Who are we?
We are Acteon Group Limited, registered in England and Wales with company number 04231212 (“we”, “Acteon”, “us”, “our”).
Our contact details
If you have any concerns or questions about our use of your personal information, you can:
- Email: email@example.com; or
- Write to: Legal & Risk, Acteon Group Limited, Ferryside, Ferry Road, Norwich, Norfolk, NR1 1SW, UK
Changes to this notice
We may amend this notice from time to time. If we make any changes, we will notify you and, where required, obtain renewed consent.
What is a cookie?
A cookie is a small text file that is downloaded onto your device (e.g. a computer or smartphone) when you access a website. It allows the website to recognise your device and to store some information about your preferences or past actions.
What cookies do we use and why?
We use the following cookies:
- Strictly necessary cookies: cookies required for the operation of our website. These cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
- Analytical or performance cookies: these allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies: these are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies: these cookies record your visit to our website, the pages you have visited and the links you have followed. The intention is to display content that is relevant and engaging for the individual user. We may also share this information with third parties for this purpose.
Personal information about you is not collected by these cookies.
- Hubspot: this is a marketing tool which collects information about which pages you visit on the website.
Our website allows you to share content via third party social networking sites (e.g. Twitter and LinkedIn). In order to allow functionality with third party social networking sites, cookies are used. We do not accept any responsibility or liability for your use of any third party social networking sites accessed via the Acteon website. We encourage you to review the cookies and privacy notices of each third party social networking site you use before disclosing personal information or accepting cookies.
You can block/disable cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.
Except for essential cookies, all cookies will expire after 2 years.
The following sets out how we collect and use personal information collected via the Acteon website. Any personal information provided via the website in respect of career/job enquiries and applications is processed separately and in accordance with our candidate privacy notice.
Type of personal information we collect
We collect and process the following information:
- Phone number
- Job title/position
How and why we collect personal information
The personal information we process is provided to us directly by you for one of the following reasons:
- Enquiries about products, services or collaborative working;
- General enquiries; and
- Marketing communications.
We use the information that you have given us in order to:
- Direct your enquiry to the correct person/supply you with the products, services or information you have requested;
- Analyse and assess trends so that we can administer, support and improve our business and the services we offer;
- Send you details of products and services which may be of interest to you;
- Provide you with access to certain parts of our website; and
- Contact you for your views on our products and services.
The lawful bases we rely on for processing this information are:
- Consent: you are able to withdraw your consent at any time. You can do this by contacting us using the details in the “Our contact details” section of this notice;
- Contractual obligation: in circumstances where, for example, your enquiry leads to a contract with us or one of our group companies.
How we store your personal information
Your information is securely stored on our servers or the servers of relevant third party providers (see the “Third parties and international transfers” section of this notice).
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction or damage including but not limited to:
- HubSpot has a SOC 2 Type I report. Their SOC 2 report attests to the controls they have in place governing the availability, confidentiality, and security of customer data as they map to Trust Service Principles (TSPs) established by the American Institute of Certified Public Accountants (AICPA). In addition, Hubspot’s SOC 3 report attesting to HubSpot’s commitment to meeting the rigorous industry standards established by the TSPs is publicly available.
- Sessions are protected with in-transit encryption using 2,048-bit or better keys and TLS 1.0 or above. Users with modern browsers will use TLS 1.2 or 1.3.
Personal information which is processed on the basis of your consent will be retained for as long as your consent remains active. Personal information which is processed on the basis of contractual obligation will be retained in line with the details set out in the relevant contract. We will then dispose of your information by following the GDPR-compliant deletion process within our CRM system, which deletes the contact’s personal information so no further contact can be made.
Third parties and international transfers
We will share, transfer or disclose your personal information to:
- Our group companies which include our subsidiaries, branches and representative offices;
- Another legal entity for the purposes of a joint venture/collaboration between that party and Acteon or one of its group companies;
- Another legal entity for the purposes of sale/merger between that party and Acteon or one of its group companies;
- Third party service providers used to protect the security and integrity of our business, including our databases and systems;
- we use Microsoft 365 for the day to day running of our business
- Third party service providers used to facilitate client relationship management;
- we use Hubspot to manage enquiries from our website and Microsoft Dynamics for our CRM platform
- Legal advisers or public authorities where we are required to do so by law; and
- Any other third parties to which you have explicitly consented.
Your personal data will be transferred to third countries (i.e. countries outside of the UK or EEA and without an adequacy decision from the European Commission or UK Secretary of State). The country to which your personal data will be transferred is dependent upon the enquiry you have made but countries include, as a minimum, all countries in which Acteon companies are located (where we operate) and could include any country in the world dependent upon one of the reasons for transfer listed above being required. In circumstances where your personal data is transferred to a third country, it will be transferred pursuant to an appropriate safeguard (standard contractual clauses) or exception/derogation.
We may also provide links to third party websites via the Acteon website. This is to ensure that your experience of our website is as informative and useful as possible. We do not accept any responsibility or liability for your use of any third party websites accessed via the Acteon website. We encourage you to review the cookies and privacy notices of each third party website you use before disclosing personal information or accepting cookies.
Automated individual decision making or profiling
We may use automated individual decision making to direct any enquiries you make to the correct department or person.
Your data protection rights
You have the following rights under data protection laws:
- Access: you can ask us for copies of your personal information;
- Rectification: you can ask us to rectify personal information you think is inaccurate or to complete information you think is incomplete;
- Erasure/be forgotten: you have the right to ask us to erase your personal information in certain circumstances;
- Restriction of processing: you have the right to ask us to restrict the processing of your personal information in certain circumstances;
- Object to processing: you have the right to object to the processing of your personal information in certain circumstances;
- Data portability: you have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances;
- Withdraw consent: where your personal information is processed based on your consent, you have the right to withdraw your consent.
You are not required to pay any charge for exercising your rights. However, certain requests may attract a reasonable fee for the administrative costs of complying with the request if it is manifestly unfounded or excessive; or if you required further copies of the information following a request. If you make a request, we have one month to respond to you.
Please contact us using the details in the “Our contact details” section of this notice if you wish to make a request to exercise one or more of your rights.
Complaints to the supervisory authority
If you have any concerns about our use of your personal information, you can make a complaint to us using the details in the “Our contact details” section of this notice.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Candidate Privacy notice