1.1 – What is personal data?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed in the European Union by the General Data Protection Regulation 2016/679 (the “GDPR”), by the Data Protection Act 2018 (“DPA”) in the United Kingdom and also by the Privacy and Electronic Communications (EC Directive) Regulations 2002.It is also governed by the Personal Data Protection Act 2010 in Malaysia, the Privacy Act 1988 in Australia and data protection legislation in the relevant States and Territories of the United States of America.
1.2 – Who are we?
The Modality group of companies is made up of different legal entities, details of which can be found in the Appendix This notice is issued on behalf of the Modality group of companies so when we mention ”Modality”, “we”, “us” or “our” in this privacy notice, we are referring to the relevant company in the Modality group responsible for processing your data. Modality Systems Limited is the controller, and responsible for this website. This means we decide how your personal data is processed and for what purposes. In some circumstances, we also act as a processor in respect of our customers’ personal data, with the customer acting as a controller
1.3 – Contact details of the Data Protection Officer (‘DPO’)
If you have any queries or questions about this notice then please contact our DPO by emailing email@example.com
1.4 – What personal data do we collect and how do we collect it?
We collect and process a range of information about you. This includes:
- your name and contact details, including email address and telephone number;
- our IP address, operating system and browser type;
- your traffic data, location data, weblogs and other communication data, the resources that you access;
- details of any contact including a record of the correspondence;
We collect this information in a variety of ways. For example, data is collected through online forms, website cookies, from correspondence with you, through subscription to our newsletters and through event registrations.
To enable the provision of products and services to you, we may also collect and process other personal data to enable the performance of the contract between you and us This will be communicated and agreed through specific contract documentation and / or specific Privacy Notices.
In some cases, we collect personal data about you from third parties, such as analytics providers, lead generation companies, partners and event organisers.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences from your use of our website.
1.5 – How do we process your personal data?
We comply with our obligations under the DPA and GDPR by keeping personal data up to date (subject to your notification of any required updates to your personal data); by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for the following purposes:
- To operate this website and deliver the services that customers have requested;
- To undertake profiling to enable us to improve the customer experience and tailor the information we provide;
- To carry out our obligations arising from any contracts entered into between you and us;
- To inform individuals about Modality products and services which we believe may be of legitimate interest to you;
- To inform individuals of news, events, activities or services running throughout the year;
- To contact individuals via surveys to conduct research about their opinions of current services or of potential new services that may be offered;
- To notify you about changes to our services;
- To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);
- To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you;
- To use data analytics to improve our website, products/services, marketing, customer relationships and experiences
- If you are a customer, supplier, employee, contractor or users of our services, then we may use your personal data for other purposes that are described in other privacy notices available on the Modality website or through specific contract documentation.
1.6 – Our legal basis for processing
We will only use your personal data when we have your consent, a legitimate interest or where we need to comply with a legal obligation. We have completed a Legitimate Interests Assessment and considered whether or not those interests are superseded by the rights and freedoms of the individuals and have concluded that they are not. Processing related to our website and for sales and marketing activity is necessary for our legitimate interests.
The processing is necessary for the purposes described above and we take steps to minimise the impact on your privacy rights by endeavouring to contact only those individuals, who have expressed an interest in our services or those who are in IT-based job roles, with information around IT-based services, solutions, events and information. We also offer you the right to object to or opt-out from our communications and processing activities at any time. To opt-out, you can use the unsubscribe button at the bottom of an e-shot or you can email firstname.lastname@example.org
Processing is also undertaken in relation to the products and services we provide to customers and our legal basis in these cases is to enable us to perform the contract between the parties.
1.7 – Automated decision making and profiling
No automated decision making is undertaken by us or the third parties with whom data is shared. Profiling is undertaken through the use of analytics in pursuance of our legitimate interests and as outlined in section 1.5.
1.8 – Cookies
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
Our website also uses Google Analytics, YouTube and Tawk.to Live Chat.
- For Google Analytics, please see their Data Privacy and Security help pages:
- For YouTube, please see their Privacy Resources:
The cookies we use are “analytical” cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily. You have the ability to disable these Cookies directly from our website when you first use it.
Most web browsers also allow some control of most cookies through the browser settings.
Find out how to manage cookies on popular browsers:
To find information relating to other browsers, visit the browser developer’s website.
To opt out of being tracked by Google Analytics across all websites please visit http://tools.google.com/dlpage/gaoptout
1.9 – Categories of recipients
Your personal data will be treated as strictly confidential and will only be shared with the recipients detailed below for the purpose stated:
- Marketing communication facilitators – to keep you updated on our products & services;
- Online advertising providers – to keep you updated on our products & services;
- Website engagement companies (e.g. live chat) – to help us to assist you and respond to your queries;
- Analytics providers – to help us improve your online experience;
- Third parties for joint promotions with that party – to help us organise events
- Third Parties acting as processors or sub-processors required to enable us to provide the products and services we provide
- Companies within the GCI and Modality Group of companies – for marketing purposes and to support overall provision of our products and services;
- Fraud prevention agencies – to prevent fraud;
- Alternative dispute resolution – for complaint escalation;
- Law enforcement agencies, government bodies, regulatory organisations, courts or other public authorities – where required by law.
1.10 – Non-EU Transfer & Safeguards for International transfers
Your data may be transferred to countries outside the European Economic Area (EEA) in instances where we are required to transfer your data to another member of the Modality group of companies or the GCI group of companies for any of the purposes listed at 1.5 above, where our or our recipient’s servers used for storing personal data are based outside of the EEA.
If you use our services whilst you are outside of the EEA, your data may be transferred outside the EEA in order for us to provide you with those services.
Data will only be transferred outside of the EEA only where a declaration of adequacy and a Data Protection Agreement or equivalent agreement is in place. If the country in which the data is to be transferred to has no declaration of adequacy in place then we will request the third party to enter into a legal agreement that reflects those standards through the use of Standard Contractual Clauses
1.11 – Data retention period and criteria used to determine that period
We keep your personal data for no longer than is reasonably necessary for the purposes set out in this Privacy Notice. This is determined through assessment by our DPO.
We delete personal data relating to sales and marketing upon receipt of an opt-out request, or two years after the last communication we receive from you.
1.12 – Rights to request access to the data, object, restrict processing, rectification, erasure and portability
Under the GDPR, you have the ability to exercise via the DPO the following rights with respect to your personal data:
- The right to request a copy of your personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for us to retain such data;
- The right where applicable to request, that we provide you with a copy of your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right where applicable to object to the processing of personal data;
- The right to lodge a complaint with your local supervisory authority.
1.13 – Right to withdraw consent at any time
We do not rely on consent for our processing activities but instead on our legitimate interests or for contractual purposes, we therefore cannot offer the right to withdraw consent. However, you do have the right to object to or opt-out from our processing activities by contacting our DPO.
1.14 – Further processing
If we wish to use your personal data for a new purpose that is not covered by this privacy notice and which is incompatible with the purposes described in this notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
1.15 – Right to lodge a complaint with ICO
To exercise all relevant rights, or for queries, please in the first instance contact us on the contact details provided above.
Should you have a concern about our information rights practices, you have the right to complain directly to our supervisory authority the ICO.
Their address and contact details are as follows:
Information Commissioners Office
Tel: 0303 123 1113
(local rate) or 01625 545 745
if you prefer to use a national rate number
Alternatively, you can email them via the following link: https://ico.org.uk/global/contact-us/email/
If you are not in the UK, you may contact the equivalent supervisory authority in your country. Contact details for data protection authorities in the European Economic Area, are available at https://edpb.europa.eu/about-edpb/board/members_en
For other countries please contact our DPO at email@example.com.
1.16 – Updates to this Notice and your Personal Data
We may update this notice from time to time in response to changing legal, technical or business developments.
When we update our notice, we will take appropriate measures to inform you, consistent with the significance of the changes we make.
You can see when this privacy notice was last updated by checking the “last updated” date displayed at the top of this privacy notice.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
1.17 – Appendix 1
The following companies are in scope of this Privacy Notice
Name: MODALITY SYSTEMS LIMITED
Company number: 06143649
Contact Details: Global House, 2 Crofton Close, Lincoln, LN3 4NT
Name: MODALITY SYSTEMS INC
Company number: 5062736
Contact Details: 8 The Green STE A, Dover, DE 19901
Name: MODALITY SYSTEMS PTY LTD
Company number: 52 168 971 766
Contact Details: 903/50 Clarence St, Sydney NSW 2000
Name: ACT TELECONFERENCING SDN BHD
Company number: 833491-M
Contact Details: Unit B-11-10, Block B, Megan Avenue 2, Jalan Yap Kwan Seng, 50450 Kuala Lumpur, Malaysia