The APEM Group Privacy Notice for Website and Marketing

1. Introduction

This Notice details our commitment to protecting the privacy of individuals who:

  • visit our Websites (defined below) (“Website Visitors”) or individuals who request us to contact them via our online web forms;
  • attend or register to attend webinars, sponsored events or other events at which the APEM Group participates (“Attendees”).

For the purposes of this Policy, the term “Websites” shall refer collectively to [www.apemltd.co.uk, www.apemltd.com, www.woodrow.ie and www.apem-inc.com/] as well as the other websites that the APEM Group operates and that link to this Policy. This Notice describes how the APEM Group collects, uses, shares and secures the personal data that you provide. It also describes your choices regarding use, access and correction of your personal data.

2. Scope of this Notice

When this Notice does not apply – Third party websites:
Our Websites may contain links to other websites. The information practices and the content of such other websites are governed by the privacy statements of such other websites. We encourage you to review the privacy statements of any such other websites to understand their information practices.

3. Information that you provide to us

Other Submissions:
We ask for and may collect personal data from you when you submit web forms on our Websites or as you use interactive features of the Websites, including: participation in webinars, surveys, contests, promotions, sweepstakes, requesting customer support, or otherwise communicating with us. We process your personal data to perform our contract with you for the use of our websites and we base the processing of your personal data on our legitimate interest to operate and administer our websites and to provide you with the content you access and request.

Attendee Information:
We ask for and may collect personal data such as your name, address, phone number and email address when you register for or attend a sponsored event or other events at which any member of the APEM Group participates, in order to facilitate your registration or attendance at an event, including sending related communications to you.

Mobile Application:
When you or access our website, we automatically collect information such as the type of device you use, the operating system version of the device, the cellular carrier facilitating connection to the mobile application, and the country the connection is arising from.

4. Information that we collect from you on our Websites

Cookies and Other Tracking Technologies:
We and our authorised partners may use cookies and other information gathering technologies for a variety of purposes. These technologies may provide us with personal data, information about devices and networks you utilise to access our Websites, and other information regarding your interactions with our Websites. For detailed information about the use of cookies on our Websites and how to manage your cookie settings, please read and review our Cookie Policy found here.

We may use web beacons, tags and scripts on our Websites or in email or other electronic communications we send to you. These assist us in delivering cookies, counting visits to our Websites, understanding usage and campaign effectiveness and determining whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our third-party service providers on an individual and aggregated basis.

Logs: As is true with most websites and services delivered over the Internet, we gather certain information and store it in log files when you interact with our Websites and Services. This information includes internet protocol (IP) addresses as well as browser type, internet service provider, URLs of referring/exit pages, operating system, date/time stamp, information you search for, locale and language preferences, identification numbers associated with your devices, your mobile carrier, and system configuration information. Occasionally, we connect personal data to information gathered in our log files as necessary to improve our Websites and Services. In such a case, we would treat the combined information in accordance with this Notice.

Analytics:
We collect analytics information when you use the Websites to help us improve them, including through the use of cookies. We may also share aggregated and/or anonymised data about your actions on our Websites with third-party service providers of analytics services. We also use mobile analytics software to allow us to better understand the functionality of our mobile versions of our Services on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, and where the application was downloaded from. We do not link the information we store within the analytics software to any personally identifiable information you submit within the mobile application.

5. How we use the information that we collect

General Uses:
We may use the information we collect about you (including personal data, to the extent applicable) in order to offer our websites and perform our obligations under our Service Agreement with you and on the basis of our legitimate interest including to (a) provide, operate, maintain, improve, and promote the Websites; (b) enable you to access and use the Websites; (c) process and complete transactions, and send you related information, including purchase confirmations and invoices; (d) send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages; (e) send promotional communications, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, contests, and events; and provide other news or information about us and our partners (you can opt-out of receiving marketing communications from us by emailing marketing@apemltd.co.uk and providing the names/email address(es) that you would like removed from our marketing databases and added to our ‘Do Not Contact’ list’ or following the unsubscribe instructions included in our marketing communications); (f) process and deliver contest or sweepstakes entries and rewards; (g) monitor and analyse trends, usage, and activities in connection with the Websites and for marketing or advertising purposes; (h) investigate and prevent fraudulent transactions, unauthorized access to the Websites, and other illegal activities; [(i) personalize the Websites, including by providing features or advertisements that match your interests and preferences; and (j) for other purposes for which we obtain your consent.

Legal basis for processing (EEA visitors only):
If you are a visitor from the European Economic Area (“EEA”), our legal basis for collecting and using the personal data described above will depend on the personal data concerned and the specific context in which we collect it.

However, we will normally collect personal data from you only where we need the personal data to perform a contract with you (e.g. to provide you with our Services), where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms, or where we have your consent. In some cases, we may also have a legal obligation to collect personal data from you.

If we ask you to provide personal data to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal data is mandatory or not (as well as of the possible consequences if you do not provide your personal data).

Similarly, if we collect and use your personal data in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time why we need to use your personal data. If we process personal data in reliance on your consent, you may withdraw your consent at any time.

If you have questions about, or need further information concerning, the legal basis on which we collect and use your personal data, please contact us using the contact details provided under the “Contact Us” section below.

6. Sharing of information collected

Third-Party Service Providers: We share information, including personal data, with our third-party service providers that we use to provide hosting for and maintenance of our Websites, application development, backup, storage, payment processing, analytics and other services for us. These third-party service providers may have access to or process your personal data for the purpose of providing these services for us. We do not permit our third-party service providers to use the personal data that we share with them for their marketing purposes or for any other purpose than in connection with the services they provide to us.

We may also share aggregated and/or anonymised information regarding your use of the Services with third parties for marketing purposes based on our legitimate interest to develop and promote Service(s). However, we would never identify you, your Agents or End-Users as the source of the information.

We may collect, and we may engage third-party analytics providers to collect, metrics and information regarding your use of the Service, including evaluating how Agents and End-Users use the Service (“Usage Data”), to develop new features, improve existing features or inform sales and marketing strategies, based on our legitimate interest to improve the Services. When we process Usage Data, any personal data shall be anonymised. Any such third-party analytics providers will not share or otherwise disclose Usage Data, although we may make Usage Data publicly available from time to time.

Compliance with Laws and Law Enforcement Requests; Protection of Our Rights:
In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may disclose personal data to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. We may also share such information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Service Agreement, or as otherwise required by law.

Referrals:
If you choose to use our referral service to tell a friend about our products and services, we will ask you for your friend’s name and email address. You must only provide your friend’s name and email address if you have a reasonable belief they will not object to us contacting them. If you do, we will automatically send your friend an email inviting him or her to visit the Websites and will store this information for the purpose of sending this initial email, tracking the success of our referral program and other marketing activities. Your referral may contact us at marketing@apemltd.co.uk to request that we remove his/her information from our database.

The APEM Group sharing:
We may share information, including personal data, with any member of the APEM Group, and they will use that information only for the purposes already described in this Policy.

With Your Consent:
We may also share personal data with third parties when we have your consent to do so.

7. International transfer of personal data

We do not share your personal data with third parties, unless it is necessary to carry out your request, for our professional or legitimate business needs, or as required or permitted by law. Where we do transfer your personal data to third parties or service providers, appropriate arrangements will be made in order to ensure correct and secure data processing in compliance with applicable data protection law.

We store personal data about Website Visitors and Subscribers within the EEA, the United States and in the United Kingdom. To facilitate our global operations, we may transfer and access such personal data from around the world, including from other countries in which the APEM Group has operations. Therefore, your personal data may be processed outside of the EEA and in countries which are not subject to an adequacy decision by the European Commission, and which may not provide for the same level of data protection as the EEA.

In this event, we will ensure that the recipient of your personal data offers an adequate level of protection, for instance by entering into standard contractual clauses for the transfer of data as approved by the European Commission (Art. 46 GDPR), or we will ask you for your prior consent to such international data transfers.

We have implemented safeguards to ensure an adequate level of data protection where your personal data is transferred to countries outside the EEA, such as:

  1. the recipient country has an adequacy decision from the European Commission;
  2. the European Commission’s Standard Contractual Clauses for the transfer of personal data;
  3. The APEM Group has Binding Corporate Rules in place which guarantee an adequate level of data protection wherever your data is physically kept; or
  4. APEM participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework; however, we do not rely on the Privacy Shield as a lawful mechanism to transfer personal data from the EU, United Kingdom, or Switzerland. Where the recipient is located in the United States, it may be a certified participant of the EU-US Privacy Shield or Swiss Privacy Shield Framework.

You can obtain more details of the protection given to your personal data when it is transferred outside Europe (including a sample copy of the model contractual clauses) by contacting us using the details set out at Clause 15 below.

Binding Corporate Rules:
We have adopted Binding Corporate Rules that have been authorised by the EU data protection authorities, and which enable us to transfer personal data lawfully from EEA member states to other APEM Group companies around the world.

Privacy Shield Frameworks:
APEM Group abides by and has certified adherence to the principles of the EU-U.S. and Swiss-U.S. Privacy Shield frameworks as set forth by the U.S. Department of Commerce; however, we do not rely on the Privacy Shield as a lawful mechanism to transfer personal data from the EU, United Kingdom, or Switzerland. For more information on the Privacy Shield frameworks, and to view the scope of APEM’s certification, please visit https://www.privacyshield.gov/list. Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted. For residual Privacy Shield disputes that cannot be resolved by the methods above, you may be able to invoke a binding arbitration process under certain conditions. To find out more about the Privacy Shield’s binding arbitration scheme, please see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction The Federal Trade Commission has investigation and enforcement authority over our compliance with the Privacy Shield. If we have received your personal data under the Privacy Shield and subsequently transfer it to a third party service provider for processing, we will remain responsible if they process your personal data in a manner inconsistent with the Privacy Shield Principles, unless we prove that we are not responsible for the event giving rise to the damage.

8. Other important privacy information

Data retention:
Where the APEM Group is the data controller of personal data (for example, personal data relating to Website Visitors, Attendees and individuals who register to use our Services), then we retain the personal data we collect where we have an ongoing legitimate business need to do so (for example, to provide you with our services, to enable your participation in an event, and to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your personal data, we will either delete or aggregate it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.

Request that we stop using your information:
You may request that your personal data no longer be accessed, stored, used and otherwise processed where you believe that the APEM group does not have the appropriate rights to do so. Where you gave us consent to use your personal data for a limited purpose, you can contact us to withdraw that consent. You can also opt-out of our use of your personal data for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your personal data, we will restrict any further use of your personal data until the request is honoured or the dispute is resolved, provided the APEM Subscriber does not object (where applicable).

Opt-out of communications:
We offer those who provide personal contact information a means to choose how we use the information provided. You may manage your receipt of marketing and non-transactional communications by clicking on the “unsubscribe” link located on the bottom of our marketing emails. You may opt-out of receiving promotional communications from us by using this unsubscribe link within each email.

Other data protection rights:
If you wish to exercise any other data protection rights that are available to you under your local data protection laws (such as the right to data portability or to data restriction) then please send your request to dataprotection@apemltd.co.uk and we will respond to your request in accordance with applicable data protection laws.

ou have the right to complain to your local data protection authority if you are unhappy with our data protection practices. Contact details for data protection authorities in the European Economic Area are available here.

9. Business transactions

We may assign or transfer this Notice, as well as your account and related information and data, including any personal data, to any person or entity that acquires all or substantially all of our business, stock or assets, or with whom we merge. If we do, we will inform them of the requirement to handle your personal data in accordance with this Notice.

10. Supplemental terms and conditions for supplemental regions

Canada:
Personal data (as the term is defined in the Personal Data Protection and Electronic Documents Act of Canada (“PIPEDA”)) will be collected, stored, used and/or processed by the APEM Group in accordance with APEM’s obligations under PIPEDA.

United Kingdom:
Personal data collected, stored, used and/or processed by the APEM Group, as described in this Notice, is collected, stored, used and/or processed in accordance with the APEM Group’s obligations under the Data Processing Act 2018.

EU:
Personal data collected, stored, used and/or processed by the APEM Group, as described in this Notice, is collected, stored, used and/or processed in accordance with the APEM Group’s obligations under the GDPR.

11. Changes to this Notice

his Notice may be updated from time to time to reflect changing legal, regulatory or operational requirements. We encourage you to periodically review this page for the latest information on our privacy practices.

If there are any material changes to this Notice, you will be notified by our posting of a prominent notice on the Websites prior to the change becoming effective.

If you do not accept any changes made to this Notice, please discontinue use of the Websites and the Services.

12. Contact us

If you have questions or complaints regarding this Notice or about the APEM Group’s privacy practices, please contact us:

APEM’s United States Representative: Dr Stuart Clough, 2603 NW 13th Street, #402, Gainesville,
FL 32609-2835, USA s.clough@apem-inc.com
APEM’s Global Privacy Counsel: dataprotection@apemltd.co.uk

Revised July 2021