Sharp Business Systems UK PLC Entity Privacy Policy Last Updated: May 2018

1.  Introduction

 

At Sharp Business Systems UK PLC (“we”, “us”, “Sharp”), we take your privacy seriously. The following privacy policy outlines who we are as a data controller, what data we collect on the Sharp Academy website (www.sharpacademy.eu), how and why we collect it, and your rights to control that data.

 

As a responsible organisation, we have implemented numerous technical and organisational measures to ensure the most complete protection of any personal data (e.g. name, address, email, phone number) processed through this website, in order to meet the General Data Protection Regulation (“GDPR”), and in accordance with any country-specific data protection regulations.

However, Internet-based data transmissions may in principle have security gaps, so absolute protection may not be guaranteed. For this reason, every data subject is free to transfer personal data to us via alternative means, e.g. by telephone.

 

Section A) Who We Are as a Data Controller

 

Section B) Why and How We Use Your Data

 

Section C) Your Rights to Control Your Data

 

 

 

Section A) Who We Are as a Data Controller

 

2.  Name and Address of the Data Controller

 

The data controller for the purposes of the GDPR, other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

 

Northern House Moor Knoll Lane East Ardsley Wakefield

WF3 2EE

United Kingdom Phone: 01924 836455

 

Email: DataProtection.SBSUK@Sharp.eu Website: www.Sharp.co.uk

There is also a secondary data controller of this website: Sharp Electronics Europe Ltd

4 Furzeground Way, Stockley Park, Uxbridge, UB11 1EZ, United Kingdom Phone: +44 208 734 2000

Email: DPOEurope.SEE@sharp.eu (for Data Protection enquiries)

 

Website: https://www.sharp.eu

 

As a data controller we are responsible for deciding how we hold, use and keep personal data secure. It also means we are responsible for responding to requests you make in relation to how your personal data is used. If you have any questions about the way your personal data is processed, you can contact us on these details:

 

  • Name and Address of the Data Protection Officer

 

Sharp in Europe has a Data Protection Officer based in its Head Office in London (UK) and Data Protection Leads in each entity. For any queries relating to data protection please contact our local Data Protection Lead below:

 

Email: DataProtection.SBSUK@Sharp.eu

 

You may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection. Email: DPOEurope.SEE@sharp.eu

Section B) Why and How We Use Your Data

 

3.  Collection of personal data and general information

 

We will collect personal data when you register for a Sharp Academy account with us. , This privacy policy applies to your use of www.sharpacademy.eu website for the purpose of receiving training from Sharp so that the relationship between your company and Sharp and your knowledge of Sharp’s products and services is enhanced.

 

We collect the following types of personal data from you:

 

Contact details: information that allows us to contact you such as your name, email address, telephone number and addresses associated with your account.

 

You need to provide such personal data for the purpose of website registration and participation in our training programmes.

 

Performance data – information on your individual training journey, such as modules visited and exam results.

 

Personal data in reports and notifications you submit to us: if you submit information to us about our products and services through our website we will collect any personal data you include.

 

How you use our website: Our website collects a series of general data and information when a user or automated system calls up the website. This general data is stored in the server log files. We may collect (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (so-called referrers), (4) the sub-websites, (5) the date and time of access to the Internet site, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system, and (8) any other similar data and information that may be used in the event of attacks on our information technology systems.

 

We do not draw any conclusions about the user from the website data. Rather, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content of our website as well as its advertisements, (3) ensure the long-term viability of our information technology systems and website technology, and (4) provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack. Therefore, the controller analyses anonymously collected data and information statistically, with the aim of increasing the data protection and data

 

security of our enterprise, and to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.

 

4.  Legal basis for the processing

 

We limit the collection of personal data to only that which is absolutely necessary to carry out our legal or business obligations. In some cases however the provision of personal data may be partly required by law (e.g. tax regulations), is needed as part of contractual negotiations, or as part of providing a service. The non-provision of the personal data would have the consequence that the contract or service with the data subject could not be provided or concluded, therefore is considered Legitimate Interest for processing.

 

Below, we describe:

 

  • the purposes we collect your personal data for;
  • the categories of personal data we process for that purpose;  the legal basis that allows us to process your personal data; and     how long we will keep your personal data for.

 

Purpose of processing

Categories of data processed

Legal        basis        of processing

Data       storage period

Provide our services to you and maintain your

account

All the personal information we collect

Fulfilment        of         a contract between us

for the period of the Academy account

Staff training

All the personal information we collect

Fulfilment       of         a contract between us

for the period of the Academy account

Direct marketing

Contact details

Training content and training related information that we have determined may be of interest to you

Consent

Until        contact opts out or for the period of the

Academy account

 

Before you provide personal data, you can contact our Data Protection Officer who can clarify whether the provision of the personal data is required by law or contract, whether there is any obligation to provide the personal data, and the consequences of non-provision.

 

 

5.  Your consent

 

Where the legal basis for us processing your personal data is that you have provided your consent, you may withdraw your consent at any time. You will not suffer any detriment for withdrawing your consent. If you withdraw your consent, this will not make processing which we undertook before you withdrew your consent unlawful.

 

You can withdraw your consent by contacting the Data Protection Officer, whose details are provided in section 2.

 

6.  Who has access to your personal data

 

We share your personal information with the following:

Our staff: Your personal data will be accessed by our staff but only where this is necessary for their job role.

Partners and Dealers: We may also share your personal information with your employer for the purpose of monitoring your participation in Sharp’s training programmes.

 

Other service providers and advisors: Such as companies that support our IT, help us analyse the data we hold, , send communications to our customers, provide us with legal or financial advice and help us deliver our services to you.

We do not disclose personal information except as set out above. We may provide other third parties with statistical information and analytics but we will make sure that the information is aggregated and no one can be identified from this information before we disclose it.

 

7.  Transfer of personal data

 

We do not currently transfer data outside of the EU and European Economic Area (“EEA”).

 

8.  Cookies

 

Our webpages use “cookies”. Cookies are text files that are stored in a computer system via an Internet browser.

 

Many Internet sites and servers use cookies. These contain a so-called cookie ID, which is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the user from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.

 

. Find out more information about our Cookie Policy.

 

9.  Profiling

 

We do not currently use profiling on our website. If we start any profiling activity, we will notify you specifically that we are using profiling.

 

 

 

10.         Registration and Website Enquiry Forms

 

Certain users can register on our website with personal data via a registration form, for our online training service (Academy). This personal data (e.g. name, email address, date and time of registration) is captured to provide them with this service, verify their identity, and provide them with a secure log in to a protected web environment. It also enables Sharp to provide access or deny access due to misuse of service.

 

11.         Marketing Communications

 

We inform our users, customers and business partners regularly about our products, services and training content through marketing communications. Users are given the option to consent to receiving these communications, and are given the option to opt-out of these communications at every practical opportunity.. In the case of marketing communications they may only be received by the data subject if

(1) they have a valid e-mail address, phone number or postal address and (2) they register for the marketing communication

 

During registration for marketing communications, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.

 

The personal data collected as part of a registration for a marketing communications programme will only be used to send our specific communication, unless otherwise stated in the consent form. The consent to the marketing communications programme or storage may be terminated by the data subject at any time. Each communication we send contains a link to remove consent (in the case of electronic communications), alternatively you can remove consent by contacting the Data Protection Officer, whose details are set out in section 2.

 

12.         Tracking & Analytics

 

Google Analytics

 

We use Google Analytics to track, report and optimise our website performance (e.g. number of visitors, where they came from, what pages and modules they visited). This is tracked by us at an aggregate level and not on an individual level.

 

The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

 

Section D) Your Rights to Control Your Data

 

Rights of the data subject (“you”).

 

You have the following rights to control your data according to GDPR principles:

 

  1. Right of confirmation – this means the ability to find out from us if we are processing data about you.
  2. Right of access – this means the ability to see what data is being held about you (also called Subject Access Request). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.

 

  1. Right of rectification – this means the ability to change or alter any incomplete or inaccurate data we hold about you.
  2. Right to erasure – this means the ability to be removed from our databases/ systems where: there is no good reason for us continuing to process it, you withdraw your consent, we are unlawfully holding your personal data or we should erase your data to comply with applicable EU law. You have a right to ask us to delete or remove your personal information where you have exercised your right to object to processing.
  3. Right to restriction of processing – this means the ability to limit or suspend what personal data is processed.
  4. Right to data portability – this means the ability to move the data to another supplier
  5. Right to object – this means the ability to prevent your personal data being processed in a certain way or remove There is a specific provision to be able to object separately to data profiling.

 

To exercise your rights to any of the above, please contact us via email at: DataProtection.SBSUK@Sharp.eu

 

Alternatively, there are other actions you can take as a user of our websites to limit the amount of personal data we may process:

 

Do not consent or remove consent:

 

  • Where we capture personal data on forms, we will be introducing opt-in boxes so that you can tell us if you want to hear from us for marketing If you don’t consent, you won’t hear from us, unless it’s related to the service we provide you.

 

  • Most marketing communications, especially electronic communications, where practical will provide the ability to opt-out of further marketing communications.

 

Prevent or remove web tracking:

 

 

 

 

  • We will investigate any request you make without undue delay and in any event within one month of receipt of your request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. We shall inform you of any such extension within one month of receipt of the request, together with the reasons for the
  • In the event that we decide to not take action on the request, we will inform you of the reasons for not taking action.

 

 

Lodging a complaint with the supervisory authority: if you do not agree with a decision we make in relation to a rights request or believe that we are in breach of applicable data protection laws, then you can lodge a complaint with a data protection supervisory authority in the EU. You can contact the data protection supervisory authority for United Kingdom using its contact details on its website www.Sharp.co.uk Updates to this Policy

 

We may update this privacy policy from time to time to reflect changes in the way we process personal data (e.g. if we implement new systems or processes that involve the new uses of personal data) or to clarify information we have provided in this notice. Our changes will be in accordance with applicable data protection laws.

 

We recommend that you check for updates to this notice from time to time but we will notify you directly about changes to this notice or the way we use your personal data when we are legally required to do so.