Privacy notice

Last updated: October 2018

We are Dot Origin Ltd., and we own several leading and innovative technology brands including Smartcard Focus, Dot Distribution, Key-ID, EdgeConnector, Read-a-Card, EasyTac, DTAG100, Bipzone and Skimstopper.

Dot Origin brand logos

This privacy notice applies to the commercial operations that are under our direct control through our brands and our subsidiaries.

Your privacy is important to us. This privacy notice explains what personal data we may collect from you, and how we might use that data.

This notice applies to you if you enquire or transact with us in person, over the phone, via email, through any mobile application or otherwise, as well as by using any of our websites or interacting with us on social media (our “services”).

This notice may change from time to time. The latest version, together with details of revisions made, will be displayed at www.dotorigin.com/privacy at all times. Please check here for updates when returning to any of our services.

Recent Revisions:
May 2018 – Privacy notice reformatted to align with the GDPR
Oct 2018 – Addition of notices specific to new employee recruitment

Personal data we collect

We collect data to operate effectively and to help us provide you with a good experience of our offerings and services. You provide some of this data directly, such as when you contact us for information, create an account with us, place orders or request support from us. We may also get information that shows how you interact with our services and any communications you receive from us; for example by using technologies like cookies. We may also obtain data from third parties.

We protect data obtained from third parties according to the practices described in this privacy notice, together with any additional restrictions imposed by the source of the data. These third-party sources vary over time, but may include:

  • Data brokers from which we purchase appropriately sourced data.
  • Data providers that can supplement other sources of data, for example by providing name, job title and email address matching.
  • Event organisers from which we receive appropriately sourced data.
  • Partners with which we engage in joint marketing activities.
  • Data in the public domain or publicly-available sources such as social media and open government databases.

When you are asked to provide personal data, you may decline. But if you choose not to provide data that is necessary for us to provide a service, you may not be able to use that service.

The data we collect depends on the context of your interactions with us, and may include the following:

Name and contact data. We collect your name, email address, postal address, phone number, and other similar contact data.

Professional standing. We collect job title and employer name and other similar data.

Professional interests. In addition to information you explicitly provide, your professional interests may also be observed, inferred or derived from other data we collect.

Credentials. We may collect passwords, password hints, and similar security information used for authentication and access to any accounts held with us.

Payment data. We collect data necessary to process your payment if you make purchases, such as a payment card number, and the associated security code.

Online interactions. Web servers log information about all devices used to access web pages and files online (such as a device’s make and model, browser and IP address). In addition, cookies and similar technologies may be used to collect information about your online interactions as well as preferences and settings for our online services. For more information see Cookies and similar technologies.

Content. We also collect information you provide to us and the content of messages you send to us, such as questions and information you provide for customer support.

Software licensing and device data. We collect data about hardware devices that are used with some of the software products we produce for licensing and support purposes.

Video. If you visit one of our sites your image may be captured by our security cameras.

How we use personal data & how long we keep it

We will process your data and communicate with you and handle your enquiries, orders and provide any appropriate support on the basis of fulfilling a prospective or existing contract, we will also process your data on the basis of meeting our legal obligations. We may process your data on the basis of legitimate interest to conduct market research, manage, operate and improve the performance of our business and our service to you, and to inform you about changes relating to relevant products.

Additionally, we may process your data on the basis of legitimate interest to provide you with occasional marketing communication that we believe will be relevant to you in your professional capacity. You can set your preferences for receiving marketing communications from us by visiting our marketing preferences page.

We will retain person data to provide a consistent service to you across our brands and subsidiaries, and to comply with laws and regulations.

Processing orders. We use data to fulfil your orders and for the prevention of fraud.

Product activation. We use data—such as device, application and unique licence or subscription identifiers—to activate software and devices that require activation.

Business operations. We use aggregated data to analyse and develop business intelligence that enables us to operate, protect, report on, improve and make informed decisions about the performance of our business.

Market research. We may use data ourselves or with reputable agencies to conduct market research, or invite you to participate in a survey.

Operational communications. We use data we collect to communicate with you and personalize our communications with you. For example, we may contact you by phone or email or other means to inform you when a subscription is ending, let you know about updates affecting your purchases, remind you about items left in your online shopping cart or check you are satisfied with a recent purchase.

Marketing communications. We may use data we collect to send you, and personalize, marketing communications. For example, we may contact you by phone or email or other means to let you know about our offerings, services, news or event that we believe to be of relevance to you in your professional capacity. You can choose whether or not, and how you wish to receive such marketing communications from us by visiting our marketing preferences page.

Targeted advertising. Data collected may be used to assist in showing you ads you’re more likely to be interested in. For more information see Cookies and similar technologies.

Data retention period. We will retain a record of your personal information in order to provide you with a consistent service across our brands and subsidiaries. Where there is no previous or existing contract between us and an individual’s business or employer, we may hold data on potential business contacts for a period appropriate to the expected re-purchase cycle, or supplier re-selection timescale, for any of our relevant offerings. We will not retain your information for longer than we determine necessary to meet legal and regulatory obligations (ordinarily this will be for 7 years following your last transaction).

Sharing personal data & international transfers

We do not sell any personal data to third parties. We will share necessary information with our chosen service providers (who may be located outside Europe) to allow them to provide their services to us or to facilitate them providing their services to you, for example we will share information with delivery companies in order to fulfil your orders. We may occasionally work jointly with our partners on customer research, marketing or events and share relevant information with them for those purposes, respecting any communication preferences you have set with us. Additionally we will share data when required by law or to respond to legal process, to protect our customers, maintain security, and to protect the rights or property of ourselves or others.

When you provide payment data to make a purchase, we will share payment data with banks and other entities that process payment transactions or provide other financial services, and for fraud prevention and credit risk reduction.

We share personal data only for the purposes described in this notice. Data may be shared among Dot Origin’s brands or subsidiaries. We also share personal data with suppliers or service providers working on our behalf. We may also occasionally share information with our partners in relation to joint activities, for example to invite you to an event being organised cooperatively by us and one or more of our partners. In such cases, these companies must abide by our data privacy and security requirements and are not allowed to use personal data they receive from us for any other purpose. Our partners include ACS, Assa Abloy, Axis Communications, Dekart, Elatec, Feitian, Gemalto, Gemini 2000, G&D, HID Global, Identiv, MULTOS, NXP, Sony, STid, Thales, Versasec and Zeitcontrol.

We may transfer your personal information to our subsidiaries, partners, suppliers or service providers based outside of the EEA for the purposes described in this privacy notice. If we do this your personal information will continue to be subject to appropriate safeguards, such as using suppliers that have signed-up to an independent privacy scheme approved by regulators, like the US ‘Privacy Shield’ scheme.

We may also disclose personal data as part of a corporate transaction such as a merger or sale of assets, which would help ensure the continuity of service provided to you throughout and following such a transaction and be in our legitimate interests.

Additionally, we will access, transfer, disclose, and preserve personal data when we have a good faith belief that doing so is necessary to:

1) Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies.

2) Protect our customers, for example to prevent attempts to defraud users of our products.

3) Operate and maintain the security of our business, including to prevent or stop an attack on our computer systems or networks.

4) Respond to requests from individuals (or their representatives) seeking to protect their legal rights or the rights of others.

Links to other websites, services and social media

We may provide links to other websites, services and social media platforms that are not under our control and therefore this notice does not apply to their use of your information. You are advised to consult the privacy notice and terms and conditions on each website or service to see how each supplier may process your information. You should adjust your privacy settings on any social network accounts regarding how your information is used and shared by them.

How to access & control your personal data

You can contact us to review, edit, or delete the personal data we hold about you. You can always choose whether you wish to receive promotional email, telephone calls and postal mail from us by visiting our marketing preferences page.

You have the right to access the personal information that we hold about you in many circumstances. This is sometimes called a ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you, or them, free of charge unless the request is manifestly unfounded or excessive.

Before providing personal information to you or another person on your behalf, we may ask for proof of identity and sufficient information about your interactions with us that enable us to locate your personal information.

If any of the personal information we hold about you is inaccurate or out of date, you may ask us to correct it.

You have the right to object to us processing your personal information if we are not entitled to use it any more, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this notice or the way your personal information is processed, please contact us by one of the following means:

By email: privacy@dotorigin.com
By post: Data Protection Co-ordinator, Dot Origin Ltd, Cooper Place, Wormley, Godalming, Surrey GU8 5SZ

You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.

Security

We take the security of your data seriously. We use strong physical and IT access controls to safeguard the data we hold. Our internal technical controls and work practices ensure that data is restricted to use by our employees in the proper performance of their duties.

Security measures in place to protect your information include:

  • Limiting access to our buildings to those that we believe are entitled to be there by use of identity driven physical access controls.
  • Access controls to our information technology, such as firewalls and strong identity verification, including 2-factor authentication, for network access.
  • When you shop online, all of your personal and payment information is protected by well-established internet security methods and protocols. Your credit card details are transmitted in a securely encrypted form.

Recruitment specific privacy related information

In addition to the general statements contained in this privacy notice, this section provides further notices that relate specifically to the personal information of candidates applying for a career or job role with us.

Personal data we collect for recruitment

As part of our recruitment and selection process, we collect and processes personal data relating to job applicants. We are committed to being transparent about how we collect and use that data and to meeting our data protection obligations.

If you apply for a position with us, information we collect may include:

  • Your name.
  • Your email address, mailing (postal) address and contact telephone number(s).
  • The name and address of your current employer.
  • Names, contact information, and addresses for previous employers.
  • Information about your level of work experience, level of education and qualifications.
  • Information related to your skills.
  • Your existing and previous job responsibilities and content.
  • The type of job you are looking for, previous and desired salary, benefits package and data of availability.
  • Affiliations to any professional bodies or institutes.
  • Whether you are available for relocation if hired.
  • Whether you are legally allowed to work in the United Kingdom without sponsorship.
  • How you heard about the role.
  • Your prior history, if any, of applying and/or interviewing for Dot Origin positions;
  • Additional questions specific to the role you are applying for;
  • Results of any profiles or tests that we may ask you to complete as part of our recruitment and selection process;
  • LinkedIn profile or other professional media platform (not ‘social’ media).
  • Any additional information that you provide in your CV or as part of your application.

You are under no statutory or contractual obligation to provide data to us during the recruitment and selection process. However, if you do not provide the information, we may not be able to process your application properly or at all.

How we collect information for recruitment

We may collect this information in a variety of ways. For example, data might be contained in application forms or CV’s, obtained from your passport or other identity documents, or collected through interviews or other forms of assessment, including online tests or psychometrics.

Note – if we provide links to other websites and services (for example for online tests and psychometric profiling tools) that are not under our control this notice does not apply to their use of your information. You are advised to consult the privacy notice and terms and conditions on each website or service to see how they may process your information, and you should adjust your privacy settings with each of these in accordance with your own preferences.

We may also collect personal data about you from third parties, such as references supplied by former employers. We will seek information from third parties only at the point a job offer has been made to you and we will confirm that we are doing so.

How we use personal data for recruitment & how long we keep it

We use your personal information to determine your eligibility for specific career positions, for related positions, to notify you of future job openings and recruitment events and to communicate with you through the recruitment and selection process.

We need to process additional data, such as proof of your right to work in the UK, with your cooperation prior to entering into a contract of employment with you. We may also need to process your data to enter into a contract of employment with you.

In some cases, we need to process data to ensure that it is complying with our legal obligations. For example, we may be required to check a successful applicant’s eligibility to work in the UK before employment starts.
We have a legitimate interest in processing personal data during the recruitment and selection process and for keeping records of the process. Processing data from job applicants allows us to manage the recruitment and selection process, assess and confirm a candidate’s suitability for employment and decide to whom to offer a job. We may also need to process data from job applicants to respond to and defend against legal claims.

We may process information about whether or not applicants are disabled in order to make reasonable adjustments for candidates who have a disability. This is to carry out our obligations and exercise specific rights in relation to employment.

Where we process other special categories of data, such as information about ethnic origin, sexual orientation, health or religion or belief, this is for equal opportunities monitoring purposes only.

We will not use your data for any purpose other than the recruitment and selection activities for which you have applied.

We will retain your personal information as needed to fulfil the purposes for which it was collected, as necessary to comply with our business requirements, legal obligations, resolve disputes, protect our assets, and enforce our agreements.

If your application for employment is unsuccessful, our retention period is one (1) year after the end of the relevant recruitment process. At the end of the retention period, we will delete your information. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your personnel file and retained during your employment. The periods for which your data will be held will be provided to you in a new privacy notice.

Additional privacy related information

Cookies & similar technologies

We use small data files known as cookies, which are stored and managed through your web browser, for various purposes on our web sites. This includes recording certain personal details and preferences that make it easier to place an order through one of our e-commerce sites, as well as the use of third party cookies to provide us with analytics that helps us improve your experience of using our services.

You have a variety of tools to control cookies, web beacons and similar technologies, including browser controls to block and delete cookies and controls from some third-party analytics service providers to opt out of data collection through web beacons and similar technologies. Your browser and other choices may impact your experiences with our services.

Cookies are small files placed on your computer by websites you visit. Cookies can only be ‘read’ by the website that placed the cookie on your computer.

Web beacons (also called single-pixel gifs) are electronic images that can be used to help deliver cookies or track visitors to websites. We may include web beacons in our promotional email messages or newsletters to determine whether you open and act on them, so that we can measure the overall effectiveness of such communications and improve the relevance of our communications to you.

Our websites may use web beacons and cookies from our chosen third-party service providers.

The cookies we may use have different purposes:

  • Storing your Preferences and Settings. Settings that enable our services to operate correctly or that maintain your preferences over time may be stored on your device, so they do not have to be reset each time you return to the site.
  • Sign-in, authentication and security. We may use cookies to recognise that you have signed-in to an account that allows you access to some of our services and are so authorised to use them. Cookies may also be used to automatically sign you out of such a service after a period of inactivity to maintain security.
  • Storing Information you provide to a website. When you provide information, or add products to a shopping cart when shopping on our websites, we may store the data in a cookie to remember the products and information you have added.
  • Social Media. Some of our websites may include social media cookies that enable users who are logged in to the social media service to share content via that service.
  • Showing Advertising. We may use third party cookies that enable you to be shown appropriate offers and advertising as you browse other sites on the internet, based on the products you looked at on one of our sites. They may also be used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign.
    You can opt-out of such Interest-Based Advertising using resources like: http://optout.networkadvertising.org
  • Analytics. We use cookies and other identifiers to gather usage and performance data. For example, we use cookies to count the number of unique visitors to a web page or service to help us understand how our services are working. We may use cookies from third-party analytics providers such as:
    Google Analytics (see http://www.google.com/analytics/learn/privacy.html)
    Webtrends (see http://webtrends.com/privacy-policy/)
    Adobe (see http://www.adobe.com/uk/privacy/marketing-cloud.html)
    For more information you can view their cookie policy on the relevant third party website.

Disabling cookies

Please be aware that if you choose to block cookies, you may not be able to sign in or use some features, and preferences that are dependent on cookies may be lost. Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. Please refer to your internet browser’s help section for information on how to do this.