Sign Up

Privacy Policy

This Privacy Policy describes the information that we gather on or through our Services and how we use and process such information. For each processing purpose we will articulate the reason for requiring the data, what data we will process, the legal basis for processing the data and how long we will keep the data. Where the legal basis of consent is to be used, this will be gathered freely, and we will use clear, plain language that is easy to understand, and you will be able to remove your consent at any point. What information do we collect about you? We collect/process information so that we can provide the best possible experience when you utilise our services. This section of the policy will describe the purpose for processing your personal data, the legal basis to do so and how long we will keep your data.

1. What Information do we collect about you and how do we use it?

We collect/process information so that we can provide the best possible experience for you when you use our site. This section of the policy will describe the purpose for processing your Personal Data, the legal basis to do so and how long we will keep your data.
“Personal Data” has the meaning given to it in the Data Protection Laws.

“Data Protection Laws” means any and all laws, statutes, enactments, orders or regulations or other similar instruments of general application and any other rules, instruments or provisions in force from time to time relating to the processing of personal data and privacy applicable to the performance of this Agreement, including where applicable the Data Protection Act 1998, the Data Protection Act 2018, the Regulation of Investigatory Powers Act 2000, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (SI 2426/2003) and the GDPR (Regulation (EU) 2016/679), as amended or superseded.

We do not collect any Special Categories of Personal Data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, or information about your health).

1.1 Our Product / Service

If you choose to use our service, including receiving email notifications, newsletters and product/service updates, or attending webinars, you must consent to provide us with some Personal Data so that we can provide these services to you; this will include your name, email address, job title, company name, phone number. Other non-mandatory Personal Data may also be gathered if you choose to provide it.

We will process personal data using two legal rationales:

  • if you are an individual and not associated with a contracted client we will ask for your consent.
  • If you are associated with a contracted client we will use legitimate interest as the legal basis to process the data (this includes carrying out the business of providing products and services and pursuing our general business interests).

Sometimes we may process personal data on the basis that you have provided your consent, however you have the right to change your mind which you can do by getting in touch with us using the contact details below. You may also opt-out of receiving marketing emails from us by following the instructions outlined in the email.

We will retain Personal Data for active customer leads or site users for a period of up to three (3) years for a dormant account, i.e. an account which hasn’t been used.

1.2 Corporate

If you choose to use our service, personal data items such as Name, Email Address and Telephone number may be stored in our Corporate Cloud Storage, Corporate Email Platform or our Help Desk platform.

We will process personal data using two legal rationales:

  • if you are an individual and not associated with a contracted client we will ask for your consent.
  • If you are associated with a contracted client we will use legitimate interest as the legal basis to process the data (this includes carrying out the business of providing products and services and pursuing our general business interests).

We will retain Personal Data for active customer leads or site users for a period of up to three (3) years for a dormant account, i.e. an account which hasn’t been used. A lead will be active under the following circumstances:

  • An email sent by our organisation has not received an unknown account bounce back
  • An email or contact us form has been sent to us from the data subject

1.3 Marketing

We would like to send you information about new or existing products and services, or content resources of ours which may be of interest to you. You have a right at any time to stop us from contacting you for marketing purposes. To distribute our marketing information we may use personal data such as names, addresses, email addresses, employer details, job titles, telephone numbers and LinkedIn profiles.

If you request or consent to be added to our mailing or marketing lists, we will use consent as the legal basis to process your Personal Data. If you haven’t requested to be added to our mailing or marketing lists, we will process Personal Data using the following legal rationale to send marketing information related to its specialized audiences, including:

  • Supply Chain content, news and webinar promotions

If you agreed to process your personal data and receive Marketing communications from  Supplychain360,  Supplychain360 will use previous legitimate consent as a rationale to update the information we hold about you, in the form of name, surname, email address, job title, company name, phone number, as the legal basis to process your personal data.

If you consent to the processing of your personal data and opt in to receive marketing communications from  Supplychain360, you will receive information about third-party products and services that we believe may be of interest to you. This will occur only after you have agreed to the processing of your personal data and be carried within  Supplychain360’s existing data [processing and transfer agreements it holds with its third parties.

We will only process your personal data where we have a lawful basis for doing so. In general, unless we have your consent, our lawful basis will be one or more of the following:

  • that the processing is necessary for the performance of a contract;
  • that the processing is necessary for compliance with our legal obligations;
  • that the processing is necessary for the purposes of pursuing our legitimate interests (this includes carrying out the business of providing products and services and pursuing our general business interests);
  • that the processing is necessary for the establishment, exercise or defence of legal claims;

Then we will use legitimate interest as the legal basis to process the data. We use this legal basis after completing a legitimate interest assessment process. If you do not want us to contact you, we will provide an unsubscribe facility within the emails or you can email us at info@supplychain360.io 

We will retain Personal Data for active customer leads for a period of up to two (3) years, a lead will be active under the following circumstances:

  • An email sent by our organisation has not received an unknown account bounce back
  •  An email has been sent to us from the data subject

1.4 Cookies

Like many websites, we use cookies and similar technologies to collect additional site usage data and to improve our services. Site usage information is collected using cookies to monitor aggregate site usage metrics such as total number of visitors, pages viewed and web traffic routing on our services.

We will process Personal Data under the legitimate interest legal basis as we only use the data to perform aggregated tracking analysis and will not target individuals based upon this analysis. You will also need to accept our cookie policy to allow us to process the data.

We will retain active cookie data for a period of up to one (1) year, a cookie will remain active if a user re-visits our site.
Learn more about how we use cookies by visiting the cookie policy on our website:  www.supplychain360.io 

2. Updating This Policy

We may change or update this Privacy Policy at any point so that it accurately reflects our services, if we believe it does not fundamentally change your data privacy rights. If we believe your rights have been affected we will contact users 30 days before we implement the change. If you continue to use the site once the Privacy Policy has been updated or amended, you will be bound by the updated Privacy Policy. If you do not want to agree to any updated or amended Privacy Policy, you can request an account deletion.

3. Your Rights

3.1 Accessing or Rectifying your personal data

In most circumstances before we are able to invoke your rights we may need to verify you as the data subject, therefore we will request data from you and this will be checked against our records before we can proceed.

We want to make sure that your personal information is accurate and up to date and you have the right to request a copy and update the Personal Data that we hold about you. You may ask us to correct or remove information you think is inaccurate. If you would like to invoke this right, please email or write to us at info@supplychain360.io 

3.2 Deletion

You may wish to object to or restrict our ability to process your Personal Data, this can be done either via email or in writing, using the contact details below. Further context may need to be requested to ensure we can carry out the relevant tasks to perform the request.

You can also opt out of receiving emails or updates at any point.

3.4 Portability

You may wish to port your personal data to another platform. This can be done either via email or in writing at info@supplychain360.io 

4. Who We Are And How To Contact Us

This Privacy Policy is issued on behalf of the  Supplychain360   is when we mention “ Supplychain360”, “we”, “us” or “our” in this Privacy Policy, we are referring to the relevant company responsible for processing your data.  Supplychain360   is the data controller and is responsible for this website and for defining and managing how your personal data is processed.
Our company name is:  Supplychain360 
Our company address is: CR4 2LW, London, United Kingdom
Our email address is: info@supplychain360.io 

5. To Whom We Disclose Information

Except as described in this Policy, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the data subject. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:

6. Unrestricted Information

Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.

7. Service Providers

We work with third party service providers who provide email hosting, core corporate applications, web hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.

7.1 Service providers include:

  • HubSpot 5th Floor, City Bridge House, 57 Southwark St, London SE1 1RU, for the purpose CRM data storage
  • Microsoft, Microsoft Corporation, 1 Microsoft Way, Redmond, WA, United States; for the purpose of internal employee operations.
  • Google, 1600 Amphitheatre Parkway, Mountain View, CA, United States; for the purpose of internal employee operations.

7.2 Overseas transfers

The information you provide may be transferred to countries outside the European Economic Area (EEA) that do not have similar protections in place regarding your data and restrictions on its use as set out in this policy. However, we will take steps to ensure adequate protections are in place to ensure the security of your information. The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein. By submitting your information, you consent to these transfers for the purposes specified above.

We may transfer your personal information to the following which are located outside the European Economic Area (EEA) as follows:

HubSpot 5th Floor, City Bridge House, 57 Southwark St, London SE1 1RU, for the purpose CRM data storage; Microsoft, Microsoft Corporation, 1 Microsoft Way, Redmond, WA, United States; for the purpose of internal employee operations; Google, 1600 Amphitheatre Parkway, Mountain View, CA, United States; for the purpose of internal employee operations have each provided the following safeguards to ensure the safety of your personal data, and it shall be processed to at least the same standards as set out by the General Data Protection Regulations: HubSpot, Google and Microsoft each participates in The Privacy Shield framework, which is accepted by the European Commission as evidence that an adequate level of protection exists for the personal data in the country, territory, or organisation where it is being transferred, in this case, the United States.  

You can obtain a copy of the safeguards and any other of Hubspot’s data protection documentation by visiting https://legal.hubspot.com/legal-stuff, or applying via post to Salesforce, Level 1 Atrium A, Sandyford Business Park, Dublin 18, Ireland.

7.3 Non-Personally Identifiable Information

We may make non-personally-identifiable information available to third parties for various purposes. This data maybe automatically-collected and would be analysed to create an aggregated view of the data, ensure the reported information was anonymous.

We may disclose Personal Data or other information if required to do so by law or in the good-faith belief that such action is necessary to comply with applicable laws, in response to a facially valid court order, judicial or other government subpoena or warrant, or to otherwise cooperate with law enforcement or other governmental agencies.

7.5 Change of Ownership

Information about data subject, may be disclosed and otherwise transferred to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets and only if the recipient of the personal data commits to a Privacy Policy that has terms substantially consistent with this Privacy Policy.

8. Our Data Security

We have appropriate security measures in place to prevent personal information from being accidentally lost, used or accessed in an unauthorised way. The following security procedures, and technical and organisational measures to safeguard your personal information have been put in place:

  • In cases where personal data is being processed in third countries or third parties, a rigorous data protection impact assessment is being performed to ensure that your data is always secured.
  • Our application platform is hosted in ISO 27001 certified secure data centres in the UK
  • Firewalls, intrusion detection and prevention, anti-virus and anti-malware and backup and disaster recovery is in place to prevent data loss or deletion.
  • Intrusion detection and prevention secures the network traffic to the servers and applications.
  • Anti-malware and anti-virus software is deployed to all of our servers and regularly scan and update with the latest anti-malware and virus signatures.
  • We regularly apply critical, security patches and firmware updates to operating systems and physical hardware to minimise the risk of vulnerabilities
  • Our employees undergo background screening and selection processes, with a restricted list of employees having access to secure areas of the applications, databases and physical infrastructure. The access to the secure areas are logged and auditable.
  • We will use all reasonable efforts to safeguard your personal information. However, you should be aware that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.
  • We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
  • We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

This privacy policy was last updated on 1st February 2024.

Blueprints

Newsletter

Supply Chain logo

©Your trusted source for cutting-edge insights, best practice frameworks, and the latest news tailored exclusively for Supply Chain leaders.

Part of 360 Intelligence Ltd

Mission

  • Our mission is to empower Supply Chain leaders with the knowledge and tools they need to drive efficiency, innovation, and success in their organizations.

Address

Newsletter

Subscribe to our newsletter for daily insights.