HALO Europe Privacy Policy

Last updated March 2024 (version 2)

Who we are

Halo Technologies Europe Limited trading as HALO Europe is a private limited company incorporated in the United Kingdom, company number NI660793. In this privacy policy, “we”, “us”, or “our”, “Halo” mean Halo Technologies Europe Limited.

You can contact us by email at enquiries@haloeurope.com or Phone+44 (0) 28 90 230 510, or by writing to our registered office. You can contact our Data Protection Officer at this address: dpo@haloeurope.com

You can visit our website at haloeurope.com for more information on how we use and protect your personal information in the UK and Europe. Please visit our website haloamericas.com on how we use and protect your personal information in North America. You can access our cookie policy on both sites to understand how we use cookies to improve the usage and effectiveness of our sites and portals and how this impacts you.

We respect and value the privacy of all our customers and their clients, job applicants, employees and website visitors and users and will only collect and use personal data in ways that are described in this privacy policy and in a way that is consistent with Data Protection laws in the UK and the European Union.

Personal Information we collect

We currently collect and process the following information which can be used to identify a living person:

  • Identity information: Name, email address, address and contact numbers, corporate information relating to designated contact person(s);
  • Employee data: CVs, dates of birth, payroll information, leave and performance reviews, tax and pension information, National Insurance numbers; employment history
  • Image, video and audio footage: verification images, video or audio in connection with our products, we access these on our client’s instructions;
  • Log information for our Platforms: Login details, device ID and certain browser information;
  • Contractual data: Contractual information for onboarding new clients such as signatories; financial and purchase history;
  • Email data: information relating to our customers and how we communicate with them;
  • Lead data: contact forms for marketing purposes;
  • Sales information: summary of dialogue and contact information;
  • Location data: our products process the location data of devices which are controlled by our clients. We do not access this information unless instructed to do so by our clients. Location data such as information about the device's location is set by our clients. How much information is collected depends on the type and settings of the device used to access the Services. For example, we may use GPS and other technologies to collect geolocation data that tells us your current location (based on your IP address). Our clients can opt out of allowing us to collect this information either by refusing access to the information or by disabling Location settings on our devices. However, by opting out, our clients may not be able to access our services.
  • Hardware maintenance data: defective equipment is logged with relevant information; and we may also share specific information with our hardware supplier where this is necessary to fix the defective equipment; We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information.
  • Cookie data: cookies, pixels, IP addresses and browser information as stated in our Cookie Policy;
  • Call /Voice/Sound recordings: Images and audio, voice prints, video or call recordings created in connection with our business activities, accessible on instruction of our clients.

Why we collect personal information

Under the General Data Protection Regulations in the UK and European Union, we rely on lawful bases to process personal information as follows:

  • Contractual: We obtain, store and process information about our clients in the context of our business relationships in providing our services and product. In supporting our clients, we may access location data, recordings and images on their instructions.
  • Legitimate Interests: To protect your personal information for security and fraud prevention, we require login and passwords to access our platforms. We may also share your information with auditors to improve our security controls and effectiveness.
  • Consent: We may provide marketing information to clients with the sole purpose of providing information about our products and services and in the context of collecting information to enhance the performance of our websites. Consent can be withdrawn at any time by clicking unsubscribe on any of our communications to you. You can also contact us directly.
  • Legal Obligation: In relation to employment data, we must comply with relevant laws to process tax, payroll, and pensions for our employees. We may have to share your personal information where a Court, Regulator or Law enforcement agency requires us or compels us to do so.

How we collect and how long we store personal information

Most of the personal information we process is provided to us directly by you, but we may also receive your personal information from the following sources:

  • Our clients
  • Our website
  • Social Media Platforms, such as LinkedIn and X
  • Auditors
  • Cybersecurity companies

We store personal information in the cloud AWS, which is accessible to us on instructions from our clients.

We store information on our employees for 1 year post employment.

Client communications are stored for 7 years after the relationship has ended.

Marketing information is stored for 12 months or after consent is withdrawn.

How we keep your information safe and secure

We are certified to the ISO 27001 and have implemented a robust set of security controls to safeguard your information. These measures include stringent access controls, employing encryption for data transmission and storage, utilising firewalls to monitor network traffic, conducting regular security audits and penetration testing, providing comprehensive employee training on security best practices, maintaining data backups and disaster recovery plans, adhering to industry-specific regulations, managing vendor risks, and having a well-defined incident response plan. Through these measures, Halo ensures the confidentiality, integrity, and availability of your information.

How we share your personal information

By default, we always strive to ensure that your personal data is processed within the European Economic Area (EEA). However, some of our suppliers are based outside the EEA. In such cases we will ensure that we have a valid transfer mechanism in place to ensure that your rights and freedoms are protected to UK and EU standards. Below is a list of companies and partners we share your information with:

  • Auditors and Consultants
  • Recruitment agencies
  • Marketing providers such as Hubspot

 

Your rights under Data Protection Law

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

Please contact us at dpo@haloeurope.com if you wish to make a request.

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us at ">dpo@haloeurope.com

You can also complain to the UK’s Information Commissioner (ICO) or to your relevant Data Protection Authority in the European Union. Our EU representative is: CommSec Communications and Security Limited – info@commsec.ie

UK-ICO

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 113

ICO website: https://www.ico.org.uk

France CNIL

  • Address. 3 place de Fontenoy.TSA 80175. 75334 Paris Cedex 07.
  • Telephone. 01 53 73 22 22.
  • Website. www.cnil.fr.

Germany

The following DPAs are in charge of all controllers (except federal government authorities and telecoms and postal services) in Germany:

The German Federal Commissioner for Data Protection and Freedom of Information (BfDI) is the data protection authority for telecommunication service providers. Germany has 16 data protection authorities for each of the 16 states. You can identify the relevant competent authority here:

BfDI - Anschriften und Links - Anschriften und Links (bund.de)

A list of EU Data Protection Authorities can be found here:

Our Members | European Data Protection Board (europa.eu)