Privacy Policy

 

Effective date: 25 May 2018

This privacy notice tells you how we collect and process your personal data on our website sundanceresearch.net and in your interactions with us. The policy covers information we collect as well as personal data you give us when you:

  • Communicate with us directly through our website, email, phone or text
  • Request a quote or bid
  • Pay us for services
  • Become our supplier
  • Participate in an event
  • Provide a testimonial or reference
  • Visit our website

You must be 14 or older to give us your data in any form.

Why we collect your data

We collect your information so we can:

  • Provide our services
  • Maintain and improve our services
  • Develop new services
  • Measure our performance
  • Communicate with you
  • Provide a safe and reliable source of information

How we collect your data

We collect and process data you give us, data we collect as you use our services and data that is from third parties and public sources.

  1. Data you provide to us
  • When you communicate with us directly, whether using forms on our website, email, phone, facsimile or text, you give us your name, contact information and the content of the communication.
  • When you request a quote or bid you give us your name, contact information and relevant information about your business needs.
  • When you pay us for something, we receive your name, email, address and other details provided to us by our electronic payment services. If you pay by check or wire transfer we receive your name and other banking information provided on the check or bank documentation.
  • When you become our supplier you provide us your name, contact details, and contractual terms.
  • If you participate in an event, you provide us your name, email, address, purchase details and payment details.
  • If you give us a testimonial or reference, you give us your name, location, and information about your work. You may give us a picture of you, and we may make a video with your consent. You may choose to provide details about your history, including certifications, specialty or professional knowledge.
  1. Data we collect as you use our services

When you visit our website, our systems automatically collect:

  • Technical data about your computer and connection including your login data, Internet protocol address, browser type and version, city and country, operating system, and other technology on the devices you use to access the site. This data comes from server logs, cookies, and similar technology. It helps us keep the site secure from known malicious hackers and lets us optimize the site for our users’ technology. Our cookie policy provides more details about their use.
  • Usage data that tells us how you use our website so we can focus our efforts on what you most want.
  1. Data from third parties that is a by-product of using our services

We may receive technical data from Google, Wordfence, or other analytics providers. We may also receive contact, financial and transaction data from payment services such as PayPal and delivery services.

  1. Data from public sources

We may collect your name, contact information, profile and posts from Internet searches and social media including LinkedIn, Facebook and Twitter.

When we use your data

We only use your information when there is a lawful basis. The lawful basis for using your personal data is one or more of the following:

  • To fulfill a contract between us
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
  • To comply with legal or regulatory obligations

Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by clicking the “unsubscribe” link on any marketing email.

Contracts                                

Fulfilling a contract is the lawful basis for processing your information when:

  • Request a quote
  • You become a customer
  • You sign up for a prize draw, competition or complete a survey

If we are required to collect personal data by under the terms of the contract between us or by law and you don’t provide us the data, we may not be able to perform the contract (for example, to deliver goods or services to you). We may have to cancel a product or service you have ordered but if we do, we will notify you at the time.

Legitimate Interests

Legitimate interests is the lawful basis for processing in specific circumstances. We use legitimate interests to process your information:

  • When you conduct any financial transaction with us. Processing your information is necessary for our legitimate interests to collect monies owed us or to pay our obligations.
  • When you communicate with us directly. Processing your information is necessary for our legitimate interests to provide customer support, build our network and grow our client base.
  • When you participate in an event. Processing your data is necessary for our legitimate interests to grow our business.
  • When you provide a testimonial or reference. Processing your data is necessary for our legitimate interests to market our services.
  • When we collect personal data for troubleshooting, data analysis, system maintenance, support, reporting, and security. Processing your personal data is necessary for our legitimate interests for running our business, providing IT and administration services, network security, to prevent fraud, block spam and in the context of a business reorganization or group restructuring.
  • When we use data analytics to improve our website, products/services, marketing, customer relationships, and experiences. Using your personal data is necessary for our legitimate interests to keep our site updated and relevant, to develop our business and to inform our marketing strategy.

Anonymized aggregated data

We may anonymize and aggregate data for analysis or research. Anonymized data does not reveal your identity and is not personal data. For instance, we may calculate the percentage of website users that use a specific feature. If we link the aggregated data with data that can identify you, then it is treated as personal data.

Change in purpose for data use

We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.

We may process your personal data without your knowledge or consent where this is required or permitted by law.

Who receives your data

Our service providers

We use services provided by other companies to run our business. These services may include email, VOIP calls, file storage, processing credit card payments, delivering packages, accounting, marketing, business and sales analysis, supporting our website functionality, and supporting events offered through our website. Our third-party service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes. They are required to respect the security of your personal data and treat it lawfully. We only allow third parties to process your information for specified purposes and only according to our instructions.

Our third-party service providers and location of data storage:

  • ProtonMail (Switzerland)
  • Sync (Canada)
  • Google (United States)
  • PayPal (United States)
  • OnePageCRM (United States)
  • Interserver (United States)

How we protect your data

Data transfers

Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.

Many of our third parties service providers transfer and process your data outside the EEA. We do our best to ensure your data stays secure by requiring at least one of the following safeguards:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
  • Where we use providers based in the United States, we may transfer your data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the European Union and the US.

If none of the safeguards are available, we will ask you for explicit consent to allow the transfer. You will have the right to withdraw this consent at any time by emailing legal@ sundanceworldwide.com.

Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have procedures for responding to a suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How long we keep your data

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law, we have to keep basic information about our customers (including contact, identity, financial and transaction data) for a minimum of three years after they cease being customers for legal purposes.

In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes. If we do so, we may use this information indefinitely without further notice to you.

Controlling your data

Your legal rights

Under certain circumstances, you have the right to make requests regarding the information we collect and how it’s used. Under data protection laws you have the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to the processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

You can see more about these rights at:

https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/my-rights/what-are-my-rights_en

Exercising your rights

  1. Send us your request in writing

If you wish to exercise any of the rights set out above, please email us at legal@ sundanceworldwide.com with your specific request.

  1. Verify your identity

Before we can provide access to or take action on your data we must verify your identity. We will request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

  1. Provide additional information

We may contact you to ask for more information about your request to speed up our response.

What to expect

You will not have to pay a fee to access your personal data or to exercise any of the other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

It is very important that your information is accurate. Please let us know at any time if your personal information changes. If you receive data from us, please correct any errors so we can keep our systems up to date.

Some requests cannot be accommodated. If this happens, we will provide a reason.

If you are in the EEA and you are not happy with any aspect of how we collect and use your data, you have the right to complain to the national authority for data protection who has jurisdiction over your location within the EEA. We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Other ways to control your data

Third-party links

Our website may have visible links to other sites. Content on our website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the same way as if you have visited the other website. Clicking on those links or enabling those connections may allow others to collect or share data about you. We do not control these third-party websites, we’re not responsible for their privacy practices, and this privacy policy does not apply to that site. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see our cookie policy.

Data you voluntarily disclose to the public

We may provide areas on our website where you can post information about yourself and post comments or reviews of content found on the website. Such postings are governed by our Terms and Conditions. When you voluntarily disclose personal data, including sensitive data, on publicly-viewable web pages, that information will be publicly available and can be viewed, collected and used by others. We cannot control what viewers may do with the information you post, so we encourage you to exercise caution with respect to posting your personal information.

Contacting us

If you have any questions about this privacy notice, please contact us at:

legal@ sundanceworldwide.com.