Privacy Policy - NTT DATA United Kingdom
What are you looking for?

Privacy Policy of NTT DATA UK

Effective Date: 31 March 2018

INTRODUCTION

In this Privacy Policy, references to “we”, “us”, “our” or NTT DATA UK means NTT DATA UK Ltd, NTT DATA UK Consulting and IT Solutions Ltd, and/or RMA Consulting Ltd as the case may be. References to “you” and “your” are to users of this website.

We can be contacted at the email address UKDataProtection@nttdata.com

The purpose of this Privacy Policy is to inform you about how we collect, use and disclose personal data from and about you, through the website http://uk.nttdata.com/home/en/index.html ("Website"), and associated mobile sites, applications and interfaces (collectively, the “Company Services”), in compliance with applicable data protection laws and regulations.

Table of Contents

  1. WHAT AND WHO THIS PRIVACY POLICY COVERS?

  2. WHAT TYPE OF PERSONAL DATA DO WE COLLECT ABOUT YOU?

  3. HOW DO WE COLLECT YOUR PERSONAL DATA?

  4. ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?

  5. HOW DO WE PROCESS YOUR PERSONAL DATA?

  6. WHO HAS ACCESS TO YOUR PERSONAL DATA?

  7. IS YOUR PERSONAL DATA TRANSFERRED ABROAD?

  8. WHAT ARE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?

  9. WHAT IS GOING TO HAPPEN FROM MAY 25, 2018?

  10. UPDATE TO THIS PRIVACY POLICY

  11. CONTACT US

 

The following table contains a brief summary of this Privacy Policy. Full detail is provided below.

Section

Issue

Information

1

What is the scope of this Privacy Policy?

The Company is the data controller of the personal data we collect from and about you through the Website and the Company Services.

This Privacy Policy applies to all users, including those who use the Website of the Company without being registered or having subscribed.

2

What kind of personal data do we collect?

The Company might collect data from and about you.

Specifically, the Company collects (1) registration data, (2) data that you have voluntarily shared with the Company, (3) activity data and (4) information from other sources.

However, we do not collect either financial information or special categories of personal data relating to you (e.g., health or judicial data).

3

How do we use your personal data?

We collect your data to allow you to use the Website and/or to provide you with our Company Services, and to allow you to interact with such Company Services.

With your prior consent, we can also send you offers promotions and marketing communications based on your personal preferences and habits.

4

On what ground do we use your personal data?

Your personal data is collected to enable you to use the Website and the Company Services, and also o comply with legal obligation and/or to protect our legitimate interests.

We may not be able to offer you Company Services if you fail to provide relevant data. Similarly, we may not be able to grant you access to the Website without such data.

You will always have an option not to provide personal data for marketing purposes.

5

How do we process your personal data?

The security of your data is a top priority. We have implemented appropriate administrative, technical and physical measures to safeguard your personal data against loss, theft and unauthorised use, disclosure or modification.

6

Who can access to your personal data?

Subject to applicable laws, we may share your personal data with (i) service providers, (ii) our affiliated companies and (iii) national authorities.

7

Is your personal data transferred abroad?

Your personal data may be transferred to other countries within the European Economic Area (EEA) or countries recognised by the EU Commission as offering an adequate level of protection. We will always ensure that appropriate and suitable safeguards are in place to protect your personal data.

8

What are your rights with regard to your personal data?

Among other rights, you have the right to access, integrate, update, amend and delete your personal data.

9

What is going to happen on 25 May 2018?

The EU General Data Protection Regulation 2016/679 is effective as of 25 May 2018. This introduces additional data privacy obligations and additional rights for individuals.

10

Updates to this Privacy Policy

The Company may modify or update this Privacy Policy in order to comply with applicable law.

The Effective Date above shows the relevant date of release.

11

How can I contact you with regard to the processing of my personal data?

You can contact us at the following email address: UKDataProtection@nttdata.com

 

1. WHAT IS THE SCOPE OF THIS PRIVACY POLICY?

Personal data means any information relating to an identified or identifiable natural person, such as name, IP address of email address. NTT DATA UK is the data controller of personal data we collect from and about you through the Website and the Company Services. We will only process such data in compliance with the terms of this Privacy Policy. This Privacy Policy should be read in conjunction with the NTT DATA UK Cookies Policy, available on our Website. Both policies are applicable to all users of our Website and/or Company Services (e.g. without any need to register or subscribe to a specific service).

 

2. WHAT TYPE OF PERSONAL DATA DO WE COLLECT?

We collects (1) registration data, (2) data that you have voluntarily shared, (3) data collected when you access and interact with the Website or the Company Service (“Activity Data), and (4) information from other sources. More specifically:

  1. Registration data: the information you submit to register for a Company Service. Registration data may include your name, surname, email address, gender, country, postcode and birthday etc.

  2. Data that you have voluntarily shared: the responses you submit to requests for information when using the Company Services or interacting with the Website. For example, when you sign up to our newsletters or online services, or interact with us through our contact section.

  3. Activity Data: we may collect certain information about your visits and interactions with the Website and/or the Company Services. For example, in order to permit your connection to the Website or the Company Services, our servers receive and record information about your computer, device, and browser, potentially including your IP address, browser type, and other software or hardware information. If you access the Website or the Company Services from a mobile or other device, we may collect a unique device identifier assigned to that device, geolocation data, or other transactional information for that device. Cookies and other tracking technologies (such as browser cookies, pixels, beacons, and Adobe Flash technology including cookies) may also be collected. These technologies may also be used to collect and store information about your usage of the Website or the Company Services, such as pages you have visited, content you have viewed, search queries you have run and advertisements you have seen. For more information, please visit the Cookie Policy on our Website.

  4. Information from Other Sources: we may supplement the information we collect with information from other sources, such as publicly available information from social media services and commercially available sources.

  5. When the information collected from or about you does not directly or indirectly identify you as a specific person, we may use that information for any purpose or share it with third parties to the extent permitted by applicable data protection laws and regulations.
We do not collect:
  • Financial information from a payment service provider. Please note that in some cases, we may use an unaffiliated payment service to allow you to purchase a product or make payments. In this case, the information that you provide will be subject to the applicable payment service privacy policy, and not this Privacy Policy.

  • Special categories of personal data. We ask that you do not send or disclose any information included in a special category of personal data (such as social security numbers, information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership) on or through the Website, the Company Services or otherwise.

Linked Services. The Company Services may also be linked to sites operated by unaffiliated companies, and may carry advertisements or offer content, functionality, games, newsletters, contests or sweepstakes, or applications developed and maintained by unaffiliated companies. The Company is not responsible for the privacy practices of unaffiliated companies. If you leave the Company Services or click an advertisement you should check the applicable privacy policy of the other service.

 

3. HOW DO WE USE YOUR PERSONAL DATA?

We use the personal data we collect from and about you to:

  1. Allow you to use the Website and/or provide you with Company Services that best suit you;

  2. Measure and improve Company Services and features;

  3. Improve your Website and Company Service experience (online and offline) by delivering content you may find relevant and interesting;

  4. Improve your Website and Company Service experience (online and offline) by delivering content you may find relevant and interesting;

  5. Provide you with customer support and to respond to your inquiries;

  6. Protect the rights of the Company and others. In particular, there may be instances where we may disclose your personal data in order to:(i) protect, enforce, or defend the legal rights, privacy, safety, or property of the Company, its employees, agents and contractors (including enforcement of our agreements and our terms of use); (ii) protect the safety, privacy, and security of users of the Website or of the Company Services or members of the public; (iii) protect against fraud or for risk management purposes. This includes situations where we believe, in good faith, that such disclosure is necessary;

  7. Comply with the law or legal process or respond to requests from public and regulartory authorities;

  8. Complete a merger or sale of assets. If we sell all or part of our business or make a sale or transfer of our assets or are otherwise involved in a merger or transfer of a material part of our business, as part of that transaction we may transfer your information to the other party or parties involved;

  9. Upon your prior consent, deliver (via email, SMS, telephone, chat and social media) offers, promotions and marketing communications of the Website and the Company Services including group companies and co-branded services or features, such as contests or other promotions arranged together with a third party that may be hosted on the Website or the Company Services or on the third party's services; and

  10. Upon your prior consent, deliver (via email, SMS, telephone, chat and social media) marketing communications customised to your interests.

When the data collected from or about you does not identify you personally, we may use that information for additional purposes or share it with third parties. 

 

4. ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA?

The legal basis of processing as as follows:

  • Points 1 to 6 of Section 3 above: processing is necessary to run the Website and the provide Company Services. Processing is mandatory, as without such activities the relevant services could not be provided;

  • Point 7 of Section 3 above: processing is required by applicable laws and therefore is mandatory; and

  • Point 8 of Section 3 above: processing is on the basis of optional consent and, on occasion, the legitimate interest of the Company and of its counterparties. This data processing activity is not mandatory and you can object at any time as per Section 11 below.

In addition:

  • Point 8 or Section 3 above: processing is discretionary, but the lack of provision of consent may mean that you cannot connect or link to social media services via the Website or the Company Services;

  • Point 9 or Section 3 above: processing is discretionary, but the lack of provision of consent may mean that the Company and third parties cannot provide you with generic marketing communications of the Company and third parties services/products or communications based on your interests, or provide co-branded services.

You can revoke your consent to data processing under Points 8 or 9 of Section 3 above at any time by sending a communication as set out in Section 11 below.

 

5. HOW DO WE PROCESS YOUR PERSONAL DATA?

As set out in Section 3 above, your data is processed through both electronic and manual means subject always to appropriate security measures. Please note that although we use appropriate administrative, technical, personnel and physical measures to safeguard the personal data we collect from loss, theft and unauthorised use, disclosure or modification, we cannot guarantee the full exclusion of all cyber-risks.

 

6. WHO HAS ACCESS TO YOUR PERSONAL DATA?

For the purposes set out at Section 3 above, we may share your personal data to the following categories of recipients in compliance and with Section 7 below:

Third parties service providers entrusted with processing activities and duly appointed as processors when required by applicable laws, e.g. cloud service providers, other entities of the group, providers of services instrumental to or supporting the Company Services - and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers - companies resulting from possible mergers, demergers, or other transformations, and

Competent national authorities/regulatory bodies in order to comply with applicable laws and regulations.

 

7. IS YOUR PERSONAL DATA TRANSFERRED ABROAD?

Your personal data may be transferred to countries within and outside the European Economic Area (EEA), in particular to the USA and India. Some non EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en .

For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data. Any transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679 (the “GDPR").

You have the right to request a copy of the above measure or further information on your personal data by contacting the Company at the address indicated in Section 11 below.

 

8. WHAT ARE YOUR RIGHTS WITH REGARD TO YOUR PERSONAL DATA?

You have the right, at any given time, to:

  1. Confirm whether your personal data exists, be informed of its content and source, and verify its accuracy or request integration, update or amendments;

  2. Request the deletion, conversion to an anonymous form or restriction of any personal data processed in breach of applicable law; and

  3. Oppose data processing, in all cases, for legitimate reasons.

To exercise these rights, you may send a request to the contact listed in Section 11 below. Your request should include your email address, name, address, and telephone number and specify clearly what information you would like to access, change, update, suppress or delete.

After you cancel your account, or if you ask us to delete your personal data, copies of some information may remain viewable in certain circumstances. For example, where you have shared information with social media or other services.  In addition, due to the nature of cache technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, to comply with applicable law.

With regards to information provided for marketing purposes, you may revoke your consent to process at any given time. If you no longer want to receive marketing-related emails from us, you may opt-out of these marketing-related emails by following the unsubscribe instructions in our communications or sending a request to the contact listed in Section 11 below.

 Section 9 outlines additional rights, effective from 25 May 2018.

 

9. WHAT IS GOING TO HAPPEN FROM 25 MAY 2018?

From 25 May 2018, the GDPR is effective and the following provisions apply:

  1. Retention period applying to your personal data

    We will retain your data only for the period necessary to fulfill the purposes for which the data was collected as outlined in this Privacy Policy. In any case, the following retention periods will apply to the processing of your personal data:

    • Data collected for the purposes set out in Points 1 to 7 of Section 3 above is retained for such time necessary to provide you access to the Website or to provide the Company Services, plus the length of any applicable statutory limitation period following the termination of Company Services; and

    • Data collected for the purpose set out in Points 8 or 9 of Section 3 above is retained for a period of three years.

    At the end of the retention period your personal data will be either deleted, anonymised or aggregated.

  2. Additional rights

    From 25 May 2018 you also have the right at any given moment to:

    1. Request that we limit the processing of your personal data where:

      • You contest the accuracy of the personal data, until such time as we have taken sufficient steps to correct or verify its accuracy;

      • The processing is unlawful but you do not want us to erase the data;

      • We no longer need the personal data for the purposes of the processing, but you require the data for the establishment, exercise or defense of legal claims; or

      • Where you have objected to processing justified on legitimate interests grounds until such time as we have verified compelling legitimate grounds to continue processing,

    2. Object to the processing of your personal data;

    3. Request the erasure of your personal data without undue delay;

    4. Data portability (e.g. to receive an electronic copy of your personal data, if you would like to port your personal data to yourself or a different provider), when we are relying upon your consent or the fact that the processing is necessary for the provision of the Company Services and the personal data is processed by automatic means; or

    5. Lodge a complaint with the relevant supervisory authority.

 

10. UPDATE TO THIS PRIVACY POLICY

We may modify or update this Privacy Policy following different interpretations, decisions, opinions and orders relating to GDPR. The Effective Date at the header of this Privacy Policy sets out the date of last revision. Any changes to this Privacy Policy will be notified in advance and will be posted on the Website or the Company Services. In the event that we propose material chances that expand our rights to use your personal data we will notify you and provide you with a choice about our future use of your personal data.

 

11. CONTACT US

If you have questions about this Privacy Policy, or would like to contact our Data Protection Manager or exercise any right hereunder, please contact us at: UKDataProtection@nttdata.com

Contact us

WRITE YOUR MESSAGE

TELL US WHO YOU ARE

Captcha Error

Contact us

Thank you for getting in touch with us. We will answer your message as soon as possible

Your message

Contact us

We are sorry, there was an error submitting your request
Please try again

United Kingdom

$name