Privacy and GDPR Policy

Introduction

Please read this privacy notice carefully as it describes our collection, use, disclosure and retention and protection of your personal information. This privacy notice applies to all data collected by Ostara Systems Ltd. Where you provide us with your personal information in any way as described in section 2 below, you are agree that we may collect, store and use it based on our legitimate interest for processing (ie: for internal administrative purposes and direct marketing). This is based on you providing consent, which you may withdraw at any time, as described in this privacy notice.

Our business will ensure that personal data that we hold is kept secure and that it is held for no longer than is necessary for the purposes for which it is being processed. In addition, we will retain the minimum amount of information to fulfil our statutory obligations and the provision of goods or/and services – as required by the data protection legislation, including the General Data Protection Regulation (GDPR).

1.     Who we are

Our privacy notice applies to all  systems, websites and technology of Ostara Systems Ltd (a company incorporated in England with company registration number 04642803 and whose registered office address is Ash House, Breckland, Linford Wood, Milton Keynes, MK14 6ET), but excludes any product applications or services that have separate privacy notices which do not incorporate this privacy notice.

2.     How we collect information

To the extent permissible under applicable law, we collect information about you and any other party whose details you provide to us when you:

• Complete online forms (including all call back requests);
• Interact with us using social media;
• Provide your contact details to us by emailing
• Contact us offline, for example by telephone or post
• Apply for a role at Ostara Systems
• Become an employee of Ostara Systems

If you intend giving us personal information about someone else, you are responsible for ensuring that you comply with any obligation and consent obligations under applicable data protection laws. In so far as required by applicable data protection laws, you must ensure that beforehand you have their explicit consent to do so and that you explain to them how we collect, use, disclose and retain their personal information or direct them to read our privacy policy.

3.     How we use your information

To the extent permissible under applicable law, we use your information to:

• Provide any information and services that you have requested;
• Manage our relationship with you (for example, customer services and support activities);
• Monitor, measure, improve and protect our content, website and services and provide an enhanced service for you;
• Provide you with any information that we are required to send to you to comply with our regulatory or legal obligations;
• Deliver targeted advertising, marketing or information which may be useful to you based on your query to our website;
• Activities related to your employment at Ostara Systems

We may monitor and record our communications with you, including e-mails and phone conversations. Information which we collect may then be used for training purposes, quality assurance, to record details about our website and services that you ask us about, and in order to meet our legal and regulatory obligations generally.

4.     Sharing your information

We may share your information with:

• Another organisation if we sell or buy (or negotiate to sell or buy) any business assets;
• Another organisation to whom we may transfer our agreement with you; and
• Government departments where reporting is mandatory under applicable law.
• Any company’s system on which we rely on, as a controller or processor of data

5.     Marketing

From time to time, we may use your information to contact you with details about our products and services which we feel may be of interest to you. You have the right at any time to stop us from contacting you for marketing purposes. You can unsubscribe from any email marketing using the links provided in the emails we send to you, or by contacting us at info@ostarasystems.com.

6.     Your information and your rights

If you are based in the EEA or within another jurisdiction having similar data protection laws, in certain circumstances you have the following rights:

• The right to be told how we use your information and obtain access to your information;
• The right to have your information rectified or erased or place restrictions on process your information;
• The right to object to the processing of your information e.g. for direct marketing purposes;
• The right to have any information you provided to us on an automated basis returned to you in a structured, commonly used and machine-readable format, or sent directly to another company, where technically feasible (“data portability”);
• Where the processing of your information is based on your consent, the right to withdraw that consent subject to legal or contractual restrictions;
• The right to object to any decisions based on the automated processing of your personal data, including profiling; and
• The right to lodge a complaint with the supervisory authority responsible for data protection matters (e.g. in the UK, the information commissioner’s office).

We will retain your personal information for as long as is necessary and relevant for our legitimate business purposes, in accordance with Appendix 1 of this document, or as otherwise permitted by applicable laws and regulation.

7.     Disposal

We must ensure that personal data is securely disposed of when it’s no longer needed. This will reduce the risk that it will become inaccurate, out of date or irrelevant.

The method of disposal should be appropriate to the nature and sensitivity of the documents concerned and includes:

• Non-Confidential records: place in waste paper bin for disposal
• Confidential records: shred documents
• Deletion of Computer Records
• Certified hardware destruction

CCTV

We use CCTV at our offices for the purpose of

• Protecting the organisation property and related assets and keeping them free from damage, disruption, theft or vandalism
• Increasing the personal safety of staff and other stakeholders in our care e.g. visitors to our offices

We retain CCTV for no more than 3 months unless the footage is being used for the purpose of investigation or law enforcement purposes in which case it may be retained for as long as is required to conclude the investigation.

CCTV is processed without your explicit consent in the pursuit of our purpose above.

Depending on its nature you have the right to request a copy of CCTV relating to you, or the rectification or erasure of CCTV and can do so as part of a Subject Access Request and or right to be forgotten request.

Please submit your request to info@ostarasystems.com and we will respond within 30 days.

If you wish to complain or object to the use of CCTV you can also contact info@ostarasystems.com.  You also have the right to complain about our CCTV processing to the Supervisory Authority – Information Commissioner’s Office.

Contact Details

Ash House, Breckland, Linford Wood, Milton Keynes, MK14 6ET

Open:

9:00 AM – 5:00PM

Phone:

0844 880 2582

Email:

info@ostarasystems.com

Appendix 1: Document retention schedule

The below table sets out the retention schedule of data held by Ostara Systems Ltd, and is regularly reviewed, and where necessary, updated.