This privacy policy is effective from 10/04/2018

Our details

Here at Overt Software Solutions Ltd we take your privacy seriously and will only ever use your personal information as explained in this policy.

You can contact us with questions about this privacy policy at:

Data Protection Officer
Overt Software Solutions Ltd
Unit 2 Hawford Business Centre
Hawford
Worcester
WR3 7SG

Telephone : 01905 886377
Email: dpo@overtsoftware.com

How we use your information

Visitors to our website

When someone visits www.overtsoftware.com we collect:

  • Standard internet log information such as IP address, browser version and the pages accessed
  • Cookies. See our separate Cookie Policy for further information

Our legal basis for processing this information is:

  • Legitimate interest: To allow us to maintain network and information security

Data is processed in the following locations:

  • Our website is located in the United Kingdom
  • We use a third party, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. This information is stored in the United States of America, however this data does not identify individuals. See our Cookie policy for further information about the cookies used by this service
  • We use a third party, Calendly, to schedule meetings through our website. Even if you do not use this feature, a number of cookies are created when you access our website. See our Cookie policy for further information about the cookies used by this service
  • We use a third party, Tawk.to, to provide live chat on our website. Even if you do not use this feature, a number of cookies are created when you access our website. See our Cookie policy for further information about the cookies used by this service

We retain this data until:

  • Access logs on our web server: 1 year after access
  • Live chat and scheduled meetings: Data removed from third party services 2 months after event

Using our contact forms, callback requests, live chat, meeting scheduler and emails

When someone uses our contact forms, callback requests, live chat or meeting scheduler on this website or emails us directly we collect:

  • your name, email address and any information you provide in the subject and message fields, your phone number on call back requests

Our legal basis for processing this information is:

  • Legitimate interest: To allow us to answer presales queries and record email exchanges with existing and potential customers. We do not use this information beyond responding to the specific query.

Data is processed in the following locations:

  • We use a third party, Google, to process our emails. This data is stored in the United States of America. Google is compliant with the EU-US Privacy Shield framework. Their GDPR compliant privacy policy can be located here
  • We use a third party, Calendly, to schedule meetings through our website. If you schedule a meeting on our website, this data is stored in the United States of America. Calendly’s privacy policy can be located here. See our Cookie policy for further information about the cookies used by this service
  • We use a third party, Tawk.to, to provide live chat on our website. If you use our live chat feature, this data is stored in the United States of America. Tawk.to’s privacy policy can be located here. See our Cookie policy for further information about the cookies used by this service

We retain this data until:

  • 2 months after your last enquiry

Signing up to our newsletter

Our newsletter provides news and offers about our products and services. When someone signs up to our newsletter we collect:

  • your email address

Our legal basis for processing this information is:

  • Consent: You must give your consent to allow us to send you our newsletter.

Data is processed in the following locations:

  • We use a third party, AWeber, to send our newsletters. This data is stored in the United States of America. AWeber is compliant with the EU-US Privacy Shield framework. Their GDPR compliant privacy policy can be located here

We retain this data until:

  • You choose to unsubscribe. All newsletter emails will allow you to unsubscribe via a link in the footer at any time

Signing up to attend a webinar

When someone signs up to attend a webinar we collect:

  • your name and email address

Our legal basis for processing this information is:

  • Consent: You must give your consent to allow us to send emails to you regarding this specific webinar and to receive news on upcoming webinars.

Data is processed in the following locations:

  • We use a third party, GoToWebinar (provided by LogMeIn, Inc), to present webinars. This data is stored in the United States of America. LogMeIn is compliant with the EU-US Privacy Shield framework. Their GDPR compliant privacy policy can be located here

We retain this data until:

  • You choose to unsubscribe. All webinar emails will allow you to unsubscribe via a link in the footer at any time

Purchasing our services

When someone purchases services from us we collect:

  • your name, email address, organisation name, organisation address, optional sub-account details

Our legal basis for processing this information is:

  • Contract: We need this information to fulfil our contractual obligations with you

Data is processed in the following locations:

  • Our website is located in the United Kingdom

We retain this data until:

  • You terminate all contracts with us

Job application form

When someone fills out a job application form, we collect:

  • Contact details
  • Qualifications
  • Employment history
  • Ethnicity
  • Disability details

Our legal basis for processing this information is:

  • Contract: We need this data to allow us to fulfil our contractual obligations as an employer or potential employer

Data is processed in the following locations:

  • Hard copies are stored in our UK offices
  • We use a third party, Google, to store some of this data. This data is stored in the United States of America. Google is compliant with the EU-US Privacy Shield framework. Their GDPR compliant privacy policy can be located here

We retain this data for successful candidates until:

  • Contact details – 6 years post-employment
  • Qualifications – 6 years post-employment
  • Employment history – 6 years post-employment
  • Ethnicity – 6 years post-employment
  • Disability details – 6 years post-employment

We retain this data for unsuccessful candidates until:

  • Contact details – 6 months post-campaign
  • Qualifications – 6 months post-campaign
  • Employment history – 6 months post-campaign
  • Ethnicity – 6 months post-campaign
  • Disability details – 6 months post-campaign

Your rights

Depending on the lawful basis and the personal data being processed, you have the following rights to your data:

  • The right to be informed: You can see clearly how we process your personal data and we will keep you informed if anything in this policy changes
  • The right of access: You can request access to your data. We will respond to these requests within one month where the requests are not complex or numerous
  • The right to rectification: You can request that your data be corrected
  • The right to erasure: You can request that your data be deleted
  • The right to restrict processing: You can request that we restrict processing of your data but continue to store it
  • The right to data portability: You can request that your data be exported in a machine readable format to provide data portability
  • The right to object: You can object to us processing your data by using the contact details at the top of this privacy policy. Any consent given can be withdrawn at any time

How we secure your information

  • We only request the minimal amount of personal data required
  • We only retain personal data for as long as necessary
  • We will never share your details with a third party without informing you first
  • We encrypt all personal data in transit
  • We carry out frequent and encrypted offsite backups of all personal data
  • We configure our systems and applications following industry best practice to help mitigate intrusion
  • All cloud hosted systems receive regular security scans
  • We have clear security and privacy policies and regularly perform security awareness and privacy training for all staff
  • We are Cyber Essentials accredited, a UK Government backed security framework
  • Continual investment into improving security and privacy

Changes to our Privacy Policy

Any changes to our privacy policy will result in an updated “effective from” date, stated at the top of the policy.

Any major updates to our privacy policy, such as those changing the purpose or types of information collected will be clearly communicated to you on our website. Where possible, we will also notify you by email.

Complaint process

The Information Commissioner (ICO) is the UK’s independent body set up to uphold information rights. 

If you have any concerns regarding our privacy practices, please visit this page https://ico.org.uk/concerns/ on the ICO’s website where you can raise these concerns with them directly.