GDPR Privacy Notice
Following the introduction of The General Data Protection Regulation (GDPR), this updated Privacy Notice details how Olympus Technologies Ltd. controls and processes personal data, and how it seeks to give our customers and suppliers more control over how their data is used.
As a supplier, we only hold personal data about you and your company that is necessary for carrying out our normal business activities. This information may include names, work addresses, email addresses and other work and personal contact information as provided to us by your company, in relation to the efficient handling of your relationship with us.
1.1 Subscription to our newsletters
On the website of Olympus Technologies, users are given the opportunity to subscribe to our robotic or welding newsletter. The input mask used for this purpose determines what personal data are transmitted, as well as when the newsletter is ordered from the controller.
Olympus Technologies informs its customers and business partners regularly by means of a newsletter about news and offers. Olympus Technologies newsletter may only be received by the data subject if (1) the data subject has a valid e-mail address and (2) the data subject registers for the newsletter shipping. A confirmation e-mail will be sent to the e-mail address registered by a data subject for the first time for newsletter shipping, for legal reasons, in the double opt-in procedure. This confirmation e-mail is used to prove whether the owner of the e-mail address as the data subject is authorised to receive the newsletter.
During the registration for the newsletter, we also store the IP address of the computer system assigned by the Internet service provider (ISP) and used by the data subject at the time of the registration, as well as the date and time of the registration. The collection of this data is necessary in order to understand the (possible) misuse of the e-mail address of a data subject at a later date, and it therefore serves the aim of the legal protection of the controller.
The personal data collected as part of a registration for the newsletter will only be used to send our newsletter. In addition, subscribers to the newsletter may be informed by e-mail, as long as this is necessary for the operation of the newsletter service or a registration in question, as this could be the case in the event of modifications to the newsletter offer, or in the event of a change in technical circumstances. There will be no transfer of personal data collected by the newsletter service to third parties. The subscription to our newsletter may be terminated by the data subject at any time. The consent to the storage of personal data, which the data subject has given for shipping the newsletter, may be revoked at any time. For the purpose of revocation of consent, a corresponding link is found in each newsletter. It is also possible to unsubscribe from the newsletter at any time directly on the website of the controller, or to communicate this to the controller in a different way.
1.2 Newsletter-Tracking
The newsletter of Olympus Technologies contains so-called tracking pixels. A tracking pixel is a miniature graphic embedded in such e-mails, which are sent in HTML format to enable log file recording and analysis. This allows a statistical analysis of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, Olympus Technologies may see if and when an e-mail was opened by a data subject, and which links in the e-mail were called up by data subjects.
Such personal data collected in the tracking pixels contained in the newsletters are stored and analysed by the controller in order to optimise the shipping of the newsletter, as well as to adapt the content of future newsletters even better to the interests of the data subject. These personal data will not be passed on to third parties. Data subjects are at any time entitled to revoke the respective separate declaration of consent issued by means of the double-opt-in procedure. After a revocation, these personal data will be deleted by the controller. Olympus Technologies automatically regards a withdrawal from the receipt of the newsletter as a revocation.
1.3 Contact possibility via the website
The website of Olympus Technologies contains information that enables a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.
We need to know your personal data in order to effectively operate our business and work with your company.
We may store your personal data in the following places:
Paper filing systems
Secure electronic documents (Microsoft Office, local and hosted email systems, CRM system)
Our IT systems
Our IT system has been audited and staff trained on the GDPR regulations to ensure understanding and compliance. Some data is stored on Microsoft Office 365, a system which is operated and protected by Microsoft in the USA.
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process. Our company does not transfer your data out with the European Union, unless we are exporting products to countries outside the EU, in which case, data will be shared with them as required. We only work with reputable companies and partners.
The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data.
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our business relationship with you. If our business relationship ends, we will retain your details for 3 years then delete them from our records. However, where our equipment is still operating within the customer, we are required to keep all relevant information relating to the equipment in case we are re-engaged to support the equipment.
If at any point you believe the information, we process on you is incorrect you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, please email [email protected] to investigate the matter.
If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
As you hold data for our company, we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Any queries or issues relating to data will be dealt with by contacting a director on 01484 514513 or email [email protected].
Call Recordings Privacy Notice
This privacy notice explains how we use recordings of phone calls within Olympus Technologies
When a call is recorded, we collect:
a digital recording of the telephone conversation
the telephone number of both parties (internal and external)
Telephone call recording will be turned off, when a customer’s credit or debit card details are given, in line with Payment Card Industry Data Security Standards (PCS DSS) and data protection legislation including General Data Protection Regulations (‘GDPR’).
Call recordings will be used:
To assist in the quality monitoring of staff performance
To investigate and resolve complaints
For the detection, investigation and prevention of crime (including fraud)
To take actions to protect staff from abusive callers
To ensure the Olympus Technologies is able to monitor and adhere to quality standards
All call recordings are held on a secure system. Only a director of the company may request a copy of a call through a prescribed form for a specific reason.
Sharing data under Data Protection legislation
We may be required or permitted, under Data Protection legislation, to disclose a call recording including your personal data without your explicit consent, for example if we have a legal obligation to do so, such as for:
Law enforcement
Fraud investigations
Regulation and licencing
Court proceedings
Recordings are kept securely and confidentially. They will be deleted after one year unless there is an explicit reason to retain the data, such as a legal dispute.
Your rights relating to personal data
Please see details about your rights under the new data protection legislation introduced in May 2018.
We will keep the call Recording Privacy Notice under review with an annual review.
Version 3: 06th August 2021