For each visitor that signs up for our Try It test, we collect only the information that is requested on the Try It test signup form. Our web servers may collect the domain name or IP address of visitors to our web page's. Unless otherwise stated on our web site, we collect the email addresses of those who communicate with us via email and information volunteered by you such as but not limited to Try It test signup information, survey information, and/or site registrations.
The information we collect may be used to create an aggregate demographic profile of our user base so that we can improve content and services and provide aggregate information to potential advertisers (no individual information is provided to any third-party without your consent), to customize the content and/or layout of our email messages or pages for each individual visitor, to notify you about updates to our web site and services, to send you our opt-in e-mail newsletter(s), to provide you with the products and/or services for which you signed-up or subscribeed, which may include sending service disruption notices or other service- or product-related information via email, and is not shared with other organizations for commercial purposes without your consent. We may share collected information with another company in the event that we merge with or are acquired by another company. Upon request, we will provide you with the information (e.g., email address, name, etc.) that we maintain about you.
If you have been supplied with access by a third party company, or have used a code supplied by a third party company in your account information, we will provide access to your results to that third party company for analysis intended to aid their help to you.
If you supply us with your postal address on-line you will only receive the information for which you provided us with your address. If you supply us with your telephone number, you will only receive telephone contact from us with information regarding your inquiry.
We strive to maintain appropriate security measures in our respective physical facilities to protect against the loss, misuse or alteration of information that we have collected from you for being part of our email list. Although we take reasonable measures to secure our data, we cannot guarantee that the measures taken are or will remain adequate. Since we may include links from messages sent to the email list to other companies' web sites, please refer to the privacy policies of those sites for information on how they handle security for information they collect.
In this clause Data Protection, the terms “personal data”, “process” or “processing”, “data controller”, “data processor” shall bear the meanings attributed to such terms under the Data Protection Law (as defined below). In this clause Data Protection, the term “Data Protection Law” means the Data Protection Act 1998, the Privacy and Electronic Communications Regulations 2003, and all other applicable laws, enactments, regulations, orders, standards and other similar instruments, each as may be amended or superseded from time to time (including the General Data Protection Regulation, which shall supersede the Data Protection Act with effect from 25 May 2018, and any legislation which amends, re enacts or replaces it in England and Wales);
If the Data Processor processes any personal data (as defined in the Data Protection Law) on the Data Controller’s behalf when performing its obligations under this agreement, the parties record their intention that the Data Controller shall be the data controller (as defined in the Data Protection Law) and the Data Processor shall be a data processor (also as defined in the Data Protection Law) and in any such case the Data Processor shall:
(a) maintain at all times an appropriate notification under the Data Protection Law (where required);
(b) only carry out processing of any such personal data on the Data Controller’s instructions from time to time;
(c) take and/or implement all appropriate technical and organisational measures against unauthorised or unlawful processing of such personal data, and against accidental loss, alteration or destruction of, or damage to, such personal data, and ensure the security of such data at all times (and the Data Processor shall promptly inform the Data Controller if any personal data are lost, altered or destroyed or becomes damaged, corrupted or unusable and shall (at its own expense) take such steps as the Data Controller may reasonably require to restore the personal data to its original condition);
(d) not modify, amend or alter the contents of such personal data other than as strictly necessary for the purposes of providing the Services;
(e) not disclose or permit the disclosure of any such personal data to any third party (including a data subject) unless specifically authorised in writing by the Data Controller;
(f) only use and process such personal data in accordance with the terms of this agreement and in compliance with the provisions of the Data Protection Law, and only then to the extent absolutely necessary for and in connection with the provision of the Service to the Data Controller, and for no other purpose whatsoever;
(g) only transfer such personal data to countries outside the European Economic Area that ensure an adequate level of protection for the personal data and the rights of the data subject and in any event only with the express prior written authorisation of the Data Controller which may be granted subject to such conditions as the Data Controller deems necessary in its sole discretion;
(h) not do anything, nor permit anything to be done, which might jeopardise or contravene the terms of any data protection notification of the Data Controller’s; and
(i) on termination of this agreement or any earlier termination of the Data Processor’s right or obligation to process personal data, and as otherwise directed by the Data Controller, the Data Processor shall either:
a. destroy the personal data and all copies thereof;
b. transfer the personal data to the Data Controller or such other third party as the Data Controller may direct; or
c. archive the personal data subject to agreement on terms of archiving including costs.
If The Data Processor receives any complaint, notice or communication which relates directly or indirectly to the processing of personal data or to compliance by it or the Data Controller with the Data Protection Law (including requests from data subjects for the exercising of their statutory rights), it shall promptly notify the Data Controller and shall provide the Data Controller with full co-operation and assistance in relation to any such complaint, notice or communication.
The Data Processor shall provide all reasonable assistance to the Data Controller, having regard to the nature of processing and the information available to the Data Processor, in order to assist the Data Controller to comply with its obligations under the Data Protection Law (including the notification of a personal data breach to the Information Commissioner and to the data subject(s) affected, and the preparation of data protection impact assessments, where appropriate).
The Data Processor shall keep and provide to the Data Controller on request a record of the Data Processor's use of the personal data and processing activities and shall make available to the Data Controller all information necessary to demonstrate compliance with the Data Processor's data processing obligations set out in this agreement.
The Data Processor shall take reasonable steps to ensure the reliability of all its employees or other representatives who have access to the personal data and shall ensure that all such persons:
(a) are informed of the confidential nature of the personal data before they gain access to it;
(b) have committed themselves to confidentiality obligations or are under an appropriate statutory obligation of confidentiality; and
(c) have undertaken training in the requirements of the Data Protection Law
The Data Processor agrees to indemnify (and keep indemnified) the Data Controller against all costs, expenses and liabilities arising from the Data Processor’s breach of its obligations under this Clause Data Protection limited to the amount of any fees paid by the Data Controller to the Data Processor in the financial year of any such breach.
The Data Controller shall ensure that it is entitled to make the relevant personal data available to the Data Processor so that the Data Processor may lawfully use and process such personal data in accordance with this agreement on the Data Controller’s behalf.