1. Overview

Information is a vital asset, both in terms of managing individuals’ records and the efficient management of services and resources. It plays a key role in governance, service planning, and performance management.

It is therefore of paramount importance to ensure that both our own and our interested parties’ information is efficiently managed, and that appropriate policies, procedures, and management accountability and structures provide a robust governance framework for information management.

2. Purpose

Astralis Technology Ltd understands that personal and corporate privacy is very important and that web users care about how information is used and shared online. We respect and value the privacy of everyone who visits our company website and Client Portal and will only collect and use information in ways that are useful to web users and in a manner consistent with web user rights and our obligations under the law.

We acknowledge that information is a valuable asset; therefore, it is wholly in our interest to ensure that the information we hold or obtain, in whatever form, is appropriately governed, protecting the interests of all web users.

3. Scope

This policy applies to the use of all data collected, collated, and managed by Astralis in relation to the use of our company website or Client Portal. It does not extend to any non-Astralis websites that are linked to from our site (whether we provide those links or whether they are shared by other web users). We have no control over how web users’ data is collected, stored, or used by non-Astralis websites and advise web users to check the privacy policies of any such non-Astralis websites before providing any data to them.

4. Policy

4.1 What Data Do We Collect?

Some data will be collected automatically by our site (for further details, please see section 4.9 on our use of Cookies), other data will only be collected if web users voluntarily submit it, for example, when signing up for a User Account. Depending upon the use of our site, we may collect some or all of the following web user data:

• Name;
• Date of birth;
• Gender;
• Business/company name;
• Job title;
• Profession;
• Contact information such as email addresses and telephone numbers;
• Demographic information such as postcode, preferences, and interests;
• IP address (automatically collected);
• Web browser type and version (automatically collected);
• Operating system (automatically collected);
• A list of URLs starting with a referring site, web user activity on our site, and the site web users exit to (automatically collected);

Financial information will never be collected.

4.2 How Do We Use Collected Data?

All personal data is stored securely in accordance with the principles of the EU GDPR and UK Data Protection Laws 2018. For more details on security, see section 4.14 below.

We use collected data to provide the best possible services to web users. This includes:

• Providing and managing web users’ accounts;
• Providing and managing web users’ access to our site;
• Personalising and tailoring web users’ experience on our site;
• Supplying our services to web users;
• Personalising and tailoring our services for web users;
• Responding to communications from web users;
• Supplying web users with email newsletters, alerts, etc., that web users have subscribed to (web users may unsubscribe or opt-out at any time by following the instructions on our site and any associated emails);
• Market research;
• Analysing web users’ use of our site and gathering feedback to enable us to continually improve our site and user experience.

With web users’ permission and/or where permitted by law, we may also use web user data for marketing purposes, which may include contacting web users by email and/or telephone and/or post with information, news, and offers on our services. We will not, however, send any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect web users’ rights and comply with our obligations under the EU GDPR and UK Data Protection Laws 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011, and 2015.

4.3 How and Where Do We Store Web User Data?

We only keep web user data for as long as we need to in order to use it as described above in section 4.2, and/or for as long as we have web users’ permission to keep it. Web user data will only be stored within the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein).

Information and data security is of great importance to us, and to protect web user data, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure data collected through our site.

Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that web users are advised to take suitable precautions when transmitting data to us via the internet.

4.4 Do We Share Web User Data?

We may sometimes contract with third parties to supply products and services to web users on our behalf. We will never share web user information with third parties unless expressly allowed or requested by web users. Where any web user’s data is required for such a purpose, we will take all reasonable steps to ensure that the data will be handled safely, securely, and in accordance with web user rights, our obligations, and the obligations of the third party under the law.

We may compile statistics about the use of our site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying information. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law.

In certain circumstances, we may be legally required to share certain data held by us, which may include web user personal information, for example, where we are involved in legal proceedings, where we are complying with the requirements of legislation, a court order, or a governmental authority. We do not require any further consent from web users in order to share web user data in such circumstances and will comply as required with any legally binding request that is made of us.

4.5 What Happens If Our Business Changes Hands?

We may, in future, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Data provided by users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use the data for the purposes for which it was originally collected by us.

In the event that any web user data is to be transferred in such a manner, web users will be contacted in advance and informed of the changes. When contacted, web users will not, however, be given the choice to have their data deleted or withheld from the new owner or controller.

4.6 How Can Web Users Control Their Data?

When web users submit information via our site, they may be given options to restrict our use of their data. In particular, we aim to give web users strong controls on our use of their data for direct marketing purposes (including the ability to opt-out of receiving emails from us, which web users may do by unsubscribing using the links provided in our emails and at the point of providing their details and/or by managing their Portal account).

Web users may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent web users receiving unsolicited marketing. Please note, however, that these services will not prevent web users from receiving marketing communications that they have consented to receiving.

4.7 Web Users’ Right to Withhold Information

Web users may access certain areas of our site without providing any data at all. However, to use all features and functions available on our site, web users may be required to submit or allow for the collection of certain data.

Web users may restrict their internet browser’s use of Cookies. For more information, see section 4.9 below.

4.8 How Can Web Users Access Their Data?

Web users have the legal right to ask for a copy of any of their personal data held by us (where such data is held) on payment of a small fee which will not exceed £10. Please contact us for more details at compliance@astralistech.co.uk, or using the contact details below in section 13. Alternatively, please refer to our Data Protection and Privacy Policy Statement (available on request).

4.9 What Cookies Do We Use and What For?

Our site may place and access certain first-party Cookies on the web user’s computer or device. First-party Cookies are those placed directly by us and are used only by us. We use Cookies to facilitate and improve a web user’s experience of our site and to provide and improve our services. For more details, see the table below. We have carefully chosen these Cookies and have taken steps to ensure that web users’ privacy is protected and respected at all times.

All Cookies used by and on our site are used in accordance with current UK and EU Cookie Law. Before any Cookies are placed on a web user’s computer or device, subject to section 4.1 and/or section 4.2, web users will be shown a message bar or pop-up message (depending on the browser in use) requesting their consent to set those Cookies. By giving their consent to the placing of Cookies, web users are enabling us to provide a better experience and service to them. Web users may, if they wish, deny consent to the placing of Cookies; however, certain features of our site may not function fully or as intended.

Our site uses the following Cookies:

• Strictly Necessary Cookies: These Cookies are essential to provide the services available on our site and to use some of its features. Without these Cookies, our site cannot function properly. Examples include Cookies that allow web users to log in to secure areas of our site or make use of shopping baskets.
• Performance Cookies: These Cookies are used to collect information about how web users use our site, such as which pages they visit most often, and any error messages they receive. These Cookies do not collect data that identifies web users. All information collected by these Cookies is aggregated and therefore anonymous. It is only used to improve how our site works.
• Functionality Cookies: These Cookies allow our site to remember choices made by web users, such as their login details or preferences. The information these Cookies collect may be anonymised and they cannot track web users’ browsing activity on other sites.
• Targeting Cookies: These Cookies are used to deliver adverts that are more relevant to web users and their interests. They may also be used to limit the number of times web users see an advert as well as help measure the effectiveness of the advertising campaign. They are usually placed by third-party advertising networks with our permission. They remember that web users have visited a site and this information is shared with other organisations such as advertisers.

Web users can choose to enable or disable Cookies in their web browser. By default, most web browsers accept Cookies, but this can be changed. For further details, please consult the documentation for your web browser. For more information on Cookies generally, including how to disable Cookies, please refer to the About Cookies website: www.aboutcookies.org.

4.10 How Long Will We Keep Data?

We will retain web user data for as long as required for the purposes outlined in section 4.2 and to fulfil our obligations.

4.11 Data Security

We strive to ensure the security of all web user data. We implement appropriate technical and organisational measures to protect data against unauthorised access, loss, destruction, or alteration.

4.12 Data Breach Notification

In the event of a data breach that affects web user data, we will promptly notify affected web users and take necessary steps to mitigate any potential harm. We will also notify the relevant authorities as required by applicable data protection laws.

4.13 Links to Other Websites

Our site may contain links to other websites. Please note that we have no control over the privacy policies or practices of these other sites and we cannot be responsible for their content. We advise web users to review the privacy policies of any external sites they visit.

4.14 Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any updates will be posted on our site and will be effective from the date of publication. We encourage web users to review this Privacy Policy periodically.

5. Contact Us

If you have any questions about this Privacy Policy or the information we hold about you, please contact us:

Astralis Technology Ltd
Email: compliance@astralistech.co.uk
Address: 6 Whittle End, Great Notley, BRAINTREE, CM77 7BA

6. Complaints

If you wish to make a complaint regarding our use of your personal data, please contact us using the details provided above. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) or other relevant supervisory authority.