Privacy policy
Privacy Statement
Protecting the security and privacy of your personal data is important to Idox plc and all its group companies (the "Idox Group"). Therefore, the Idox company referred to under corporate information on the website ("Idox") operates this website in compliance with applicable laws on data privacy protection and data security.
Idox processes and stores personal data in accordance with Data Protection Legislation.
Throughout this Privacy Policy we'll refer to our corporate website and any other Idox group brand websites or subdomains and country-level domain variants that link to this Privacy Policy collectively as our "Site".
Idox is committed to safeguarding and preserving your privacy when visiting our Site or communicating with us.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal data we collect.
- We are considerate about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
- We store personal information only for as long as we have a reason to keep it.
- We aim for full transparency on how we gather, use, and share your personal information.
- Idox acknowledges the rights of individuals to whom the personal data relates, and ensures that these rights can be exercised in accordance with the Data Protection Legislation.
This Privacy Policy provides an explanation as to what happens to any personal data that you provide to us, or that we collect from you.
In this policy, "Data Protection Legislation" refers to the General Data Protection Regulation (Regulation (EU) 2016/679), and the Data Protection Act 2018 to the extent that it relates to the processing of personal data and privacy and all applicable Law about the processing of personal data and privacy.
In the above statement, 'Law' means any law, subordinate legislation within the meaning of Section 21(1) of the Interpretation Act 1978, bye-law, enforceable right within the meaning of Section 2 of the European Communities Act 1972, regulation, order, regulatory policy, mandatory guidance or code of practice, judgement of a relevant court of law, or directives or requirements with which Idox is bound to comply.
What information do we collect about you?
We only collect information about you if we have a reason to do so – for example, to provide services or information more tailored to your needs, to communicate with you, or to improve our services.
In operating our Site, we may collect and process the following data about you:
- Details of your visits to our Site and the resources that you access, including, but not limited to, traffic data, location data, weblogs, IP address, operating system, access times, what browser you are using and other communication data.
- A number of Sites within our group of companies are tracked using Google Analytics and/or Hotjar (see Cookies).
- Information that you provide by filling in forms on our Site, such as when you register for information or make a purchase.
- Information provided to us when you communicate with us for any reason.
- Search data provided when using our services may be collected to help improve your experience.
Your choices about marketing communications:
Personal information will only be collected with your consent. Here are some examples:
When you opt-in to receive email communications from us, we will ask you to provide us with the minimum information needed to facilitate your request such as your name, email address, company, country and phone number. We will also invite you to select your communication preferences and topics you would like to receive information about which may be provided by other Idox group companies. By submitting your personal information and selecting your preferences, you are consenting to receive the particular piece of information you requested.
Types of communications may include:
- Product Updates
- Newsletter
- Whitepaper and Intelligence including reports, blogs, guides and surveys
- Exhibition and Event
- Video, Podcast and Webinar
- Promotional Offer
- Idox Company Updates
- Communications from another part of the Idox group, providing you have opted in to do so
Preferred communication method:
- Phone
- Direct Mail
Preferred topics:
- Public Sector and Government
- Grants and Funding
- Electoral Management
- Compliance
- Engineering Information Management
- Facilities Management
- Web and Creative Services
- Hospital Management
- Sexual Health
- Social Care
- Transport
Third party mailing lists
We may from time to time use personal information provided by third party providers such as Oscar Research. This data will be used in accordance with the provider's data transparency policy. All email communications using third party data will reference the data source and provide a link to that provider's privacy policy/transparency policy.
Personalised and tailored communications
In our email communications we may use web beacons that track your IP address (until you opt-in to receive communications you remain anonymous), to help us identify and monitor how visitors interact with our brand (e.g. website visits, content downloads, emails opened, social media engagement and which forms they've filled in).
We may also use tracked hyperlinks in our email broadcasts, which help us monitor which parts of our emails our audience are most interested in. We may use this data to develop future communications and promotions which we hope will be more relevant to you. The information we collect is used to help us segment our database by profiling our customers using marketing automation tools.
We use this information to profile and identify audiences and to target future messages according to your preferences and personal experiences which enables us to deliver personalised, tailored and targeted content and messages that match your specific wants and needs.
How we use information
We use information about you as described above and as follows:
- To communicate with you about offers and promotions offered by Idox, solicit your feedback, or keep you up to date on Idox and our products and services;
- To personalise your experience using our Sites, provide content recommendations and serve relevant advertisements;
- To monitor and analyse trends and better understand how users interact with our websites, which helps us improve our services and make them easier to use;
- To monitor and protect the security of our services, fight spam, and protect the rights and property of Idox.
How long do we retain your personal information?
We retain your personal data as long as you are registered to use the Site. After your organisation's contract has finished we will hold your data for up to 12 months (to aid in any renewals). You may close your account by either clicking on the opt-out link provided in one of our communications or email privacy@idoxgroup.com.
In some cases, there are legal requirements to keep personal data for a minimum period, for example if it must be retained by court or tribunal order or where Idox is under a contractual obligation to retain it. If there is no such legal requirement, Idox will only keep the personal data for so long as it is necessary for the purposes for which it was collected, or as expressly consented. If we no longer need your personal information, we will delete or de-identify it. Even if we delete your personal data, it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons, or for legitimate and lawful business purposes.
If you apply for a job with us, and if your application is not successful in the first instance, we may retain your personal information for up to twelve months so that we can consider you for other positions that may become available. If you would prefer us not to retain your personal information for recruitment purposes, please email join.us@idoxgroup.com.
Sharing of information
We do not share or sell your personal information with any other organisation, and we won't pass on your details except when we need to do so in order to complete a transaction – e.g. when arranging for a courier company to deliver goods that you have ordered.
There are, however, certain circumstances in which we may disclose, transfer or share your personal data with certain third parties without further notice to you, which are as follow:
- you have consented to the transfer/sharing of data;
- the transferring/sharing of data is necessary for the performance of a contract;
- the transferring/sharing of data is required under a legal obligation;
- the transferring/sharing of data is necessary to protect your vital interests;
- the transferring/sharing of data is necessary to carry out public functions (such as the administration of justice); or
- the transferring/sharing of data is necessary to pursue the legitimate interests of the company or third parties (unless it could unjustifiably prejudice your interests).
With regards to Impacter customers (only), your search and personal information may be shared with our partner IDfuse to help improve and tailor the service provided. This data will be used in accordance with the partner's data transparency policy.
Business transfers
As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganisation, dissolution or similar event, personal data may be part of the transferred assets. You acknowledge and agree that any successor to or acquirer of Idox Group (or its assets) will continue to have the right to use your personal data and other information in accordance with the terms of this Privacy Policy.
Parent companies, subsidiaries and affiliates
We may also share your personal data within the Idox Group which includes our Idox-branded subsidiaries and/or affiliates globally, if and to the extent this is necessary for answering or otherwise complying with your requests and will be bound to maintain that personal data in accordance with this Privacy Policy.
Employees, independent contractors and service providers
We ensure that all employees understand their individual responsibility relating to the requirements of the Data Protection Legislation. Employees are provided with appropriate training, instruction and supervision so that duties are carried out effectively and consistently. Employees will only be given access to personal data that is appropriate for the effective completion of their duties and tasks.
We may engage service providers and contractors that act on behalf and under the instructions of Idox to perform certain business-related functions. These service providers will only be provided with appropriate and minimal information for the duties/tasks to be undertaken. Idox requires that all such service providers endorse the principles set out under the Data Protection Legislation and adopt adequate technical and organisational security measures to ensure the processing of personal data only as instructed by Idox and for no other purposes.
Where information is stored
We use appropriate technical, organisational and administrative measures to protect any personal information we process about you. All personal information collected from you is stored on servers in the United Kingdom and other countries within the European Economic Area ("EEA").
With regards to Opidis customers (only), your personal information may be transferred outside of the EEA and stored on servers in the US. It may also be processed by staff operating outside the EEA who work for us or a member of our group.
We will protect your personal information in accordance with this Privacy Statement wherever it is processed.
Cookies & other technologies
On occasion, we may gather information about your computer to provide statistical information regarding the use of our Site. Similarly, we may gather information about your general internet use by using a cookie file. This information helps us improve our Site and the services that we provide to you.
Idox uses cookies and other tracking technologies like web beacons to help us identify and track visitors, usage, and access preferences for our Site, as well as track and understand email campaign effectiveness and deliver targeted ads.
Such information will not identify you personally – it is statistical data about our visitors and their use of our Site. This statistical data does not identify any personal details whatsoever. Examples of statistical information that we collect automatically:
Log information
When you visit our Site, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
Usage information
We collect information about your usage of our Site. For example, we collect information about your page views, referring/exit pages, duration of your visit, along with information about the type of device you used to access our Site. We use this information to perform statistical analyses of user behaviour and characteristics in order to measure interest in, and use of, the various areas of the Site. You cannot be identified from this information.
Location information
We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Site from a geographic region.
For more information about the cookies used on our Site, see our Cookie Statement.
For more information about the use of cookies and other online advertising technologies, please visit www.allaboutcookies.org. For more information about how you can exercise your choices in regard to online advertising, please visit www.aboutads.info.
Our policy towards children
We do not knowingly collect personal data from children. Please do not supply any personally identifiable information for a person under the age of 13 through any of our sites. If you are under the age of 13 and believe you have already provided personally identifiable information through the site, please have your parent or guardian contact us immediately at privacy@idoxgroup.com so that we can remove such information from our records.
Accessing, Correcting, Updating or Deleting Personal information
Marketing communications
You may at any time review or update your preferences or opt-out of any marketing mailing list for which you previously asked us to include you by sending us an email at privacy@idoxgroup.com or by clicking 'Preferences' or 'Unsubscribe' in any marketing email communication that we have sent to you.
However, if you want to delete or receive a copy of the personal information we hold about you in our systems, you will need to email your request to privacy@idoxgroup.com
Telemarketing
We want to make it as easy as possible for you to opt-out of receiving telemarketing calls. You have the option to either email us at privacy@idoxgroup.com or phone us on +44 333 011 1671 where we will invite you to leave a voicemail. Voicemail messages are picked up every working day and we will respond to your request within two working days.
Links to other sites
This site contains links to other sites. this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
If you have questions about the data collection procedures of linked sites, please contact those companies directly.
Single sign-on access
Name of the service | SSO Access to ResearchConnect |
---|---|
Controller of the personal data file and a contact person | Idox Software
Data Protection Officer privacy@idoxgroup.com |
Purpose of the processing of personal data | Personal data and log files are used by this Service Provider for
- user authorisation - to provide services or information you have requested - resolving technical problems and investigating abuse of the service Personal data processed The following data is retrieved from your Home Organisation: Required - e-mail address Optional - forename - surname |
Third parties to whom personal data is disclosed | We do not share your personal information with any other organisation except when we need to do so in order to provide access to the service you have requested |
How to access, rectify and delete the personal data |
When logged on to the system most of your personal data can be amended in the "Account details" area. For additional assistance contact grants.customer.services@idoxgroup.com To rectify the data released by your Home Organisation (Identity Provider), contact your Home Organisation's IT helpdesk. |
Data retention | We store personal information only for as long as we have a legitimate reason to keep it. We aim for full transparency on how we gather, use, and share your personal information. We acknowledge the rights of individuals to whom the personal data relates, and ensures that these rights can be exercised in accordance with the Data Protection Legislation. |
Data Protection Code of Conduct | Research and higher education users are assured your personal data will be protected in line with the Code of Conduct for Service Providers, a common standard for the research and higher education sector to protect your privacy. |
Service Provider and Jurisdiction |
Company name: Idox Software Ltd Registered office: Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB. Jurisdiction: Idox Software and our services are subject to the laws of England and Wales and subject to the non-exclusive jurisdiction of the English courts. |
General Data Protection Regulation Compliance
1. Data protection information
You are hereby informed of the processing of your personal data in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR).
2. Identity of the controller
Idox Software Limited, Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB
T +44 (0)333 011 1200
Email: info@idoxgroup.com
3. Contact details of the data protection officer
Data Protection Officer, Idox Software, Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB.
Mail: privacy@idoxgroup.com, by calling us on
Tel: +44 333 011 1671.
4. Processing purposes and legal basis
The processing of your data only occurs if a legal basis exists:
Art. 6 para. 2 lit. (b) GDPR in the context of pre-contractual or contractual measures with the data subject.
5. Data categories and data origin
We process only personal data which was transmitted by you for the purpose stated within our Privacy Policy. Most of the personal information we process is provided to us directly by you for one of the following reasons:
- You have registered to run a search of one of our information databases
- You have requested information about one of our products/services
- You have made general enquiry us.
- You have made an information request to us.
- You wish to attend, or have attended, an event.
- You subscribe to our newsletter.
- You have applied for a job or secondment with us
We also receive personal information indirectly, in the following scenarios:
- Your organisation’s administrator has registered you to run search of one of our information databases
- You have approached an intermediary organisation who have entered your details to find information for you.
6. Recipient and third country transfer
Within our company, we will only transfer your personal data to departments and persons who need it to enable delivery of the service which you requested. There is no transfer of personally identifiable data to third countries.
7. Your rights
When processing your data, you are entitled to the following rights according to Art. 15 to 22 GDPR:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right to restrict processing
- Right to data portability
- Right to object
Insofar as the processing of your personal data pursuant to Art. 6 para. 1 lit.(a) is carried out on the basis of your consent or (f) GDPR to safeguard legitimate interests, you have the right under Art. 21 GDPR to object to the processing of such data at any time without needing a reason. We will then no longer process this personal data unless we can prove compelling reasons worthy of protection to continue processing. These must outweigh your interests, rights and freedoms, or the processing must serve to assert, exercise or defend legal claims.
To exercise any of the above rights at any time, please email: privacy@idoxgroup.com
8. Duration of storage
We process your personal data as long as this is necessary for the execution of the service. In addition, the data is stored for a duration of 6 months after the end of the active use.
9. No automated decision making
No automated decision making (including profiling) is carried out.
10. Right of appeal to the supervisory authority
Under Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. For example, you can contact the supervisory authority responsible for our company:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Fax: 01625 524510
In principle, however, you can contact any data protection supervisory authority of your choice located in Europe.
Contacting us
If you have any questions, comments or concerns regarding this Privacy Policy, then please contact us via email at: privacy@idoxgroup.com, by calling us on +44 333 011 1671, or in writing to Data Protection Officer, Idox Software, Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB.
Privacy policy changes
We may change this Privacy Statement from time to time. If we make any changes, we will post these on this page and change the “Last Updated” date below. We encourage you to check this Privacy Statement frequently to stay informed of the latest modifications.
Last updated: November 2021.