GEOMANT Global Privacy Policy
Last update: February 2022
Geomant takes your privacy seriously and is committed to protecting it. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
Welcome to Geomant’s Global Privacy Policy. Geomant takes your privacy seriously and is committed to protecting it. This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. This policy generally applies to our global operations. Some jurisdictions have specific national and local privacy laws and where applicable, we will comply with those laws.
Our Privacy Policy is driven by a number of guiding principles:
When we say ‘Geomant’, ‘we’ or ‘us’ in this document, we are referring to the companies that make up the Geomant Group of companies, consisting of Geomant Global d.o.o., the holding Company registered in Zagreb, Croatia, and its subsidiary operating Companies.
Depending on the region, and the purpose of processing, the legal entity which should be considered a data controller may vary. In some cases, multiple entities should be considered joint-controllers. The primary data controllers are our operating Companies:
Geomant provides various cloud services and ‘software as a service’ solutions where business customers use our solutions to collect or process data. In such circumstances, our role is Data Processor, and our business customer is the Data Controller.
In such cases the data controller determines the purposes for which and the means by which personal data is processed. The data processor processes personal data only on behalf of the controller.
This document is not intended to describe or document our policy or process in such scenarios. Geomant’s responsibilities as a Data Processor will be documented in a separate ‘Data Processing Agreement’ where the two parties are our customer (Data Controller) and Geomant (Data Processor).
When permissible under applicable law, we may collect and process personal data about you in the following circumstances:
We may also collect data in the following ways:
We will collect details such as your name, email address, contact telephone number, address, bank details when you order goods or services from us either via our Site, by email, facsimile, post, by telephone (we may also record the conversation), if you complete an order form or send us a purchase order. We will use this information to process your order and comply with our contractual obligations.
In order to perform our contract with you, we may also need to share personal data with third parties such as payment providers, sub-contractors, suppliers and delivery organisations to assist in the delivery of goods or services you have ordered;
We may also advertise your feedback on our website and marketing materials (subject to obtaining your prior consent where necessary);
We may use your personal data [in an anonymous form] to analyse our customer profiles and for statistical purposes. We may share this anonymised statistical information with third parties as part of market research purposes.
We will retain your information as long as we require this to provide you with the goods or services ordered from us and for a period of 7 years afterwards. Where you have subscribed to receive marketing correspondence from us we will keep personal data until you unsubscribe from receiving such correspondence from us.
We will collect details such as your name, email address, contact telephone number, address, bank details in order to contact you about goods or services ordered with you and to place further orders. We will keep the personal data for 7 years further to being provided with the goods/services.
Employees and sub-contractors data will be held and maintained as required for employment and contractual purposes. Supplementary information is provided within the relevant Employee Handbook or contracts.
In accordance with data protection legislation we are required to notify you of the legal basis upon which we process your personal data. We process your personal data for the following reasons:
We may use your personal data for our legitimate business interests, to the extent permissible by law in order to:
We may use information regarding past purchasing patterns in order for us to tailor our marketing material to your specific behaviour and activities.
In addition to the uses described in the sections above, we may use personal data for our legitimate interests in order to provide you with details about our goods, services, business updates and events which we think may be of interest.
If you are not an existing Customer but you invite us to provide information about our goods/services, we may collect your name, email address, contact telephone number and address for the purposes of providing you with information about our goods and services or offers. We will retain such data for a period of 3 years from the point at which you provide us with your data, unless you place an order with us in which case 4.2 above will apply.
You have the right to opt-out of receiving the information at any time. To opt-out of receiving such information you can:
We may disclose your information to third parties for the following legitimate interests:
We may disclose personal data to the police, regulatory bodies, legal advisors or similar third parties where we are under a legal duty to disclose or share personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms and conditions and other agreements; or to protect our rights, property, or safety of our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We will not sell your personal data to other organisations.
Where permitted by applicable law, we may transfer your personal data to the United States and other jurisdictions outside the European Economic Area (‘EEA’) for the purposes set out in this privacy policy.
We take steps to ensure that where your information is transferred outside of the EEA, appropriate measures and controls in place to protect that information in accordance with applicable data protection laws and regulations.
By using our website, products or services or by interacting with us in the ways described in this privacy policy, you consent to the transfer of your information outside the EEA in the circumstances set out in this privacy policy.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your information transmitted to our Site; any transmission is at your own risk.
Information you provide to us is shared on our secure servers. We have implemented appropriate physical, technical and organisational measures designed to secure your information against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees, agents, contractors and other third parties that have a legitimate business need for such access.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if the personal data we hold about you changes.
Data protection legislation gives you the right to object to the processing of your personal data in certain circumstances or withdraw your consent to the processing of your personal data where this has been provided. You also have the right to access information held about you and for this to be provided in an intelligible form. If you would like a copy of some or all of your personal information, please send an email to dataprotection@geomant.com. In certain circumstances we reserve the right to charge a reasonable fee to comply with your request.
You can also ask us to undertake the following:
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Data protection legislation may allow or require us to refuse to provide you with access to some or all the personal data that we hold about you or to comply with any requests made in accordance with your rights referred to above. If we cannot provide you with access to your personal data, or process any other request we receive, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
Please send any requests relating to the above to our us at dataprotection@geomant.com specifying your name and the action you would like us to undertake.
Where you have provided your consent to the collection, processing and transfer of your personal data, you have the legal right to withdraw your consent under certain circumstances. To withdraw your consent, if applicable, please contact us at dataprotection@geomant.com.
We reserve the right to update this privacy policy at any time, and any changes we make to our privacy policy will be posted on our Site. We will notify you if there are any changes to this policy that materially affect how we collect, store or process your personal data. If we would like to use your previously collected personal data for different purposes than those we notified you about at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.
We have appointed a Data Lead to oversee compliance with this privacy policy. If you have any questions, comments or requests regarding this policy or how we use your personal data please contact us at dataprotection@geomant.com.