Privacy & Cookies

Privacy & Cookies

LIMOSS PRIVACY NOTICE - 31 JANUARY 2020

1. Introduction

This notice describes how LIMOSS, as controller, collects, uses, shares and retains the personal information about you and informs you about your choices and rights in relation to your personal information. LIMOSS is committed to ensuring that any personal information it receives is protected and handled in accordance with applicable data protection laws.

For the purposes of this privacy notice, references to “we”, “us” or “our” shall refer to LIMOSS.

This notice was updated on 14 October 2019.

2. Who we are

London Market Operations & Strategic Sourcing Limited (LIMOSS) is incorporated by the Companies Act 2006 (Company Number 11240955) and its principal place of business is at One Lime Street, LONDON, EC3M 7HA.

3. Who does this notice apply to?

This notice applies to:

  • Your interaction with LIMOSS when you call us, email us or visit our offices in your personal or professional capacity;
  • Your use of our websites such as https://limoss.london
  • Your use of our specialised Market Services, as described on our website, accessed through our website or otherwise; and
  • our officers’, employees’, contractors’ and contingent workers’ use of our internal tools and platforms,

each such individual referred to as “user”, “you”, “your”.

4. What personal information we process about you

Personal information or “personal data” means any information relating to an identified or identifiable natural person, known as a ‘data subject’. We may process the following personal data about you:

Identity, profile and contact information, by way of example:

  • We may ask for your title, first name, last name, employer name, and who you are visiting if you attend our offices, or your telephone number or email if you ask us to contact you, or your CV if you contact us about a job application.
  • We will capture KYC information about our service providers and other parties.
  • We will capture your user and contact information if you use any interactive parts of our website.
  • If you use our Market Services, we will create your login information and collect your name, email address and other details about you.
  • For employees using our internal tools and platforms, their email address may serve as a user id.

This information is usually provided by you or we may obtain it from third parties such as your employer, social media sites, people who provide a reference about you or background screening companies. We will likely be unable to assist or provide the service unless you provide the relevant information, and some information will be mandatory for our compliance with the law (e.g. diversity information to comply with equality laws as part of the recruitment process).

Usage data and device information, by way of example:

  • We and our service providers may collect information about your device such as your IP address when you visit our website or your preferences when you use our features. We may capture information about how you used our website, methods of access and browsing away and similar statistical information.
  • When you use our Market Services or when our employees use our internal tools and platforms, we will collect information about when you logged in, troubleshooting data, usage trends and other usage information.

This information will be mostly of technical nature and provided automatically by your device.

User owned data, by way of example:

  • When using our Market Services, you may upload documents, input information and create data within our services. We will hold such user owned data as processor and only use it as required to provide our services to you. Where permitted under the relevant client terms, we may capture some market data for our own use.

You should not provide to us information about others unless you have their permission to do so.

We will rely on the information provided by you as accurate, complete and up to date, and we shall be grateful if you would inform us of any changes.

5. Why we collect your personal information and the lawful basis for processing

Generally, we will use your information as required to interact with you and to operate and develop our services.

In particular, we will use your information when:

(a) responding to your communications or requests, for example, by filling in a form on our website;

(b) providing the services, including our website, features, content, Market Services, internal tools and platforms, and other services;

(c) facilitating your account for Market Services, ensuring the proper administration and maintenance of our systems which may include third party service provider systems, enabling the creation and resolution of service requests;

(d) notifying you of changes to our services, information about issues and outages, changes to terms and conditions, and other service messages;

(e) sending you or, as appropriate, your employer, notices, invoices and collecting payments;

(f) engaging service providers to fulfil functions in relation to our services, including webhosting, payment facility, logistics, data storage, information security, debt recovery, technology licensing and other functions;

(g) sending you marketing in accordance with the law;

(h) ensuring the security of our business and preventing and detecting fraud or illegal conduct;

(i) administering our business, including complaints resolution, troubleshooting, data analysis, quality control, staff training, testing of new features, research,        statistical and survey purposes;

(j) developing and improving our services;

(k) in relation to our use of cookies and similar technologies, recording your preferences, gathering information for analytics, operating social media plug-ins in our website and services, and, where applicable, collecting information for advertising purposes. Please see our Cookies Notice for further information;

(l) complying with applicable law, including in response to a lawful request from a court or regulatory body; and

(m) process user owned data for the purposes of providing our Market Services.

The legal basis for our processing of personal data for the purposes described above will typically include:

  • processing necessary to fulfil a contract that we have in place with you or other data subjects, such as  processing for the purposes set out in paragraphs (b), (c) or (d);
  • your consent, such as processing for the purposes set out in paragraphs (g) and (k);
  • processing necessary for our or a third party’s legitimate interests, such as  processing for the purposes set out in paragraphs (a), (e), (f), (h), (i) and (j), which is carried out on the basis of our legitimate interests to ensure that services are provided properly, efficiently and, as far as possible, in a way that is relevant to you, ensure the security of our business and our users’ information and ensure the proper administration of our business;
  • processing necessary for compliance with a legal obligation to which we are subject, such as processing for the purposes set out in paragraph (l); and
  • in respect of (m), we will process data as a processor in accordance with applicable client terms and, where permitted, for our legitimate interest.
6. Who we are sharing your data with

Most of the personal information we process is processed by our personnel in the UK. However, some of our service providers may store or access your personal information in the EU or outside the EU in ensuring the proper operation and maintenance of our services. Where this is the case, we will ensure that such “transfer” of personal information is lawful and that your personal information is adequately protected, for example, by entering into standard contractual clauses with the other party or putting in place other safeguards. You may contact us if you have any questions about these safeguards.

Accordingly, there will be circumstances where we may wish to disclose or are compelled to disclose your personal information to third parties. These scenarios include disclosure to:

  • our affiliates or associated offices;
  • our service providers (suppliers, vendors, outsourcing partners, contingent workers) to facilitate the provision of the services;
  • subject to appropriate legal basis such as consent, our advertising and marketing partners who enable us, for example, to deliver personalised ads to your devices or who may contact you by post, email, telephone, SMS or by other means;
  • successor or partner legal entities, on a temporary or permanent basis, for the purposes of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event relating to our business. In the case of a merger or sale, your personal data will be permanently transferred to a successor company;
  • public authorities or other third parties where we are required by law to do so; and
  • other third parties where you have provided your consent.
7. How long we keep your data

We will retain your personal information for as long as is reasonably necessary to fulfil the relevant purposes set out in this notice. The retention period will primarily be determined by relevant legal and regulatory obligation and/or duration of our business relationship with you, the specific service(s) provided to your employer or another associated party. You may contact us if you have any questions about our retention policy.

We will securely delete your personal information if there is no valid reason for retaining your data. In exceptional circumstances, we may retain your personal information for longer periods of time if we reasonably believe there is a prospect of litigation, in the event of any complaints or if there are other valid business reasons why the data may be needed in the future.

We may keep an anonymised form of your personal information, which will no longer refer to you, for statistical purposes without time limits, to the extent that we have a legitimate interest in doing so.

8. Security of personal data

We will use appropriate technical and organisational information security measures to try to prevent unauthorised access to your personal data. However, please be aware that the transmission of information via the internet is never completely secure. Whilst we can do our best to keep our own systems secure, we cannot control the whole of the internet and we cannot therefore guarantee the security of your information as it is transmitted to and from our website.

Our Market Services will be subject to appropriate technical and organisational information security measures in accordance with our client terms including the measures adopted by our service providers.

Where you have created or received a password or authentication code which enables you to access certain parts of our services, you are responsible for keeping this password or authentication code confidential. We ask you not to share your password or authentication code with anyone.

9. Your right to opt-out

If you would like us to stop sending you marketing communications you may use the unsubscribe link in our marketing communications, by amending the settings in our services or by contacting us.

10. Your rights

Data subjects, but also other individuals depending on applicable law, have numerous rights in relation to their personal data. For further information about your data protection rights please visit the website of your local data protection authority.

We aim to acknowledge your request as soon as possible and will address your query within one month.

  • Right to information. We hope to satisfy your right to information by providing this notice.
  • Right to make an access request. Data subjects may request in writing copies of their personal data. However, compliance with such requests is subject to certain limitations and exemptions and the rights of other individuals. Each request should make clear that an access request is being made. You will be required to submit a proof of your identity.
  • Right to rectification. Data subjects may request that we rectify any inaccurate or incomplete personal data.
  • Right to withdraw consent. Data subjects may at any time withdraw their consent to the processing of their personal data carried out by us on the basis of their previous consent. Such withdrawal will not affect the lawfulness of processing based on such previous consent.
  • Right to object to processing including automated processing and profiling. We do not make automated decisions about data subjects. Profiling may be carried out for business administration purposes, such as monitoring usage trends, and for advertising purposes. We will comply with valid objection requests unless we have a compelling overriding legitimate ground for the continuation of our processing or we have another lawful reason to refuse such request. We will of course comply with each valid opt-out request in relation to marketing communications.
  • Right to erasure. Data subjects may request that we erase their personal data. We will comply, unless there is a lawful reason for not doing so. For example, there may be an overriding legitimate ground for keeping the personal data, such as, our business record retention obligations.
  • Restriction. Data subjects may request that we restrict our processing of their personal data in various circumstances. We will comply, unless there is a lawful reason for not doing so, such as, a legal obligation to continue processing your personal data in a certain way.
  • Right to data portability. In certain circumstances, data subjects may request the controller to provide a copy of their personal data in a structured, commonly used and machine-readable format and have it transferred to another provider of the same or similar services. We do not consider that this right applies to our services. However, to the extent it does, we will comply with such transfer request. Please note that a transfer to another provider does not imply erasure of the data subject’s personal data which may still be retained for legitimate and lawful purposes.
  • Right to lodge a complaint with the supervisory authority. We suggest that data subjects contact us about any questions or complaints in relation to how we process their personal data. However, each data subject has the right to contact the relevant supervisory authority directly. A list of the European supervisory authorities is available at https://edpb.europa.eu/about-edpb/board/members_en
11. Third party services

Please note that our services and websites may link to the websites or services of third parties. Where this is the case, please refer to their privacy notices and terms for information about how they may process your personal information.

12. Parents and guardians

Our services and websites are not directly intended for children and should not be used by them.

13. Contact details of the Data Protection Representative

If you have any questions relating to data protection that you believe we will be able to answer, please contact our Data Protection Representative:

Data Protection Representative
LIMOSS
1 Lime Street
EC3M 7HA, London
Email: DataProtection@Limoss.London

 

Cookie Policy for LIMOSS

Acceptance: You can accept cookies upon your first visit to our Site by selecting your choices in the cookie banner and clicking “Save preferences”. Some cookies are provided by third parties and your acceptance of cookies will extend to such third parties included in our List of cookies. This means, for example, that if you accept “Analytics” cookies this will constitute consent for us to use Google Analytics but also consent for Google to deploy its Google Analytics cookies. Further, please note that if you do not agree to “Social Media” cookies but you still interact with the social media features on our Site, certain cookies deemed necessary for the functionality of those features and other cookies may still be deployed by the social media provider outside our control.

Cookie duration: Our session cookies are temporary and remain in the cookie file of your browser until you close the browser. The other cookies will remain in the cookie file of your browser after the closing of the browser and will become active again when you reopen this Site. The expiration of each cookie is set out in our cookie banner under “Show details”. Following expiry of a cookie, a new version of that cookie will be downloaded when you next visit this Site, unless you have withdrawn your consent in the meantime.

Refusing cookies: You do not have to accept cookies, but without accepting them you may experience reduced Site functionality. You can reject cookies upon your first visit to our Site by selecting your choices in the cookie banner and clicking “Save preferences”. If you wish to reject cookies in future simply click “Change your consent” below, untick the relevant boxes and click “Save preferences”. Alternatively, you can read the information that came with your browser software to see how you can turn off the automatic download feature. For more information about cookies, including how to set your internet browser to reject cookies, please visit allaboutcookies.org. You can also visit the website of the third party that deploys the cookie and opt-out there. For example, you can stop tracking by Google Analytics here.