Privacy Policy

Introduction

Ixaris understands that your privacy is important to you and that you care about how your personal data is used.  We respect and value the privacy of everyone who visits our websites, (“Our Sites”) or uses our Services.  We will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

This privacy policy informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Services and the choices you have associated with that data.

We use your data to provide and improve our Services.  Your acceptance of this Privacy Policy is deemed to occur upon your first use of our website and service and you will be required to read and accept this Privacy Policy when signing up for an Account.  If you do not accept and agree with this Privacy Policy, you must stop using our service immediately.

Definitions

In this policy the following terms shall have the following meanings:

Personal Data
Means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier;

Account
Means an Ixaris user account;

Cookie
Means a small text file placed on your device by our site when you visit our site or use certain features of our services;

Cookie Law
Means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2013;

Process
Means any method or way that we handle Personal Data such as collection, organisation, storage, adaption, alteration, transmission, dissemination, restriction, erasure or destruction;

Services
Means any Ixaris service, content, features, function, website and applications;

Legitimate Interest
Means the business requirements to manage and offer the Ixaris services or to comply with legal obligations;

Information About Us

Organisation size: 130 – 150
Locations: London and Malta

Data Controller Details

Data Controller Details
Email Address: dropusaline@ixaris.com
Postal Address: 2 Stephen Street, London W1T 1AN, United Kingdom

Data Protection Officer Details
Name: Denise Vella
Email Address: dpo@ixaris.com

Description of Processing

We may process your personal data for various reasons that are justified under the data protection legislation.   These include:

With your permission and/or where permitted by law, we may also use your personal data:

Please also see Cookies Section for more information about our use of Cookies and similar technologies.  We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.

We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose.  If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.*In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights. 

Data we collect – online services

We collect different types of information for various purposes to provide and improve our Service to you.  Depending upon your use of our service or website we may collect and hold some or all of the personal (and non-personal) data set out in the table below, using the methods also set out in the table. Please also see Cookies Section for more information about our use of Cookies and similar technologies.  We do not collect any ‘special category’ or ‘sensitive’ personal data or personal data relating to children or data relating to criminal convictions and/or offences.

Customer Support information from the website contact form, contact email address or support email, support@ixaris.com

Support information and other communications received through the website contact form or support emails, including:

Registration Information

For business users who make use of our services and business consoles we may collect:

Transaction and associated information

Career Information

Refer to separate privacy policy at https://ixaris.bamboohr.co.uk/jobs/

How long do we keep your data

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected.  For example, we keep your personal account information for a period ofsix years from closure of account or termination of business relationship.

This enables us to comply with legal and regulatory requirements or use it where we need to for our legitimate interests such as managing your account and dealing with any disputes or concerns that may arise. We may need to retain your information for a longer period where we need the information to comply with regulatory or legal requirements or where we may need it for our legitimate business purposes, such as to respond to queries or complaints, fighting fraud and financial crime and responding to requests from regulators. Information that exceeds the retention periods is deleted or removed using industry best practices.

How do we use cookies

Our Site or services may place and access certain first-party Cookies on your computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve your experience of our Site and to provide and improve our products and services.  We have carefully chosen these Cookies and have taken steps to ensure that your privacy and personal data is protected and respected at all times.

By using our Site, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us. For more details, please refer to the table below.  All Cookies used by and on our Site are used in accordance with current Cookie Law.

Our site uses analytics services, which are a set of tools used to collect and analyse anonymous usage information, enabling us to better understand how our Site is used. This, inturn, enables us to improve Our Site and the services offered through it.  The analytics services used by Our Site use Cookies to gather the required information. You do not have to allow us to use these Cookies, however whilst our use of them does not pose any risk to your privacy or your safe use of our Site, it does enable us to continually improve our Site, making it a better and more useful experience for you.

You will be required to provide cookie consent by acknowledging the privacy and cookie policies during registration of your account. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our Site may not function fully or as intended. 

You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access Our Site more quickly and efficiently including, but not limited to, login and personalisation settings. It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.

Certain features of Our Site depend on Cookies to function. Cookie Law deems these Cookies to be “strictly necessary”.  Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. You may choose to enable or disable Cookies on your device by referring to https://allaboutdnt.com/#adjust-settings.  However, if you do not accept cookies, you may not be able to use some portions of our Service. 

We use the following cookies:

Strictly Necessary Cookies
These are cookies that are required for the operation of Our Site. They include, for example, cookies that enable you to log into secure areas of our website. 

Analytics Performance Cookies
We use third party analytics providers, such as Google Analytics to collect information about the usage of our services and enable us to improve how these services work, for example, by ensuring that users are finding what they are looking for easily. 

Functionality Cookies
These are used to recognise you when you return to Our Site. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).

Targeting Cookies
We use third party targeting tools, such as LinkedIn Insights and ads tags.  These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests.

How and where do we store or transfer your personal data?

We will store and process your data following industry best practice and security.  Some of that processing takes place at our offices and data centres in London and Malta

Some of the processing may take place in areas outside of the UK and Malta but within the EEA and covered by GDPR.

We may share your personal data with other companies.  When your personal data is shared with a third party, we will take the necessary steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.   We ensure that our contracts with those third parties contain the appropriate GDPR model clauses and that all our third parties are also compliant with the GDPR, this affords your data the same protection away from our organisation, as it does within it. 

In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

The data we collect through our services may be processed by one or more of the following:

We process data within the EEA and countries deemed by the European Union as having adequate safeguards for protecting personal data. These countries are recognised by the EU as having suitable safeguards for the rights and freedoms of individuals and recourse processes by which data subjects can exercise their rights. 

Some of the processing may take place outside of the EEA. Where we transfer your data to a third party based in the US, the data may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar to those in Europe. More information is available from the European Commission.

Please contact us for further information about the particular data protection mechanisms used by us when transferring your personal data to a third country.

The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:

What are your rights?

Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:

  1. The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.
  2. The right to access the personal data we hold about you. Upon request and verification of your identity, we will send you a copy of the personal data we hold about you. 
  3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. It is important tat your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informaed as long as we have that data. 
  4. The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. We may not always be able to comply with your request of erasure for specific legal reasons, for which you will be notified. Please note that retention requirements supersede any right to erasure requests under the data protection laws. 
  5. The right to restrict (i.e. prevent) the processing of your personal data. Please note that any requests in relation of the processing of your data means that we may not be able to provide you with the service, in which case you will be notified. 
  6. The right to object to us using your personal data for a particular purpose or purposes.
  7. The right to withdraw consent. That means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
  8. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases. 
  9. Rights relating to automated decision-making and profiling. We do not use your personal data in this way. 

To exercise your rights above please contact our Data Protection Officer, Data Controller or Company representative via any of the channels provided.

You also have the right to lodge a complaint with our supervisory authority. Ixaris’ main establishment is in Malta, thus its supervisory authority is the IDPC in Malta. Their contact details are as follows: https://idpc.org.mt/en/Pages/contact/complaints.aspx.  

We would welcome the opportunity to resolve your concerns ourselves however, so please contact us first, using the details provided.

Quick Links for exercising your rights:

DPO email address:dpo@ixaris.com
Controller email address:dropusaline@ixaris.com

Changes to this privacy policy

We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of Our Site following the alterations. We recommend that you check this page regularly to keep up-to-date.

Privacy policy last updated Tuesday 2nd November 2018.