We know how important it is for you to understand how we use your data. This Privacy Policy sets out how and why we collect, store, process and share your personal data. We will always be transparent with you about what we do with your personal data. We would like to encourage you to read this Privacy Policy when using our website or services, or transacting business with us. By using our websites, our applications or otherwise sending us your data, you are accepting the practices described in this Privacy Policy.

The General Data Protection Regulation (GDPR) came into force on the 25th May 2018. This new European Union (EU) framework for data protection laws replaced the Data Protection Act 1998. The main concepts and principles of the GDPR are much the same as those in the previous Data Protection Act. However, GDPR provides better control over how businesses use people data by additionally taking into account many new ways of identifying an individual (biometric data, genetic material, location data, IP address, and social media identity are all now included as personal data).

We collect your data only if is required to contact you, this includes the following situations:

  • To fulfil a contract with you.
  • When you purchase products and services from us.
  • To contact you when you send us your job application.
  • When you subscribe to our mailing list.
  • When you are part of our team.

We do not use Cookies, so if you visit our website our browser doesn’t receive any information about you.

We retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with the following specific retention periods:

  • Customer information. When you place an order for products and services we retain information about you subject to legal obligation and for business purposes.
  • Correspondence and enquiries. When you make and enquiry or contact us by email or via our web contact form, we will retain your information for as long as it takes to resolve your enquiry, and for up to twenty-four (24) further months, after which we will delete your information.
  • Mailing subscribers. We retain the information you used to sign-up to our mailing list for as long as you remain subscribed (i.e. you do not unsubscribe) or if we decide to cancel our mailing list service, whichever occurs first. Your contact details will be promptly deleted upon subscription.
  • Present and previous employees’ information. Subject to legal obligation.
  • Jobs applicant’s information. Up to twenty-four (24) months after the position is closed, after which we will delete your information.

We take the security of your personal data very seriously. We have implemented various strategies, controls, policies and measures to keep your data secure and keep these measures under close review. We protect your data by using secure servers to store your information and specialized technology such as firewalls and password protection. Tangible data are stored in a secure metal cabinet, with limited personnel access. This means that your data is protected and only accessible to co-workers who need it to carry out their job responsibilities, subject to confidentiality restrictions where appropriate and on an anonymised basis wherever possible. We also ensure that there are strict physical controls in our buildings which restricts access to your personal data to keep it safe.

In certain cases we may need to transfer your personal data outside of the European Economic Area (EEA) for business purposes, for example, to our official software distributors (with established Software Distribution Agreements) worldwide. Some countries may not have the same data protection laws as the UK and the EEA and so your personal data may not be subject to the same protections. However, in such cases, we will make sure that any transfer of your personal data to countries outside the EEA is subject to appropriate safeguards as if it were being processed inside the EEA and under the guiding principles set out in this privacy policy.

The GDPR grants individuals the right:

  • To be informed how their personal data are being used.
  • Of access to their personal data.
  • To rectification of their personal data.
  • To erasure their personal data.
  • To restrict processing their personal data.
  • To data portability, which is the right to receive copies of their personal data.
  • To object their personal data.
  • Not to be subject to automated decision-making including profiling.

We want to ensure that all the information we have about our customers is correct and up to date. If you find that the personal data we have about you is inaccurate or needs updating then please contact us so that we can correct it. If you no longer wish to be contacted by us about our products, services, training events, conferences, or for other marketing purposes, you can amend your preferences or unsubscribe by contacting us on enquiries<@>cmclinnovations.com or via our website.

We do not knowingly or intentionally collect sensitive personal data from individuals, and we ask you to not send such information to us.

GDPR defines sensitive personal information as data consisting of racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation.