Last Updated: May 05, 2020
You provide us with your personal data directly, such as when you create an InterMotion Technology account, submit a query or feedback to us, register for our software evaluations or programs, visit our facilities, obtain a license or product from us, contact us for support or if you provide services to us. We also collect your personal data from your use and interaction with our products and services and our website intermotiontech.com. For example, we receive information that your computer or other device sends to us in connection with access requests and via cookies and other technologies that we use to analyze and enhance your use of our website.
Information Which We Collect and Process
We collect and process your personal data including, but not limited to, the following types of personal data:
- Personal details and contact information: This includes information such as name, date of birth, contact information (e.g., home address, telephone, etc.) and information contained in publicly available professional profiles (e.g., education, work experience, etc.).
- Sales and marketing related information: This includes information such as products or technologies purchased, downloaded or licensed from us, the products and services you are interested in, your marketing preferences, phone number, email address, your signature and work information (e.g., company name, work address, work phone number, work email address, job title, etc.) and information about how you interact with our marketing materials.
- Payment and transactional information: This includes information such as billing and payment card details, payment receipts and shipping details.
- Customer support information: This includes information you may provide us with related to your use of our products or services, including how to contact you so we can provide you customer support.
- Account and user content: This includes information which you provide us when you create an account with us, register for certain customer services or software evaluations. We also process information such as your username, user email, date and time of visit, forum usage history, any content you post and any personal data contained in complaints or concerns you submit to us. Any information you provide to our forums will be publicly available and may be read, collected, and used by anyone who accesses them.
The provision of certain personal data is mandatory (and may be required accordance with a contractual requirement or to enter into a contract). The collection of any such data will be made clear at the time of collection of the information. If you choose not to submit this information, you may not be able to receive our products and services.
How We Use Your Personal Data
We use your personal data for the purposes described below, except where restricted by law. In doing so, we rely on a number of separate legal bases to lawfully process such information.
We process your personal data where it is necessary to perform our contractual obligations with you. In particular, we process your personal data to:
- Fulfill our contracts with customers, partners and vendors: We process your personal data in order to perform the contract as set out in any agreement(s) which you have entered into with us, generate quotes and sales data, process customer orders, track shipments, fulfill deliveries and process payments and to fulfill our contracts with business partners, vendors and suppliers.
- Create and administer accounts and registrations: When you create an account with us or register for our products, technologies or services, we process your personal data in order to create and administer yours accounts and registrations.
We may also process your information where necessary to further our legitimate interests and those of others, where those legitimate interests are not overridden by your rights or interests. In particular, the processing of your personal data is necessary for the following legitimate interests:
- Operate, improve and evaluate our business: We use your personal data to operate our services and provide our products and to improve the efficiency of our operations including developing new products and services, enhancing and improving our products and services, attracting talented individuals to work with us, providing customer support, managing our communications, analyzing our products, providing a more personalized experience for you and performing our contracts with third parties.
- Communicate with you: We use your personal data to communicate with you about our products and services and to let you know about our terms and policies and other important updates. If you do not object to us using your personal data, we may provide you marketing for our products and services. It is in our legitimate interests to promote and market our products and services.
- Support safety and security: It is in our legitimate interests to use your personal data to prevent unlawful activities and misuse of our goods and services, to protect the safety and security of our customers and personnel, to protect our property, to deter crime and to investigate any security incidents or accidents.
- Legal proceedings: We process your information if necessary to defend our interests in legal proceedings.
In certain circumstances, we may also use your personal information to comply with our legal obligations such as to comply with applicable laws (including export control laws and responding to binding legal process) or to assist law enforcement and government agencies when such is in our or their legitimate interests and where we have a good-faith belief that such cooperation is reasonably necessary or meets the applicable legal standards.
Third Party Activities
You may interact with third parties through our website. Those interactions are governed by the privacy policies of those third parties, and not by this Policy. Interactions that fall into this category include:
- Widgets, such as the LinkedIn button. Widgets may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Widgets and other social media features are either hosted by a third party or hosted directly on our website. Your interactions with those features are governed by the privacy policies of the companies providing the widgets.
Sharing of personal data
Where necessary, and in accordance with the purposes set out in this Policy, we share your personal data only to the extent necessary for the purposes set out in this Policy. Your personal data will be shared with InterMotion Technology, Inc. affiliates and third parties that help us operate, provide, improve, understand, support, and market our products and services. For example, we share information with a number of third parties including our partners, payment processors, order fulfilment partners, shipping providers, customer support service providers and authorized distributors and sales representatives. When we outsource the processing of personal data to third parties or provide personal data to third party service providers, we require those third parties to protect that personal data with appropriate security measures and prohibit or restrict them from using the personal data for their own purposes or from disclosing the personal data to others.
We do not sell your personal data.
As our business develops, we may buy and sell assets. In such transactions, personal data generally is one of the transferred business assets. As a result, your personal data may also be disclosed, where permitted by applicable law, in connection with a corporate restructuring, sale, or assignment of assets, merger, divestiture, or other changes of control or financial status.
Cookies and similar technologies
We and our marketing partners, affiliates, analytics, and online customer support providers use various technologies to analyze trends, administer our website, track users’ movements around the website, and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual or an aggregated basis.
You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, or you can visit the Email Subscription Preferences page.
Retention and Security
We will maintain appropriate technical and organization measures to protect against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to your information. We will provide a level of security that is proportionate to the risks that are presented by the processing activity, having regard to the state of the art, the costs of implementation and the nature, scope, context and purposes of the processing.
We will retain your personal data for as long as is necessary for the purposes set out in this Policy for as long as your account is active or as needed to provide you services or to perform our contract with you. We will retain and use your personal data to the extent necessary to comply with our legal obligations, to resolve disputes and to enforce our agreements.
Like most international businesses, InterMotion Technology operates globally and therefore personal data may also be disclosed and transferred to a person or company that is not part of the InterMotion Technology group and located in a country outside the US, UK or EU/EEA for any of the purposes set out in this Policy. Some of these countries may not have the same levels of data protection as are present in the US, UK and EU/EEA, in which case InterMotion Technology will transfer and disclose your data in compliance with the European Commission’s adequacy decisions on certain countries and the Standard Contractual Clauses approved by the European Commission.
If you live in the EEA, you have a number of rights with regard to your personal data including the right to access or port your personal data and to have any inaccuracies in your personal data corrected. In many cases where we process your information, you may also have a right to restrict or limit the ways in which we use your personal data.
In certain circumstances, you also have the right to object to the processing of your personal data by us. You can request that we delete your personal data and we will carry out this request unless certain exceptional reasons arise permitting us to keep certain personal data about you.
If you are based in the EEA and you wish to raise a concern about our use of your data (and without prejudice to any other rights you may have), you have the right to do so with your local supervisory authority in the country in which you reside. Click here to find your local supervisory authority.
California Shine the Light
Our Company qualifies for the alternative option. We have a comprehensive privacy statement, and provide you with details on how you may either opt-out or opt-in to the use of your personal information by third parties for direct marketing purposes. Therefore, we are not required to maintain or disclose a list of the third parties that received your personal information for marketing purposes during the preceding year.
If you are a California resident and request information about how to exercise your third-party disclosure choices or CCPA rights, please email us your request to: email@example.com.
This Policy may be updated from time to time. If we make changes that are material, we will notify you by prominently posting a notice of such changes before they take effect.
The General Data Protection Regulation (GDPR) is one of the most significant pieces of legislation affecting the way that the Company carries out its information processing activities. It is the Company’s policy to ensure that our compliance with the GDPR and other relevant legislation is clear and demonstrable at all times.
There is a total of 26 definitions listed within the GDPR, and it is not appropriate to reproduce them all here. However, the most fundamental definitions with respect to this policy are as follows:
‘Personal data’ is defined as:
any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
In the case of the SaaS platform, the Company acts as a ‘processor’ and in the case of the Company’s website, it acts as a ‘controller’. The Company will ensure that it complies with all of these principles both as a processor and as a controller.
Your rights under the GDPR consist of:
- The right to be informed;
- The right of access;
- The right to rectification;
- The right to erasure;
- The right to restrict processing;
- The right to data portability;
- The right to object; and
- The rights in relation to automated decision making and profiling.
These rights are supported by appropriate procedures within the Company that allows the required action to be taken within the timescales stated in the GDPR.
|Data Subject Request||Timescale|
|The right to be informed||When data is collected (if supplied by data subject) or within one month (if not supplied by data subject)|
|The right of access||One month|
|The right to rectification||One month|
|The right to erasure||Without undue delay|
|The right to restrict processing||Without undue delay|
|The right to data portability||One month|
|The right to object||On receipt of the objection|
|The rights in relation to automated decision making and profiling.||Not specified|
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a) the payment of a fee (currently fixed at $250 per request); and
(b) the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of a government-issued identification card).
If you would like to submit a request for your right as a Data Subject, please download the Data Subject Request Form.
We may withhold personal information that you request to the extent permitted by law. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
Lawfulness of Processing
There are six alternative ways in which the lawfulness of a specific case of processing of personal data may be established under the GDPR. In accordance with the regulation, the Company identifies itself under the “Performance of Contract” regulation.
Privacy by Design
The Company has adopted the principle of privacy by design and will ensure that the definition and planning of all new or significantly changed systems that collect or process personal data will be subject to due consideration of privacy issues, including the completion of one or more data protection impact assessments.
The data protection impact assessment includes:
- Consideration of how personal data will be processed and for what purposes;
- Assessment of whether the proposed processing of personal data is both necessary and proportionate to the purpose(s);
- Assessment of the risks to individuals in processing the personal data; and
- The controls necessary to address the identified risks and demonstrate compliance with legislation.
Data Protection Officer
A defined role of Data Protection Officer (DPO) is required under the GDPR if an organization is a public authority, if it performs large scale monitoring or if it processes particularly sensitive types of data on a large scale. The DPO is required to have an appropriate level of knowledge and can either be an in-house resource or outsourced to an appropriate service provider.
Based on these criteria, the Company DOES NOT require a Data Protection Officer to be appointed.
Breach Notification Policy
It is the Company’s policy to be fair and proportionate when considering the actions to be taken to inform affected parties regarding breaches of personal data. In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant supervisory authority will be informed within 72 hours.
Your information will not be used for automated processing or profiling. We only store your information that is submitted by our customers ‘controllers’ and retrieved solely by the “controller.” If your information was received through our website, the information is stored in our marketing software, HubSpot, Inc., to communicate with you through contextual marketing campaigns that may interest you.
Addressing Compliance to GDPR
The following actions are undertaken to ensure that the Company complies at all times with the accountability principle of the GDPR:
- The legal basis for the processing of personal data is clear and unambiguous;
- A Data Protection Officer is appointed with specific responsibility for data protection in the organization (if required);
- All staff involved in handling personal data understand their responsibilities for following good data protection practice;
- Training in data protection has been provided to all staff;
- Rules regarding consent are followed;
- Routes are available to data subjects wishing to exercise their rights regarding personal data, and such inquiries are handled effectively;
- Regular reviews of procedures involving personal data are carried out;
- Privacy by design is adopted for all new or changed systems and processes; and
- The following documentation of processing activities is recorded:
- Organization name and relevant details;
- Purposes of the personal data processing;
- Categories of individuals and personal data processed;
- Categories of personal data recipients;
- Agreements and mechanisms for transfers of personal data to non-EU countries Including details of controls in place;
- Personal data retention schedules; and
- Relevant technical and organizational controls in place
These actions are reviewed on a regular basis as part of the management process concerned with data protection.
Duration of Data Stored
In the case of our website, your information is kept for as long as you continue to consent to receive our newsletter/blog. For our SaaS platform, your information is kept as long as the duration of the contract of with our customer, or if the customer decides to delete your data.
In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the personal data category.
How to Withdraw Your Consent
You can withdraw the consent you are giving at any time. You can do this by clicking on the unsubscribe link at the bottom of emails you receive. You may also fill out the Consent Withdraw Form and email it to us. In case of our SaaS platform, consent must be withdrawn through the customer as they act as a “data controller” based on GDPR guidelines.