Privacy notice

Last updated: May 2018

We are Dot Origin Ltd., and we own several leading and innovative technology brands including Smartcard Focus, Dot Distribution, Key-ID, EdgeConnector, Read-a-Card, EasyTac, DTAG100, Bipzone and Skimstopper.

Dot Origin brand logos

This privacy notice applies to the commercial operations that are under our direct control through our brands and our subsidiaries.

Your privacy is important to us. This privacy notice explains what personal data we may collect from you, and how we might use that data.

This notice applies to you if you enquire or transact with us in person, over the phone, via email, through any mobile application or otherwise, as well as by using any of our websites or interacting with us on social media (our “services”).

This notice may change from time to time. The latest version, together with details of revisions made, will be displayed at www.dotorigin.com/privacy at all times. Please check here for updates when returning to any of our services.

Personal data we collect

We collect data to operate effectively and to help us provide you with a good experience of our offerings and services. You provide some of this data directly, such as when you contact us for information, create an account with us, place orders or request support from us. We may also get information that shows how you interact with our services and any communications you receive from us; for example by using technologies like cookies. We may also obtain data from third parties.

We protect data obtained from third parties according to the practices described in this privacy notice, together with any additional restrictions imposed by the source of the data. These third-party sources vary over time, but may include:

  • Data brokers from which we purchase appropriately sourced data.
  • Data providers that can supplement other sources of data, for example by providing name, job title and email address matching.
  • Event organisers from which we receive appropriately sourced data.
  • Partners with which we engage in joint marketing activities.
  • Data in the public domain or publicly-available sources such as social media and open government databases.

When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary for us to provide a service, you may not be able to use that service.

The data we collect depends on the context of your interactions with us, and may include the following:

Name and contact data. We collect your name, email address, postal address, phone number, and other similar contact data.

Professional standing. We collect job title and employer name and other similar data.

Professional interests. In addition to information you explicitly provide, your professional interests may also be observed, inferred or derived from other data we collect.

Credentials. We may collect passwords, password hints, and similar security information used for authentication and access to any accounts held with us.

Payment data. We collect data necessary to process your payment if you make purchases, such as a payment card number, and the associated security code.

Online interactions. Web servers log information about all devices used to access web pages and files online (such as a device’s make and model, browser and IP address). In addition, cookies and similar technologies may be used to collect information about your online interactions as well as preferences and settings for our online services. For more information see Cookies and similar technologies.

Content. We also collect information you provide to us and the content of messages you send to us, such as questions and information you provide for customer support.

Software licensing and device data. We collect data about hardware devices that are used with some of the software products we produce for licensing and support purposes.

Video. If you visit one of our sites your image may be captured by our security cameras.

How we use personal data & how long we keep it

We will process your data and communicate with you and handle your enquiries, orders and provide any appropriate support on the basis of fulfilling a prospective or existing contract, we will also process your data on the basis of meeting our legal obligations. We may process your data on the basis of legitimate interest to conduct market research, manage, operate and improve the performance of our business and our service to you, and to inform you about changes relating to relevant products.

Additionally, we may process your data on the basis of legitimate interest to provide you with occasional marketing communication that we believe will be relevant to you in your professional capacity. You can set your preferences for receiving marketing communications from us by visiting our marketing preferences page.

We will retain person data to provide a consistent service to you across our brands and subsidiaries, and to comply with laws and regulations.

Processing orders. We use data to fulfil your orders and for the prevention of fraud.

Product activation. We use data—such as device, application and unique licence or subscription identifiers—to activate software and devices that require activation.

Business operations. We use aggregated data to analyse and develop business intelligence that enables us to operate, protect, report on, improve and make informed decisions about the performance of our business.

Market research. We may use data ourselves or with reputable agencies to conduct market research, or invite you to participate in a survey.

Operational communications. We use data we collect to communicate with you and personalize our communications with you. For example, we may contact you by phone or email or other means to inform you when a subscription is ending, let you know about updates affecting your purchases, remind you about items left in your online shopping cart or check you are satisfied with a recent purchase.

Marketing communications. We may use data we collect to send you, and personalize, marketing communications. For example, we may contact you by phone or email or other means to let you know about our offerings, services, news or event that we believe to be of relevance to you in your professional capacity. You can choose whether or not, and how you wish to receive such marketing communications from us by visiting our marketing preferences page.

Targeted advertising. Data collected may be used to assist in showing you ads you’re more likely to be interested in. For more information see Cookies and similar technologies.

Data retention period. We will retain a record of your personal information in order to provide you with a consistent service across our brands and subsidiaries. Where there is no previous or existing contract between us and an individual’s business or employer, we may hold data on potential business contacts for a period appropriate to the expected re-purchase cycle, or supplier re-selection timescale, for any of our relevant offerings. We will not retain your information for longer than we determine necessary to meet legal and regulatory obligations (ordinarily this will be for 7 years following your last transaction).

Sharing personal data & international transfers

We do not sell any personal data to third parties. We will share necessary information with our chosen service providers (who may be located outside Europe) to allow them to provide their services to us or to facilitate them providing their services to you, for example we will share information with delivery companies in order to fulfil your orders. We may occasionally work jointly with our partners on customer research, marketing or events and share relevant information with them for those purposes, respecting any communication preferences you have set with us. Additionally we will share data when required by law or to respond to legal process, to protect our customers, maintain security, and to protect the rights or property of ourselves or others.

When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

We share personal data only for the purposes described in this notice. Data may be shared among Dot Origin’s brands or subsidiaries. We also share personal data with suppliers or service providers working on our behalf. We may also occasionally share information with our partners in relation to joint activities, for example to invite you to an event being organised cooperatively by us and one or more of our partners. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. Our partners include ACS, Assa Abloy, Axis Communications, Dekart, Elatec, Feitian, Gemalto, Gemini 2000, G&D, HID Global, Identiv, MULTOS, NXP, Sony, STid, Thales, Versasec and Zeitcontrol.

We may transfer your personal information to our subsidiaries, partners, suppliers or service providers based outside of the EEA for the purposes described in this privacy notice. If we do this your personal information will continue to be subject to appropriate safeguards, such as using suppliers that have signed-up to an independent privacy scheme approved by regulators, like the US ‘Privacy Shield’ scheme.

We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets, which would help ensure the continuity of service provided to you throughout and following such a transaction and be in our legitimate interests.

Additionally, we will access, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary to:

1) Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.

2) Protect our customers, for example to prevent attempts to defraud users of our products.

3) Operate and maintain the security of our business, including to prevent or stop an attack on our computer systems or networks.

4) Respond to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.

Links to other websites, services and social media

We may provide links to other websites, services and social media platforms that are not under our control and therefore this notice does not apply to their use of your information. You are advised to consult the privacy notice and terms and conditions on each website or service to see how each supplier may process your information. You should adjust your privacy settings on any social network accounts regarding how your information is used and shared by them.

How to access & control your personal data

You can contact us to review, edit, or delete the personal data we hold about you. You can always choose whether you wish to receive promotional email, telephone calls and postal mail from us by visiting our marketing preferences page.

You have the right to access the personal information that we hold about you in many circumstances. This is sometimes called a ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you, or them, free of charge unless the request is manifestly unfounded or excessive.

Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that enable us to locate your personal information.

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

You have the right to object to us processing your personal information if we are not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this notice or the way your personal information is processed, please contact us by one of the following means:

By email: privacy@dotorigin.com
By post: Data Protection Co-ordinator, Dot Origin Ltd, Cooper Place, Wormley, Godalming, Surrey GU8 5SZ

You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.

Security

We take the security of your data seriously. We use strong physical and IT access controls to safeguard the data we hold. Our internal technical controls and work practices ensure that data is restricted to use by our employees in the proper performance of their duties.

Security measures in place to protect your information include:

  • Limiting access to our buildings to those that we believe are entitled to be there by use of identity driven physical access controls.
  • Access controls to our information technology, such as firewalls and strong identity verification, including 2-factor authentication, for network access.
  • When you shop online, all of your personal and payment information is protected by well-established internet security methods and protocols. Your credit card details are transmitted in a securely encrypted form.

Additional privacy related information

Cookies & similar technologies

We use small data files known as cookies, which are stored and managed through your web browser, for various purposes on our web sites. This includes recording certain personal details and preferences that make it easier to place an order through one of our e-commerce sites, as well as the use of third party cookies to provide us with analytics that helps us improve your experience of using our services.

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our services.

Cookies are small files placed on your computer by websites you visit. Cookies can only be ‘read’ by the website that placed the cookie on your computer.

Web beacons (also called single-pixel gifs) are electronic images that can be used to help deliver cookies or track visitors to websites. We may include web beacons in our promotional email messages or newsletters to determine whether you open and act on them, so that we can measure the overall effectiveness of such communications and improve the relevance of our communications to you.

Our websites may use web beacons and cookies from our chosen third-party service providers.

The cookies we may use have different purposes:

  • Storing your Preferences and Settings. Settings that enable our services to operate correctly or that maintain your preferences over time may be stored on your device, so they do not have to be reset each time you return to the site.
  • Sign-in, authentication and security. We may use cookies to recognise that you have signed-in to an account that allows you access to some of our services and are so authorised to use them. Cookies may also be used to automatically sign you out of such a service after a period of inactivity to maintain security.
  • Storing Information you provide to a website. When you provide information, or add products to a shopping cart when shopping on our websites, we may store the data in a cookie to remember the products and information you have added.
  • Social Media. Some of our websites may include social media cookies that enable users who are logged in to the social media service to share content via that service.
  • Showing Advertising. We may use third party cookies that enable you to be shown appropriate offers and advertising as you browse other sites on the internet, based on the products you looked at on one of our sites. They may also be used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign.
    You can opt-out of such Interest-Based Advertising using resources like: http://optout.networkadvertising.org
  • Analytics. We use cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service to help us understand how our services are working. We may use cookies from third-party analytics providers such as:
    Google Analytics (see http://www.google.com/analytics/learn/privacy.html)
    Webtrends (see http://webtrends.com/privacy-policy/)
    Adobe (see http://www.adobe.com/uk/privacy/marketing-cloud.html)
    For more information you can view their cookie policy on the relevant third party website.

Disabling cookies

Please be aware that if you choose to block cookies, you may not be able to sign in or use some features, and preferences that are dependent on cookies may be lost. Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. Please refer to your internet browser’s help section for information on how to do this.