Data Privacy Policy

We understand that your privacy and the security of both your personal and your organisation’s information is extremely important. This notice sets out what we do with your information, what we do to keep it secure, from where and how we collect it, as well as your rights in relation to the information we hold about you.

This policy applies if you interact with us over the phone, online, through our mobile application or otherwise or interacting with us on social media (our “Services”).

Here are the things we think you’d really want to know:

• Your information will never be shared with any third party without your express and explicit authorisation except as in the exceptional circumstances detailed in the “Who might we share your personal information with” section of this document.
• Some of our staff, who will process your personal information, are based outside of the European Economic Area.
• You have a number of rights over your personal information. How you can exercise these rights is set out in this notice.
• On occasion, we will need to contact you directly to draw your attention to system or technical issues relating to OmniRota software.
• We may also occasionally contact you directly to keep you informed about technical improvements or developments to OmniRota or;
• to let you know about new commercial arrangements entered into by the company that we feel will be of benefit to you. If you want us to stop, please see the “Keeping you informed about our products and services” section of this document.

Who are we?

When we say ‘we’ or ‘us’ in this policy, we’re referring to:

Omni HR Solutions Ltd.
Summit House
4-5 Mitchell Street
Edinburgh
EH6 7BD

What sorts of personal information do we hold?

• Information that you provide to us such as staff names, dates of birth, telephone numbers, email addresses;
• Any feedback you give to us, including by phone, email, post, or when you communicate with us via social media;
• Information about the services that we provide to you (including for example, the things we have provided to you, when and where, what you paid, the way you use our products and services, and so on);
• Your account login details for our services, including your user name and chosen password;
• Information about whether or not you want to receive marketing communications from us;
• Information about any device you have used to access our Services (such as your device’s make and model, browser or IP address) and also how you use our Services;
• Your contact details and details of the emails and other electronic communications you receive from us, including whether that communication has been opened.

Our legal basis for processing your information

Whenever we process your personal information we have to have something called a “legal basis” for what we do. The different legal bases we rely on are:

• Consent: You have told us you are happy for us to process your information for a specific purpose;
• Legitimate interests: The processing is necessary for us to conduct our business, but not where our interests are overridden by your interests or rights.
• Performance of a contract: We must process your personal information in order to be able to provide you with one of our products or services;
• Vital interests: The processing of your personal information is necessary to protect you or someone else’s life;
• Public information: Where we process personal information which you have already made public;
• Legal claims: The processing of your personal information is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity; and
• Legal obligation: We are required to process your personal information by law.

How do we use your personal information?

We may use your information in the following ways:

To provide our products and services - we need to use your personal information to make our products and services available to you.

To personalise your user experience - we try to understand our customers so we can provide you with an enhanced user experience; we will retain information about reporting and viewing options that you have selected in order that these can be replicated in future sessions.

Contacting you - we use your personal information to contact you: either to conduct market research or to contact you about products and services from us or other companies. We may also contact you in relation to any questions you have raised with us or to discuss the status of your account with us.

Cookies and similar technologies - We use cookies to help give you the best experience on our websites and to allow us and third parties to tailor ads you see on ours and other websites. For more information please see our full Cookie policy.

Who might we share your personal information with?

We will never share your information with any third party without your prior and explicit consent except as set out in the scenarios below:

• If we're discussing selling or transferring part or all of a Omni HR Solutions, we may share information about you to prospective purchasers and their advisers - but only so they can evaluate the relevant business; or
• If we are reorganised or sold to another organisation, we may transfer information we hold about you to them so they can continue to provide the Services to you.
• If OmniRota is to be incorporated onto the platform of a third party’s product and it becomes necessary to transfer user data in order to ensure continuity of service.
• If we are required to by law, under any code of practice by which we are bound or where we are asked to do so by a public or regulatory authority such as the police or the Department for Work and Pensions;
• If we need to do so in order to exercise or protect our legal rights, users, systems and services.

Keeping you informed about our products and services

We would like to tell you about any Omni Hr Solutions offers, ideas, products and services from time to time that we think you might be interested in. Where we have your consent or it is in our legitimate interests to do so, we may do this through the post, by email, text message or by any other electronic means.

We won't send you marketing messages if you tell us not to, but if you receive a service from us we will still need to send you occasional service-related messages.

If you wish to amend your marketing preferences, you can do so by contacting us as set out in the “Contact Us” below.

Your rights

You have a number of rights under data protection legislation which, in certain circumstances, you may be able to exercise in relation to the personal information we process about you.

These include:

• the right to access a copy of the personal information we hold about you;
• the right to correction of inaccurate personal information we hold about you;
• the right to restrict our use of your personal information;
• the right to be forgotten;
• the right of data portability; and
• the right to object to our use of your personal information.

Where we rely on consent as the legal basis on which we process your personal information, you may also withdraw that consent at any time.

If you are seeking to exercise any of these rights, please contact us using the details in the “Contact Us” section below. Please note that we will need to verify your identity before we can fulfil any of your rights under data protection law. This helps us to protect the personal information belonging to our customer against fraudulent requests.

How long will we keep your personal information for?

We will keep your personal information for the purposes set out in this privacy policy and in accordance with the law and relevant regulations. We will never retain your personal information for longer than is necessary. In most cases, our retention period will come to an end 7 years after the end of your relationship with us. However, should you wish, we will remove all of your information immediately upon termination of any commercial arrangement between yourself and us.

Security

We take protecting your personal information seriously and are continuously developing our security systems and processes. Some of the controls we have in place are:

• We limit physical access to our buildings and user access to our systems to only those that we believe are entitled to be there;
• We use technology controls for our information systems, such as firewalls, user verification, strong data encryption, and separation of roles, systems & data;
• Systems are proactively monitored through a “detect and respond” information security function;
• We utilize industry “good practice” standards to support the maintenance of a robust information security management system; and
• We enforce a “need to know” policy, for access to any data or systems.

Contact us

If you would like to exercise one of your rights as set out in the “Your rights” section above, or you have a question or a complaint about this policy, or the way your personal information is processed, please contact us by one of the following means:

• By email to: privacy@omnihrs.co.uk
• Logging a ‘Support Ticket’ within your OmniRota software, selecting the option ‘Data Privacy’

You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.

Policy change

This privacy policy was most recently updated in May 2018. If we make changes to it, then we will take appropriate steps to bring those changes to your attention.

Our Cookie Policy

What are Cookies?

We use the term cookie to describe cookies and similar technologies such as tags and pixels. Cookies are small data files that websites place on your computer, laptop or mobile device.

Our use of Cookies

We use Cookies for the following purposes:

To improve the performance of our websites by understanding which parts work well, and which don't.

To enable us to collect information about how you and other people use our websites.

To improve your experience on our websites, for example we use Cookies to remember the options you have selected and to personalise your experience.

What Cookies do we use?

We use the following Cookies:

Strictly necessary Cookies.

These are Cookies that are required for the operation of our website. They are necessary for the safety, security and integrity of the site. For example they help support the structure of the pages that are displayed to you, help to improve navigation and allow you to return to pages you have previously visited. This type of Cookie only lasts for the duration of the time you are visiting the website. When you leave the website they are deleted automatically.

Performance Cookies or analytical Cookies.

They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily

The data is aggregated and anonymised, which means we cannot identify you as an individual.

Functionality Cookies.

These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences. These Cookies will remain on your device until you choose to clear it. If you choose to do this, you will need to enter your details each time you visit the site.

Blocking or restricting Cookies

You can stop Cookies being used on your device by activating the setting on your browser that allows you to block the deployment of all or some Cookies. Please visit www.allaboutookies.org to find out how. Please note, if you use your browser settings to block Cookies you may not be able to access all or parts of our site.