Ministry of Justice

Privacy commitment

We, at BCS Global Networks Limited (trading as Pinnaca), are committed to protecting and respecting your privacy and the purpose of this notice is to provide you with information on who we are, how and why we collect, and process your personal data.

It is important that you read this privacy notice carefully together with any other privacy notice we may provide to you on specific occasions when we are collecting or processing personal data about you to ensure you are fully aware of how and why we are using your data. This privacy notice supplements other notices and privacy policies and is not intended to override them.

Contents

1. Who we are

BCS Global Networks Limited (we, us or our), you may also know us by our trading name Pinnaca, are a long-established video collaboration company and are registered in England and Wales with company number 05239560.

You can find out more about us and our business here.

We are the data controller and responsible for your personal data that we process in connection our website.

2. Contact Details

Our head office is located at 17-23 High Street, Slough, Berkshire, SL1 1DY

Tel: +44 (0) 1753 705 400

Email: privacy@pinnaca.com

We have appointed GRCI Law as our DPO and if you have any questions about this privacy notice, data processing practices, data protection matters generally, or you wish to exercise your legal rights you can contact them using the details set out below or via privacy@pinnaca.com.

Data Protection Officer                            Emaildpoaas@grcilaw.com

GRCI Law

Unit 3 Clive Court                                   Telephone: +44 (0) 333 800 7000

Bartholomew’s Walk

Cambridgeshire Business Park

Ely CB7 4EA                            

3. What personal data we collect about you

We may collect, use, store and/or transfer different kinds of personal data about you.

What we mean by personal data is any information about an individual from which that person can be identified (either by itself or when combined with other information).

We will limit the collection and processing of personal data to what is necessary to achieve one or more purpose(s) as identified in this notice. The personal data we collect about you will include the following depending on our interaction with you:

  • Basic personal data to identify you such as your first name, maiden name, last name, username or similar identifier, title, occupation, job title, date of birth;
  • Your contact information including your email address, address, geographical region and telephone numbers;
  • Your CV or resume, qualifications, skills, experience and such role related information as may be required to complete a job application via our website;
  • Online information and online activity based on your interaction with us, our websites and applications for example your internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types, searches, site visits and versions, operating system and platform, and other technology on the devices you use to access this website;
  • Usage Data including statistical data including information about how you use our website and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We may also process:

  • Other information relevant to feedback regarding our website.

It is important that the personal data we hold about you is accurate and current.

Please keep us informed if your personal data changes during your relationship with us.

4. Children

We do not provide services directly to children or proactively collect their personal data.

5. How we collect personal data

Your personal data comprises personal data provided to us including;

  1. You give to us directly where you:
  • contact us directly via telephone, letters or email;
  • use our online customer support forms, contact forms, or apply for a job with us online;
  • search for our services;
  • request services electronically or otherwise;
  • request marketing material to be sent to you; and/or
  • give us feedback or contact us.
  1. Information we learn about you through our relationship and the way you interact with us;
  2. Information we may receive from third parties from time to time;
  3. Information we gather using technology, which you may use to access our website (an IP address for example or telephone number), and how you use technology (for example recognizing behavioral patterns).

6. How and why we use your personal data

We will only use your personal data where it is necessary to carry out our business activities and we are required to have one or more of the following reasons for using your personal data:

  1. Performance of a contract – the personal data we may need to deliver our services to you;
  2. Legal obligation – where we are required by law to process your personal data;
  3. Legitimate interest – where we are permitted to use your personal data where on balance the benefits of us doing so is not outweighed by your legal rights;
  4. Consent – where your agreement is sought prior to utilizing your personal data. Wherever consent is the only reason for using your personal data you have the right to change your mind and/or withdraw your consent.

Throughout your relationship with us, we are required to collect and process certain personal data about you. We will mainly use your personal data in the following ways:

  1. To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we provide to you.
  2. To use data analytics to improve our website, marketing, client relationships and experiences.
  3. Register as a potential customer lead and contact you to understand your requirements;
  4. Register you as an employment candidate and communicate with you regarding your job application in accordance with our recruitment process;
  5. To manage our relationship with you including:
    1. notifying you of changes to our website;
    2. notifying you of changes to this privacy notice;
    3. asking you to leave a review.
  6. Where you consent send marketing material to you
  7. To answer any queries or help resolve any problems or complaints you may have.

Please note that if you do not agree to provide personal data requested, it may affect how we deliver certain aspects of our service for instance we may not be able to assist you with your request, our website may not function as we would normally expect and therefore we may be unable to meet your specific requirements.

7. Marketing

You may choose to restrict the collection or use of your personal information for direct marketing purposes.

If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us at privacy@pinnaca.com.

If you are an existing contact, we will only contact you by electronic means with information about services which you have previously purchased from us or inquired about.

If you are a new client, and where we permit selected third parties to use your data, we (or they) will contact you by post or electronic means only if you have consented to this. As mentioned above, you can choose not to receive these types of communications by contacting us.

8. Data security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9. Your rights

You have several rights under data protection laws which are set out below. You can access any of these rights at any time and if you wish to do so or require further information about your rights please contact us using the details above.

  1. Access – the right to request a copy of the personal data we hold on you. When you request this data, this is known as making a Subject Access Request (SAR). In most cases, this will be free of charge, however in some limited circumstances, for example, repeated requests for further copies, we may apply an administration fee;
  2. Rectification of personal data – is the right to have any inaccurate personal data corrected;
  3. Erasure of personal data – the right to have any out of date personal data deleted once there’s no business need or legal requirement for us to hold it;
  4. Restriction of processing personal data – the right to object or restrict some processing, in limited circumstances and only when we don’t have legitimate grounds for processing your personal data;
  5. Objection to processing of personal data – the right to object to your personal data being used for example to send you marketing material. As mentioned above, we’ll only send you marketing material where you’ve given us your consent to do so.  You can remove your consent at any time;
  6. Automated decision making – the right to ask for a decision to be made manually, where a decision is made using automated means and this adversely impacts you; and
  7. Portability – the right to have personal data we hold about you transferred securely to another service provider in electronic form.

10. How to make a complaint

We hope that we can resolve any query or concern you raise about our use of your personal data whether it is in relation to this privacy notice, our handling of personal data in compliance with Privacy Shield Principles or any other privacy matter and therefore ask that you contact us in the first instance and we will work with our Data Protection Officer to resolve your issue.

If you’re not satisfied with our response, you can raise a complaint with the Supervisory Authority where you reside at any time or if you are dissatisfied with our response. Please see https://www.eudpr.com/supervisory-authorities. The ICO is the UK’s supervisory authority whose role is to enforce data protection laws. (https://ico.org.uk/)

We are committed to co-operating with and following the advice of any such Supervisory Authority in relation to the transfer of personal data from the EU or UK to the US.

11. How and why we share your personal data

We may share your personal data with the following organizations who are also required to keep your information confidential, safe and secure:

  1. Third parties including professionals and subcontractors who provide, services and administrative support necessary to provide our website to you;
  2. Where we are required to do so we will share your information with law enforcement agencies, judicial bodies, fraud prevention agencies, governmental entities, or regulatory bodies around the world;
  3. Where required as part of any proposed sale, reorganization, transfer, financial arrangement, asset disposal or other transaction relating to our business and/or business assets;
  4. Anyone else with your permission.

12. Privacy Shield

We comply with the EU-U.S. Privacy Shield Framework (Privacy Shield) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and the United Kingdom to the United States in reliance on Privacy Shield.

We have certified to the Department of Commerce that we adhere to the Privacy Shield Principles with respect to such information.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/.

In compliance with the Privacy Shield Principles, Pinnaca commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Privacy Shield policy should first contact our DPO using the following details:

Data Protection Officer                            Emaildpoaas@grcilaw.com

GRCI Law

Unit 3 Clive Court                                   Telephone: +44 (0) 333 800 7000

Bartholomew’s Walk

Cambridgeshire Business Park

Ely CB7 4EA

Pinnaca has further committed to cooperate with the panel established by the EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints concerning human resources data transferred from the EU in the context of the employment relationship.

Pinnaca is subject to the investigatory and enforcement powers of the FTC, the Department of Transportation or any other U.S. authorized statutory body.

It is possible that, under certain conditions, for the individual to invoke binding arbitration,

Please note that Pinnaca may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

13. Transferring personal data overseas

We may share your personal data with organizations in other countries outside of the EEA to fulfill your contract with us.

We will employ appropriate safeguards where we share your personal data in the form of standard model clauses as approved by the European Commission or under Privacy Shield program.

If we transfer personal information received under the Privacy Shield to a third party, the third party’s access, use, and disclosure of the personal data must also be in compliance with our Privacy Shield obligations, and we will remain liable under the Privacy Shield for any failure to do so by the third party unless we prove we are not responsible for the event giving rise to the damage.

14. Brexit

With effect from 11 p.m. on 31 January 2020 the United Kingdom (UK) formally left the European Union (EU).

The UK is now in an 11-month transition phase as both parties concluded the Withdrawal Agreement prior to the departure date.

The transition phase is in effect until 31 December 2020. Throughout the transition phase the General Data Protection Regulation (GDPR) and other relevant EU legislation continue to apply to data protection and cyber security matters.

Nevertheless, there will be no change in the way we process or protect your personal data.

15. How long do we hold personal data?

We keep your personal data for no longer than is necessary. how long we keep your personal data depends on several factors including but not limited to the nature and type of record, the nature of the activity, the product or service and any applicable legal or regulatory requirements.

It is usual for us to keep personal data for up to seven years after your relationship with us ends but some exceptions may apply. Our retention periods may be subject to change based on commercial, legal or regulatory requirements.

16. Californian Consumer Privacy Act (CCPA)

Californian residents are afforded certain rights under the California Consumer Privacy Act (CCPA):

  • You have the right to request that we disclose what personal information about you we collect, use, disclose, and sell. More specifically, you have rights to the following without charge:

Disclosure of Personal Information We Collect About You

  • You have the right to know, upon submission of a verifiable request, the categories of personal information we have collected about you, the categories of sources from which we collect personal information, our business or commercial purpose for collecting or selling personal information, the categories of third parties with whom we share personal information, if any, and the specific pieces of personal information we have collected about you.
  • We will not retain any personal information about you that was collected for a single one-time transaction if, in the ordinary course of business, that information about you is not retained; not reidentify or otherwise link any data that, in the ordinary course of business, is not maintained in a manner that would be considered personal information; and reserve our right not to provide personal information to you more than twice in a 12-month period.

Disclosure of Personal Information Sold or Disclosed for a Business Purpose

  • In connection with personal information we may sell or disclose for a business purpose, if any, you have the right to know the categories of personal information about you that we sold and the categories of third parties to whom we sold the personal information, and the categories of personal information that we disclosed about you for a business purpose, and the categories of third parties to whom we disclosed personal information for a business purpose.

Deletion of Personal Information

  • Subject to the exceptions set out below, and upon your submission of a verifiable request, you have the right to deletion of your personal information from our records, and to have us direct our service providers delete your personal information from their records.
  • We are not required to, and reserve our right not to, delete your personal information it if is necessary to complete the transaction for which the personal information was collected or reasonably anticipated within the context of our ongoing business relationship with you, provide a good or service requested by you, or otherwise perform a contract between you and us; detect security incidents; protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity; debug, identify, or repair errors that impair existing intended functionality; or exercise another right provided for by law; comply with the California Electronic Communications Privacy Act; enable solely internal uses that are reasonably aligned with your expectations based on the your relationship with us; comply with an existing legal obligation; and otherwise use your personal information, internally, in a lawful manner that is compatible with the context in which you provided the information.

Your Right to Opt-out of the Sale of Personal Information

  • A “sale” under California law is defined as any transfer of personal information for value. Because personal information is valuable to many businesses, many commonplace transfers are considered to be sales under the law. You have the right to opt-out of the sale of your personal information. We do not sell personal information other than website analytics data.
  • If you exercise your right to opt-out of the sale of your personal information, we will refrain from selling your personal information, unless you subsequently provide express authorization for the sale of your personal information.
  • To opt-out of the sale of your personal information, click on the Do Not Sell My Personal Information link at the bottom of any page on our website, or click here.

Freedom from Discrimination

  • You have the right to not be discriminated against by us if you exercise any of your rights under the California Consumer Privacy Act. This means we cannot do any of the following on the basis of your exercise of these rights: deny goods or services to you; charge different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties; provide a different level or quality of goods or services to you; or suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

How to exercise your rights

  • Unless otherwise specified, to exercise any of your rights described in this Notice, please email us at privacy@pinnaca.com or call us toll-free at +1 (952) 831-7215.
  • In order to verify your request, you will need to provide us with enough information to identify you, verify your identity and address, and a description of what right you wish to exercise along with any information to which your requests relates.
  • You may also designate an authorized agent to make a request under the California Consumer Privacy Act on your behalf. In order to fulfill your request to know or delete submitted by an authorized agent, you must provide the authorized agent written permission to do so, and we may require you verify your own identity with us directly.
  • We reserve our right not to make a data access or portability disclosure if we cannot verify that the person making the request is the person about whom we collected information or someone authorized to act on such person’s behalf. Any personal information we collect from you to verify your identity in connection with your request will be used solely for the purposes of verification. You will not have to pay a fee to exercise your rights described herein. However, we may charge a reasonable fee or decline to comply with your request if your request is clearly unfounded, repetitive, or excessive. You may only make a request to know or receive personal information twice within a 12-month period.

17. Links to other websites

Within our website we may have links to third party websites, plug-ins and applications. Clicking those links may enable third parties to share or collect your personal data.

Please be aware that we do not control such third-party websites and are not responsible for their privacy statements or the contents of those websites. We would encourage you to read the privacy notice of every website you visit.

18. Changes to the privacy notice

We keep our privacy notice under regular review. Any changes to our privacy notice in the future will be posted here. We encourage you to review this page regularly to identify any updates or changes to our privacy notice.

Version 4.0 effective 26 June 2020

Questions or concerns regarding our Privacy Notice

If you have any questions or concerns about our Privacy Notice, or should you wish to file a complaint about anything relating to our Privacy Notice, do not hesitate to contact Dan Giesen, VP Operations, at dgiesen@pinnaca.com.