This notice explains how information about you is used. References to ‘you’ means the person reading this policy.
Our Site, www.illapa.cloud, is owned and operated by Illapa Cloud Limited, a limited company registered in England under 10890314, whose registered address is 11 Castle Hill, Maidenhead, Berkshire. SL6 4AA and whose main trading address is Siena Court, The Broadway, Maidenhead, Berkshire SL6 1NJ.
Illapa Cloud Limited status is data controller.
The information we gather
The organised group trading as illapa cloud, gathers certain information about you. Information about you is also used by our affiliated entities and group companies. In this notice, references to ‘we’ or ‘us’ means illapa cloud and our group companies.
Information that we gather about you may include your name, contact details, job title and CV submissions for example, depending on how you wish to engage with us. The provision of information by you is entirely voluntary.
We may also obtain information about you from third parties, such as our group companies and other service providers you have opted into.
We are committed to working in an open and accountable way to provide a high quality, responsive and accessible service. Despite Our commitment, we recognise that things can sometimes not go to plan.
If you are dissatisfied in any way with Our performance we wish to know about it. We aim to respond positively and courteously to any complaints, and by putting right our mistakes, improve our processes.
You can also make a formal complaint to the Information Commissioner's Office by clicking the following link, https://ico.org.uk/.
We recognise your right to make a complaint but would appreciate the opportunity to rectify any issues you may have.
For complaints please contact us at firstname.lastname@example.org.
Information about third parties
Information we process as described in this notice may also include information about third parties such as your employees, directors and other officers whose details you supply to us.
Systems used to process data
We gather information directly from you and via our website and other technical systems. These may include, for example, our:
- computer networks and connections
- communications systems
- remote access systems
- email and instant messaging systems
- intranet and Internet facilities
- telephones, voicemail, mobile phone records
When you use our website, we may gather information about you through Internet access logs, cookies and other technical means. ‘Cookies’ are text files placed on your computer to collect Internet log information and user behaviour information. These are used to track website usage and monitor website activity and for other data processing reasons set out below.
Some of the cookies we use are essential for parts of the site to operate and have already been set. You may delete and block all cookies from this site, but parts of the site may not work.
Reasons for processing
We will only use your personal data in circumstances where we are legally permitted to do so.
Our legal basis for collecting and processing personal data include:
- Consent; where you have consented to receive communications from us
- Contractual; where we need to collect and process personal data to meet contractual obligations
- Legitimate interest; where it is necessary for our or those of a 3rd party’s legitimate interests (except where the interests, rights, and freedoms of you override those interests),
- Legal obligation; where we need to comply with a legal or regulatory body
We collect and process information about you for the following reasons:
- compliance with legal, regulatory and corporate governance obligations and good practice
- ensuring business policies are adhered to (such as policies covering security and internet use)
- operational reasons, such as recording transactions, training and quality control
- ensuring the confidentiality of commercially sensitive information
- statistical analysis
- preventing unauthorised access and modifications to systems
- checking references
- ensuring safe working practices, monitoring and managing staff access to systems and facilities and staff absences
- staff administration and assessments, monitoring staff conduct, disciplinary matters
- processing customer or third-party data,
- marketing our business and those of our group companies
- analysing purchasing preferences and improving services
- providing customer services
Disclosures and exchange of information
We may disclose and exchange information with our group companies, credit reference agencies, service providers, representatives and agents for the above reasons.
Information may be held at our offices and those of our group companies, and third-party credit reference agencies, service providers, representatives and agents as described above.
For our UK based customers any data shared outside of the EU is covered under agreement by the European Commission, under the Privacy Shield Agreement, or through direct contracts between us and the third party, apart from when some data is transferred to meet the needs of an international project. This is done with prior awareness of the customer.
We have security measures in place to seek to ensure that there is appropriate security for information we hold including those measures detailed in our information security and data protection or privacy policies. You can review these by contacting email@example.com.
Sensitive personal data
You may also supply us with sensitive personal data, such as, racial or ethnic origin, religious or similar beliefs, physical or mental health, or criminal record which is gathered for the following purposes: recruitment, administering our health insurance scheme, equal opportunities monitoring.
We will usually only collect and record sensitive personal data with your prior consent. However, occasionally we may do so without consent where required or permitted to do so by applicable law (e.g. to comply with diversity reporting requirements). We may disclose your sensitive personal data to relevant parties to meet insurance or compliance requirements.
The rights of the user
You have the right to request:
- Access to the personal data we hold about you.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You can contact us to request to exercise these rights at any time as follows:
To ask for your information please contact The Data Protection Officer using the address found at the foot of this policy. To ask for your information to be amended please update your online account or contact our customer services team.
Your right to withdraw consent and right to be forgotten
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent and ask for us to remove all references of your personal data.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation.
We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice.
If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
We try to respond to all legitimate requests within 28 days. Occasionally it may take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
We retain your personal information for as long as necessary to provide the services and solutions to fulfil the transactions you have requested, and for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, and enforcing our agreements.
Information relating to you will be used to notify you by post, email or other electronic means of our relevant services and solutions and those of our group companies and third-party business partners, in which we believe you may be interested. You will only receive this if you have opted in to communications. You can withdraw your consent to use of personal data for marketing at any time by contacting us at or by managing your preferences here.
Please contact illapa Cloud via the means below if you would like to correct or request (in accordance with applicable law) information that we hold relating to you or if you have any questions in relation to the above.
Data Protection Officer
Last updated – 10th May 2018