Privacy Policy

These terms of business (the “Agreement”) were last updated on 26th July 2019.

Assimil8 Limited a company registered in England and Wales with company number 05964802 is committed to protecting the privacy of our website users and customers. This privacy policy (“Privacy Policy“) is intended to inform you on how we gather, define, and utilise your Information (as defined below).

The URL https://assimil8.com (the “Website”) is owned and operated by Assimil8 Limited. The terms “Assimil8”, “we”, “us”, “our” and “ours” when used in this Privacy Policy means Assimil8 Limited which includes all its parents, subsidiaries, divisions, branches, and affiliates from time to time. The terms “you”, “your” and “yours” when used in this Privacy Policy means any (a) user of the Website and any person who provides us with their Personal Data including clients, customers, suppliers and other third parties, and (b) persons whose Personal Data we process within our business during the provision of services to our clients. The term “Personal Data” refers to information about you from which you can be identified, such as your name, birth date, e-mail address or mailing address. This Privacy Policy describes Assimil8’s current policies and practices with regard to Personal Data collected by Assimil8 through the Website.

Assimil8 takes your privacy seriously. We respect and protect the privacy of our users and take appropriate steps to safeguard your personal information.

All your Personal Data shall be held and used in accordance with Data Protection Laws (which include: (i) the Data Protection Act 1998, until the effective date of its repeal (ii) the General Data Protection Regulation ((EU) 2016/679) (GDPR) and any national implementing laws, regulations and secondary legislation, for so long as the GDPR is effective in the UK, and (iii) any successor legislation to the Data Protection Act 1998 and the GDPR, in particular the Data Protection Bill 2017-2019, once it becomes law) and any legislation that replaces it in whole or in part and any other legislation relating to the protection of Personal Data (as defined below).

The Company ensures on an ongoing basis and to the extent that is reasonably possible, that all of its suppliers and third parties operate in compliance with the GDPR.

Other applicable terms

This privacy policy refers to the following additional terms, which also apply to your Website use:

  • Our Website Terms of Use, https://assimil8.com/terms-of-use/, the terms of use on which you may make use of our Website, whether as a guest or a registered user. By using our website you consent to the Website Terms of Use.
  • Our Acceptable Use Policy, https://assimil8.com/acceptable-use-policy/, sets out the permitted uses and prohibited uses of our Website. When using our Website, you must comply with this Acceptable Use Policy.
  • Our Cookie Policy is set out in clause 10 below and sets out information about the cookies on our Website.

1. Data Controller

1.1 Subject to clause 2a below, the Company is the controller and responsible for your personally identifiable information (Personal Data) as listed in clause 2

1.2 We have an appointed Data Protection Manager who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights as set out in Clause 9 of this Privacy Policy, please contact the data privacy manager using the details set out below.

2. Information We Collect

2.1 We use automated technologies and interactions to collect data from and about you. With regard to each of your visits to our website we may automatically collect the following information:

a) Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;

b) Usage Data includes information about how you use our website, products and services;

c) Website Specific Information includes information about your visit to our Website including:

i. the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time);
ii. products, services or other pages you viewed or searched for;
iii. page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

We collect technical data through analytics providers, advertising networks and search information providers. A list of these third parties can be provided to you on request.

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

2.2 We may receive information about you (i.e. Personal Data) by:

a) providing our services to our clients whereby we process certain Personal Data held by our clients for their own business purposes on our clients’ behalf, where in that particular scenario, our clients would be the Data Controller and we would be the Data Processor (Please review our Data Processing Policy Set Out in the Addendum to this Privacy Policy).

b) you filling in forms on our website or by corresponding with us by phone, e-mail, mail or otherwise. This includes information you provide to us when you register to use our website, subscribe to our service, search for a product, place an order on our website and when you report a problem with our website

c) The information you or our clients give to us in the manners outlined in this clause 2.2 may include:

i. Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender;
ii. Contact Data includes billing address, delivery address, email address and telephone numbers;
iii. Financial Data includes bank account and payment card details;
iv. Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us;
v. Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses; and
vi. Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

2.3 We may receive information about you if you use any other websites we operate from time to time or during the course of any other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Website. We are also working closely with third parties (including, for example, channel and business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them. A list of these third parties can be provided to you on request.

2.4 We sometimes supplement the information that you provide with information that is received from third parties. For instance, if inaccurate postal or zip codes are received, we will use third party software to fix them.

2.5 We may receive sensitive personal information, including medical details, (“Sensitive Personal Data”) about you in the event that a practice, supplier or third-party transfers these types of data to Assimil8.

3. Use of your Personal Data

3.1 We will use Technical Data, Usage Data and Website Specific Information to:

a) administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;

b) improve our Website to ensure that content is presented in the most effective manner for you and for your computer;

c) allow you to participate in interactive features of our service, when you choose to do so;

d) to keep our website safe and secure;

e) measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;

f) make suggestions and recommendations to you and other users of our website about products or services that may interest you or them.

3.2 We will use Identity Data, Contact Data, Financial Data, Transactional Data, Profile Data, and Marketing and Communications Data:

a) to carry out our obligations arising from any contracts entered into between either our clients and us or you and us and to provide you with the information, products and services that you request from us;

b) to provide you, or permit selected third parties to provide you, with information about products or services we feel may interest you. If you are an existing customer, we may contact you by telephone, mail or electronic means (e-mail or SMS) with information about products and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the registration form);

c) to notify you about changes to our service, improvements to our products, website and to help solve any problems regarding the foregoing;

d) to ensure that content from our website is presented in the most effective manner for you and for your computer;

e) to communicate with you about updates to or issues in relation to this Privacy Policy; and

f) for security, administrative and legal purposes.

3.3 We process your Personal Data only for specific and limited purposes. We ask only for data that is adequate, relevant and not excessive for those purposes. When we ask you for Personal Data, we tell you the purposes for which we will process that data. We do not share, sell or distribute your Personal Data with third parties outside Assimil8, except under the circumstances contained in this Privacy Policy. These purposes may include the following:

a) Processing Personal Data on behalf of our client under contract.

b) Informing you of new services we will be providing, special offers, events or articles we think may be of interest to you, sending you regular updates by e-mail or by post on Assimil8 organized or related events, service information, market research, marketing and promotional material.

c) We may also use your Personal Data internally to help us improve our products, services and Website, to help resolve any problems with the foregoing, and for security, administrative and legal purposes.

d) Whilst we may share Personal Data with re-sellers where they are better placed to respond to a sales query, we do not share, sell or distribute your Personal Data with third parties outside the Assimil8, except under these limited circumstances:

3.4 If you do not want us to use your data for marketing purposes, or to pass your details on to third parties, please contact the Assimil8 Data Protection Manager (the “Data Manager”) at dataprotection@assimil8.com or if you are completing an online or offline form please tick the relevant box.

3.5 If, in the future, we wish to use your Personal Data in a way not set out in this Privacy Policy, we will notify you about this and seek your permission to do so.

4. The legal basis for processing your Personal Data

4.1 The Company will only process Personal Data where there is a lawful basis as per Data Protection Laws. This lawful basis shall be one or more of the following:

a) Express consent from you;

b) In order to perform and/or complete a contract with a third party;

c) To comply with a legal obligation;

d) To protect your vital interest;

e) It is in the public interest; and

f) There is a legitimate interest.

4.2 Legitimate interests are a flexible basis upon which the law permits the processing of an individual’s Personal Data. To determine whether we have a legitimate interest in processing your data, we balance the needs and benefits to us against the risks and benefits for you of us processing your data. This balancing is performed as objectively as possible by our Data Protection Manager. You are able to object to our processing and we shall consider the extent to which this affects whether we have a legitimate interest.

5. Disclosure of your information

5.1 We may share your Personal Data with selected third parties including:

a) Business partners, suppliers, channel partners, joint venture parties, affiliates, suppliers and sub-contractors for the performance of any contract we enter into with them or you.

b) Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.

c) Analytics and search engine providers that assist us in the improvement and optimization of our website.

d) Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.

e) Professional advisors, such as Solicitors.

5.2 We may disclose your Personal Data to third parties if:

a) we sell or buy any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets.

b) the Company or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets.

c) we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply our Website Terms of Use (which can be found at: https://assimil8.com/acceptable-use-policy/) or Terms and Conditions (which can be found at https://assimil8.com/legal/) of Business of any of our products and other agreements; or to protect the rights, property or safety of the Company, our customers or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

5.3 Personal Data may occasionally be transferred to third parties who act for or on behalf of Assimil8, or in connection with the business of Assimil8 for further processing in accordance with the purposes for which the data was originally collected or for purposes to which you have subsequently consented. For example, sometimes a third party may have access to your Personal Data in order to handle our mailings on our behalf.

5.4 We may from time to time share your Personal Data with any member of our group (from time to time), our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. A list of any other group companies holding your Personal Data can be provided to you on request.

5.5 We may share or transfer the information in our databases to comply with a legal requirement, for the administration of justice, to protect your vital interests, to protect the security or integrity of our databases or this Website, to take precautions against legal liability, or in the event of a corporate sale, merger, reorganization, dissolution or similar event.

5.6 Where appropriate, before disclosing Personal Data to a third party, we contractually require the third party to take adequate precautions to protect that data.

5.7 Where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this.

5.8 Sensitive Personal Data

a) Sensitive Personal Data will always be stored securely and kept confidential subject to clause 5.9 below.

5.9 Transfer of Personal Data Outside of the EU

a) Assimil8 is a UK company servicing clients globally and has affiliates, facilities and databases in different countries. We may, from time to time, transfer or share your Personal Data to one of our databases in another country, namely to our affiliated entities in the USA and other partners with whom we work.

b) The internet is made up of a large number of international connections. If you are visiting this Website from a country other than the country in which our server is located, the various communications will necessarily result in the transfer of information including your Personal Data across international boundaries.

6. Anonymous Data Collected Through This Web Site

6.1 In addition to the information we collect as described above, we may use technology to collect anonymous information about the use of our This technology does not identify you personally; it simply enables us to compile statistics about our visitors and their use of our Website.

6.2 We use this anonymous data to improve the content and functionality of this Website and our e-mail updates, to better understand our customers and markets, and to improve our products and services.

7. Where We Store your Personal Data

7.1 The Personal Data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff working for us or for one of our suppliers who are operating outside the EEA, such as in the USA. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services, such as compliance, IT, legal or management controls. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

7.2 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

7.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your data transmitted to our Website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

7.4 As a result of increased risk posed by cyber fraud please do not send any funds until you have received confirmation from your relevant contact and are certain as to the correct account details. Unfortunately, we do have to warn you that we cannot accept responsibility if you transfer money into an incorrect account.

8. Your Legal Rights

8.1 When reading this notice, it might be helpful to understand that your rights arising under Data Protection Laws include:

a) The right to be informed of how your Personal Data is used (through this notice);

b) The right to access any Personal Data held about you;

c) The right to withdraw consent at any time, by emailing dataprotection@assimil8.com;

d) The right to rectify any inaccurate or incomplete Personal Data held about you;

e) The right to erasure where it cannot be justified that the information held satisfies any of the criteria outlined in this policy, or where you have withdrawn consent;

f) The right to prevent processing for direct marketing purposes, scientific/historical research or in any such way that is likely to cause substantial damage to you or another, including through profile building; and

g) The right to object to processing that results in decisions being made about you by automated processes and prevent those decisions being enacted.

8.2 Our Website may, from time to time, contain links to and from the Websites of our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any Personal Data to these websites.

8.3 You have the right to ask us not to process your Personal Data for marketing purposes. We ask your consent (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting Assimil8 Data Manager at dataprotection@assimil8.com

8.4 You have the right to access your Personal Data held by us. Any written request for access to information held about you may be subject to a fee of £10 to meet our costs in providing this information. If you wish to do this, please contact Assimil8 Data Manager at Dataprotection@assimil8.com

9. Data Retention

9.1 The Company will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

10. Cookies

10.1 Assimil8 may place cookies on your computer to help us improve your experience on our Website. Cookies are widely used as an industry standard in order to enable websites to work, or work more efficiently, in addition to providing useful information to the owners of the We use cookies to distinguish you from other users of our Website. This helps us to provide you with a tailored experience when you browse our Website and also allows us to improve our Website to help diagnose problems with our server, to administer our Website and to better match your interests and preferences. By continuing to browse the site without changing your web browser settings, you are agreeing to our use of cookies.

10.2 A cookie is simply a small text file that we may store on your computer when you visit our Website. Cookies help us remember your preferences and enable us to improve your experience on our Website. Cookies do not contain information that can personally identify you.

10.3 There are different types of cookies. We only use the following cookies that we think are necessary or helpful to you.

a) Strictly necessary cookies: these are cookies that are required for the operation of the Website. Without them, for example, you would not be able to register or log in for any services that we may offer.

b) Analytical/performance cookies: these cookies allow us to recognise and count the number of visitors and to see how visitors move around our website. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily and do not encounter technical errors.

c) Functionality cookies: these are used to recognise you when you return to our website. This enables us to personalise our content for you and remember your preferences (for example, your choice of language or region).

d) Targeting cookies: these cookies record your visit to our website, the pages you have visited and the links you have followed. This helps us to provide a website and deliver adverts or messages that are relevant to you and your interests. We may also share this information with third parties for this purpose.

10.4 Please contact us to find more information about the individual cookies we use and the purposes for which we use them.

10.5 Except for essential cookies, all cookies will expire after the duration set by a third party provider.

10.6 If you decide that you are not happy with the use of cookies on the Website, most web browsers allow you to easily delete and block cookies by activating certain settings within the browser. This should allow you to refuse either some or all cookies. However, if you use your browser settings to block all cookies, you may lose the benefit of some functionality and not be able to access all or parts of our website. If you continue to use our website without changing your browser settings, you accept use of cookies. For more information on how to delete and block cookies for your specific web browser, please visit the browser’s support or instructions page.

10.7 Any behaviourally targeted advertisements appearing on our Website will be clearly identified as such (e.g. through an icon in the corner of the advertisement).

11. User Communications

When you send e-mail or other communication to Assimil8, we may retain those communications in order to process your inquiries, respond to your requests and improve our services.

12. Assimil8 Email Marketing Communication Policy

12.1 Assimil8 sends promotional emails only to:

a) Customers

b) People who have given consent to Assimil8 to receive promotional emails

c) People on rented email lists who have given permission to the list owner to receive third-party promotional email

d) All of the above mentioned who have not opted out after having received promotional email from us.

12.2 In each promotional email, we provide an easy and clear way to opt out of or unsubscribe from future Assimil8 emails. Opt-out requests using the opt-out link in our emails are processed and go into effect within 10 business days. Opt-out requests sent to the following email address Dataprotection@assimil8.com are processed within 10 business days. When sending emails to rented email lists, we suppress addresses of those people who have opted out of Assimil8 emails in the past.

12.3 We always disclose our identity in mass email communications, including the current registered business address.

12.4 We never use deceiving header information or subject lines.

12.5 We never send mass, promotional emails to email addresses “harvested” from websites.

12.6 We never, under any circumstances, rent or sell email addresses to any other company or individual.

12.7 When coordinating with our resellers for the purpose of follow-up on sales inquiries made to us, we provide full contact information of the inquirer to the reseller, including email address, so the reseller can follow up on the inquiry.

12.8 Our marketing email policy and practice conforms to the United States Federal “CAN SPAM” act of 2003 and the EU Data Protection Directive of 1995 and Privacy and Electronic Communications Directive of 2002 each as implemented nationally. We welcome and encourage your thoughts on this policy at Dataprotection@assimil8.com.

13. Links to Other Websites

This Privacy Policy applies only to the Website and to other Assimil8 URLs through or from which you have reached this Website. This Website contains hyperlinks to websites that are not operated by Assimil8. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of these third-party websites or any association with their operators. We do not control these websites and are not responsible for their data or privacy practices. We urge you to review any privacy policy posted on any website you visit before using the website or providing any Personal Data about yourself.

14. Information Security

14.1 We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.

14.2 Access to Personal Data is restricted to designated Assimil8 employees, contractors and agents who need to know that information in order to operate, develop or improve our services. These individuals are bound by confidentiality obligations and may be subject to disciplinary proceedings, including termination, if they fail to meet these obligations.

14.3 All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential and for restricting access to your account.

14.4 Although we review and require assurances about the data collection, storage and processing practices and security measures of and from our affiliates, partners, clients, contract counterparties, suppliers and subcontractors, we are not responsible for those parties and do not provide any warranties, guarantees or assurances to you or our clients about their policies and practices.

15. Special Note for Parents and Children under Age 18

15.1 The website you are visiting is a general audience website. The Website is not directed to persons under 18. If a parent or guardian becomes aware that his or her child has provided us with personal information without their consent, he or she should contact us. We do not knowingly collect or solicit personal information from people under 18. If we become aware that a person under 18 has provided us with personal information, we will delete such information from our files.

If you are under 18, do not attempt to provide us any information about yourself.

16. If you fail to provide us with Personal Data

The information about you that we have collected for the performance of our contracts is required in order for us to successfully fulfil our obligations to you. If you choose not to provide the Personal Data requested, we will not be able to enter into a contract with you to provide the benefits we offer. If we are already processing your Personal Data under a contract, you must end our contractual relationship (as/where permitted) in order to exercise some of your rights.

17. Your Duty to Provide us With Accurate Data

It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes during your relationship with us.

18. Changes to This Policy

18.1 This Policy may change from time to time. We will post any Policy changes on this page and, if the changes are significant, we will provide a more prominent notice. Each version of this Policy will be identified at the top of the page by its effective date, and we will also keep prior versions of this Policy in an archive for your review.

18.2 Assimil8 may find it necessary to revise and update this policy from time to time as changes to the privacy regulations emerge, and will communicate any such changes to our patients and business partners.

19. Complaints

If you are unhappy about our use of your Information, you can contact us at the address or email address above. You are also entitled to lodge a complaint with the UK Information Commissioner’s Office using any of the below contact methods.

Telephone: 0303 123 11113

Website: https://ico.org.uk/concerns/

Post: Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow, Cheshire

Further, if you have any questions about this Privacy Policy or concerns about the way we process your Personal Data, please contact Assimil8 Data Manager at DataProtection@assimil8.com


Data Processing Policy

Reference is made to the Assimil8 Privacy Policy as updated from time to time (the “Privacy Policy”).

This Data Processing Policy is attached to and forms part of the Privacy Policy and sets forth the terms on which Assimil8 Limited processes Personal Data on behalf of its clients.

Capitalized terms used but not otherwise defined in this Data Processing Policy shall have the meanings ascribed to them in the Privacy Policy.
Except as otherwise set forth herein, the terms of the Privacy Policy shall take continue in full force and effect.

This Data Processing Policy shall be governed, construed and shall take effect in accordance with Data Protection Laws and subject to English law and the exclusive jurisdiction of the English courts.

Notwithstanding anything to the contrary in the Privacy Policy, in this Data Processing Policy, unless the context otherwise requires, the following words and expressions have the following meanings:

“Client” means the Assimil8 client for whom Assimil8 are providing consultancy services under a consultancy services agreement where Assimil8 will have access to and be processing Client Personal Data;

“Client Data” means all data, works and materials uploaded to or stored through the Assimil8 ThoughtSpot Environment (or any other third-party environment on which they are stored);

“Client Personal Data” means any Personal Data that is controlled or processed by the Client;

“Intellectual Property Rights” means all intellectual property rights including but not limited to any of the following: patents, copyright and related rights, moral rights, trademarks (and service marks), business names and domain names, rights in get-up (and trade dress), goodwill and right to sue for passing off (or unfair competition), rights in designs, rights in computer software database rights, rights to use and protect the confidentiality of, confidential information (including know-how and trade secrets), and all other intellectual property rights, in each case whether registered or unregistered and including all applications for any of the intellectual property rights mentioned above and rights to apply for and be granted, renewals or extensions of, and rights to claim priority from, such rights and all similar or equivalent rights or forms of protection which subsist or will subsist now or in the future in any part of the world.

1. Client Data

1.1 Subject to clause 1.2 all Intellectual Property Rights subsisting in Client Data are and shall remain the property of the Client.

1.2 Certain Client Data may belong to third parties. In such cases, the Client warrants that all such Client Data is used with the consent of relevant third parties.

1.3 The Client hereby grants to Assimil8 a non-exclusive licence to copy, reproduce, store, distribute, publish, export, adapt, edit and translate the Client Data to the extent reasonably required for the performance of Assimil8’s obligations and the exercise of Assimil8’s rights under this Agreement. The Client also grants to Assimil8 the right to sub-license these rights to its cloud environment service providers, subject to any express restrictions to be confirmed in writing by the Client.

1.4 The Client warrants to Assimil8 that the Client Data will not infringe the Intellectual Property Rights or other legal rights of any person, and will not breach the provisions of any law, statute or regulation, in any jurisdiction and under any applicable law.

1.5 The Client shall indemnify Assimil8 for any cost, charge, damages, expenses or loss arising from Client’s noncompliance with this Data Processing Policy.

2. Data Protection

2.1 Assimil8 and the client shall each comply with the Data Protection Laws with respect to the processing of the Client Personal Data.

2.2 The Client warrants to Assimil8 that:

2.2.1 it has the legal right to disclose all Personal Data that it does in fact disclose to Assimil8 under or in connection with this Agreement;

2.2.2 it is a proper party to this Agreement and a proper controller which determines the purposes and means of the processing of the Personal Data;

2.2.3 it has a lawful basis for the transfer and all necessary authority from all data subjects for Assimil8 to process the Personal Data in accordance with this clause 2;

2.2.4 it has given data subjects, whose Personal Data will be processed by Assimil8 pursuant to this clause 2, all the necessary information about its use/processing as required by law including Data Protection Laws;

2.2.5 its instructions in connection with the processing of the Personal Data are in accordance with all applicable Data Protection Laws and will not cause Assimil8 to breach any of them.

2.3 The Client shall only supply to Assimil8, and Assimil8 shall only process (subject to any other agreement between Assimil8 and the Client to the contrary), in each case under or in relation to this Agreement, the Personal Data of data subjects of the following types: address, telephone number and date of birth data in combination with first and surname; and Assimil8 shall only process the Client Personal Data for the following purposes: as necessary to maintain or provide the service, or as necessary to comply with the law or a binding order of a governmental body or in support of the data controller’s requested extraction of the data.

2.4 Assimil8 shall only process the Client Personal Data during the Term and for not more than 30 days following the end of the term of the applicable contract of services between Assimil8 and the Client, subject to the other provisions of this clause 2.

2.5 Assimil8 shall only process the Client Personal Data on the documented instructions of the Client (including with regard to transfers of the Client Personal Data to any place outside the European Economic Area, as set out in this Agreement or any other document agreed by the parties in writing.

2.6 Assimil8 shall promptly inform the Client if, in the opinion of Assimil8, an instruction of the Client relating to the processing of the Client Personal Data infringes the Data Protection Laws.

2.7 Notwithstanding any other provision of this Agreement, Assimil8 may process the Client Personal Data if and to the extent that Assimil8 is required to do so by applicable law. In such a case, Assimil8 shall inform the Client of the legal requirement before processing, unless that law prohibits such information.

2.8 Assimil8 shall ensure that persons authorised to process the Client Personal Data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

2.9 Assimil8 and the Client shall each implement appropriate technical and organisational measures to ensure an appropriate level of security for the Client Personal Data, including the measures specified in the information security policy of Assimil8 as it may be updated by Assimil8 from time to time.

2.10 Assimil8 must not engage any third party to process the Client Personal Data without the prior specific or general written authorisation of the Client. In the case of a general written authorisation, Assimil8 shall inform the Client at least 5 working days in advance of any intended changes concerning the addition or replacement of any third party processor, and if the Client objects to any such changes before their implementation, then Assimil8 must not implement the changes. Assimil8 shall ensure that each third party processor is subject to equivalent legal obligations as those imposed on Assimil8 by this clause 2.

2.11 Assimil8 shall, insofar as possible and taking into account the nature of the processing, take appropriate technical and organisational measures to assist the Client with the fulfilment of the Client’s obligation to respond to requests exercising a data subject’s rights under the Data Protection Laws.

2.12 Assimil8 shall assist the Client in ensuring compliance with the obligations relating to the security of processing of Personal Data, the notification of Personal Data breaches to the supervisory authority, the communication of Personal Data breaches to the data subject, data protection impact assessments and prior consultation in relation to high-risk processing under the Data Protection Laws. Assimil8 may charge the Client at its then standard consultancy rates for any work performed by Assimil8 at the request of the Client pursuant to this clause 2.12.

2.13 Assimil8 must notify the Client of any Personal Data breach affecting the Client Personal Data without undue delay and, in any case, not later than 24 hours after Assimil8 becomes aware of the breach.

2.14 Assimil8 shall make available to the Client all information necessary to demonstrate the compliance of Assimil8 with its obligations under this clause 2. Assimil8 may charge the Client at its then standard consultancy rates for any work performed by Assimil8 at the request of the Client pursuant to this clause 2.14.

2.15 Assimil8 shall, at the election of the Client, delete or return all of the Client Personal Data to the Client after the provision of services relating to the processing, and shall delete existing copies save to the extent that applicable law requires storage of the relevant Personal Data.

2.16 Assimil8 shall allow for and contribute to audits, including inspections, conducted by the Client or another reputable auditor mandated by the Client (who shall be subject to strict confidentiality undertakings) in respect of the compliance of Assimil8’s processing of Client Personal Data with the Data Protection Laws and this clause 2. Assimil8 may charge the Client at its then standard consultancy rates for any work performed by Assimil8 at the request of the Client pursuant to this clause 2.16.

2.17 The Client may use information received in connection with clauses 2.12 and 2.14 of this clause 2 only to assess Assimil8’s compliance with the applicable Data Protection Laws and this clause 2. The Client must keep this information confidential, unless it is the Client’s confidential information.


Subscribe to our mailing list
Get the latest content first.
Thanks for subscribing to our mailing list. We respect your privacy. Please see our full privacy details for more information. https://assimil8.com/privacy-policy/