We are continuing to monitor official advice and the global position on a daily basis, in close liaison with our clients and teams in all locations. Our priority remains the well-being of our people, our relationships and our commitment to the long-term sustainability of our sector.
At Sionic, we take protection of your personal data very seriously and strictly adhere to the rules laid out by data protection laws and the General Data Personal Regulation (GDPR).
2. Lawful basis of processing personal information
We only collect and use personal information about you when the law allows us to. Most commonly, we use it where:
- Processing is necessary for the performance of a contract
- The processing is necessary to comply with our legal obligations
- Processing in necessary for the purpose of the legitimate interest pursed by us or a third party
3. What information we collect
We collect personal information from you, for example, if you register to our website, request product information, or use any of our services. The categories of personal information that we may collect, store and use about you include:
- First Name
- Last Name
- Phone number
- Email address
- Right to work in a certain country
- Any information you provide to us in your CV
- LinkedIn web address if you choose to provide this to us
3.1 Use of ‘Cookies’
Cookies are small text files (typically made up of letters and numbers) placed in the memory of your browser or device when you visit a website or view a message. Cookies allow a website to recognize a particular device or browser.
At Sionic, we set and use some cookies ourselves but only on our website. These are called first party cookies. When cookies are served by another domain they are called “third party cookies”. We use some third party cookies on our website. Please see what cookies we use below:
First Party Cookies
|. Sionic.com||2 Years
|These cookies are set by google analytics.
More about google analytics is available here.
Third Party Cookies
4. How long we keep information for
We ensure that your personal data is retained only for the period that Sionic needs it for. All personal information collected has a defined retention period, which is in-line with our data retention policy. For example, we keep your CV for two years.
If you would like to find out how long your information is being retained, please see “additional information”, section 10 of this policy.
5. Security of personal information
Sionic is committed to handling your personal information with high standards of information security. We have the following safeguards in place:
- Physical access controls to building
- Restricted access to files/data
- Restricted exporting/importing
- Data encryption on Microsoft
- Local Data encryption by Bitlocker
- Firewalls per office
- Antivirus protection
- Anti-malware protection
- Information Security Training (internal)
6. Children’s information
Sionic does not knowingly collect information on children without consent from a responsible parent. If Sionic has collected personal information on a child, please see section 10 “Additional information” of this policy immediately, so we can remove this information without undue delay.
7. Your individual rights
In this section, we have summarised the rights that you have under the General Data Protection Regulation. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
Your principal rights under the General Data Protection Regulation are:
- Receive certain information about our personal data collection and processing activities.
- Access your own personal data.
- Correct your personal data.
- The right to be forgotten.
- Restrict data processing.
- Object to data processing.
- Receive a copy of their personal data or transfer their personal data to another controller.
- Not be subject to solely automated decision-making under certain circumstances.
- Receive notifications of data security breaches.
You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Provided the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee (£10).
You as a data subject have the right to rectification, which will allow you as the data subject to modify/change any personal information to the purpose of ensuring that the information we process is update to date.
The right to erasure or right to be forgotten will allow you as the data subject to inform us that you no longer want Sionic to continually store or process your personal information. Please be aware that we may decline your right for a number of reasons, which are not limited to, having a lawful basis to process your information or us needing your information for the performance of a contractual obligation.
As a data subject, you have the right to stop any processing of your personal information. Please be aware that you must provide us with a legitimate reason for us to stop processing. Any request made that doesn’t conform to the GDPR will be rejected.
On occasion, Sionic may send you marketing emails to make you aware of new services that we believe can benefit you, the data subject. As you have the right to object, you can click the unsubscribe link on all of our emails to inform us that you no longer want to receive marketing emails from us.
The right to data portability will allow you as the data subject to have your personal information securely transferred to another organisation for processing. At Sionic we place this reasonability on you. When you make this request, we will export all information about you and securely transfer it to yourself. You, the data subject, will be able to give this information to your chosen organisation.
If you have any questions about these rights, please see section 10 “Additional information” of this policy.
8. Data transfers/third parties
8.1 Providing your information to others
Sionic, as a data controller, may disclose your personal data, listed in section 3 to some third parties insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. Third parties that we use are listed below:
Salesforce: For managing our relationship with clients and prospects. It is one integrated CRM platform that gives all Sionic practices and departments a single, shared view of clients and prospects.
Eventbrite: This is an event management and ticketing website used to help promote and manage Sionic events.
Greenhouse: This is our central applicant tracking system, managing our recruitment process from end to end, ensuring our candidates have been processed the right way and enables us to report on company recruitment trends.
Quickbooks: For accounting.
Harvest: For raising invoices.
Please see here for information about how Google Analytics uses this information, and visit here for information about the Google Analytics Opt-out Browser Add-on. Please note that Google may track your activity over time and across websites.
8.8 Information security with transfers
In this section, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
We, Sionic, do transfer personal information to third parties outside of the European Economic Area (EEA). We take steps to ensure that where your information is transferred outside of the EEA by our service providers and hosting providers, appropriate measures and controls are in place to protect information in accordance with applicable data protection laws and regulations. For example, we may share information with affiliates based outside the EEA for the purposes foreseen by this policy. Sionic are subject to Sionic data protection policies designed to protect data in accordance with EU data protection laws. In each case, such transfers are made in accordance with the requirements of the GDPR and may be based on the use of the European Commission’s Standard Model Clauses for transfers of personal data outside the EEA
9. Right to complain
We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or if you have any other concerns about our data processing, please raise this with us in the first instance.
To make a complaint, please contact us.
Alternatively, you can make a complaint to the Information Commissioner’s Office (ICO):
By Post: Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
By Website: Click Here
By Email: Click Here
By Phone: 0303 123 1113 (Local rate) or 01625 545 745 (National rate)
10. Additional information
Your trust is important to us. That is why we are always available to talk with you at any time and answer any questions concerning how your data is processed. If you have any questions that could not be answered by this policy or if you wish to receive more in-depth information about any topic within it, please contact us.
11. Review of this policy
We keep this policy under regular review. This policy was last updated in July 2020.
We reserve the right to update this policy at any time. We may also notify you in other ways from time to time about the processing of your personal information.
12. How to contact us direct
- By email: firstname.lastname@example.org
- By letter: Sionic, 111 Old Broad Street, London EC2N 1AP UK
- By phone: +44 (0) 207 842 4800
Anything you’re unsure about?