Date: 12/04/2018

Scope

This Statement only applies to the Customer Data of those customers whose data are hosted by Advanced within the Advanced cloud or environment or any other public cloud as agreed with the Customer.

Any references to ‘we’, ‘us’ or ‘our’ in this Statement refer to Advanced and its subsidiaries.

Any references to ‘you’ or ‘your’ refers to the customer for which Advanced processes Customer Data.

Definitions

Statement

Statement means Services Privacy Statement. In this Statement, we explain how we collect, store, use, maintain and retain Customer Data.

As a Data Processor, we will process all Customer Data strictly on behalf of our customers in accordance with our contractual agreements with them and/or as required or permitted by law.

Customer Data

Customer Data means Personal Data which our customers and/or their end-users input or upload into the customer portals or services provided to them by Advanced. This does not include Customer Information collected directly by Advanced for business activities such as sales and marketing.

Advanced is the Data Processor in relation to Customer Data.

Customer Information

Customer Information means Personal Data we collect from visitors to our websites, data we collect about our customers or prospective customers, vendors, service providers, professional advisers, consultants and other third parties in the course of doing business.

Advanced is the Data Controller in relation to Customer Information.

Services Data

Services Data means the data that resides on Advanced, customer or third party systems to which Advanced is provided access to perform services, including cloud environments, test environment, development and production environments, in order to perform any of the services, including but not limited to:

  1. Consultancy and Training
  2. Professional services
  3. Support services
  4. Hosting
  5. IT and Administrative operations
  6. Technical Services
  7. Managed Services

Advanced is the Data Processor in relation to Services Data and treats it in accordance with the terms of the contractual agreement with you.

Personal Data

Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as:

“any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Data Processor

Under the EU’s General Data Protection Regulation (GDPR) a processor is defined as a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;

Data Controller

Under the EU’s General Data Protection Regulation (GDPR) a controller is defined as a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;"

Data Processing Activities

How do we use Customer Data?

Customer Data may be processed by us as a result of customer’s use of the services when our customers or their end-users input to upload information into the relevant service (platform/portal/environment). For example, customers who use any of our products or services may upload Customer Data about themselves or their employees to the customer support portal for the purpose of providing support services.

Why does Advanced need to collect and store Customer Data?

Advanced needs to collect and store Customer Data which will be limited to the following purposes:

  • To provide and deliver the services;
  • To prevent or to address any service or technical problems;
  • To respond to a customer’s request or instructions, or to provide customer service or support;
  • For any other purpose as provided for in the agreement between us and the customer, or as otherwise authorised by the customer;
  • In accordance with or as may be required by law.

Will Advanced share Customer Data with third parties?

We do not sell Customer Data to any third-parties unless otherwise agreed through a contractual agreement and/or software license or agreement.

We may share Customer Data with third-parties in the following instances:

  • Within Advanced and its subsidiaries in accordance with this Statement;
  • Trusted agents, consultants and service providers to perform business related functions;

How will Advanced process Customer Data?

Advanced will process (collect, store, use, maintain and retain) Customer Data that you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR) and other applicable legislation. We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.

How will Advanced retain Customer Data?

Advanced will retain Customer Data in accordance with the contractual agreement with you. In addition, Advanced is required to retain information in accordance with the law, such as information needed for income tax and audit purposes. How long certain kinds of Customer Data should be kept may also be governed by specific business-sector requirements and agreed practices. Customer Data may be held in addition to these periods depending on individual business needs.

Under any circumstances, Advanced will not keep Customer Data longer than required for any of the purposes specified above.

Under what circumstances will Advanced contact you?

We will contact you in order to perform the services or in relation to the products and services provided to you. The means of our communication will be compliant with the terms of the contractual agreement with you.

Security

We deploy and maintain appropriate security measures across all our services in order to protect Customer Data from unauthorised disclosure, loss or destruction. However, we expect our customers and their end users to access the services within a secure environment and notify us of any misuse or loss of integrity. If you believe that your password has been misused or compromised, please change it immediately and notify us as soon as possible.

Data Transfer outside EEA

Advanced has a global presence with operations in countries outside EEA. For this purpose, Advanced has signed standard contractual clauses, which are issued and authorised by the EU Commission, with the parts of the organisation outside EEA. Advanced will share data with the staff at offices outside EEA in order to provide services to you.

All Advanced facilities have a data protection compliance framework and secure architecture in place to keep the data secure. Any data transfer to a country outside EEA will be compliant with the applicable data protection legislation and the contractual agreement with the customer.

Data Subject Rights

As an end user, if you have any questions or concerns about the processing of Customer Data, please contact our customer (Data Controller) directly.

Similarly please direct any of the following requests, in relation to Customer Data, to the customer:

  • Data Subject Access Request
  • Request to rectify/amend/delete your data
  • Request to restrict processing of your data

Following your request, if the customer contacts us in order to retrieve, amend or delete your data, we will do so in accordance with our contractual agreement with them and the applicable data protection legislation.

Contact details

If you have any questions or concerns regarding this Statement or if you need to access, update, change or remove Personal Data (Customer Information) that we control, please contact the DPO:

Group Data Protection Officer
Advanced 230 City Road
Old Street
London
EC1V2TT

Email: dataprotection@oneadvanced.com

Disclaimer

We reserve the right to change, modify, add or remove parts of this Statement. However, we would notify the customer (Data Controller) in such instances and also alert the end users of these changes by indicating the date on which the Statement was posted. When you access and use our products and services, you are accepting the current version of this Statement posted at that time. We recommend that you visit this Statement occasionally in order to see the latest version.