Your privacy is everything to us
It is our policy to respect your privacy regarding any information we may collect from you across our website, https://nodepatrol.com, and other sites we own and operate. It's not possible to use our service without sharing some amount of personal data with us as we're unable to secure our application, communicate with you or provide a secure support experience without knowing who you are.
If you do not the time to read this policy in full, below is a list of the service providers we use to store and process your personal data. We've added a quick note to each to explain why we store your data with these providers and how we use it. By using our service, you agree to us storing your data with the following organisations. Please bear in mind that we're only detailing where we might store your information, if you'd like to know how we keep your data safe please refer to our Security Policy.
We use pipedrive.com to provide a world-class introduction and onboarding experience for prospective leads and new customers. We'll store your name, email address, job title (if provided), mobile number (if provided), landline (if provided), company information, and any sales conversations we have had with you (including email threads, phone logs and live chat transcripts). The sole purpose of this service is to ensure every lead and customer receives the best possible level of service.
HelpScout enables our support team to provide the quick and high-quality support you deserve. Emails to firstname.lastname@example.org and conversations in live chat will be logged in HelpScout. We will store your name, email address, company information and conversation history with this service provider. HelpScout enables us to support you faster and provide better quality responses to your questions. Any of our staff can view your support history and get involved in supporting you, which means less waiting and more patrolling!
Amazon Web Services (AWS)
Our server, serverless infrastructure, storage, desktop and database services are hosted by AWS, so any information you submit to our website or application will pass through or be stored on AWS infrastructure. All data is currently stored or processed in the EU only.
Everlution Software is our development partner and managed services provider, they provide us with developers, designers, infrastructure engineers and database administrators. They're not permitted to store, share or use your data but they do have access to the systems that store your personal information. Each persons access is limited by job role and scope, all actions are logged and only two people, the Chief Tech and Chief Dev, have the ability to modify access rights in the production environment. The two-man rule is applied when modifying permissions in the production environment.
We use Office365 for desktop publishing and document management. There's a good chance your personal information may be stored on one of Microsoft's services such as OneDrive, Exchange or SharePoint.
We use the NetApp cloud service to backup our data, but the service provider is unable to access the data we store with them. All data protected by NetApp is encrypted at rest and in transit, and any attempts to download or decrypt our data triggers an automatic workflow requiring approval from a member of our management team.
1. Information we collect
When you visit our website, our servers may automatically log the standard data provided by your web browser. It may include your computer’s Internet Protocol (IP) address, your browser type and version, the pages you visit, the time and date of your visit, the time spent on each page, and other details.
We may also collect data about the device you’re using to access our website. This data may include the device type, operating system, unique device identifiers, device settings, and geo-location data. What we collect can depend on the individual settings of your device and software. We recommend checking the policies of your device manufacturer or software provider to learn what information they make available to us.
We may ask for personal information, such as your:
- Full name
- Email address
- Employers name
- Phone/mobile number
- Work address
- Payment information
2. Lawful basis for processing
We will process your personal information lawfully, fairly and in a transparent manner. We collect and process information about you only where we have justified and lawful basis for doing so.
These may depend on the services you use and how you use them, meaning we collect and use your information only where:
- it’s necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract (for example, when we provide a service you request from us);
- it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote our services, and to protect our legal rights and interests;
- you give us consent to do so for a specific purpose (for example, you might consent to us sending you updates and alerts); or
- we need to process your data to comply with a legal obligation.
Where you consent to our use of information about you for a specific purpose, you have the right to change your mind at any time; but this will not affect any processing that has already taken place.
We do not keep personal information for longer than is necessary. While we retain this information, we will protect it within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification. That said, we advise that no method of electronic transmission or storage is 100% secure and cannot guarantee absolute data security. If necessary, we may retain your personal information for our compliance with a legal obligation or in order to protect your vital interests or the vital interests of another natural person.
3. Collection and use of information
We may collect, hold, use and disclose information for the following purposes and personal information will not be further processed in a manner that is incompatible with these purposes:
- to enable you to customise or personalise your experience of our website;
- to enable you to access and use our website, associated applications and associated social media platforms;
- to contact and communicate with you;
- for internal record keeping and administrative purposes; and
- for analytics, market research and business development, including to operate and improve our website, associated applications and associated social media platforms.
4. Disclosure of personal information to third parties
We may disclose personal information to:
- third-party service providers for the purpose of enabling them to provide their services, including (without limitation) IT service providers, data storage, hosting and server providers, ad networks, analytics, error loggers, debt collectors, maintenance or problem-solving providers, marketing or advertising providers, professional advisors and payment systems operators;
- our employees, contractors and/or related entities;
- credit reporting agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
- third parties, including agents or sub-contractors, who assist us in providing information, products, services or direct marketing to you; and
- third parties to collect and process data.
5. International transfers of personal information
We strive to store and process all personal information in the UK or Ireland, or where our partners, affiliates and third-party providers maintain their own facilities. Where possible we request that our partners and service providers store and shared data in the UK or the European Union. Where this is not possible, we check to see that the privacy laws are equal to those in the European Union. By providing us with your personal information, you consent to the disclosure to these overseas third parties when it is required to do so.
We will ensure that any transfer of personal information from countries in the European Economic Area (EEA) to countries outside the EEA will be protected by appropriate safeguards, for example by using standard data protection clauses approved by the European Commission, or the use of binding corporate rules or other legally accepted means.
Where we transfer personal information from a non-EEA country to another country, you acknowledge that third parties in other jurisdictions may not be subject to similar data protection laws to the ones in our jurisdiction. There are risks if any such third-party engages in any act or practice that would contravene the data privacy laws in our jurisdiction and this might mean that you will not be able to seek redress under our jurisdiction’s privacy laws.
6. Your rights and controlling your personal information
Restrict: You may choose to restrict the collection or use of your personal information. If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below. If you ask us to restrict or limit how we process your personal information, we will let you know how the restriction affects your use of our website or products and services.
Access and data portability: You may request details of the personal information that we hold about you. You may request a copy of the personal information we hold about you. Where possible, we will provide this information in CSV format or other easily readable machine format. You may request that we erase the personal information we hold about you at any time. You may also request that we transfer this personal information to another third-party.
Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to correct any information found to be inaccurate, incomplete, misleading or out of date.
Notification of data breaches: We will comply laws applicable to us in respect of any data breach.
Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
Unsubscribe: To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.
By using our service you agree to have at least some basic cookies stored on your computer. For example, we'll use a cookie to record that you've opted out of tracking (if you've chosen to do so). We may store cookies on your computer to record your response to tracking and GDPR consent prompts. We will be unable to see if you have opted out without such a cookie, therefore it is essential for our ability to respect your privacy preferences.
8. Business transfers
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may continue to use your personal information according to this policy. In the unlikely event that this occurs, you will be informed well in advance and your options will be presented to you.
9. Limits of our policy
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and policies of those sites, and cannot accept responsibility or liability for their respective privacy practices. We will endeavour to append all links to external sites with the following icon so that you may proceed with appropriate caution:
10. Changes to this policy
Node Patrol Limited Data Controller
Node Patrol Limited Data Protection Officer
This policy is effective as of 16 September 2020.