Registration Number: 127548
Issue Date: 01 Dec 2020
Version Number: 3.00
Applicable Law: The Data Protection (Jersey) Law 2018 under which SYSTEMLABS is regulated in Jersey also known as (DJPL)
“The Data Protection (Jersey) Law 2018 and the Data Protection Authority (Jersey) Law 2018 both incorporate all the applicable elements of GDPR for Jersey, to ensure that Jersey has a level of protection equivalent to that of the European Union and has been passed as adequate please see link.”
At SYSTEMLABS, we regard your privacy as vitally important to our company and to you.
SYSTEMLABS may collect information about you via processing or interaction with you as a client during the normal business engagement as an MSP or DevOps company and directly or indirectly by email, phone or other means.
The information we collect may be personal data, if you agree to provide it, this personal data will allow us to contact you and send you information about our services and allow us to perform our services as per our contract and agreement under our engagement model.
- In providing us with your data, you hereby consent to us processing it for the purpose mentioned in this policy.
- We will not pass your personal data on to any third party without your express permission, except as defined herein for the provision of services that you have requested, other than authorities and the police in the event of any investigation or for legal reasons.
- Personal email addresses and phone numbers are not shared with any other entity other than our staff or partners to deliver the service unless you have explicitly chosen to do so.
For the purposes of the Data Protection;
- the data controller is Doodle Limited (“SYSTEMLABS”).
- SYSTEMLABS may use third-party processors to deliver specific services that are requested by you from SYSTEMLABS (see Processors below).
SYSTEMLABS are responsible for ensuring personal data collected is protected and handled under strict rules called ‘data protection principles’. We ensure the information is:
- used fairly, lawfully and transparently
- used for specified, explicit purposes
- used in a way that is adequate, relevant and limited to only what is necessary
- accurate and, where necessary, kept up to date
- kept for no longer than is necessary
- handled in a way that ensures appropriate security, including protection against unlawful or unauthorised processing, access, loss, destruction or damage
Information that we may collect from you
We may collect and/or process the following data about you:
- Information you provide to us - by filling in forms we send to you, or by entering into a contract with us, or by correspondence with us by email, letter, phone or other methods, data we host for your organisation, websites or applications we build for your that might store data or any platform that we might administer for you which stores personal data, which includes data provided by you. By registering to use our services, or by subscribing for newsletters or sales notifications, or other information services, or by joining our web or helpdesk forum, or by placing a request for services, and when reporting a problem with our services, or otherwise contacting us.
- · Personal data - The information you give us may include; your name, address, email address, IP address, and phone number, photos, addresses or anything which can identify an individual, which is subject to Data Protection.
- · When do SystemLabs collect your data?
- register for a service or product that we supply by completing our ‘create your account’ form;
- update your account details and contact Details; make helpdesk requests, send emails or otherwise communicate with SYSTEMLABS.
- If you otherwise use the services without contract or engagement, we collect data from you:
- when you register as a Guest or inadvertently use our services without our knowledge through one of our customers that we host, this would mean the customer has a relationship with you as a data subject.
- in monitoring your communications sent via our website and our service and use of a product we have developed to ensure and check compliance with the Terms and Conditions of Use or otherwise as required by law; and
- when you disclose your data to us through the website or otherwise through any other means.
How your information is used
The information we hold about you is used as follows:
- Information that you provide to us - this information is used to meet our obligations within any contracts between you and us, and/or our legal obligations, and/or;
- to meet your requests for information and services, or
- to notify you of changes to our services, or make suggestions or recommendations that may interest you, or
- ◦ to improve the content of our site and ensure it is presented effectively for you and your device, or
- ◦ deal with investigations by the police or other regulatory bodies.
- Information that we collect about you - we use this information:
- to manage our website as well as for our efficient operations, which includes analysis, research, statistical and survey uses, together with testing and troubleshooting;
- to improve our website and content for users and their devices;
- to allow you to interact with our social media, website, products and services and take advantage of our online services, whenever you may elect to do so;
- to ensure our site is safe and secure by monitoring activities within the context of continual process improvement, which is a best practice requirement of the DATA PROTECTION (JERSEY) LAW 2018;
- to monitor advertising and marketing effectiveness for users, and/or to fine-tune advertising by relevance to users;
- ◦ to enable targeted suggestions/recommendations to users about services that may be of interest.
- Information we receive from other sources - we may use third-party information, which may be combined with information you provided to us and/or information collected by us, which may be used for the purposes we have defined above.
Know your rights
Under DATA PROTECTION (JERSEY) LAW 2018 all individuals, who are the owners of their Personal data, have specific and clear rights, which are;
Right to Erasure
Every individual has the right to be forgotten upon request. The data controller must remove your Personal Data from its systems and request the same of any third-party systems of that controller unless other lawful requirements apply.
Right to Access
Every individual has the right to access their personal data held about them upon request.
Right to Portability
Every individual has the right to request their Personal data and use it for other parties they wish to engage with.
Right to be Informed
Every individual has the right to be informed about how their Personal Data is being used, which may be provided upon request of the individual, or before
the controller changes any use of that data, giving the individual the right to consent or object.
Right to Objection
Every individual has the right to object to the use of their personal data for any purpose proposed by a controller.
Right to Rectification
Every individual has the right to have errors in their Personal data to be corrected.
Right to Restrict
Every individual has the right to restrict the uses of their Personal Data for any specific type of processing.
Rights on automated decisions & profiling
Every individual has the right to restrict or object to automated decision-making processes or profiling based on their Personal data.
Right to complain to the authority
You have the right to lodge a complaint with the authority: please email us first firstname.lastname@example.org so we can attempt to resolve the issue if it’s not resolved to your satisfaction, then please contact the authority.
Jersey Office of the Information Commissioner
5 Castle Street
Jersey JE2 3BT
T. +44 (0)1534 716530
- · Revoke your consent
- in accordance with DATA PROTECTION (JERSEY) LAW 2018, to revoke consent for the processing of your Personal data send an email with the word “Revoke” in the subject field to email@example.com
- Data Subject Access Request (DSAR)
- in accordance with the DATA PROTECTION (JERSEY) LAW 2018,
- you may request us to send you details about any Personal data that we may hold about you, or
- you may request that we correct any errors, or
- ◦ you may request us to delete any/all personal data about you.
- DSAR Fee - In accordance with the DATA PROTECTION (JERSEY) LAW 2018, any DSAR is provided free of charge within 4 weeks, unless a particular DSAR is subject to other regulatory requirements as defined within the DATA PROTECTION (JERSEY) LAW 2018, in which case we will inform you as required by those specific regulations.
Please see the Jersey OIC process below:
The above diagram references: The right to access your personal information: https://jerseyoic.org/resource-room/the-right-to-access-your-personal-information/
Do we pass your information on to third parties?
We may pass your data to other parties as follows:
- Where relevant, we may pass your data to our employees, suppliers and agents to administer the website and the services provided to you by them or us, now or in the future.
- We may disclose your data to the police, regulatory bodies or legal advisers in connection with any alleged criminal offence or suspected breach of the Terms and Conditions of Use and (where appropriate) Membership Terms and Conditions by you or otherwise where required by law.
We use the following third parties to process your data and deliver services for the purposes shown. All these processors have access to some of your Personal data as appropriate for the delivery of the purpose specified.
Website, CRM and document management service providers
Maintenance and support of our Services offered, CRM and document management systems which allow access to and analysis of data.
Email Marketing for our services and products
Delivery of our email newsletters and SystemLabs marketing.
IT service providers
Maintenance and support of our IT systems.
Marketing and Event service providers
Marketing and Event Management services.
Links to other sites
Please be aware that the SYSTEMLABS website, Services and products and/or marketing materials may link to other web sites or services, particularly in the cloud that may be accessed by you through our site or services or products that we develop.
We are not responsible for their data policies but a vigilant that all services we use observe good practices and will always do our best to select and use reputable systems, content or the security of these linked websites. We do not have any control over the use to which third parties may have of your data, where you choose to purchase products or services or otherwise to contact them via our site.
Use of Social media
SYSTEMLABS is not responsible for content posted by third parties. SYSTEMLABS reserves the right, to the extent permitted under applicable law, to process, retain and monitor all electronic communications (including personal data).
By sending direct messages to SystemLabs and/or posting comments, you unequivocally consent to such processing, retention and monitoring. All posts, comments and messages are subject to the terms of this Policy
Any views expressed via social media are those of the author alone and may differ from others within SYSTEMLABS.
Marketing to contacts without their consent
We may hold business contact data about you if you are a professionally relevant contact for our services. Your data will only be used to inform you of a service or product which might be relevant to you in your professional capacity. Our main channel of communication is through email, and we conduct this marketing in adherence to the Privacy and Electronic Communications Regulation (PECR). This allows for business-to-business marketing on an opt-out basis in so long as a lawful means of processing under DATA PROTECTION (JERSEY) LAW 2018 has been established. Our lawful basis for processing in this instance is Legitimate Interests for international parties, or Contract for local members. We may also contact you by telephone from time to time to follow up on the interest you have expressed or to verify contact information.
We will respect your wishes and how and if you want to be contacted. If you no longer wish to be contacted for marketing purposes, you can:
- Click the unsubscribe link in any email you are sent
- Call us on 01534 PLEASE PUT IN YOUR NUMBER
- Email DPO@systemlabs.io
In accordance with the DATA PROTECTION (JERSEY) LAW 2018 (or similar/related regulations), we may require you to verify your identity prior to acting on any instruction. This measure is to protect you/your organisation from any potential abuse, and we will advise you accordingly, in compliance with the law and/or recognised best practice standards.
Transfer outside the EU/EEA
This site is accessible via the internet and therefore may potentially be accessed by anyone around the world. Other visitors may also access the site from outside Jersey and/or the European Economic Area.
- This means that where you post your data on the site, this could be accessed from anywhere around the world, and therefore a transfer of your data outside of Jersey and/or the European Economic Area may be deemed to have occurred.
- Data protection laws in countries outside Jersey and/or the European Economic Area are generally not as protective.
By completing and publishing your member profile, you consent to such transfer of your data for and by way of the purpose stated here.
Data Retention Policy
User data is retained indefinitely to meet the legal obligations of SYSTEMLABS. However, we reserve the right to delete inactive user data older than ten years.
- E&OE: If you notice any errors (spelling, grammar or other) in this policy document, please feel free to notify us via our contact details below.
For any questions relating to your Personal Data or to submit a DSAR, please contact us:
4 Warf street
Phone: +44 (0) 1534 PLEASE PROVIDE NUMBER
· Data protection - all Personal data we hold is protected by us in accordance with the principles of the DATA PROTECTION (JERSEY) LAW 2018.
- ◦ Data security - We endeavour to take all reasonable steps to protect your data. All the data collected by us is stored on a secure platform in a secure hosting facility, and we take all reasonable steps to ensure all access is pre-authorised and recorded.
· Other information we collect about you - In accordance with our legal obligation to prevent fraudulent or abusive use of services, products and offerings, some data may be automatically collected and comprises the following:
- ◦ Technical information - such as your internet protocol (IP) address, login information, time zone, browser type/version with plug-in types/versions, device information (operating system and platform);
- ◦ Information about your visit and use of our services, products and platforms - such as our/your Uniform Resource Locators (URL), including the date and time, information viewed/searched, site statistics, interaction (scrolling, clicks, mouse-overs), exit methods away from pages, phone numbers (if used to call our offices), the route to/from our site or from search engine links to our site including search engine address and search term used.
- ▪ Our website will not store any identifying information of your visit on your computer apart from a small text file called a cookie, which in itself does not contain any identifying information and does not mean that you entered the site. See the cookies policy link at the end of this document for more detail on cookies.
- ▪ Depending on the configuration of your browser, pages and images you view on our site may be stored on your computer. This feature, (which you can configure), is called caching.
- ▪ All information you exchange with the DOODLELABS website is accessible by its administrators and will only be used to prevent abuse, fraud and threats to members’ confidentiality or safety. This information will only be accessed with respect to specific reports of such activity.
Information we receive from other sources information about you may be received by us if you use another website or service that we operate or are connected to within our normal course of business. Third-parties may also provide information to us about you, specifically from any of the following; our business partners and/or sub-contractors, or advertising and marketing services, or our technical and analytics providers, or our search engine and search information providers.