Privacy Policy

We recognize that your privacy is important, and that you care about the information that is collected about you. We want you to feel secure when using cordence.com. This online privacy statement provides an overview of our privacy and data protection practices, so that you can better understand the steps we take to safeguard your information. If you have further questions, please contact us here on the Contact page.

This privacy policy sets out how and why Cordence Worldwide collects and uses your personal data when you visit this website, including any data you may provide through this website. When we mention “Cordence Worldwide,” “Cordence,” “we,” “us,” or “our” in this privacy policy, we are referring to the relevant group in the Cordence Worldwide responsible for processing your data.

Types of Data. We collect, use, store and transfer different types of both personal and non-personal information through our website.

Personal data, or personal information means any information about an individual from which that person can be identified. It does not include data from which you cannot identify a person.

We collect the following categories of personal data about you:

• Identity Data includes first name and last name.
• Contact Data includes email address.
• Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location,
  browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access
  this website.
• Usage Data includes information about how you use our website and services.

We also collect, use and share non-personal information such as statistical data for any purpose. This non-personal information may be derived from your personal data but is not considered personal data by the law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

If we combine any non-personal information with your personal data so that you can be identified from it, we will treat the combined data as personal data which will be used and protected in accordance with this privacy policy.

How we collect data

We collect data in different ways through our website. You may provide us the data directly when you contact us. Additionally, through the use of cookies, [server logs], and similar technologies, we may automatically collect Technical Data about your equipment, browsing activity and patterns.

We may also receive personal data about you from the third-party tool Google Analytics and website analytics provider Squarespace. The single session and global session cookies are provided on our behalf by Google Inc. They assist with reporting of user behavior, market research, and improving Site functionality. This user behavior is analysed in order to improve our Site. The information collected is not linked to personal data. To see how this applies to Google Analytics visit https://policies.google.com/privacy. You can stop Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout?hl=en-GB. Squarespace assists with reporting of user behavior, market research, and improving Site functionality. To learn more, visit https://www.squarespace.com/privacy.

How we use your data

Purposes and Lawful Bases. We will use your personal data only where we have a lawful basis for doing so. We process your personal data for a number of purposes. The lawful basis for processing your personal data will depend on the purpose for which it was obtained. The table below sets out the purposes for which we may process your personal data and the relevant lawful basis/bases that allow for that processing:

• Managing our relationship with you
  • Type(s) of Data: Identity Data, Contact Data
  • Our Lawful Basis for Processing: Necessary to comply with a legal obligation, to perform a contract with you
• To register you as a new customer/user
  • Type(s) of Data: Identity Data, Contact Data
  • Our Lawful Basis for Processing: To perform a contract with you
• Marketing
  • Type(s) of Data: Identity Data, Contact Data, Usage Data, Technical Data
  • Our Lawful Basis for Processing: Consent, necessary for our legitimate interests* (to study how customers use our
    services, to develop them, to define the types of customers for our business, to keep our website updated and relevant,
    to grow our business, and to inform our marketing strategy)

*“Legitimate interests” means our legitimate interests in conducting and managing our business, or the interests of third party, where these interests are not overridden by your fundamental rights, interests and freedoms.

Changes to the Purposes of Processing. We will only process your personal data for the purpose(s) for which we collected it. If we do need to use your personal data for a new purpose, we will notify you of this and explain the lawful basis we will be relying on. Please be aware that we may process your personal data without your knowledge or consent where this is required or permitted by law.

How we share your data

We may need to share your information with certain third parties – these third parties are as follows: Google Analytics (see below), Squarespace (see below), and certain stakeholders within Cordence Worldwide acting also as controllers or processors, provide IT and system administration services, and undertake leadership reporting.

We may need to share personal data about you with the third-party tool Google Analytics and website analytics provider Squarespace. The single session and global session cookies are provided on our behalf by Google Inc. They assist with reporting of user behavior, market research, and improving Site functionality. This user behavior is analysed in order to improve our Site. The information collected is not linked to personal data. To see how this applies to Google Analytics visit https://policies.google.com/privacy. You can stop Google Analytics tracking by visiting https://tools.google.com/dlpage/gaoptout?hl=en-GB. Squarespace assists with reporting of user behavior, market research, and improving Site functionality. To learn more, visit https://www.squarespace.com/privacy.

Third party links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we strongly recommend you read the privacy policy of every website you visit.

Requesting access to your personal data

Under data protection law, individuals have the right to request access to information about them that we hold. To make a request for your personal data please contact us here on the Contact page.

International transfers

We share your personal data in certain ways that will involve transferring your personal data to countries outside of the European Economic Area whose laws do not afford the same level of protection to personal data as within the EU. We do this in the following ways:

• to other entities within Cordence Worldwide in the U.S and globally.
• to the following third-party suppliers as referenced above
• Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by
  putting in place the following safeguards: We will only transfer your personal data to countries that have been deemed
  to provide an adequate level of protection for personal data by the European Commission. For further details, see the
  website of the European Commission at
  https://ec.europa.eu/info/law/law-topic/data-protection/reform/rules-business-and-organisations/obligations/what-rules-apply-if-my-organisation-transfers-data-outside-eu_en
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give
  personal data the same protection it has in Europe. For further details, see the ICO’s website at
  https://ico.org.uk/media/1571/model_contract_clauses_international_transfers_of_personal_data.pdf

Data security

While we store and use your personal data, we will ensure the appropriate security of your personal data including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach as is required by the law.

Retention of your Data

We will not keep your personal data longer than is necessary for the purpose for which we use it. We will retain your personal data for 1 year as is required by the law and will delete or destroy it when it is no longer required. In some circumstances we may anonymize your personal data (so that it can no longer identify you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Your Other Privacy Rights

Persons living or working in some jurisdictions have certain additional privacy rights.

Data subjects in the European Union, Switzerland, and the United Kingdom have a right to:

• be informed of how we are processing your personal data – this privacy policy serves to explain this you but please do get in touch if you have any questions;
• have your personal data corrected if it is inaccurate or incomplete;
• have your data erased (the right to be forgotten) in certain circumstances – e.g. where it is no longer needed by us the purpose for which it was collected or you have withdrawn your consent. Please note however, that in certain circumstances, we may not be able to comply with your request of erasure for legal reasons. If this is the case, we will notify you at the time you request erasure;
• restrict the use of your data in certain circumstances e.g. where you have told us the data is inaccurate and we are in the process of checking this. In such circumstances we will continue to store your data but will not process it further until we have checked and confirmed whether the data is inaccurate;
• object to the processing of your data in certain circumstances – e.g. you may object to processing of your data for direct marketing purposes;
• object to decisions being taken by automated means;
• request the transfer of your personal data to a third party. Please note this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you; and to withdraw your consent at any time to processing where we are relying on consent as the lawful basis – e.g. to receiving marketing communications. Please note if you withdraw your consent, we may not be able to provide certain services to you – We will let you know if this is the case at the time you withdraw your consent.

If you have any concerns about the way we are collecting or using your personal data, please contact us in the first instance. You also have the right to lodge a complaint with the European Union’s supervisory authority for data protection matters – the European Data Protection Board at https://edpb.europa.eu/about-edpb/board/members_en.

California Consumer Rights. The US state of California affords certain privacy rights to its residents (“Consumers”) regarding their personal information:

• California Civil Code § 1798.83 permits California residents using our website to request and obtain a list of personal information we disclosed to third parties for the preceding calendar year as well as the names and addresses of those third parties. To make such a request, please contact us on our Contact page
• California Civil Code § 1798.100 et seq. grants California residents (‘Consumers’) various privacy rights to their personal information including:
  • Request to Know. You have the right to request access to personal information that we collected for the previous 12
    months. Please note that if your access request requires the disclosure of personal information of another individual,
    we won’t be able to comply with all of your access request. Similarly, if responding to your access request would cause
    us to violate any law, rule, regulation, or law enforcement request, we would not be able to fulfill your request.
  • Request to Delete. You have the right to request that we delete personal data that we collected from you. However, we
    are not required to comply with your request if it is necessary for us or our service provider to maintain your personal
    data in order to complete the transaction with you; detect security incidences; identify and repair errors; exercise
    free speech; comply with the California Electronic Communications Privacy Act; engage in certain public interest
    research; use internally in a manner reasonably aligned with your expectations; comply with a legal obligation or
    otherwise use your personal data internally in a way that compatible with the context in which you provided it.
  • Right to Opt-out. You have the right to opt-out of the sale of your personal data to Third Parties at any time. This
    means that once you exercise your right to opt-out of the sale of your personal information, we are required to honor
    your request. Cordence Worldwide does not sell personal information to Third Parties.
• Exercise of California-Specific Rights. You have the right to be free of discrimination for exercising your consumer
  privacy rights. We will not deny you goods or services, charge different amounts or provide a different quality level of
  goods or services for exercising your rights unless the difference is reasonably related to the value of your data.

It is important that the personal data we hold about you is accurate and current. Please let us know if your personal data changes and we need to update our records.

If you have any questions about this privacy policy or about your legal rights, please contact us using our Contact page.