updating, sending messages to you, deleting data.
UK GDPR – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (GDPR) incorporated into law in the UK as amended by the Data Protection, Privacy and Electronic Communications (Amendments, etc.) (EU Exit) Regulations 2019.
CCPA – California Consumer Privacy Act of 2018, including as amended by the California Privacy Rights Act of 2020 and all applicable implementing regulations.
Who are we
We are GlobalLogic. For our contact details please see the Contact Us section below.
As a rule, each of the companies from the GlobalLogic group independently decides about the purposes and methods of personal data processing, which means that each of them is a separate data controller – depending on which company you contact, conclude a contract with, run business relations with etc., this company, usually, will be the data controller of your personal data.
It may also happen that a particular company performs activities for another company from the GlobalLogic group, e.g. related to marketing – in this case, the company that performs such activities does not become the data controller of your personal data, but processes it on the basis of a data processing agreement concluded with the data controller.
Whose Personal Data Do We Process
We may process personal data relating to you if:
- – You are our prospective or actual customer, supplier or person providing us with services through a third party.
- – You are someone (or you work for someone) to whom we want to advertise or market our services.
- – You work for a customer or a supplier of ours, or for someone who uses our services or products developed by us (you are acting on behalf of one of the persons/entities mentioned above, e.g. as its employee or associate).
- – You are interested in our activities (e.g. as the media).
- – You are our employee, contractor or have expressed an interest in working for us.
Information We Do Not Collect – Children
We do not knowingly solicit data online from or market to children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that a child under 18 has provided us with personal information without parental consent, we take steps to delete such information.
Information We Collect
We may process personal data relating to you that we have either obtained from you, or from somewhere else. Therefore, your personal data can be processed:
- – when you have provided us with your personal data through various communication channels (e.g. by sending an inquiry/ offer via e-mail, telephone or form on our website);
- – when signing or performing a contract, including when your personal data have been disclosed to us as a contact for the purpose of execution of a contract;
- – when we have obtained your personal data from other sources (e.g. from a company that is our contractor/ client, including from another company of the GlobalLogic group, during events, or from publicly available sources/ websites).
Information You Voluntarily Provide to Us
The scope of personal data we process depends on the information that is vital for a given relationship
- – it primarily encompasses content of documents, our communication, along with other information we have obtained from publicly available sources (e.g. LinkedIn). Personal data relating to you that we process may include:
- – Your name,
- – Information regarding professional activity, including who you work for, and your job function or department, qualifications and information regarding services you are providing to us.
- – Your address, phone number, email address or other contact details (these details may relate to your work or to you personally, depending on the nature of our relationship with you or the person that you work for).
- – Information about you that you give us by communicating with us by phone, by e-mail, via our website, via social media or otherwise. It includes information you give us or that we obtain when you use our website, attend or subscribe to our events, supply us with goods or services, enquire about our services, place an order, enter a competition, promotion or survey, or contact us to report a problem, or do any of these things on behalf of the person that you work for.
- – Information relating to transactions with us involving you or the person that you work for (for example, details of products developed by us or services that we have supplied to, or obtained from, you or the person you work for).
- – Information about events to which you or those related to you are invited, and your personal information and preferences to the extent that this information is relevant to organising and managing those events (for example, your dietary requirements).
Your submission of personal data is generally voluntary, but sometimes it may be necessary e.g. to conclude or execute a contract, to respond to your query or to communicate with you.
Information We Collect Automatically
Information that we automatically obtain from you when you use our website, including:
- – technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- – information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call us or social media handle used to connect with us.
Information We Collect from Other Sources
- – Other information relating to you which is necessary for us to process in order to enter into or perform a contract with you or the person that you work for (for example, right to work information, information obtained from credit references agencies and vendor screening suppliers, where this is necessary to enable us to carry out appropriate checks in relation to contracts with you or someone you work for or are otherwise related to).
- – Where legally allowed, some information we collect is from unaffiliated sources, including in some cases information that is publicly available, provided by or purchased from marketing business intelligence partners, or present on social media platforms. For instance, in the U.S. we may use ZoomInfo to obtain information about prospective customers, which can then be used within an advertising platform such as Google Ads to market our services to those individuals or to audiences that share similar attributes. Users who do not wish to be remarketed to or included in the creation of such “lookalike” audiences on Google’s Display Network may opt-out through their Google Ads Settings here. More information about ZoomInfo’s privacy practices and opting out of that service’s professional profiles may be found here: https://www.zoominfo.com/update/remove.
Cookies and Similar Technologies
We may use a variety of technologies to collect information about your device and use of our Sites. These technologies include first- and third-party cookies and web beacons. Most web browsers can be programmed to accept or reject the use of some or all of these technologies, although you must take additional steps to disable or control other technologies.
I you want to learn the correct way to modify your browser settings, please use the Help menu in your browser or review the instructions provided by the following browsers: Internet Explorer, Google Chrome, Mozilla Firefox, Safari Desktop, Safari Mobile; and Android browser.
For more information on how to opt-out of tracking technology from Google Analytics, click here.
Interest-Based Advertising – Many advertising companies that collect information for interest-based advertising are members of the Digital Advertising Alliance (DAA) or the Network Advertising Initiative (NAI), both of which maintain websites where people can opt out of interest-based advertising from their members. To opt-out of website interest-based advertising provided by each organization’s respective participating companies, visit the DAA’s opt-out portal available at http://optout.aboutads.info/ or visit the NAI’s opt-out portal available at http://optout.networkadvertising.org/?c=1.
Residents of the EEA (including European Union), Switzerland and the UK may opt-out of online behavioral advertising served by the European Interactive Digital Advertising Alliance’s participating member organizations by visiting https://www.youronlinechoices.eu/.
To opt-out of data collection for interest-based advertising across mobile applications by participating companies, download the DAA’s AppChoices mobile application opt-out offering here: https://youradchoices.com/appchoices.
From time to time GlobalLogic may organize or take part in a promotional event, e.g. a conference, fairs, lecture (“Event”), which you may attend as a guest, speaker, host, etc. (“Participant”). Events are usually recorded on videos or photographs (sometimes with a help of third party acting on our behalf), therefore your image, including voice and utterances (“Image”) may be recorded and used, with neither geographical nor temporal restriction, nor with restriction as to the medium and number of copies, for the purpose of sharing information about the Event and for promotional purposes of GlobalLogic.
To the extent permissible by law, participation in the Event is equivalent to each Participant granting free of charge consent to the use and multiple dissemination of their Image recorded during the Event. Such consent may be withdrawn at any time. Where, for the above activities of GlobalLogic, the applicable law requires explicit consent of the person whose Image has been recorded, GlobalLogic will collect such proper consent from you.
Please note, that if you decide to participate in an Event, your personal data, including an Image, might get published for indefinite period of time on the Internet, in a manner that may allow an unrestricted number of people to view it.
How We Use Your Personal Data; The purpose of processing
We process your personal data for the following purposes:
- – To enter into, and to perform, contracts with you or the person that you work for.
- – To: provide services to customers, obtain goods and services from suppliers and manage and administer our relationships with customers and suppliers, where you or the person that you work for may be the relevant customer or supplier of goods or services for these purposes.
- – To respond to your query and for the purpose of further contact in this matter.
- – To advertise, market and provide information about us or our services.
- – To defend against or to make claims.
- – To administer our website under our terms and for internal operations, including troubleshooting, and data analysis, testing, research, statistical and survey purposes.
- – To improve our site to ensure that content is presented in the most effective manner for you and for your computer.
- – To keep our website and other systems safe and secure.
- – To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising (adapted to your preferences).
- – To make suggestions and recommendations about services that may interest you or the person that you work for and subject to your stated preferences, where relevant.
- – To comply with applicable laws and regulatory obligations including to maintain appropriate records, and respond to lawful public authorities’ requests.
- – We may process certain personal information in order to fulfill any other business or commercial purposes at your direction or with your consent.
How We Share Your Personal Data
We may share your personal data, where legally allowed, for the following purposes:
(a) When We Work Together – We may share information between and among GlobalLogic Inc., its parents, subsidiaries, and affiliated companies for purposes of management and analysis, decision making, and other business purposes. For example, we may share your information with our parents, subsidiaries and affiliated companies to process orders and requests, and to expand and promote our product and service offerings.
(b) When We Work with Service Providers – We may share your information with service providers that provide us with support services, such as website hosting, email and postal delivery, product and service delivery, analytics services, or conducting academic research. We contractually prohibit these service providers from retaining, using, or disclosing your personal information for any purpose other than performing agreed upon services for us.
(c) When We Work on Business Transactions – If we become involved with a merger, corporate transaction or another situation involving the transfer of some or all of our business assets, we may share your information with business entities or people involved in the negotiation or transfer.
(d) When Sharing Helps Us Protect Safety and Lawful Interests – We may disclose your information if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms or supply terms and other agreements with you; or to protect the rights, property, or safety of GlobalLogic, our customers, employees or others. This includes exchanging information with other companies and organizations (including law enforcement bodies) for the purposes of fraud protection and other risk reduction.
(e) When We Work with Marketing Service Providers – We may share your information with marketing service providers to assess, develop and provide you with promotions and special offers that may interest you, administer contests, sweepstakes and events or for other promotional purposes.
(f) When You Give Consent – We may share information about you with other companies if you give us permission or direct us to share the information.
(g) When the Information Does Not Identify You – We may share your information in a way that does not identify you, in particular by combining it with similar information about other people and sharing the aggregated information for statistical analysis and other business purposes. For example, we may share information about your use of our Sites.
Who We Share Your Personal Data With
Access to your data is restricted to those who need it for the purposes outlined above, and generally they will only have access to that part of the data relating to you that is relevant to the particular purpose concerned.
We may share your data with duly authorized GlobalLogic employees or professionals who assist us in running our business and who are subject to security and confidentiality obligations. Whenever personal data is disclosed to a third party in this way, it will only be to the extent necessary to perform their duties, to perform our contract with you or for the purposes of our legitimate interests.
We may share your personal data with:
- – any member of our GlobalLogic group, which includes our parents, affiliates, subsidiaries, and their subsidiaries;
- – appropriate third parties, including:
- our business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for;
- our auditors, legal advisors and other professional advisors or service providers (e.g. entities that help us communicate with our contractors and clients, e.g. they support us in sending e-mails, and in the case of advertising activities – also in marketing campaigns, help us run a website, provide support and operation of our tools and ICT systems, banks, as well as companies that carry out our shipments);
- – (in particular in relation to information obtained via our website) our advertisers and advertising networks that require the data to select and serve relevant adverts to you and others; we do not disclose information about identifiable individuals to our advertisers, but we will provide them with aggregate information about our users. We may also use such aggregate information to help advertisers reach the kind of audience they want to target. We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience and subject to the cookie section of this policy;
- – analytics and search engine providers that assist us in the improvement and optimization of our Sites and subject to the cookie section of this policy.
Legal Grounds for Our Processing of Your Personal Data
The basis on which we process your personal data is as follows (where legally applicable).
Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it (for example, some direct marketing activities), we will obtain and rely on your consent in relation to the processing concerned (see below for how to withdraw your consent to processing).
Otherwise, we will process your personal data only where the processing is necessary:
- – for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
- – for compliance with a legal obligation to which we are a subject; or
- – for the purposes of the legitimate interests pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data (most situations when we process your personal data in regard to a relationship that we have with the person that you work for will fall into this category).
Other applicable legal basis can be mentioned in the country-specific sections below.
We process personal data only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived, unless it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject, or for another legitimate and lawful purpose.
The above periods may be extended, if necessary, in the event of any claims and court proceedings – for the duration of these proceedings and their settlement.
Sometimes your data may be available in the mediums such as the Internet for indefinite period.
International Transfers of Personal Data
GlobalLogic operates internationally and, therefore, personal data may be processed in countries which may not have data protection regulations as stringent as those in your country, including in United States, India and Ukraine. We will transfer such information to third countries in accordance with the applicable privacy laws, in particular UK GDPR, particularly to each country in which GlobalLogic conducts business, or has a service provider, for the purposes set out in this document.
GlobalLogic applies all required safeguards, including standard data protection clauses adopted by the relevant authorities. We may also transfer your data to a country that ensures an adequate level of protection according to the Information Commissioner’s decision.
We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it. All personal data processed by us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or systems, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee or warrant the security of your data transmitted to our website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Your Privacy Rights and Choices
To exercise your rights please contact us at email@example.com or by other means as convenient for you.
GlobalLogic respects all applicable privacy laws and your rights under the applicable legislation – in particular you can request that we delete your data, or withdraw your consent for personal data processing. You can also opt-out of receiving marketing communication by using the “unsubscribe” link included in the emails we send you, or by contacting us as described below.
For more details on your rights please see below additional information for the residents of the particular countries and regions.
Please note that we are legally obliged to confirm your identity before we can process your request, so you may be asked to provide some further information.
You can contact us at firstname.lastname@example.org, or at our postal address:
2535 Augustine Dr 5th Floor
Santa Clara California 95054, United States of America
Attention: Chief Legal Officer
London studio / GlobalLogic (UK) Limited
Registered seat: New Penderel House 4th Floor, 283-288 High Holborn, London, United Kingdom, WC1V 7HP
Contact: Level 7, 2 More London Riverside, London SE1 2AP UNITED KINGDOM, +44 203 488 1602
List of companies of the GlobalLogic group, including their contact details and information regarding data protection officer (if applicable) can be found here.
ADDITIONAL INFORMATION FOR RESIDENTS OF CALIFORNIA
Categories of Personal Information Collected, Used, and Disclosed
In the preceding 12 months, depending how you interact with our Sites, we may have collected the following categories of Personal Information (as defined under Cal. Civ. Code §1798.140(v)(1)):
- – Identifiers, such as your name, address, unique personal identifier, email, phone number, or similar identifiers.
- – Commercial information, such as information relating to transactions with us involving you or the person that you work for (for example, details of products developed by us or services that we have supplied to, or obtained from, you or the person you work for), and information about events to which you or those related to you are invited, and your personal information and preferences to the extent that this information is relevant to organising and managing those events.
- – Internet or other electronic network activity information, such as technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and information about your visit, including your browsing history, search history, the webpage visited before you came to our Site, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, and system configuration information.
- – Geolocation data, such as geolocation, to the extent you have configured your device to permit us to collect such information.
- – Inferences drawn from any of the information listed above, such as your preferences, characteristics, behavior and attitudes.
For more information about the Personal Information we collect and how we collect it, please refer to “Information We Collect” section above.
We collect your Personal Information for the business purposes described in the “How We Use Your Personal Data” above.
The categories of third-parties with whom we may share your Personal Information are listed in the “Who We Share Your Personal Data With” section above.
California Privacy Rights
If you are a California resident, you have rights in relation to your Personal Information as identified below; however, your rights are subject to certain exceptions and are not absolute. We may deny your request: (a) when denial of the request is required or authorized by law; (b) when granting the request would have a negative impact on another’s privacy; (c) to protect our rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.
- Right to Know. You may have the right to obtain a copy, or a list of categories of the Personal Information that we hold about you, as well as other supplementary information, such as the purposes of processing, and the entities to whom we disclose your Personal Information.
- Right to Correct. You may request us to rectify, correct or update any of your Personal Information held by us that is inaccurate.
- Right to Delete. Under certain circumstances, you may have the right to request that we delete the Personal Information that we hold about you. This right is not absolute, and we may refuse your right to delete if it is reasonably necessary for us to provide a service requested by you; to perform a contract between us; to maintain functionality and ensure security of our systems; to enable solely expected internal uses of your Personal Information; to exercise a right provided by law; or to comply with a legal obligation.
- Right to Portability. Under certain circumstances, you may have the right to receive Personal Information we hold about you in a structured, commonly used, and machine-readable format so that you can provide that Personal Information to another entity.
- Right to Limit Use of Sensitive Information. To the extent your sensitive personal information (as that term is defined under California Privacy Laws) is used to infer characteristic about you, you have the right to direct us to stop such processing of your sensitive personal information for such purposes. We do not process any sensitive personal information to infer characteristics about you.
- Right to Object to Automated Decision-Making. You may have the right not to be subject to a decision that is based solely on automated processing (where a decision is taken about you using an electronic system without human involvement) which significantly impacts your rights. No decision will be made by us about you solely on the basis of automated decision making which has a significant impact on you.
- Right Against Discrimination. You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your privacy rights.
Exercising Your California Privacy Rights
You may exercise your rights by contacting us at email@example.com or via another method identified in the “Contact Us” section above. In your request, please make clear which right you would like to exercise. Before fulfilling your request, we are required by law to have you to verify the Personal Information we already have on file to confirm your identity. If we cannot verify your identity based on the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
If you use an authorized agent to submit requests on your behalf, we will require you to directly verify your identity with us, or have you directly confirm with us that the authorized agent has been authorized to act on your behalf.
Opt-Out Preference Signals. You may send your request to opt-out sale or sharing your personal information by configuring your device to automatically send opt-out preference signals. The Global Privacy Control signal is currently the only opt-out preference signal we can recognize. Please visit Global Privacy Control’s official site (https://globalprivacycontrol.org/#about) to learn how to configure your device to send such signals. Please note that the opt-out choice will only apply to your use of our Sites through the current browser or device you’re using and only so long as that browser’s cookies are not erased.
Direct Marketing If you are a California resident, you can request a notice disclosing the categories of personal information we have shared with third parties for the third parties’ direct marketing purposes. To request a notice, please submit your request at firstname.lastname@example.org or by postal mail as described in the Contact Us section.
ADDITIONAL INFORMATION FOR RESIDENTS OF THE UK
This section applies to processing of personal data that is within the scope of the UK GDPR – when it is carried out by a GlobalLogic group company that has its seat or establishment within the UK or concerns data subjects who are in the UK. In case of any doubts please contact us at email@example.com.
What is the legal basis of processing?
Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it (for example, direct marketing activities), we will obtain and rely on your consent in relation to the processing concerned.
Otherwise, we will process your personal data only where the processing is necessary:
- – for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
- – for the purposes of the legitimate interests (Art. 6(1)(f) UK GDPR) pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data; the following cases fall into this category – when we process your personal data in relation to a relationship that we have with the person that you work for, maintaining relations, building a positive image of GlobalLogic and marketing of GlobalLogic’s products and services, when we process your Image that can be qualified as personal data for the purposes of GlobalLogic promotion among current and potential employees, associates and business partners, when we defend against or make claims;
- – for the fulfilment of our legal obligations– the legal basis for processing of your personal data will be the necessity for compliance with a legal obligation to which we are subject (Art. 6(1)(c) UK GDPR).
We process data regarding use of our website for the purpose of proper management of our website, to improve its performance, ensure its security, adapt its content to your preferences. In addition, we gather this data for internal purposes, including resolving issues, conducting data analyses, testing, research, statistics, and for survey purposes. The legal basis of our activities is your consent, except for cases when the use of such data is essential for the functioning of our website (electronic provision of a service to you within that scope); in such cases the legal basis will be our legitimate interest (Art. 6(1)(f) UK GDPR).
How long do we process your personal data
As a rule, personal data will be processed:
- – for the purposes of conclusion and performance of a contract – for the duration of the contract and its settlement plus a reasonable period, depending on the circumstances (generally, the applicable statute of limitation period);
- – on the basis of our legitimate interest – until the objection to such processing or the fulfilment of the purpose for which the data has been processed;
on the basis of your consent – until withdrawal of such consent or fulfilment of the purpose for which it was given;
unless the law or an authority requires that we process such data for a longer period, or in case of potential claims, for such claim’s limitation period specified by law – whichever is longer.
Once the relevant storage periods have elapsed, your Personal Data will be destroyed, deleted, or irreversibly anonymized.
Your rights related to processing of your personal data
You have the following rights:
1. Access to your personal data – you may ask us at any time to provide information regarding:
- – whether we are processing your personal data;
- – for what purpose;
- – what categories of data we are processing;
- – who is the recipient of your data;
- – what is the planned duration of processing (if possible), and if we are not able to say, the criteria for determining that duration;
- – if the personal data has not been given by you – all available information about the source of the data.
You can also receive access to all of your personal data that we are processing (data copy).
2. Data rectification – if information about you is or has become inaccurate or incomplete, you have the right to demand that data is rectified or made complete.
3. Consent withdrawal – you may withdraw your consent to the processing of your data at any time and it will not affect the lawfulness of processing based on consent before its withdrawal.
4. Data erasure – in certain situations, UK GDPR gives you the “right to be forgotten.” You can invoke this right where one of the following grounds applies:
- – the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- – you withdrew consent to the processing of personal data and there is no other legal ground for continuing to process it;
- – you object to the processing of your personal data when there are no overriding legitimate grounds for processing;
- – you object to the processing of your personal data for marketing purposes;
- – your data is processed unlawfully;
- – the personal data have to be erased for compliance with a legal obligation.
5. Restriction of processing – you can demand that we restrict our activities in principle only to storing information about you when:
- – you contest the accuracy of personal data we are processing – for a period of time that allows us to verify the accuracy of the personal data;
- – the processing of your personal data violates the law, but you prefer that processing be restricted rather than the data be erased;
- – GlobalLogic no longer needs your personal data for the purposes of processing, but you need it for the establishment, exercise or defence of legal claims;
- – you have objected to the processing of your personal data – only until such time as it is determined whether our legitimate grounds override yours.
6. Data portability – you have the right to receive your data in a structured, commonly-used and machine-readable format, and also to transmit your data to another data controller, if:
the processing is based on your consent or on a contract; and
the processing is carried out by automated means.
7. Objection – you have the right to object to some operations we perform on your personal data on grounds related to your particular situation, particularly in the following cases:
- – when our processing is based on our legitimate interest;
- – when we process your personal data for purposes related to scientific or historical research, or for statistical purposes.
When despite your objection we find that there are compelling legitimate grounds for the processing which override your interests, rights and freedoms, or basis for the establishment, exercise or defense of legal claims, we will continue to process data covered by the objection to the extent necessary. If you disagree with such an assessment of the situation, you can exercise your right to file a complaint with the relevant public authority (more information below).
Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of your personal data for such marketing. Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.
8. Complaints to the relevant public authority – in connection with our actions as the controller of your personal data, you are entitled to lodge a complaint to the relevant supervisory authority. The relevant public authority in the UK is the Information Commissioner’s Office https://ico.org.uk/global/contact-us/. Of course we encourage you to first contact us at firstname.lastname@example.org.
9. You can obtain a copy of the security measures we apply for the transfer of personal data to third countries by contacting us at email@example.com.