Preservica respects your privacy and is committed to protecting your personal data.
The primary purpose of collecting and holding your personal data is to enable us to assist you better with Digital Preservation. We aim to be fair and transparent, we welcome questions.
This privacy notice “Notice” will inform you about how we use, process and protect your personal data.
This Notice covers the Privacy of:
- our Customers and external submitters of content to our Customer’s archive, when you use Preservica Cloud based software (the “Services”) or the website via which the Services are provided (the ” Site”).
- Potential Customers and Visitors including anyone visiting our website www.Preservica.com (the “Website”)
- Partners and Potential Partners
For existing customers, this Notice applies in addition to our terms and conditions and any other documents referred to on it.
Preservica does not and will not sell or share personal information about our customers, potential customers, visitors or partners.
Preservica meets the obligations of the UK General Data Protection Regulation (UK GDPR).
Preservica Limited is registered with the UK Information Commissioner’s Office under registration reference: ZA310958
Preservica has appointed Vivenics Consultancy BV to act as EU GDPR representative.
In meeting the UK GDPR obligations, Preservica provides robust safeguards to protect the processing of personal data across all customer regions; this includes US state privacy requirements, the Australian Privacy Principles (APPs) and the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada.
Who is Preservica
Preservica Ltd in England and Wales under company number 7998621.
Preservica Ltd, 32 The Quadrant, Abingdon Science Park, Abingdon, Oxfordshire, OX14 3YS, UK
Preservica Inc is a wholly owned subsidiary Delaware Corporation based in the US.
Preservica Inc, 50 Milk Street, 16th Floor, Boston, MA 02109, USA
They are collectively referred to as “Preservica”, “we”, “us” or “our” in this privacy notice.
Preservica is the Data Controller for the personal information we hold to (i) run our business including managing contracts with customers and partners, and (ii) market and sell to existing and potential customers and partners.
In our role as a provider of Preservica software and Application Program Interfaces (APIs) to our customers and partners, when it is hosted in the Cloud based solutions, we are Data Processors.
The types of data Preservica collect
We may collect, use, store and transfer different kinds of personal data about you. We have grouped this together as follows:
- Contact Data: includes business address, email address, social media handles, and telephone numbers.
- Identity Data: includes first name, last name, username or similar identifier, title, job title.
- Marketing and Communications Data: includes your preferences in receiving marketing from us and your communication preferences.
- Profile Data: includes your Preservica username and password, your interests, preferences, feedback and survey responses.
- Correspondence: including email content which potentially contains personal data
- Technical Data: includes internet protocol (IP) address, your login data, browser type and version, pages visited, length of visit, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our software.
- Usage Data: includes information about how you use our products and services.
How Preservica collect and process your personal data as a controller
We may collect and process personal information by keeping records of your interactions with us so that we can assist you, inform you and serve you better now, and in the future.
Furthermore, for customers this enables us to provide and improve the contracted services.
We do this when you:
- Visit our website or respond to sales/marketing interactions
- when you visit our website including completing a form
- when you sign up to our mailing list
- when you sign up to and/or attend training, webinars or events
- when you enter a promotion or complete a survey
- when you interact with Preservica or an employee on Social Media
- As part of Preservica’s sales and marketing activities
- when we have identified you as potential customer because of your role and/or your employer’s business
- when you or your employer initiates a tender or contract process
- when you trial our software using our test sites
- when you sign-up for our free edition software
- When you or your employer have a contract with us
- when you use our software and services (free & paid)
- when you contact us including our support desk
- when you use our ticketing system
- when your use our user portal
- when you fill in forms on our Cloud based solutions, including login information, feedback forms
- When you are a partner or potential partner
- For all visitors, customers and partners (potential or current)
- when you respond to or contact us by email, phone, post or face to face
- When you submit content to an organization using Preservica
- when you are invited to use our software and services as an external submitter to an archive using Preservica
When you use Universal Access (the Preservica portal allowing our customers to present their collections to the wider public or throughout their business) our Client’s privacy notice, rather than this Privacy Notice, will apply to our processing of your personal information.
When you use External Submissions Management (the Preservica portal allowing our customers to receive content submissions from the wider public or throughout their business), both our Client’s privacy notice and this Privacy Notice will apply to the processing of your personal information.
Information we collect automatically including cookies
We automatically collect information about you through cookies and similar technologies either (i) when you use, access or interact with us via our websites or (ii) the Preservica product on a Preservica managed Cloud solution including Universal Access.
Information obtained from other sources
We may receive information about you from other sources, including third parties, such as industry bodies and partners. We may also receive information about you from social media platforms, for instance, when you interact with us on those platforms. We protect data obtained from third parties in the same way as we handle data we receive directly. If the third party imposes conditions on the use of your data, we will apply this.
Special Categories of Personal Data
Preservica, as a Data Controller, does not collect any Special Categories of Personal Data. Nor do we collect any information about criminal convictions and offences.
The archives we host in our Cloud based solutions may include personal data of living people and this may include Special Categories of Personal Data. We take our responsibilities as a data processor in this situation very seriously. Our obligations with our customers is set out in our contracts with them. Our Security section describes some of the actions we take to secure this data.
Legal basis for processing personal data
There are different legal bases that we rely on to use your personal information, namely:
Performance of a contract
The use of your personal information may be necessary to perform the contract you, your employer, or the organization inviting you for submissions has with us.
Preservica collects, processes and stores data relating to businesses and decision makers. We believe that the individuals that we process the data of, are likely to have an interest in the Preservica product and/or services.
Preservica has carried out a Legitimate Interest Assessment (LIA) as advised by the ICO. Based upon that assessment it is deemed that the rights and freedoms of the data subjects would not be overridden in our correspondence regarding Preservica and that in no way would a data subject be caused harm by our correspondence. Based upon our segmentation by organisation and by job function, coupled with our processing of personal data within the context of a business environment, we believe that any individual that receives correspondence from Preservica in a direct marketing or sales capacity, could be legitimately interested in the Preservica solution. It is also deemed that direct marketing and sales is necessary in the context of promoting Preservica to professionals in business in order to increase awareness of our SaaS solution in the marketplace.
Although we would like to send you information about our products and services which may be of interest to you, as an individual you have a right at any time to stop us contacting you for marketing purposes.
If you no longer wish to be contacted for marketing purposes, please click here. Alternatively, you may use the unsubscribe button on a Preservica Marketing email.
Our User Portal allows customers and partners to create or post content on message boards. Please note that any information posted or disclosed through these sections of our Portal will become public information to the user community. We urge caution to anyone deciding to disclose their Personal Information, or any other information, on our Portal.
External Submissions Management Portal
Our External Submissions Management Portal allows invited persons to submit content for archival appraisal. All personal data is removed once the submission has been appraised and the temporary access period has expired.
You have eight rights according to the UK General Data Protection Regulation (UK GDPR). If you need to exercise your rights, please contact us using the details in the Contact Section. In all cases we will acknowledge your request and supply a response within one month or sooner. There are some situations described in the UK GDPR where we can refuse to comply, but if this is the situation we will explain why.
How long we store your data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
If you have a question about a specific retention period for certain types of personal information we process about you, please send your question in an email.
Storage of your data and disclosure
Users of the Preservica Cloud based solutions
Client data, user names and passwords will at all time be stored in the country or region set out in the contract with Preservica. They will not be transferred to any other country or region.
Third party service providers
Preservica uses certain third parties to help with the business administration and other activities related to the services provided. Some of these third parties are based in the EEA and some are based outside the EEA with servers outside the EEA.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
If the Visitor, User or Customer is in the EEA, then by visiting Preservica’s site, contacting Preservica or using Preservica’s services, they consent to the transfer of their personal data to the servers of Preservica’s third party service providers.
Other reasons for disclosure
We may disclose your personal information to third parties
- in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets.
- If Preservica or substantially all of its assets are acquired by a third party, in which case personal information held by it about users of our services and sites will be one of the transferred assets but will remain subject to the promises made in this Privacy Notice. For clarity, this Privacy Notice shall be binding upon, and inure to the benefit of, the successors, assigns, representatives and transferees of Preservica.
- If we are under a duty to disclose or share your personal information in order to (i) comply with any legal obligation, (ii) enforce or apply the Conditions; or (iii) protect the rights, property, or safety of Preservica, our customers and users, or others.
We are committed to ensuring that your information is secure. To prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we hold about you.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Users of the Preservica Cloud based solutions
Data in the Preservica product is encrypted as standard unless the customer explicitly and contractually requests unencrypted. Preservica does not have access to this data without explicit permission and this access is usually in the context of technical support and the operation of Preservica. Access to the Preservica system by Preservica support staff is password protected and limited.
You will need to choose a password to enable you to access and use the Services. When choosing a password, you must comply with the requirements set out on the Site and must keep your password confidential at all times. We therefore ask you not to share your password with anyone.
To prevent unauthorized users from accessing the Cloud based solutions it is also important that you lock your terminal or log off whenever you leave your terminal unattended.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to the Cloud based solutions and any transmission is made at your own risk.
If you wish to raise a concern about our data processing
You have the right to make a complaint (about how we have collected or processed your personal data) at any time to the Information Commissioner’s Office (the ICO), which is the UK supervisory authority for data protection issues.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please do contact us in the first instance.
Our website and the sites we operate for our customers may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide while visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and look at the applicable privacy notice on the website in question before you submit any personal information to the website.
How to contact us