Privacy policy

It should be noted that this website is mostly a "static website", which aims to present the company and its products to users of the site.
With this Privacy Policy CRIF Decision Solutions (CDS) intends to describe the methods adopted in the management of this website with reference to the processing of its users' personal data.
This is a general notice, issued to all those who consult the website, in compliance with the provisions of the General Data Protection EU Regulation 679/2016 (GDPR), the Data Protection Act 2018, The Privacy and Electronic Communications (EC Directive) Regulations 2003 and other applicable laws.
When using certain services, users will be provided with specific and detailed privacy notices in accordance to Articles 13 and/or 14 of GDPR.

The Data Controller
Following access and consultation of this site, data relative to identified or identifiable persons may be processed.
The data controller is
CRIF Decision Solutions Ltd., with a registered office at:
150 Aldersgate Street, London EC1A 4AB
Company number: 3395992

Processing Methods
The data shall be processed in a lawful fashion, so as to ensure data security and confidentiality, as foreseen by GDPR provisions and all applicable laws. Personal data shall be processed using electronic or other automated means.

Purposes of processing
The data shall be processed so that we can record visitors to our site, identify users who download articles or other material from the site and build up a contacts database for direct marketing purposes.

Ground of processing
The data shall be processed on the basis of our legitimate interest in
• promoting our business;
• inviting you to events, seminars, webinars, etc;
• developing and maintaining business relationships;
• administrative and operational processes within our business;
• protecting the security and integrity of our IT systems and online platforms;
• managing and administering our relationship with business contacts, clients and potential clients;
• sending you marketing material, newsletters, and other information, providing you do not opt-out of receiving marketing communications;
• monitoring and analysing your receipt of, and interest in, material we send you;
• analysing visitors to our website; and
• analysing who is interested in material we publish on our site and what material is of most interest.

When we process your Personal Data based on our legitimate interests, we make sure to consider and balance any potential impact on you and your data protection rights. We will not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted by law).

In certain circumstances we may rely on your consent to send you electronic direct marketing communications.

Recipients of the personal data
We may disclose some or all of the Personal Data we collect from you to certain trusted third parties in accordance with contractual arrangements we have in place with these third parties, including:
• third parties who assist us in marketing and promoting the firm;
• suppliers and service providers to whom we outsource support services, in particular CRIF SpA, Via M. Fantin 1-3, 40131, Bologna, Italy;
• other IT service providers; and
• third parties involved in hosting or organising events or seminars.

We may also share your data if it is a legal or regulatory requirement, eg, if a law enforcement official asks us for information about you, we may disclose that information where necessary to do so.
 
Data transfer
Generally, the data provided by CDS’s customer will not be transferred outside the European Union. However, it is possible that this transfer takes place in accordance with the type of service provided by CDS. For each service taken by any customer, CDS will provide a specific privacy notice with details of the countries where the data are transferred. However, when personal data will be transferred outside the European Union, the transfer will be put in place in accordance with provisions of GDPR and all applicable laws (as specified in each privacy notice).

Processed Data Types
The information systems and software procedures involved in the operation of this site acquire certain personal data during their normal operation. The transmission of this data is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified parties, however, due to its very nature, it could make it possible to identify users through processing activity and association with data held by third parties. The type of data acquired includes IP addresses and the domain names of users' computers who connect to the site, the addresses of the resources requested in URI notation (Uniform Resource Identifier), the time the request was made, the method used in making the request to the server, and other parameters related to the operating system and the computer environment of the user.

Data Submission
The optional and voluntary sending of emails to the addresses indicated on the site, or by completing contact forms or other forms on the site, involves the acquisition of the user's personal data, necessary in order to respond to their requests
You are free to decide whether to provide the personal data necessary for CDS to supply the requested services. Failure to provide this data may make it impossible CDS to supply the requested information or services.

Data storage
We will keep and process your Personal Data for these purposes for a period of 18 months after the last interaction, after which we will keep aggregated information (which will not allow individuals to be identified) for analytics purposes.  
If you wish to opt out of receiving marketing emails, newsletters or other such communications, you may do so at any time by emailing us at marketing.uk@crif.com.   In addition, all electronic communications you receive from us will include clear instructions for how you can withdraw your consent to receiving any further communications. However, we need to retain some identifying information to enable us to suppress any future communications.

Cookies
For more information on our cookie policy, please click here

User Rights
We also inform you that you have the right to request of us access to, and rectification or erasure, of personal data or the restriction of processing concerning your data or to object to processing as well as the right to data portability. Furthermore, to the extent that our processing may be based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal.

Please bear in mind that your rights in relation to your Personal Data are not absolute. You may be asked for additional data to verify your identity. This will only be used for verification purposes, not stored, and securely destroyed once the request has been processed.

You can exercise your rights in relation to your Personal Data by contacting:
CRIF Decision Solutions Ltd.
150 Aldersgate Street, London EC1A 4AB
or contact our Data Protection Officer at dpo.uk@crif.com  

You also have a right to complain to the Office of the Information Commissioner, using the following link: https://ico.org.uk/concerns/

Updates and changes
We may amend this policy on occasion, in whole or part, at our sole discretion. Any changes will be effective immediately.  You should check this page from time to time to take notice of any changes we make, as they will be binding on you.

If at any time we decide to use your Personal Data in a manner significantly different from that stated in this policy, or as otherwise disclosed to you at the time it was collected, we will notify you by e-mail, and you will have a choice as to whether or not we use your Personal Data in the new manner.