- Introduction and who we are
SEDNA Communications Ltd. and its subsidiaries (“SEDNA”, “we”, “our” or “us”) are strongly committed to being responsible custodians of the information you provide us and the information we collect in the course of operating our business.
This Privacy Notice explains how SEDNA, as a data controller, may collect, use, share and protect information that we obtain about you directly or indirectly in accordance with applicable data privacy laws. We use the words “personal information” and “personal data” in this Privacy Notice to describe information that is about you that identifies you.
This Privacy Notice applies to personal information, personal data, or information we collect from visitors to our website and customers of our services (including individuals that may be granted access to our services by our customers) – where you use our services, or your personal data is processed in connection with such services, and we control the purpose for which such personal data is processed – in these situations, SEDNA is considered a “controller” (or its equivalent) under applicable data protection laws. In cases where your organization and SEDNA have entered into a separate services agreement and/or data processing agreement, the terms of that agreement with respect to privacy and data shall take precedence over this Privacy Notice.
From time to time, there may be more than one data controller of your information within our group where you have engaged different parts of our broader organization to provide different or jointly delivered services.
This Privacy Notice does not apply to, and SEDNA is not responsible for, any third party websites which may be accessible through links from this website. Please see section 12 (Online services – Links to third party sites, services and content) below for more information.
- Scope of Privacy Notice
This Privacy Notice explains and describes:
- When this Privacy Notice applies.
- How we collect your personal data.
- Legal basis for usage of your personal data.
- How we use the personal data we collect.
- How and when we may disclose personal data that we collect.
- What happens if your personal data is transferred overseas.
- How long we hold your personal data.
- How we protect your personal data and keep it secure.
- What cookies are and how we use them.
- What happens when you access third- party services and content.
- Your legal choices and rights.
- The status of this Privacy Notice and any changes that are made to it.
- How to request further information.
- Our contact details.
- When this Privacy Notice applies
This Privacy Notice applies:
- to your use of any of our services where we are performing a data controller function;
- where you apply to us for a job or work placement;
- your supply of services to us where this involves any personal data; and/or
- to any personal information collected from third parties where we are the controller of such information.
- How we collect your personal data
“Personal data” is any information that can be used to identify you or that we can link to you.
Where you use our services, we will collect personal data directly from you.
We may also collect personal data from third parties such as your employing organisation, regulatory authorities, recruitment agencies, credit reporting agencies, information or service providers, publicly available records, and the third parties described in section 7 (Disclosure of your information) below.
We collect information that you voluntarily provide to us, including when you communicate with us via email or other channels; when you sign up for or request that we send you newsletters, alerts, or other materials; when you sign up for a webinar or event; and when you respond to our communications or requests for information.
The information you provide may include current and historical personal data including your name, contact details, title, identification, employment, positions held and enquiry/complaint details and information about the organisation with which you are affiliated. We may also collect personal data about your other dealings with us and our clients, including any contact we have with you in person, by telephone, email or online.
We may collect information from other sources, such as social media platforms that share information about how you interact with our social media content, and any information gathered through these channels will be governed by the privacy settings, policies, and/or procedures of the applicable social media platform, which we strongly encourage you to review.
We will handle any unsolicited information in accordance with law, including destroying or de-identifying such information where we are required to do so.
When you use our online services, we may collect the following:
Information you provide by completing forms (this includes information you give us, submitting material, requesting services, entering competitions, registering for any of our online offerings or subscribing to our newsletters or other services).
Information you provide by your participation in competitions, live chats, message boards.
Information you provide to us if you contact us, for example to report a problem with our online services or raise a query or comment.
Details of visits made to our online services including, but not limited to, the volume of traffic received, logs (including, where available, the IP address and location of the device connecting to the online services and other technical information and identifiers about the device and the nature of the visit) and the resources accessed.
Where our online services require that you enter a password or other information in order to access certain features, we will collect such credentials when you enter them.
If you apply for a job or work placement with SEDNA then you may need to provide information about your education and employment. As part of your application you will be asked to provide your express consent to our use of this information to assess your application and to allow us to carry out both recruitment analytics and any monitoring activities which may be required of us under applicable law as an employer. We may also carry out screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks) and consider you for other positions.
We may exchange your personal data with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment analytics providers, referees and your current and previous employers. We may also gather additional information about you from publicly available resources such as LinkedIn or other social or professional media platforms and collate this with the information that you provide to us.
Without your personal data, we may not be able to progress considering you for positions with us.
In some instances, personal data must be provided to us in order for us to legally or contractually perform services to you, for example where we are obligated to gather personal data for anti-money laundering identification purposes. Where relevant we will highlight to you those details that we are obligated to collect.
- Legal basis for usage of personal data
Where we intend to use your personal data, we rely on the following legal grounds:
Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, where we respond to your requests and provide you with services in accordance with our terms of service or other applicable terms of business agreed with you or with your employing rganization.
Legitimate interests: Where we consider use of your information as being (a) non- detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose, we may use your personal data, which may include:
- for our own direct marketing or continued communication;
- the prevention of fraud;
- our own internal administrative purposes;
- organization of the service(s) we provide to you;
- ensuring network and information security, including preventing organization access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or
- reporting possible criminal acts or threats to public security to a competent authority.
Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to SEDNA as a provider of software services.
Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organization is not a client of SEDNA, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us in accordance with section 15 (Contact and further information) below, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.
- How we use your personal data
We primarily use your personal information for our internal business purposes. This is in our legitimate interest in order to operate as a business and monitor and improve the quality of the services we provide. We use your information in order to provide you with, and improve, our services, for example:
- To provide you with SEDNA’s services (as noted above) that you or your employing organisation’s request.
- To respond to your enquiries.
- To carry out our obligations arising from any contracts entered into between you and us.
- To facilitate our internal business operations, including to fulfil our legal or regulatory requirements.
- To maintain and develop our relationship with you.
- For our business purposes, including data analysis, submitting invoices, detecting, preventing, and responding to actual or potential fraud, illegal activities, or intellectual property infringement.
- To maintain and update our records including our database of contacts.
- To provide you on an ongoing basis with information and services, including relevant marketing communications related to SEDNA, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us.
- To evaluate, recruit, and hire personnel.
- To measure the popularity and effectiveness of services such as newsletters and seminar invitations, in order to improve what we offer to you and other recipients.
- To ensure that content from our online services is presented in the most effective and secure manner for you and the device on which you are accessing our services, and to troubleshoot, and improve such online services.
- To allow you to use or access interactive features or secure areas of our online services, when you choose to do so.
- For research, planning, service development, security or risk management.
- As we believe reasonably necessary or appropriate to: comply with our legal obligations; respond to legal process or requests for information issued by government authorities or other third parties; or
- protector your, our, or others’ rights.
We may not be able to do some or all of these things without your personal data.
If at any time we intend to change the purpose for which we hold your personal data, for example to offer you with a complimentary service that we may provide in the future, we will give you prior information of that new purpose so you are aware of this.
- How We Share Your Personal Data
We may, in providing our services and operating our business, allow access to your personal data to the different entities within SEDNA’s group for our internal administrative purposes such as billing, promoting our events and services, and providing you or your organisation with services, provided in all instances that such processing is consistent with section 5 (Legal basis for usage of personal data) above and applicable law. We will not sell, rent, trade or otherwise disclose individual customer information to any third parties or outside companies for any reasons other than those specified in this Privacy Notice.
We may exchange your personal data with third-party service providers contracted to SEDNA where any of the following apply:
- You have consented to us sharing your personal data in this way.
- We deem reasonably necessary to provide you with the services that you have required at any particular time.
- Such sharing is provided for under contract, including our terms of service for any particular service that we may provide to you.
- Such sharing is to law enforcement bodies or other government authority.
- We need to enforce or apply our terms of service to which you have agreed (or other terms that have been agreed to apply to our relationship with you or your employing organisation).
- It is necessary to protect the rights and interests, property, or safety of SEDNA, our clients or others.
- It is relevant in the circumstances to disclose the information to parties with whom we have co-promotional arrangements (such as jointly sponsored events, external venues, or caterers).
- Our agents or contractors who assist us in providing our services require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.
- We use third party service providers to provide services that involve data processing, for example archival, web- hosting, analytics providers in connection with the operation of our online services, event hosting, information technology providers, auditing, reference checking, professional advisory (including legal, accounting, financial and business consulting), mailing vendor, delivery,
- technology, website, research, banking, payment, client contact, data processing, insurance, forensic, litigation support, marketing and security services.
- All, or most, of the assets of SEDNA or any single business unit within SEDNA are merged with or acquired by a third party, or we expand or re- organise our business, in which case your personal data may form part of the transferred or merged assets.
- We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with a Court Order).
Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on SEDNA’s behalf. When such third parties no longer need your personal data to fulfil this service, they will dispose of such details in line with SEDNA’s procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
We also may provide anonymous statistical information about users of our websites and related usage information to reputable third parties, including analytics and search engine providers. We own the database rights in the information collected via our online services. We do not sell, rent, or otherwise share information that reasonably identifies you or your organisation with unaffiliated entities for their independent use except as expressly described in this Privacy Notice or with your express prior permission.
We may share information that does not reasonably identify you or your organisation as permitted by applicable law.
8. International Transfers
SEDNA’s operational centers are located in the United Kingdom and Canada. Canada has robust and comprehensive laws that protect your personal information. The European Commission has recognized Canada as an “adequate” jurisdiction that offers a level of data protection similar to the European Economic Area (EEA).
However, as a global business with offices, employees, entities, and service providers all over the world, we may need to transfer your personal information across international borders to countries that have different levels of data protection laws than the country from where you submitted your personal information. By way of example, this may also happen if one or more of our third party service providers with whom we share personal data in accordance with section 7 (Disclosure of your information) are located, or have their servers located, outside your country or the country from which the data were provided.
In these circumstances we will take appropriate steps to reasonably ensure that your personal information is treated securely and as described in this Privacy Notice, in accordance with applicable data protection laws. These steps will include appropriate contractual mechanisms (such as the Model Clauses adopted by the European Commission to provide safeguards for personal information transferred outside of the EEA) or other approved methods.
If we transfer your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected.
9. Retention of your data
We retain the information we collect no longer than is reasonably necessary to fulfil the purposes that such data was originally collected in accordance with our internal data retention policies or to comply with our legal and regulatory obligations.
A maintained copy of our data retention policy is available at https://sedna.com/data-retention-policy/
10. How We Protect Your Personal Data
We take steps to hold information securely in electronic or physical form.
Our information security policy is supported by a variety of processes and procedures, and we store information in access controlled premises or electronic databases requiring logins and passwords. All employees, officers or contractors of SEDNA and third party providers with access to confidential information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards.
Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk.
If you communicate with us using a non- secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.
Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.
You can help us to keep your information secure by ensuring that any user name or password in relation to our online services is kept strictly personal to you and not be made available to any other person. You should stop using your username and password and notify us immediately if you suspect that someone else may be using your user details or password.
We use a variety of technical and organizational security controls to help protect your personal information from unauthorized access, use, disclosure, alteration, or destruction consistent with applicable data protection laws. These controls include:
Data Center Security
- Physically secured with 24x7x365 uniformed guard service
- Electronic key card access at Data Center entrances
- Physical access to Data Centers limited solely to SEDNA employees whose duties require access
- Monitored video surveillance cameras and alarm systems throughout Data Centers and building
- All environmental control systems monitored and controlled locally and remotely monitored
- Redundant facility HVAC cooling systems
- Fire detection and prevention systems
- High sensitivity, early warning smoke detection systems
- Redundant power utilizing uninterruptible power supplies (UPS)
- Highly secure, reliable, and scalable IT infrastructures
- Use of anti-virus software and encryption
- Mirrored active/active firewalls to ensure that in the event of a failure data will remain secure
- Continually upgraded systems ensuring performance at the highest level
- Systems monitored 24/7 to protect against unauthorized intrusion
- Multi-factor authentication
- System alerts for unusual activities
- Performance of regular security reviews and monitoring of security logs for anomalies
- All employees receive mandatory security awareness training, including mandatory security refreshers and testing
- Al employees are subject to reference checks
- All employees must sign confidentiality and non-disclosure agreements
- Strict authorization protocols, logging, and monitoring for privileged systems access by Operations staff
In addition, access to sensitive personal information is limited to those individuals and agents having a need to know.
When we engage a third party service provider to collect or otherwise process personal information on our behalf, the third party is selected carefully and will be required to have appropriate security measures in place.
Third Party Validation
When we engage a third party service provider to collect or otherwise process personal information on our behalf, the third party is selected carefully and will be required to have appropriate security measures in place.
SEDNA is ISO/IEC 27001:2013 certified. ISO 27001 is an internationally recognized, standards-based approach to security. It outlines requirements for a company’s Information Security Management System (ISMS).
11. Cookies Policy
We may, for example, collect information about the type of device you use to access our online services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on our online services, the web pages you view immediately before and after you access our online services, whether and how you interact with content available on our online services, and the search terms you enter on our online services.
SEDNA’s website sets cookies which remain on your computer for differing times. Some expire at the end of each session and some remain for longer so that when you return to our website, you will have a better user experience.
Control of cookies
Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on our website will be lost. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for the major browser providers.
12. Online services – links to third party sites, services and content
In addition to our online services, which we control directly, we also may use and provide links to websites which are controlled by third parties as a convenience to users.
If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you. You will need to check the policy policies of these other sites to understand their policies. If you access a linked site you may be disclosing your personal information. It is your responsibility to keep such information private and confidential.
Our online services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Notice does not address the privacy, security, or other practices of the third parties that provide such content.
We engage third parties that support the operation of our online services, such as analytics providers. These third parties may use technologies to track your online activities over time and across different websites and online platforms. Please see section 11 (Cookies Policy) above for more information.
13. Your Rights regarding your Personal Data
Under applicable data protection legislation, we have a duty of care to ensure that your personal data is accurate and up to date. Therefore, please contact us to update or correct your information if this changes or if you believe that any information that we have collected about you is inaccurate at [email protected]
Where you have consented to our processing of certain personal data, you can at any time withdraw such consent and/or tell us not to contact you with updates and information regarding our products and services (or part of them) either at the point such information is collected, (by leaving the relevant box unticked) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you. Please note that where you withdraw your consent we will no longer be able to provide you with the products or services that rely on having your consent. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Notice.
You can request:
- access to the personal data we hold about you
- corrections or updates to your details;
- the erasure of your personal data;
- the portability of personal data that you have provided to us in a structured, commonly used and machine-readable format.
You also have the right to object to, or request the restriction of, our use of your personal data.
If you are located in the EEA or the United Kingdom: the European Union’s General Data Protection Regulation 2016/679 (GDPR) and/or the Data Protection Act 2018 (c12) provide certain rights in relation to your personal information. Subject to any exemptions or limitations provided by the applicable law, you have the right to be informed about the collection and use of your personal data, to access and receive a copy of information we hold about you, to rectify any personal information held about you that is inaccurate and to request the deletion of personal information held about you. You also have the right to data portability for personal information you provide to us – this means that you can obtain a copy of your personal information in a commonly used electronic format so that you can manage and move it, or request we send it to a third party. You may have the right to restrict or object to the processing of your personal information by us including for marketing purposes.
If you are a Californian Resident: the California Consumer Privacy Act of 2018 (CCPA) provides certain rights, subject to certain limitations, in relation to your personal information, including the right to non-discrimination for exercising your CCPA rights, the right to know about the personal information we’ve collected about you in the past 12 months and how it is used and shared (which is described in this Privacy Notice), and the right to deletion. Individuals protected by the CCPA also have the right to opt-out of the sale of your personal information. SEDNA does not currently “sell” (as defined in the CCPA) the personal information that we collect from you. Should this change in the future, SEDNA will ensure that the right to opt-out is made available to you. For clarity, this Privacy Notice constitutes SEDNA’s “notice at collection” under the CCPA.
If you would like to exercise any of the rights set out in this section, please contact us using the details set out in section 15 (Contact and further information) below. We may refuse to provide access where we have legitimate reasons for doing so under applicable data privacy laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision.
In the event that you wish to exercise your rights regarding your personal information or make a complaint about how we process your personal information, please contact us using the details set out in section 15 (Contact and further information) below. We will endeavor to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with any supervisory authority. We may refuse to provide access where we have legitimate reasons for doing so under applicable data privacy laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision.
If you are located in the UK you may submit a complaint to the Information Commissioner’s Office, details of which can be found at https://ico.org.uk/global/contact-us.
If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.
14. Status of this statement
Your provision of personal data to us or use of our online services constitutes your acceptance of the terms of this Privacy Notice.
As technologies and information governance practices develop, and data privacy laws (and surrounding guidance) evolve, we may need to revise this Privacy Notice. You should therefore review this page regularly to ensure that you are aware of any changes to its terms.
We will post any Privacy Notice changes on this page and, if the changes are significant or may materially impact upon your rights, we will provide a more prominent notice or contact you by other means (including, for certain services, email notification of Privacy Notice changes).
15. Further Information
To find out more about SEDNA please visit sedna.com.
SEDNA at your request, can confirm what information we hold about you and how it is processed. If SEDNA does hold personal data about you, you can request the following information by contacting us using the details below:
- Identity and the contact details of the person or organisation that has determined how and why to process your data.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of SEDNA or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- How long the data will be stored.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
In order to verify the identity of those who make a request to us, we will accept the following forms of ID when information on your personal data is requested:
- Driving licence, Birth certificate,
- Utility bill dated within the last 3 months.
If you have any questions, concerns or comments about this Privacy Notice, or want to submit a written complaint about how we handle your personal data, please contact us via any of the following means:
SEDNA Communications Ltd.
65 Buckingham Gate
Email: [email protected]
We may modify this Privacy Notice from time to time. Any changes we make to this Privacy Notice in the future will be posted on this page. The updated policy will take effect upon posting to this page.
This Privacy Notice was last updated on April 26, 2022.