Privacy Policy

HR MartechBusiness, Privacy Policy Last updated: April 1, 2023 HR MartechBusiness values and respects your privacy and being transparent is important to us. This Privacy Policy (“Policy,” “Privacy Policy”) describes the types of personal data we collect from our website, how we use the information, who we share it with, and the choices you can make about our collection, use, and disclosure of the information. We also describe the measures we take to protect the security of the information and how to contact us about our privacy practices. This Policy covers the information we collect about you when you access our website or otherwise interact with us, including submitting a job application or attending events that we host or sponsor. For information on personal data that we collect from our customers, we maintain a separate Product Privacy Policy, which details our processes relating to Services. “Services” refers to any of our proprietary software, content, and professional services, which are purchased by our customers. HR MartechBusiness, we, and us refers to HR MartechBusiness, and any of our affiliates. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We will only process your personal data in accordance with this Privacy Policy, and applicable data protection and privacy laws, subject to your consent. You can object to certain uses of information about you and you may access or update certain information about you. If you do not wish us to continue using your data as described in this Policy, request deletion of your data by emailing us at data-complaince@hrmartechbusiness.com If you do not accept this Policy, you should not access or use our website or interact with any other aspect of our business. At HR MartechBusiness, we are committed to treating personal information appropriately and with care. We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained. We have included information below to help you learn about how we use the information collected on our website.

Data we collect

Legal basis for processing personal data under General Data Protection Regulation (GDPR) If you are from the European Economic Area (EEA), our legal basis for collecting and using the personal information described in this Privacy Policy is Article 6, section 1 of the GDPR. We may process your personal data for the following reasons:

• You have given us permission to do so
• We need to perform a contract with you
• Processing it is in our legitimate interest and it’s not overridden by your rights
• For payment processing purposes
• To comply with the law

From you

We obtain your personal data when you provide such information during various interactions, including:

• Visiting our website
• Submitting a job application on our website
• Communicating with us via telephone or email
• Engaging with our content via social media
• Participating in events or promotions

From others

We also may obtain personal information about you from our business partners, clients, and other third parties.

Personal Data

When visiting our website, we may ask you to provide us with personally identifiable information that can be used to contact or identify you, including but not limited to your:

• First name
• Last name
• Phone number
• Email address

We may use your personal data to contact you, or send you marketing newsletters, promotional materials, or other information that may be of interest to you. You may opt out of receiving any of these communications by following the instructions and/or unsubscribe links provided in all our emails, or by contacting us via email (data-complaince@hrmartechbusiness.com).

Usage Data

We may also collect information on how you access and use our website, which may include information such as:

• Your computer’s Internet Protocol (IP) address;
• Your browser type, operating system, and unique device identifiers, including mobile devices;
• The web pages you were visiting immediately before and after you came to our website;
• The search terms that you use to reach our website;
• The date and time of your visit to our website;
• The geographic location from which you are browsing;
• The pages you visit, navigation patterns, and the time spent on those pages;
• Social actions taken with respect to the content on the site, including but not limited to likes, comments, and shares on LinkedIn, Facebook, Twitter, or Instagram, and
• Interactions with advertisements, such as ad click-through rates and information about how many times you viewed a particular ad.

Cookies

Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our website. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent by changing the settings on the browser of your choice.

Our sites use the following types of cookies for the purposes set out below:

• Essential cookies: These cookies are essential to provide you with services available through our website and to enable you to use some of its features. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
• Preference and functionality cookies: These cookies allow us to remember choices you make when you use our site, such as remembering your language preferences and remembering your login details. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-enter your preferences every time you visit our site.
• Analytics and performance cookies: These cookies are used to collect information about traffic to our website. The information gathered does not identify any individual visitor. We use this information to help operate our website more efficiently, to gather broad demographic information, and to monitor the level of activity on our website.

Further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org and www.youronlinechoices.com.uk.

Your Rights and Choices

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. HR MartechBusiness aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your personal data. In certain circumstances, you have the following data protection rights:

• The right to access, update, or delete the information we have about you. Whenever made possible, you can access, update, or request deletion of your personal data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
• The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
• The right to object. You have the right to object to our processing of your personal data.
• The right of restriction. You have the right to request that we restrict the processing of your personal information.
• The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
• The right to withdraw consent. You also have the right to withdraw your consent at any time where HR MartechBusiness relied on your consent to process your personal information.

If you wish to be informed what personal data we hold about you and if you want it to be removed from our systems, please contact us by emailing info@hrmartechbusiness.com. Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your personal data. For more information, please contact your local Data Protection Authority in the European Economic Area (EEA).

How we use your data

We aggregate and analyze the data we collect for the following purposes:

• To provide and maintain our website;
• To estimate usage numbers, patterns, and other valuable information that enables us to improve the website;
• To detect, prevent, and address technical issues;
• To measure the success of our marketing campaigns;
• To process and consider your job application;
• To provide customer feedback, support, and responses to your inquiries about our services;
• To conduct questionnaires and surveys about your experience with our website or services, to the extent that you choose to participate;
• To store information about your preferences and customize or personalize your experience on our websites according to your individual interests, including recognizing you when you return to our website, and
• To provide you with news, special offers, and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.

We also may use the information we obtain about you in other ways for which we provide specific notice at the time of collection.

Retention of your data

We will retain your personal data for the period necessary to fulfill the purposes outlined in this Policy unless a longer retention period is required or permitted by law. You may request that we delete your data at any time by contacting us via email at data-complaince@hrmartechbusiness.com. Your personal data will be deleted within 30 days of your request, if not sooner. If you provide your personal data to us again in the future, you will be required to provide new consent for us to process your data.

Disclosure of your data

We will not share, sell, or otherwise distribute your personal data to any third parties without your permission. Under certain circumstances, we may disclose your personal data if required to do so by law or in response to valid requests by public authorities such as a court or government agency. HR MartechBusiness may also need to disclose personal data in the good faith belief that such action is necessary to:

• Comply with a legal obligation
• Protect and the defend the rights or property of HR MartechBusiness, Inc.
• Prevent or investigate possible wrongdoing in connection with our website
• Protect the personal safety of users of our website
• Protect against legal liability

If you participate in certain features of this website (e.g., sharing content on social media sites or submitting comments), please note that any information you voluntarily disclose through use of these features becomes available to the public and/or to other users whom you have designated.

Storage and transfer of your data

Your information, including personal data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ than those in your jurisdiction. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer. We process and store your data in the United States. Your data is processed in accordance with the Terms of Use and the Policy outlined on this page. Should additional processing be required outside of this policy for any reason, we will inform you and request your consent to do so. HR MartechBusiness will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Breach Notification

If processed data related to European Union citizens is breached, we will notify you immediately. We will also document any personal data breaches related to European Union citizens, comprising the facts relating to the personal data breach, its effects, and the remedial action taken. This documentation will enable the supervisory authority to verify compliance with GDPR.

Service Providers

We may employ third-party companies and individuals to facilitate marketing initiatives on our behalf, or to perform services or to assist us in analyzing how our website is used. These third parties have access to your personal data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party service providers to monitor and analyze the use of our website.

• Google Analytics: Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our websites. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network. You can opt out of having made your activity on our website available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visit activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/

Advertising & Remarketing

HR MartechBusiness uses remarketing services to advertise on third-party websites to you after you visit our websites. We and our third-party vendors use cookies to inform, optimize, and serve ads based on your past visits to our website:

• Google AdWords: Google AdWords remarketing service is provided by Google Inc. You can opt out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads.Google also recommends installing the Google Analytics Opt-out Browser Add-on (https://tools.google.com/dlpage/gaoptout) for your web browser. The Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: http://www.google.com/intl/en/policies/privacy/
• Twitter: Twitter remarketing service is provided by Twitter, Inc. You can opt out of Twitter’s interest-based ads by following their instructions: https://support.twitter.com/articles/20170405, and you can learn more about the privacy practices and policies of Twitter by visiting their Privacy Policy page: https://twitter.com/privacy
• Facebook: Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950To opt out of Facebook’s interest-based ads, follow these instructions from Facebook: https://www.facebook.com/help/568137493302217Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt out from Facebook and other participating companies through the Digital Advertising Alliance in the United States, http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada, http://youradchoices.ca/,the European Interactive Digital Advertising Alliance in Europe, http://www.youronlinechoices.eu/, or opt out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation

Links to other websites

Our website may contain links to other websites. Any personal information you provide on the linked pages is provided directly to that third party and is subject to that third party’s privacy policy. This Policy does not apply to such linked sites, and we are not responsible for the content or privacy and security practices and policies of these websites or any other sites that are linked to from our website.

Children’s Privacy

Our website does not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your children have provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers. Changes to our privacy policy HR MartechBusiness reserves the right to change the provisions of this Privacy Policy at any time. If we decide to change our Privacy Policy, we will post those changes on this page.

CCPA

HR MartechBusiness Product

HR MartechBusiness product is a market leading B2B sales and marketing enablement tool. It is SaaS (Software as a Service) and provides businesses with insight relating to their website visitors. HR MartechBusiness works on the basis of reverse business IP tracking. A small tracking code is placed on a business’ website(s) which then enables them to identify the business IP addresses of their website visitors. HR MartechBusiness matches the identified business IP address to a wholly owned global database of businesses and business information. HR MartechBusiness software is almost entirely focused on leveraging business-related information to effectively match a business IP address with wider business data to provide valuable business-related visitor information to our customers. HR MartechBusiness does not identify any personal IP addresses, mobile devices or any other data than that associated with the business. Business related data is not applicable under the CCPA – which has the intention of protecting personal data. Therefore, the majority of the HR MartechBusiness solution and its features are not relevant to the CCPA.

Contact Data

An additional feature of HR MartechBusiness aside from the main solution, is to provide customers with the contact information of key decision makers at the organisations that have pro-actively visited the company website. As this information contains details including first name, last name and email address, this aspect of HR MartechBusiness could constitute the processing of personal data and therefore required to be compliant with CCPA. HR MartechBusiness will only ever collect business IP addresses, which are then matched to a business profile, from there HR MartechBusiness offers customers the opportunity to purchase the contact details of relevant decision makers within the matched business. This data will have been collected from various publicly available data sources such as LinkedIn. The data available will only relate to decision makers at the organisations that have pro-actively visited a customer’s website. It is anticipated that HR MartechBusiness customers will select the most appropriate point of contact from the data provided by HR MartechBusiness to convey a highly relevant, targeted message either by email, telephone or by post to the business address. Any correspondence will be based upon their likely interest in the organisation’s product or service following their visit to the organisation’s website. Under CCPA, HR MartechBusiness will only ever process necessary personal data, which is limited to first name, last name, and email address. HR MartechBusiness will process further business-related data such as business IP, business name, job function and business telephone numbers. No sensitive personal data will be collected or processed in any way. HR MartechBusiness customers have the option of using HR MartechBusiness without leveraging contact data, in which case the HR MartechBusiness solution is unrelated to CCPA on the basis that it will only process business data. HR MartechBusiness customers also have the option of using HR MartechBusiness where contact data for any business located California is disabled. Where a customer opts to use the contact data feature of HR MartechBusiness, it is deemed that the customer will be responsible for ensuring the data used is further processed within their business in a method that is compliant with CCPA – each customer will be responsible for conducting their own due diligence checks and producing their own policies as applicable to their business. HR MartechBusiness has carried out various Assessments such as LIA, DPIA and personal data risk assessments. Based upon these assessments it is deemed that the rights and freedoms of any data subject would not be overridden in our processing of the personal data and that in no way would a data subject be caused harm by the HR MartechBusiness processing. Based upon our segmentation by organization and by specific job function, coupled with our processing of personal data within the context of a business environment, it is deemed that any processing of data will be limited to business matters, and therefore any risk of personal compromise is extremely unlikely. It is also deemed that direct marketing and sales is necessary in the context of following up with website visitors in order to better serve visitors and to generate business sales.

CCPA compliance requirements covered by HR MartechBusiness

• Delegate CCPA compliance oversight to a knowledgeable employee or team. • Maintain and regularly update a business-wide privacy policy. • Implement and maintain reasonable security practices. • Maintain procedures to respond to requests for access to personal data and specific pieces of information. • Maintain procedures to respond to requests to delete personal information. • Maintain procedures to respond to requests to opt-out of sale of personal information. • Update vendor contracts to comply with CCPA and avoid being characterized as “selling” personal information to vendors. • Maintain procedures for collection and use of personal information of minors (as applicable). • Conduct appropriate privacy training for personnel depending on their job function. • Assess affiliates’ need to comply with the CCPA and implement group-wide compliance if necessary. • We have identified a legitimate ground for processing • We understand our responsibility to protect the individual’s interests, rights and freedoms • We have conducted risk assessments and kept a record of it • We will review our processes regularly • We have checked that the processing is necessary and there is no less intrusive way to achieve the same result • We have done a balancing test, and are confident that the individual’s interests are not overridden in the interests of our customers or our own • We only use individuals’ data in ways they would reasonably expect • We are not using people’s data in ways they would find intrusive or which could cause them harm • We do not process the data of children • We have considered safeguards to reduce the impact where possible • We will always ensure there is an opt-out / ability for a data subject to object to processing

How we Process Data

HR MartechBusiness solution provides businesses with the details of organisations that have visited their website based upon business IP tracking. HR MartechBusiness matches this data to a database of business points of contact, presenting this information to its customers as potential contacts from the visiting organisation, that based upon the pro-active business visit could be interested in the products/services on offer. In order to do this, HR MartechBusiness will process first name, surname and business email address along with business data in order to present that information to its customers. The data is presented to customers via a secure, unique log in access to the HR MartechBusiness portal. Customers have the option of purchasing relevant points of contact, including email addresses and names from the visiting organisations. From that point the data limited to email address, name, and supporting business information including business telephone number will be transferred to the customer, again via the secure portal. HR MartechBusiness acts as a data processor in this regard, HR MartechBusiness is not liable for the onward processing of the data via each customer, although we strongly advise all customers to ensure compliance with CCPA in all aspects of personal data processing.

How we Procure Data

At HR MartechBusiness we procure data in a variety of ways, collected in line with the lawful basis of ‘Legitimate Interests’. The following are ways in which we collect and process data: Business Data Although business data is not relevant under CCPA, HR MartechBusiness is committed to providing a transparent solution so that customers can effectively assess their own compliance. HR MartechBusiness collects business data via the following methods: • Primary research – HR MartechBusiness has a SRILANKA based in-house team who gather data relating to business from publicly available information, using search engines and other online tools to research global businesses. • Secondary research – HR MartechBusiness has a SRILANKA based in-house team who use existing publicly available sources of data to enhance the business data. • Purchase – HR MartechBusiness purchases business information from a number of selected third-party data vendors who are vetted to ensure the quality and validity of the business data provided.

Personal Data

HR MartechBusiness collection and processing of personal data is limited to: • First name • Last name • Email address HR MartechBusiness procures this personal data in the following ways: • Primary research – HR MartechBusiness has a SriLanka based in-house team who gather data relating to key decision makers at organizations from publicly available sources including the website of each business. • Secondary research – HR MartechBusiness has a SriLanka based in-house team who use existing publicly available sources to gather the information relating to key decision makers including the Directors’ Register at Companies House, Dun & Bradstreet, Duedil, LinkedIn and Hootsuite. • Purchase – HR MartechBusiness purchases data from selected third party data vendors with key segmentation criteria to ensure that only decision makers from registered businesses are procured. All third-party data vendors have been checked for CCPA compliance and to ensure the validity and accuracy of data. HR MartechBusiness also uses automated scripts and algorithms to collect, process and validate both business data as well as the personal data detailed above. These automated processes are subject to the same compliance checks as all manual processes and consent is obtained from individual data subjects.

How we Ensure Data Validity and Accuracy

HR MartechBusiness has a SRILANKA based in-house data verification team who are responsible for ensuring the validity and accuracy of the data contained within the, HR MartechBusiness solution. The team continually cleanse the data held within the, HR MartechBusiness software, completing a full cleanse cycle of both business and personal data at least once every 12 months. Any records found to be out of date are placed into a deletion queue which is securely purged four times in a 12-month period. The data verification team use both manual methods as well as automated scripts and algorithms via an extensive multi-staged process to ensure the utmost validity and accuracy of data. HR MartechBusiness takes data cleansing extremely seriously as this ensures a highly compliant solution as well as a high calibre solution for all of the, HR MartechBusiness customers.

Data Storage and Retention

The data held within the, HR MartechBusiness solution is processed and stored in SRILANKA within a secure environment. HR MartechBusiness has a continual cycle of cleansing and refreshing data, all data within the, HR MartechBusiness solution is verified at least once in a 12-month cycle. Any invalid records are placed into a deletion queue, which is then securely purged four times in a 12-month period. The data held within the, HR MartechBusiness solution is processed and stored in the SRILANKA within a secure environment. HR MartechBusiness has a continual cycle of cleansing and refreshing data, all data within the, HR MartechBusiness solution is verified at least once in a 12-month cycle. Any invalid records are placed into a deletion queue, which is then securely purged four times in a 12-month period.

Consumer Request Procedures

Request to Object Any individual who has been identified as a website visitor by HR MartechBusiness has the right to object to receiving correspondence from a HR MartechBusiness customer by contacting them directly and requesting to object, you can find their specific processes for this by visiting their company website and reviewing their privacy policies. Should any individual wish to withdraw from HR MartechBusiness processing your personal data for use by the, HR MartechBusiness software and its customers, please make your request in writing: By emailing: data-compliance@hrmartechbusiness.com All requests will be processed within 30 days. Your details will be added to a suppression file to ensure that your details cannot be processed by the HR MartechBusiness software in future. Please note that this applies only to the processing of your personally identifiable data, not that of the business data which does not fall under the remit of CCPA. Request for Deletion It is important to understand the difference between a right to object and a request for deletion. If you request deletion, we will remove any data we hold about you from the HR MartechBusiness software. This will also mean that we will remove you from our suppression files. If you are removed from our suppression files, there is a risk that your data may be processed again in the future if your details are re-added to our software by our data procurement team. If you do not wish for HR MartechBusiness to process your personal data in the future, we would recommend you request to object rather than a request for deletion, as this will ensure that your details are always suppressed from processing. The option however is yours, and in either case we will process your request within 30 days. Please make your request in writing by emailing:

You can opt out of sale of your data by following this link:

Do Not sell My Personal Information:

This policy was last reviewed and updated on the 19th January, 2020. Policies are periodically reviewed to ensure compliance with the current compliance environment. For questions relating to this policy, please contact data-compliance@hrmartechbusiness.com

GDPR

HR MartechBusiness is software that reveals the identity of your anonymous website traffic and turns them into actionable leads within a business to business environment. As a leading provider of SaaS solutions, we are committed to providing a high calibre data led solution for all of our clients, as part of that we take data compliance extremely seriously and are pro-active in ensuring the compliance of both the SaaS solutions we provide to our customers as well as ensuring compliance as a business entity in our own right. The purpose of this statement is to provide information regarding how and why HR MartechBusiness collect, process and store data, as well as providing the appropriate contact information should you wish to request the information we hold about you, withdraw from processing or request deletion of any data we hold about you. Under the EU General Data Protection Regulation (GDPR) there are six lawful basis for processing personal data. These are detailed as follows:

• Consent – the individual has given clear consent for you to process their personal data for a specific purpose
• Contract – the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract
• Legal Obligation – the processing is necessary for you to comply with the law (not including contractual obligations)
• Vital Interests – the processing is necessary to protect someone’s life
• Public Task – the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law
• Legitimate Interests – the processing is necessary for your legitimate interests or the legitimate interests of a third party unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)

HR MartechBusiness Marketing and Sales Data

As an organization that processes business related data, HR MartechBusiness has assessed all six grounds for lawful processing of personal data and has selected ‘Legitimate Interests’ as the most suitable lawful ground for the processing of data for the purposes of HR MartechBusiness marketing and sales HR MartechBusiness collects, processes and stores data relating to businesses and decision makers. We believe that the individuals that we process the data of, are likely to have an interest in the HR MartechBusiness product. Deemed as ‘Legitimate Interest’ this is based upon specific criteria including the business industry sector, size of organisation as well as the individual’s job function within the organisation. Our typical segmentation includes those within marketing, sales, business development, MD and owner related job functions, although this list is not exhaustive and other variables may apply. We will only ever collect, process and store the essential information required for making contact with the data subjects within a business environment. The personal data we collect is limited to first name, last name, email address, social profiles (limited to LinkedIN) as well as business IP address. Other business-related data may also be processed including business name, job function, turnover and business address, however we will never collect further personal data such as those classed under ‘Sensitive Personal Data’. The data collected will be used to communicate marketing and sales messages relating to the, HR MartechBusiness product, based upon the job function held by the data subject. HR MartechBusiness specifically only sends messages to those we believe are likely to be interested in the, HR MartechBusiness product based upon the organisation they are employed by and based upon their job function within that organisation. Messages from HR MartechBusiness could be delivered via email, social media, via telephone or any other business to business (B2B) marketing methods that may be relevant. When you send HR MartechBusiness an enquiry or booking form via our website or one of our micro sites you will be asked to provide your contact details. We will use the data you provide to process your request and may use it to inform you by email, telephone or mail about other HR MartechBusiness products and services that we feel may be of interest to you, it is deemed that as you have visited the HR MartechBusiness website and provided us with your contact information that you are legitimately interested in our products and services. You have the right to object from any method of correspondence at any time, by following the unsubscribe instructions at the bottom of the email, by informing the telephone operator or by contacting us via any of the methods below.

How we Procure Data

You or someone else has expressly shared your contact details with us for the purpose of receiving information now and/or in the future. This data may be shared with our sister company where we believe there may be a legitimate interest in the product At HR MartechBusiness we procure data in a variety of ways, collected in line with the lawful basis of ‘Legitimate Interests’. If you have received correspondence from us, we will have procured your data in one of the following ways:

• You have requested information from HR MartechBusiness on a previous occasion
• Someone has sent us your e-mail address requesting information about our articles and/or services be sent to you
• You or someone else has expressly shared your contact details with us for the purpose of receiving information now and/or in the future
• We have previously met at an event and your business card or contact details were handed to us willingly
• You or a business colleague has visited our website and we believe that there is a genuine legitimate interest in our services
• You have previously connected with a member of our team via the LinkedIN and discussed our services
• A member of our team has found your business and your contact details online, believing that your business would genuinely be interested in the HR MartechBusiness product, based upon your job function aligning with our typical customer profiles they have made contact to introduce you to our product
• Your data has been purchased by a registered third-party data supplier, which will have been segmented by industry, organisation size and job function based upon our typical customer profiles. (Due diligence checks around GDPR compliance will have been conducted accordingly)

Legitimate Interest Assessment (LIA)

HR MartechBusiness has carried out a Legitimate Interest Assessment (LIA) as advised by the ICO. Based upon that assessment it is deemed that the rights and freedoms of the data subjects would not be overridden in our correspondence regarding HR MartechBusiness and that in no way would a data subject be caused harm by our correspondence. Based upon our segmentation by organisation and by specific job function, coupled with our processing of personal data within the context of a business environment, we believe that any individual that receives correspondence from HR MartechBusiness in a direct marketing or sales capacity, could be legitimately interested in the HR MartechBusiness solution. It is also deemed that direct marketing and sales is necessary in the context of promoting HR MartechBusiness to professionals in business in order to increase awareness of our SaaS solution in the marketplace. Per the ICO guidance, HR MartechBusiness can confirm:

• We have checked that legitimate interests is the most appropriate basis
• We understand our responsibility to protect the individual’s interests
• We have conducted a legitimate interests assessment (LIA) and kept a record of it, to ensure that we can justify our decision
• We have identified the relevant legitimate interests
• We have checked that the processing is necessary and there is no less intrusive way to achieve the same result
• We have done a balancing test, and are confident that the individual’s interests do not override those legitimate interests
• We only use individuals’ data in ways they would reasonably expect
• We are not using people’s data in ways they would find intrusive or which could cause them harm
• We do not process the data of children
• We have considered safeguards to reduce the impact where possible
• We will always ensure there is an opt-out / ability to object
• Our LIA did not identify a significant privacy impact, and therefore we do not require a DPIA
• We keep our LIA under review every six months, and will repeat it if circumstances change
• We include information about our legitimate interests in our privacy notice

HR MartechBusiness has an in-house data verification team, who are responsible for ensuring the validity and quality of the data contained within the HR MartechBusiness CRM system. The team continually cleanse the data held within the CRM system, completing a full cleanse cycle at least once every 12 months. Any records found to be out of date are placed into a deletion queue which is securely purged four times in a 12-month period.

Data Storage and Retention

The data held within the HR MartechBusiness CRM system is processed and stored within a secure environment. HR MartechBusiness has a continual cycle of cleansing and refreshing data contained with our CRM system; all data is verified at least once in a 12 month cycle. Any invalid records are placed into a deletion queue, which is then securely purged four times in a 12-month period.

Request to Object

In all correspondence with you we will give you the right to object from receiving further correspondence from HR MartechBusiness. On any emails you receive from HR MartechBusiness there will be the option to ‘unsubscribe’ from receiving any further email correspondence. If you receive a telephone call from us, you have the right to request not to receive any further calls. HR MartechBusiness has a companywide CRM system, your request to object will be logged within our CRM system to ensure that you do not receive any further calls. Should you wish to object to receiving communication from HR MartechBusiness, you can do so in a variety of ways:

• Please follow the “unsubscribe” instructions at the bottom of every email
• If you have received a call, please tell the representative that you do not wish to receive any further communication

You can also make your request by emailing:

data-compliance@hrmartechbusiness.com

Data Compliance:

All requests will be processed within 30 days. Your details will be added to a suppression file to ensure that your details cannot be processed by the HR MartechBusiness CRM system in the future. Please note this applies only to the processing of your personally identifiable data, not that of the business data which does not fall under the remit of GDPR.

Request for Deletion

It is important to understand the difference between a right to object and a request for deletion. If you make a request for deletion, we will remove any data we hold about you from the HR MartechBusiness CRM system. This will also mean that we will remove you from our suppression files. If you are removed from our suppression files, there is a risk that your data may be processed again in the future if your details are re-added to our CRM system by a member of our sales team who genuinely believes that your business would benefit from HR MartechBusiness. If you do not wish for us to contact you again about HR MartechBusiness, we would recommend you request to object rather than a request for deletion, as this will ensure that your details are always suppressed from processing. The option however is yours, and in either case we will process your request within 30 days.

Please make your request in writing by emailing:

data-compliance@hrmartechbusiness.com

Request for Data Held

You may request that we send you all of the data we hold that relates to you. Please make your request in writing;

By emailing:

data-compliance@hrmartechbusiness.com We will process and respond to your request within 30 days, this service will be free of charge. Brexit In the event of a no-deal Brexit, we will leave the EU and become a Third Country according to the GDPR. A Third Country may need to have a representative inside the EU in order to keep EEA data flowing without restrictions. HR MartechBusiness applies the exemption as per Article 27(2) of the GDPR, HR MartechBusiness does not have a designated EU representative for the following reasons:

• Our processing does not involve processing of special categories of data
• Our processing does not involve personal data relating to criminal convictions and offences
• Our processing is unlikely to result in a risk to the rights and freedoms of natural persons.

Furthermore, as per Article 46 of the GDPR and Article 26 of the e-Privacy Directive, HR MartechBusiness has taken appropriate measures to enable cross-border data transfers. We will make use of Standard Contractual Clauses to ensure that our EEA-based customers and service providers can continue to transfer personal data to us. This policy was last reviewed and updated on the 19th Jan, 2020. Policies are periodically reviewed to ensure compliance with the current compliance environment. By submitting this form, you are granting HR MartechBusiness permission to email you. You may unsubscribe via the link found at the bottom of every email. Definitions: Canada’s Anti-Spam Policy (CASL): An act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the CRTC Act, the Competition Act and PIPEDA. Electronic address: An address used in connection with the transmission of an electronic message to an electronic mail account, and instant messaging account, a telephone account or similar account. Electronic message: A message sent by any means of telecommunication, including text, sound, voice or image. Commercial electronic message (CEM): CEMs are commercial electronic messages that encourage participation in commercial activity. Even if a commercial message is not sent with an expectation of garnering profit, it still qualifies as a CEM. Commercial activity: Any transaction of commercial character, regardless of whether there is an expectation of profit or not. Express Consent: Permission obtained when a recipient “opts in” to receive CEMS. Consent can be oral or written and could be an unedited audio recording, paper or electronic checkbox on a website. Express consent never expires unless the recipient chooses to unsubscribe. HR MartechBusiness will maintain records of all contacts for whom express consent exists. Unsubscribe: A withdrawal of consent to receive CEMs.

Policy Guidelines:

All partners, employees, contractors, vendors and any other person sending CEMs on behalf of HR MartechBusiness adhere to the following policies: All CEMs from HR MartechBusiness contain:

• Full contact information. This includes the sender’s first name, last name, title, company name, company mailing address, direct telephone number, fax number, email address and company web address.
• If a CEM is to be sent on behalf of another party at HR MartechBusiness, the name of this party and the sender will both be included, in addition to the information listed above.
• An unsubscribe link will be clearly visible.

Unsubscribe Requests:

• All unsubscribe requests will be managed within ten days of receipt. Employees will not send any further communication by electronic means to the unsubscribed party.

Compliance with CASL is of utmost importance and all employees actively participate in maintenance of corporate compliance. HR MartechBusiness encourages its employees to take a proactive approach in identifying potential problems or violations of CEM delivery by promptly reporting issues to the CASL Compliance Team immediately. This Privacy Policy is subject to any amendments which will be posted on HR MartechBusiness’s website and will also be available from HR MartechBusiness’s Privacy Officer. For questions relating to this policy, please contact data-compliance@hrmartechbusiness.com

How to Contact Us?

If you wish to exercise any rights that you may have to your Personal Data, you can contact us via one of the below methods: a. For EU GDPR Data Subject Rights Requests, click here. b. For California CCPA Consumer Rights Requests, click here. c. For other questions related to privacy, you can email privacy@hrmartechbusiness.com. In addition to the above, you can also send questions regarding this privacy notice or other privacy related issues by either emailing dpo@hrmartechbusiness.com, or writing a letter to the attention of our Data Protection Officer at our corporate office located at HR MartechBusiness.

Sheikh Zayed Road – Dubai, Al Safa Tower #Office 506 – Dubai – UAE