This document sets out how Prompt Global Corporation can formulate a Privacy Policy for visitors on the website, that makes clear that personal data protection and data security is respected and compliant with GDPR Directive. You can customise this document to meet the needs of your company, and save or print it as required. This procedure is intended to be used when putting in place a new Data Protection Policy. It may also be used when validating whether existing arrangements meet the requirements of the General Data Protection Regulation (GDPR).
An international organisation is defined by the GDPR as “an organisation and its subordinate bodies governed by public international law, or any other body which is set up by, or on the basis of, an agreement between two or more countries” (GDPR Article 4).
The intention of the GDPR is to protect the personal data of EU citizens wherever it is held; there are strict requirements governing where personal data can be transferred to and the measures that must be in place for such as transfer to be legal. The penalties for contravening the GDPR are significant and care must be taken by Prompt Global Corporation to ensure that we remain within the law at all times.
Communication and disclosure of personal data to third parties
Thank you for visiting us. Please note that your personal data shall not be disclosed to third parties without your express consent, except under legal obligation. More specifically, your personal data shall not be transmitted or provided to third parties outside the European Union without your express consent, except under legal obligation.
The personal data you provided may be transmitted to our related companies and/or partners when this is deemed necessary for the purpose of maintaining and managing the Prompt Global Corporation website and for the purpose of provisioning our products and services. In such cases, we shall ensure that our partners and/or related companies take over the responsibility to protect personal data to an extent equal to that guaranteed in these General Terms and Conditions.
Your personal data (including your email) will never be shared with any third parties for marketing purposes.
Types of data that we collect for specified purposes are:
Prompt Global Corporation collects and processes personal data in accordance with the provisions of the Personal Data Protection Act and other regulations in force in the United States and the European Union.
Your personal data are processed only on the basis of your approval – a free and express consent to process your personal data for the purposes related to the use of the Content available through the Prompt Global Corporation. Your consent for the collection and processing of your personal data for a given purpose shall be requested when completing the appropriate form published on the web pages of the Prompt Global Corporation.
Your personal data shall be used in order to provide Content, reply to queries concerning the Content available on the Prompt Global Corporation, and inform you about the existing and new content, materials, functionalities, services and other offers that may interest you, and in order to improve the quality of the Content and the Prompt Global Corporation.
Data collected through quizzes and questionnaires are confidential and may be used only for our own purposes.
All collected data are electronically stored, and appropriate measures and procedures are applied in order to prevent unauthorized access, maintain the level of personal data protection and use the data collected online in a correct manner.
Even though we take all appropriate measures to ensure against unauthorized disclosure of your personal data, we cannot guarantee that some of the collected personal data shall never be disclosed in a manner that is not in accordance with these General Terms and Conditions. Accidental disclosure may be, for example, a consequence of false misrepresentation when accessing websites that contain such data, with the purpose of correcting possible errors in the data. We shall not be liable, to the fullest extent permitted by law, for any damage caused to users or third parties relating to accidental disclosure of personal data.
The Prompt Global Corporation contains Interactive Content and may contain Links to third party websites, through which other users or third parties may gain authorized or unauthorized access to your personal data. These General Terms and Conditions do not apply to the collection, processing or use of personal data that you communicate to other users and/or third parties. It is in your best interest to acquaint yourself with the rules of personal data protection, and the protection of privacy applied by other users and/or third parties. Since we cannot control the data you provide when accessing or using the Interactive Content, Links or third party websites, or in other circumstances in which you communicate your personal data to other users and/or third parties, we shall not be liable for any damage caused to you, other users and/or third parties, arising from the fact that you communicated your personal data, in relation to the use of the Prompt Global Corporation.
You are legally entitled to request modification or deletion of your personal data, or deletion from the registered user’s database at any time. Modification or deletion of data shall be effectuated on the basis of an appropriate notice addressed to the contact identified on the Prompt Global Corporation.
We reserve the right to use cookies.
A cookie is a group of data serving as your anonymous individual identifier that is sent to your browser by websites. Cookies are sent when you access a website, they are stored in your computer and they serve to record information about your subsequent online visits. Therefore, after a cookie has been stored on your computer during your first access to a website, every time you return to the website it will look for its cookie in order to read the stored data.
Since a cookie is an anonymous individual identifier, it does not contain or send any personal information to the website that stored it on your computer, but only enables faster and more efficient activation of information, data and settings previously communicated during access and use of the website.
Your browser is set in such a way that each website can only access its own previously sent cookies, but not the cookies of other websites.
The Options or Settings menu of your browser allows you to select an appropriate option for receiving cookies, even to disable them completely. However, disabling cookies completely will reduce the efficiency of some contents available on some websites.
The lawful basis for your data processing, how long you’ll keep the data for, the user’s right to complain – these are all pointed to in the GDPR.
(Note, for the full detail on what information should be provided to the data subjects at point of data collection, readers should check out article 13 of the GDPR, specifically paragraphs 1 and 2, summarised by the ICO here.)
ICO presented this Disclaimer model:
Here at [organisation name] we take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us.
We would also like to pass your details onto other [name of company/companies who you will pass information to]/[well defined category of companies], so that they can contact you by post with details of [specify products]/ [offers]/[services]/[competitions] that they provide. If you consent to us passing on your details for that purpose please tick to confirm:
I agree
At Prompt, we’re committed to protecting and respecting your privacy.
This policy explains when and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, how we keep it safe and secure and your rights and choices in relation to your information.
We’re Prompt, a software company serving the supply chain industry.
In this policy ‘Prompt’, ‘we’, ‘us’ or ‘our’ means:
Prompt Global Corporation, a Delaware C Corporation.
Registered address is 84 Front Street 4C Brooklyn NY 11201.
We obtain information about you in the following ways:
Information you give us directly
For example, we may obtain information about you when you take part in one of our webinars, purchase products and services or when you register to receive one of our newsletters.
Information you give us indirectly
Your information may be shared with us by third parties, which might include:
independent service providers, for example consulting companies; and subcontractors acting on our behalf who provide us with technical, payment or delivery services, our business partners, advertising networks analytics providers and search information providers.
You should check any privacy policy provided to you where you give your data to a third party.
When you interact with us on social media platforms such as Facebook and Twitter we may obtain information about you (for example, when you publicly tag us in an event photo). The information we receive will depend on the privacy preferences you have set on those types of platforms.
We supplement information on our supporters with information from publicly available sources such as annual reviews, corporate websites, public social media accounts, the electoral register and Companies House in order to create a fuller understanding of someone’s interests and support. For more information, please see the section on ‘Building Profiles’ below.
We do not usually collect sensitive data about you unless there is a clear and valid reason for doing so and data protection laws allow us to.
Where appropriate, we will make why we are collecting this type of information and what it will be used for clear.
We keep your information for no longer than is necessary for the purposes it was collected for, The length of time we retain your personal information for is determined by operational and legal considerations. For example, we are legally required to hold some types of information to fulfil our statutory and regulatory obligations (e.g. health/safety and tax/accounting purposes).
We review our retention periods on a regular basis.
We do not sell or rent your information to third parties.
We do not share your information with third parties for marketing purposes.
However, we may disclose your information to third parties in order to achieve the other purposes set out in this policy. These third parties may include:
Third parties working on our behalf: We may pass your information to our third party service providers, suppliers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf (for example to process donations and send you mailings). However, when we use these third parties, we disclose only the personal information that is necessary to deliver the services and we have a contract in place that requires them to keep your information secure and prevents them from using it for their own direct marketing purposes. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes, unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Third Party Product Providers we work with: our trusted third party product providers provide a range of quality and reliable software and services designed to meet the needs of the supply chain companies (e.g. SAMPLE PRODUCTS/SERVICES). When you enquire about or purchase one or more of these products, the relevant third party product provider will use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. They will be acting as a joint controller of your information and therefore we advise you to read their Privacy Policy. These third party product providers will share your information with us which we will use in accordance with this policy.
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation, or if we’re under a duty to disclose or share your personal data in order to comply with any legal obligation or to enforce or apply our terms of use or to protect the rights, property or safety of our staff, supporters, customers, users of the website or others. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Data protection law requires us to rely on one or more lawful grounds to process your personal information. We consider the following grounds to be relevant:
Where you have provided specific consent to us using your personal information in a certain way, such as to send you email, text and/or telephone marketing.
Where we are entering into a contract with you or performing our obligations under it like when you buy software and services.
Where necessary so that we can comply with a legal or regulatory obligation to which we are subject, for example where we are ordered by a court or regulatory authority.
Where it is reasonably necessary to achieve our or others’ legitimate interests (as long as what the information is used for is fair and does not duly impact your rights).
We consider our legitimate interests to be running Prompt as a software company in pursuit of our aims and ideals. For example to:
send postal communications which we think will be of interest to you;
conduct research to better understand who our customers are to better target our products;
monitor who we deal with to protect the company against fraud, money laundering and other risks;
enhance, modify, personalise or otherwise improve our services /communications for the benefit of our customers; and understand better how people interact with our website.
When we legitimately process your personal information in this way, we consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. We will not use your personal information where our interests are overridden by the impact on you, for example, where use would be excessively intrusive (unless, for instance, we are otherwise required or permitted to by law).
When we use sensitive personal information, we require an additional legal basis to do so under data protection laws, so will either do so on the basis of your explicit consent or another route available to us at law (for example, if we need to process it for employment, social security or social protection purposes, your vital interests, or, in some cases, if it is in the public interest for us to do so).
We may use your contact details to provide you with information about the vital work we do for our customers and their partners, our future software developments and opportunities to work with us, as well as the products and services you can buy, if we think it may be of interest to you.
We will only send you marketing and partership communications by email, text and telephone if you have explicitly provided your prior consent. You may opt out of our marketing communications at any time by clicking the unsubscribe link at the end of our marketing emails.
We may send you marketing and partnership communications by post unless you have told us that you would prefer not to hear from us.
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about the vital work we do for our customers and their partners, our future software developments and opportunities to work with us, as well as the products and services you can buy, if we think it may be of interest to you.
We will not use your personal information for marketing purposes if you have indicated that you do not wish to be contacted and will retain your details on a suppression list to help ensure that we do not continue to contact you. However, we may still need to contact you for administrative purposes like where we are processing a donation or thanking you for your participation in an event.
We may analyse your personal information to create a profile of your interests and preferences so that we can tailor and target our communications in a way that is timely and relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively. This allows us to be more focused, efficient and cost effective with our resources and also reduces the risk of someone receiving information they may find inappropriate or irrelevant.
We may also use your personal information to detect and reduce fraud and credit risk.
Under United States and EU data protection law, you have certain rights over the personal information that we hold about you. Here is a summary of the rights that we think apply:
You have a right to request access to the personal data that we hold about you. You also have the right to request a copy of the information we hold about you, and we will provide you with this unless legal exceptions apply.
If you want to access your information, please send a description of the information you want to see and proof of your identity by post to the address provided below.
You have the right to have inaccurate or incomplete information we hold about you corrected. The accuracy of your information is important to us so we’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or if you believe any of the other information we hold is inaccurate or out of date, please contact us via email or post (see below). Alternatively, you can telephone 0800 169 87 87.
You have a right to ask us to restrict the processing of some or all of your personal information if there is a disagreement about its accuracy or we’re not lawfully allowed to use it.
You may ask us to delete some or all of your personal information and in certain cases, and subject to certain exceptions; we will do so as far as we are required to. In many cases, we will anonymise that information, rather than delete it.
If we are processing your personal information (1) based on your consent, or in order to enter into or carry out a contract with you, and (2) the processing is being done by automated means, you may ask us to provide it to you or another service provider in a machine-readable format.
You have the right to object to processing where we using your personal information (1) based on legitimate interests, (2) for direct marketing or (3) for statistical/research purposes.
If you want to exercise any of the above rights, please email us at contact@Prompt.com or write to PROMPT, 84 Front Street 4C Brooklyn NY 11201. We may be required to ask for further information and/or evidence of identity. We will endeavour to respond fully to all requests within one month of receipt of your request, however if we are unable to do so we will contact you with reasons for the delay.
Please note that exceptions apply to a number of these rights, and not all rights will be applicable in all circumstances. For more details we recommend you consult the guidance published by the United States’ Information Commissioner’s Office.
When you give us personal information, we take steps to ensure that appropriate technical and organisational controls are in place to protect it.
Any sensitive information (such as credit or debit card details) is encrypted and protected with the following software 128 Bit encryption on SSL. When you are on a secure page, a lock icon will appear on the bottom of web browsers such as Microsoft Internet Explorer.
Non-sensitive details (your email address etc.) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
Like many other websites, this website uses cookies. ‘Cookies’ are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. For example, we use cookies to store your country preference. This helps us to deliver a better more personalised service when you browse our website and improve our services.
Our website may contain links to other websites run by other organisations. This policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other websites even if you access them using links from our website.
In addition, if you linked to our website from a third party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the privacy policy of that third party site.
We are concerned to protect the privacy of children aged 16 or under. If you are aged 16 or under‚ please get your parent/guardian’s permission beforehand whenever you provide us with personal information.
We are committed to protecting vulnerable supporters, customers and volunteers and appreciate that additional care may be needed when we use their personal information. In recognition of this, we observe good practice guidelines in our interactions with vulnerable people.
As part of the services offered to you through this website, the information which you provide to us may be transferred to countries outside the European Economic Area (“EEA”). By way of example, this may happen if any of our servers are from time to time located in a country outside of the EEA. You should be aware that these countries may not have similar data protection laws to the United States. By submitting your personal data, you’re agreeing to this transfer, storing or processing. If we transfer your information outside of the EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this policy.
If you use our services while you are outside the EEA, your information may be transferred outside the EEA in order to provide you with those services. We undertake regular reviews of who has access to information that we hold to ensure that your info is only accessible by appropriately trained staff, volunteers and contractors.
Our website may also use the SessionCam website recording service. SessionCam is a product that has been developed by ServiceTick Ltd. SessionCam may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive personal data. Data collected by SessionCam from the ServiceTick website is for Prompt’s internal use only. The information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting.
Any changes we may make to this policy in the future will be posted on this website so please check this page occasionally to ensure that you’re happy with any changes. If we make any significant changes we’ll make this clear on this website.
We keep this policy under regular review. This policy was last updated in May 2018.
