Privacy & Cookie Policy

Your privacy on the Internet is important to us. As the Internet offers the ability to collect certain types of information about users, we want you to understand the terms and conditions surrounding the capture, use and processing of any information we gather. To that end, this privacy policy discloses what information we gather and how we use it. PrivacyEngine ("PE") is a Sytorus product (www.sytorus.com). Sytorus complies with the requirements of the relevant Irish legislation, namely the Irish Data Protection Act (1988), and the Irish Data Protection (Amendment) Act (2003).


Personal Data Collected

PE collects the following pieces of personal information through the web site and the application:

  • First name and surname of users
  • Email addresses of users
  • The company a user works with, and their Department or Business Unit
  • Comments contained in interactive correspondence may contain personal information
  • Company details which may include personal information of individuals, such as contact details of key staff
  • Results of all training modules and exams completed
  • Results of any questions answered
  • Details on what policies users have viewed on completing training modules

Processing of Personal Data

Due to the nature of the services provided by PE, there is regular and active exchange of personal data between Sytorus and its Users. There are two different types of Users of PE, a Data Protection Officer ("DPO") user and a staff user.

PE processes personal information in the following ways:

  • PE may email DPO users in providing the service, for example, in response to a question to a query posted
  • PE will store information relating to queries until three months after that query is resolved
  • PE will store information on use and completion of online training modules for as long as the company is a subscribed member.
  • If the company ceases its subscription the information will be anonymised and/or removed within one year of the termination of its subscription package
  • PE processes credit card payments through a third party system. This process complies with the principles of the PCIDSS standard, and PE never stores credit card information at any time
  • Information relating to queries and training modules will be aggregated, anonymised and analysed in order to improve the service provided. Sytorus may use aggregated information only in communications such as one-pagers, reports, briefing documents and publications
  • Information relating to companies and individuals will never be distributed or shared with any third party except where required to complete the contractual service, for example, processing credit card payments, or where required to do so by law
  • Personal Information gathered during the provision of these services will be stored in a secure manner within the European Economic Area (EEA)
  • Updating and correcting users’ personal information can be achieved directly through the PE interface
  • All individuals have the right to a copy of personal information we hold relating to them. This is achieved through a Subject
  • Access Request (SAR). A SAR can be submitted by emailing john.ghent@sytorus.com, indicating the scope of personal data required. A valid SAR will require a fee of €6.35 to be paid and requestors may use the SAR form provided on our web-site
  • We will respond to all SARs as quickly as possible, but in any event, within 40 calendar days of receipt of the request. We will verify the identity of all requestors prior to commencing the SAR process

Cookies

A cookie is a small, simple text file which is stored by your web browser (e.g. Google Chrome) on your computer or mobile device. Cookies allow us to tailor your web site experience for you. We may use a cookie file containing information that can identify the computer you are working from.

We use Google Analytics and the analytics.js library to measure user interactions on the website. This JavaScript library uses a single cookie named _ga to store a unique client identifier (Client ID) which is a randomly generated number. Once the ID is generated it is stored in the cookie and is included with every hit / request sent to Google Analytics.

Visit http://www.aboutcookies.org for a guide on how to control and delete cookies on a wide range of web browsers and operating systems.


Changes to Policy

We reserve the right to change this policy at any time by notifying users of the existence of a revised policy. By continuing to use the Website, you agree to be bound by the amended policy. We will inform you via a notice on the website when a policy is updated.