Image-6

Open4Business Trans Pennine Portal Privacy Policy

SSE is committed to protecting the privacy of your information in accordance with the principles set out in the Data Protection Acts (DPA) of 1994 and 1998. This policy explains how we use personal information we collect about you when you use our websites or get in contact with us.

What information do we collect?

We collect information about you when you register with us, place an order for our products or services, sign up to one of our newsletters, or sign up for our events. We also collect information when you complete our surveys or send us enquiries. This may cover anything from your contact details such as name and address, job title, email address, telephone numbers, information about your business such as type and industry sector, to services and products purchased. We do not store any personal banking or credit card details.

We also collect information about your use of our websites and how you arrived at our website in the first place. This can include what links or adverts of ours you viewed or clicked on to reach us, or any search terms you have used. We can also see which pages of our websites you have viewed and for how long. All this information helps tell us what content is popular with our customers so we can improve our services and products.

How will we use the information we hold about you?

We collect information about you to provide you with access to our services, process your order, manage your account, facilitate provision of our services to you, assist in training or consultancy processes, support quality monitoring and help to determine how our services can be improved, and to keep you informed of the latest services available to you that we think may be of interest or relevance to you. We may also use this information to decide what content you are interested in, to measure the success of our marketing campaigns, and to better understand our customers. From time to time, we may also contact you for market research purposes. We may also use the information to customise or tailor our websites, products and services according to your interests.

Will we pass this information on to other companies?

We do use third parties to process your information on our behalf, to ensure that we can fulfil all our obligations to you. We only work with companies that prioritise the protection of personal data and pass the strict organisational and technical security standards that we set. The only other times we will pass your details to anyone else would be if we have to do so for fraud or other legal purposes. We will not sell or lease your personal information to third parties unless we have your permission or are required by law to do so.

How do we keep your information secure?

We take the security of your information very seriously and are certified to ISO 27001 standard. We use multiple layers of firewalls to ensure that user data is kept as secure as possible, specialist devices to detect and prevent intrusion attempts, and encryption systems to ensure data is scrambled while being transmitted from system to system. We employ equally rigorous physical security policies to prevent physical access to our data centres. We perform regular system patching and employ an independent security company to perform penetration tests (authorised attempts to try to hack our systems to show any risks) annually and when we bring new systems online. We ensure that third parties employ the same rigour when handling data, ensuring that they apply security far in excess of regulatory requirements.

How long will we keep information?

We will only keep information about you for as long as we need to. We make sure that any companies that process your data on our behalf do the same. We have an internal retention policy with varying retention periods for different categories of information depending on our legal obligations and whether there is a commercial need, such as answering member account queries. After a retention period has elapsed, the data is deleted.

Other websites

Our websites may contain links to the websites of other organisations. This privacy policy only applies to our websites, so when you link to other websites you should read their own privacy policies and terms and conditions. We cannot accept responsibility for your use of these websites.

How we use cookies

Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser to enable our systems to recognise your browser and to provide personalised information.

The Help menu on most browsers will tell you how to prevent your browser from accepting new cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons. However, because cookies allow you to take advantage of some of our websites features, we recommend that you leave them turned on.

If you do leave cookies turned on, be sure to sign off any logged-in service when you finish using a shared computer.  You can manage these small files yourself and learn more about them through Internet browser cookies – what they are and how to manage them

Cookies for enabling the provision of services

Our website sets a cookie that stores a unique identifier for your session:
Name: <service>_signon or JSESSIONID
Typical content: randomly generated alpha-numeric value
Expires: After 4 hours of user inactivity or upon closing the browser

Our website sets a cookie that stores your username if you set remember me to true to keep you signed in to your computer:
Name: username
Typical content: username of user who has signed on
Expires: 1 month after sign in

Our website sets a cookie that stores an encrypted security string if you set remember me to true to keep you signed in to your computer securely:
Name: ACEGI_SECURITY_HASHED_REMEMBER_ME_COOKIE
Typical content: encrypted security ID string
Expires: Immediately

Cookies for improving services

Google Analytics sets cookies to help us accurately trend user activity and page requests. This ensures that the service offers the most user friendly journey through the application:
Name: __utma
Typical content: alpha-numeric value
Expires: when user exits the browser

Name: __utmb
Typical content: alpha-numeric value
Expires: when user exits the browser

Name: __utmc
Typical content: alpha-numeric value
Expires: when user exits the browser

Name: __utmd
Typical content: alpha-numeric value
Expires: when user exits the browser

 

Changes to our privacy policy

We keep our privacy policy under regular review and we will place any updates on this web page. If there is a material change that could have a detrimental effect on you, we will notify you by placing a prominent announcement on our web pages.

Your rights

You have the right to ask for a copy of the information held by us in our records in return for which we will charge a small fee. You also have the right to require us to correct any inaccuracies in your information. We respect your right to privacy. If you tell us that you do not wish to have your information used in the ways we have specified, we will respect your wishes. If you would like a copy of some or all of the personal information we hold about you, please write to us at SSE, Inveralmond House, 200 Dunkeld Road, Perth PH1 3AQ.

‘Open4Business Trans Pennine’ Privacy Policy v.0 – September 2013 © SSE 2013