AVTEL UK Ltd is committed to safeguarding the privacy of our website visitors; in this policy we explain how we will treat your personal information.
Date of Release: September 3rd, 2018
- AVTEL Holdings Pte Ltd and its subsidiaries and associates (collectively, AVTEL) are responsible for the processing of personal data as described in this Policy (each group entity in respect of the processing of personal data records relating to its activities, customers, suppliers, job candidates and employees). We are committed to ensuring adherence to the highest legal and ethical standards. AVTEL has a well-established reputation for conducting business in an ethical and honest way. This Policy operates in addition to, and supplements, AVTEL’s other corporate governance policies referenced throughout this Policy, as well as our Code of Conduct.
- AVTEL is committed to protecting the privacy of your personal information. This policy explains:
- how we collect, use and disclose information about our customers, suppliers (and their employees) and people who apply for employment with us; and
- how to contact us if you have any questions about the management of your personal information or would like to access the personal information we hold about you.
- We may amend this policy at any time by posting the updated version on our website.
AVTEL is not responsible for the privacy practices of sites that are linked to our website via hyperlinks, banner advertising or otherwise. This document will be reviewed periodically in order to determine whether it remains useful, relevant and effective.
- This Policy applies to personal information regarding our customers, third party business associates, employees and others and to the management of that person information.
- In providing services to our clients, AVTEL may be given access to client databases containing personal data records and we may be required to process such records in providing our services. In those circumstances, we will deal with our client’s personal data records in accordance with our client’s instructions.
- This Policy relates to your personal data, i.e. data about you, an individual, from which you can be identified. This Policy therefore does not apply to any data insofar as it is held, processed, disclosed or published in a form which cannot be linked to a living individual (such as anonymised data, or aggregated data which cannot directly or indirectly be used to extract your personal data). We reserve the right to generate anonymised and aggregated data extracted out of any databases containing your personal data and to make use of any such anonymised and aggregated data as we see fit (including publishing such data and sharing it with third parties).
- While this Policy is intended to establish a standard for our information processing activities globally, those processing activities may be more limited in some jurisdictions based on the restrictions of their laws. For example, the laws of a particular country may limit the types of personal information we can collect or the manner in which we process that personal information. In those circumstances, we comply with relevant local laws and regulations.
What information we collect:
- AVTEL only collects information that is reasonably necessary for one or more of our functions or activities.
- Generally, the information we collect about customers and suppliers includes your name (including the names of individual officers or representatives of corporate clients and corporate suppliers), mailing and/or physical address, delivery address, phone number, payment, credit and billing information, and e-mail addresses.
- We also collect demographic information, which is not unique to you, such as your postcode. When you visit our websites, we may also collect information about your computer, including your Internet Protocol address.
- We also collect information about your use of our website using cookies. You can choose to decline cookies, but if you do so, you may not be able to fully experience our online interactive features.
- We may also collect additional information about customers, including purchase history, location and preferences, either directly, or through third party analytics tools, or our business partners. We also collect information about:
- suppliers and their employees (including business name and address and contact details); and
- potential employees (including names, addresses, contact details, employment and academic histories and the names of their referees).
- There may be some instances in which the personal information that we collect, use, and process is considered “sensitive personal information” under the privacy laws of some countries. We only collect, use, and process “sensitive personal information” in your jurisdiction if and to the extent permitted or required by applicable law or subject to your explicit consent.
How we collect and hold information
- AVTEL collects personal information only by lawful and fair means. Where it is reasonable and practicable to do so, we collect your personal information from you directly when you or the company with which you are associated engage with us in relation to our services or purchase products or services from us, when you provide your details to us at an industry or student event, or if you enter into other arrangements with us, provide feedback/complaints to us or register your details with us. Information about suppliers and employees is usually collected from the supplier.
- Information about potential employees is usually collected during the recruitment process sometimes from employment agencies.
- Log file information is automatically reported by your browser each time you access a web page. When you access or use our website, our servers may automatically record certain log file information, including but not limited to your web request, Internet Protocol address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on the site, domain names, landing pages, and pages viewed.
- We take all reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification or disclosure. Your personal information is stored on password protected servers located in access controlled secure locations.
- While we cannot guarantee the security of this information, we will use all reasonable endeavours to ensure the third party protects the personal information from unauthorised use or disclosure (Data Breach). If we become aware of a Data Breach affecting your personal information, as appropriate in the circumstances and as required by law, we may notify you of the Data Breach and will endeavour to limit the potential impact.
Why we collect and hold and how we use information
- We collect, hold and use your information to:
- verify your identity, administer our client relationships, provide products and services, assist with technical support and other issues related to our products and services, monitor and improve our content, website and services;
- communicate with you, respond to your feedback, queries and complaints;
- undertake and administer surveys, promotions, events, marketing activities, database compilation, analysis of trends and demographics and other marketing or promotional activities;
- protect against fraud and theft;
- recruit and assess future employees;
- meet our legal obligations and the regulatory requirements to which we are subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties; and
- for our internal business purposes, such as compiling and analysing usage information for general operational, statistical and business purposes and to maintain and update our records.
- From time to time, insofar as permitted under applicable law, we may also use your personal information to send you targeted news, offers and promotions of our products and services. Where required, we will seek your prior consent before sending such communications. If you do not wish to receive these communications, you can opt-out by contacting us at the address listed below or by using the ‘unsubscribe’ option on our electronic communications.
- We apply security measures to protect your personal information including, but are not limited to:
- restricting access to our computer systems and physical records to authorised persons and preventing users from accessing information they have no need to access;
- requiring employees to use unique passwords to gain access to systems. These passwords are changed regularly, and their use is independently monitored; and
- employing firewalls and virus scanning tools to prevent unauthorised persons and viruses from entering our system.
- If we no longer need your personal information, we will take reasonable steps to destroy or de-identify your personal information in accordance with our document and data retention polices. The exceptions to this are where we are required or authorised by law to retain it.
How we disclose your information
- We do not disclose personal information to third parties unless it is required for the purposes for which your information was collected or you have given us your consent to do so. Third parties we may disclose personal information to include:
- our advisers (including our accountants, auditors and lawyers);
- our service providers, including IT service providers, web-hosting organisations, delivery companies, external call centres and e-marketing providers, mail houses, recruitment firms, third party fulfilment centres, market researchers, billing and debt recovery providers and other companies who are responsible for parts of our product or service delivery;
- suppliers and manufacturers;
- payment system operators and financial institutions;
- government agencies; and
- other third parties if required by law or legal process.
- We may occasionally disclose your personal information, credit information (and credit eligibility information) to organisations located in other jurisdiction than the jurisdiction in which the information was originally collected, for example where:
- we use service providers, cloud computing solutions or data storage based overseas;
- when personal information is shared or accessed by an AVTEL entity in another jurisdiction;
- you have requested a product or service that involves an international element;
- we need to comply with foreign legal or regulatory requirements; or
- an international payment has been made.
- We require overseas recipients of your information to use personal information only for the purpose provided and to implement strict confidentiality and data protection arrangements in relation to personal data records received from us. Any offshore disclosures will be predominantly to entities located in the United States of America and the Asia Pacific region (including but not limited to China, Indonesia and Singapore). The jurisdictions where that information will be disclosed may or may not have laws that seek to preserve the privacy of personal information. Nevertheless, whenever your personal information is transferred within AVTEL, your personal information will be protected and your privacy respected.
- In special circumstances, for example, if we were to sell our business or part of our business, your information may be transferred to potential purchasers and their advisers as part of that sale. From time to time, we may provide aggregated and de-identified information to other business partners for various purposes.
- We may disclose personal information if we are compelled to do so by a court of law or requested to do so by governmental authorities or if we determine it is necessary or desirable to comply with the law or to protect or defend our rights or property in accordance with applicable laws. We may also retain personal information collected and process such personal information to comply with accounting, tax rules and regulations and any specific record retention laws.
Data about children
Our services and website are not directed to children and are intended for use by adults only. We do not knowingly collect information from individuals under 16 years of age. If you are under the age of 16, please do not submit any information through our website.
- You may always choose what personal information (if any) you wish to provide to us.
- In some jurisdictions, data privacy laws may require us to obtain your consent before we, for instance, send you information that you have not specifically requested. In certain circumstances, your consent may be implied or the law may not require such consent (for example, where communications are required in order to fulfil your requests and/or where you have volunteered information for use by us, or where we have a legitimate reason to disclose or transfer your data to someone else). In other cases, we may seek your consent expressly in accordance with applicable laws (for example, sensitive personal information).
Accuracy of personal information
We take all reasonable steps to ensure that your personal information held by us is accurate, up-to-date, complete, relevant and not misleading. If you believe that any of your personal information is not accurate, up-to-date, complete, relevant and non-misleading, please contact us through the contact details provided in this Policy and we will take reasonable steps in reasonable time to correct your information.
Accessing and correcting your information and questions
- You can request access to your information or that your information be corrected by contacting us at the address below.
- If you wish to make a formal complaint, please make your complaint in writing to our Privacy Officer. We will consider your complaint promptly and contact you to seek to resolve the matter. If we have not responded to you within a reasonable time.
By E-mail to: firstname.lastname@example.org
By telephone to: +81 3 6866 2802
By post marked “Private & Confidential” to:
Compliance and Legal Officer
AVTEL Holdings Pte Ltd
Level B1, 3-10-21 Higashi Gotanda, Shinagawa-ku, Tokyo 141-0022 Japan
Information for EU residents
For the purposes of the processing of personal data of individuals in the European Union (“EU”) or by any of our EU group companies, we rely on the following lawful basis for the processing of your personal data:
- Our legitimate interests in (among other things) delivering our services, conducting commercial research, improving and maintaining our services and website, protecting the security or integrity of our databases, protecting our business or reputation, taking precautions against legal liability, dealing with our assets in the event of a business change, protecting and defending our legal rights or property, or for resolving disputes, investigating and attending to inquiries or complaints with respect to your use of our services;
- Where relevant, your express consent. If you provide us with personal information relating to you and give your consent for using it;
- Where relevant, the fulfilment of our contractual obligations to you or the entity with which you are associated; and
- Where relevant, for compliance with legal obligations to which we are subject.
Users based in the EU have the following legal rights in respect of their personal information:
- The right to require us to confirm whether or not your information is being processed, the purpose of any such processing, the recipients of any information that has been disclosed, the period for which your information is to be stored and whether any automated decision-making processes are used in relation to their information;
- The right to require us to rectify inaccurate information without undue delay;
- Where we relied on the ‘consent’ basis for processing that information, the right to withdraw your consent at any time. This right to withdraw consent does not affect the lawfulness of processing based on consent before its withdrawal;
- The right to request the erasure of your information in certain circumstances;
- The right to require us to restrict the processing of your personal data in certain circumstances;
- Where data is processed based on your consent or to fulfil a contractual obligation, under certain conditions you may have the right to receive your personal data from us in a structured, commonly used and machine-readable format;
- The right to object in certain circumstances to the processing of personal data.
- You have the right to lodge a complaint with the data protection supervisory authority of the EU member state where you reside.
Please note that the above legal rights are subject to various conditions and exceptions including where the data is used for statistical or scientific research purposes and the exercise of the right would prevent such purposes from being attained or would seriously impair their attainment.
Information for California residents
Under California Civil Code Section 1798.83, if you are a California resident and your business relationship with us is primarily for personal, family or household purposes, you may request certain data regarding our disclosure, if any, of information to third parties for the third parties’ direct marketing purposes. To make such a request, please send an email to [email address] with “Request for California Privacy information” in the subject line. You may make such a request up to once per calendar year. If applicable, we will provide to you via email a list of the categories of information disclosed to third parties for their direct marketing purposes during the immediately-preceding calendar year, along with the third parties’ names and addresses. Please note that not all personal data sharing is covered by Section 1798.83’s requirements.
Information for Australian residents
- The AVTEL entity that provides services in Australia is AVTEL (Aust) Pty Ltd (ACN 147 655 785).
- Your privacy is important to us and we are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
- Australian residents are hereby notified that you have the option to deal anonymously or by pseudonym if you contact us by telephone and you merely seek information about our services but you do not wish to enter into any further discussions with us. However, if you wish to deal with us in this way, you will not be able to engage with us in respect of our services. If you wish to engage with us in respect of our services, you may be required to provide us with your personal information.
- Further to paragraphs 6(b) and 6(c) above, we may transfer your personal information to affiliates, service providers and other parties outside of Australia, including in the United States of America and the Asia Pacific region (including but not limited to China, Hong Kong, India, Indonesia and Singapore).
- We rely on your consent to send you direct marketing messages about our products, services, and promotions, and to deliver targeted advertisements to you. You can withdraw your consent at any time. You also may change the privacy settings of your browser, for example, with respect to cookies. If you withdraw consent, we are no longer able to offer these services.
- Our interactions with you are also regulated by the Spam Act 2003 (Cth). In compliance with this Act, we will not send a commercial electronic message to you unless permitted.