Privacy Policy

About this Policy

This Privacy Policy aims to give you information on how we collect and processes your personal data through your use of this Website. This Website is intended for business users and not individual consumers. This Privacy Policy should be read in conjunction with our Cookies Policy, which provides details of how we use cookies and similar technologies to enable you to browse our Website effectively. By accessing and using this Website you are accepting the practices described in this Privacy Policy.

It is important that you read this Privacy Policy together with any other Privacy Policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

The other notices which may apply to you include, when, for instance:

  • your company has bought Opus 2 services under a separate written agreement;
  • we a looking for suitable candidates to fill roles within our organization
  • you are employed by us or are a supplier (including contractors)

This Privacy Policy primarily covers how we use personal data of Website visitors and people who interact with or do business with us. In these cases, we will be the “data controller” for the purposes of data protection law.

As part of providing our services, our customers may provide us with personal data of other individuals. Where we process this Information as part of providing our services to the customer, we operate in the capacity of a "data processor".

 

About us

We are Opus 2 International Limited (“Opus 2”), a company registered in England. Our registered address is Winton Place, 16 Blackhills, Esher, Surrey KT10 9JW and our principal place of business is at 5 New Street Square, London EC4A 3BF. Our company number is 05907841.

Opus 2 has subsidiaries based abroad (Opus 2 International Inc. and Opus 2 International Singapore PTE Ltd, based in the USA and Singapore, respectively). If you are in the European Economic Area (EEA), by using this Website you permit us to transfer your personal data to our international subsidiaries where this is required to fulfil the purposes set out in this Privacy Policy. For further information, please see ‘International Transfers’ below.

 

Third-party links

This Website may include links to third-party Websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party Websites and are not responsible for their privacy statements.

What personal data/information we collect about you

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data includes first name, last name, email address, telephone number and similar information.
  • Contact Data includes business address, job title, email address and telephone numbers.
  • Profile Data includes interests you communicate to us about key topics and feedback you provide to us on any aspect of our services or business.
  • Usage Data includes information about how you use our Website, products and services.
  • Marketing and Messaging Data includes your preferences in receiving marketing from us and your communication channel preferences
  • Technical Data includes IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this Website.
  • We use both technically necessary (for the functioning and security of the Website) and non-technically necessary Cookies and similar technologies for analytics purposes. A more detailed explanation of the technologies we use, and how to opt-out when applicable, can be found in the Cookies policy.

You are under no obligation to submit any personal data to us. However, if you do not and if we require this under law or in order to perform our obligations under the terms of a contract, we have with you, then this may mean that we are unable to perform our obligations under the contract.

Ways in which we collect your personal data

Personal data you submit to us directly: you may provide us with Contact Data or Identity Data directly e.g. when you submit your details on our Website or provide them through another means (e.g. email or phone), when you fill in a form, sign up for an event, request marketing materials or provide feedback to us. Personal data we collect through publicly available sources: we may collect Contact Data or Identity Data from third-party publicly available sources e.g. B2B search engines, internet search engines, social media sites (e.g. LinkedIn).

We may also collect personal data as part of the Cookies we use and this detailed in our Cookies Policy.

How we use your personal data

The table later down in this Privacy Policy sets out the ways in which we use your personal data. We will only use your personal data when we are legally allowed to do so. We rely on the following legal ground to process your personal data:

  • Where we need to perform the contract that we are about to enter in to or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) provided that our legitimate interests do not override your interests and fundamental rights.
  • Where we need to comply with a legal or regulatory obligation.
  • Other legal grounds as applicable.

We don’t generally rely on consent as a legal ground for processing Personal Data except in respect of certain categories of email marketing message recipients or under our Cookies Policy. You have the option to withdraw your consent at any time, and an unsubscribe / opt-out will be included in each marketing communication as further detailed later in this Privacy Policy or you can contact us using the details provided later in this Privacy Policy.

We will only use your personal data for the purposes for which we collected it (as set out in the table below), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. We may on occasion, need to process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Purpose of Collection

Categories of Personal Data Collected

Legal Grounds for Processing

New prospect Information

(a) Identity

(b) Contact

Performance of a contract with you

To manage our relationship with you which will include:

(a) Notifying you about changes to our terms or Privacy Policy

(b) Asking you for feedback on services we have supplied.

(a) Identity

(b) Contact

(c) Profile

(d) Marketing and Communication

(a) Necessary to comply with a legal obligation

(b) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

(c) consent, where applicable.

To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

(a) Identity

(b) Contact

(c) Technical

(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

(b) Necessary to comply with a legal obligation

To use data analytics to improve our Website, products/services, marketing, customer relationships and experiences

(a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy)

To let you know about events and webinars that we run that may be of interest to you.

(a) Identity

(b) Contact

(c) Marketing Messaging

(a) Necessary for our legitimate interests (to develop our products/services and grow our business)

(b) consent, where applicable

To make suggestions and recommendations to you about goods or services that may be of interest to you.

(a) Identity

(b) Contact

(c) Technical

(d) Usage

(e) Profile

(f) Marketing Messaging

(a) Necessary for our legitimate interests (to develop our products/services and grow our business)

(b) consent, where applicable

 

Sharing / transferring your personal data to third parties

On occasion, we may need to share your personal data with third parties as set out below. We will share your personal data with the following third parties or categories of third parties where it is in our legitimate interests to do so:

  • our other service providers and sub-contractors, including but not limited to payment processors, utility providers, suppliers of technical and support services, insurers, lawyers and cloud service providers;
  • companies that assist us in our marketing and promotional activities; and
  • analytics and search engine providers that assist us in the improvement and optimisation of our website.

We will always ensure that any third parties with whom we share your personal data are subject to privacy and security obligations consistent with this Privacy Policy and applicable laws. We may share your data with other subsidiaries (as listed in “About Us” section) for the purposes listed above.  

  • We will also disclose your personal data to third parties:
    • where it is in our legitimate interests to do so to operate our day to day business activities or grow our business
    • if substantially all of Opus 2’s or any of its affiliates’ assets are acquired by a third party, in which case personal data held by Opus 2 will be one of the transferred assets;
    • if we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
    • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation;
    • in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims and to protect our rights or the rights of a third party.

Opus 2 does not share any personal information with third parties for their own direct marketing purposes. However, as affiliates of Opus 2 are separate legal entities these could be classed as these parties under the CCPA. Any transfer of your data to our affiliates and their use of your data will always be in accordance with this Privacy Policy and applicable laws.

International transfers

We and our affiliates operate internationally. For this reason, on occasion, your data may be transferred to a different country to the country in which you are located. To the extent that we are deemed to transfer personal information outside of the EEA, we rely separately, alternatively, and independently on the following legal bases to transfer your information: Model Contract Clauses or a US organization that is certified under the EU-US Privacy Shield Framework.

Security

We employ a variety of technical and organizational measures to keep personal data safe and to prevent unauthorized access to or use or disclosure of it. We take our position as a software as a service provider seriously and comply with leading security practices. We hold an ISO27001:2013 and Cyber Security Essentials certification.

Data retention

We keep your personal data for no longer than necessary for the purposes for which the personal data is processed. The length of time we retain personal data for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.

Your legal options and rights

Depending on your location, you may also benefit from a number of legal rights available to you in respect of the personal data we use. Whilst some of these rights apply generally, certain rights apply in limited circumstances.  

  • the right to ask us to provide you, or a third party, with copies of the personal data we hold about you at any time and to be informed of the contents and source;
  • the right to request erasure, sometimes referred to as the right to be forgotten;
  • the right to object on legitimate grounds to the processing of your personal data. In certain circumstances we may not be able to stop using your personal data – if that applies, we’ll let you know and gives you the reasons why.
  • withdrawal of consent – when personal data is processed on the basis of consent you may withdraw consent at any time. If you no longer want to receive any marketing material from us, please use the unsubscribe / opt-out option which is in all our marketing emails to you or email us at privacy@opus2.com
  • If you have previously consented to use of Analytics Cookies when you visit or Website, you can withdraw this consent through changing your settings – please refer to the Cookies Policy for more information on how to do this.

The California Consumer Privacy Act (CCPA) provides California residents with the following additional rights:

Right to Know: California residents may request disclosure of the specific pieces and/or categories of personal information that the business has collected about them, the categories of sources for that personal information, the business or commercial purposes for collecting the information, the categories of personal information that we have disclosed, and the categories of third parties with which the information was shared. This information is included in this Policy but please let us know if you require any more information or have any questions using the details as set out in the “Data Controller contact information” section below.

Right to Opt-Out: Opus 2 does not sell personal information to third parties for monetary value. However, the term “sale” is defined broadly under the CCPA. To the extent that “sale” under the CCPA is interpreted to include the data uses described in the “How we use your personal data” Section above, we will comply with applicable law as to those activities. To the extent that Opus 2 “sells” personal information (as that term is defined under the CCPA), California residents are entitled to opt-out of the “sale” of data at any time.

Opus 2 does not share any personal information to third parties for their own direct marketing purposes. However, as affiliates of Opus 2 are separate legal entities these could be classed as this parties under the CCPA. Any transfer of your data to our affiliates and their use of your data will always be in accordance with this Privacy Policy and applicable laws.

If you want to exercise any of your rights in respect of your personal information or if you have any questions about how we collect, store and use your personal data, then please contact us using the details as set out in the “Data Controller contact information” section below.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. If we process your data in our capacity as a data processor, we will contact the relevant data controller and ask them to respond to your request (we will provide support and information to help the data controller comply with your request).

Opus 2 Data Protection Officer contact details

If you would like further information on your rights or wish to exercise them, please write to: The Data Protection Team, Opus 2 Limited, 5 New Street Square, London EC4A 3BF, or email privacy@opus2.com.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so. If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner’s Office, which oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk.

Changes to this Policy

We reserve the right to make changes to this Privacy Policy at any time with effect for the future. The then current version of this Privacy Policy will be made available on the Website. While we do not intend to make changes to this Privacy Policy very often, we would encourage you to review our most current policy when you visit us to be sure that you have read and agree with what information we collect, how we use it and under what circumstances we disclose it.

Privacy Policy last modified: Feb 2020

 

Opus 2 Cookies Policy

Overview

Cookies are small text files that our Website asks to place on your computer or other internet enabled devices, such as tablets or smartphones. If your browser is set to accept Cookies, then your browser adds the text in a small file.

Except as indicated otherwise in this Cookie Policy, the Cookies used by us are essential for the functioning and performance of our Website, such as by making our Website work more efficiently and facilitating your use of the functionalities and services provided; these functionality and/or performance Cookies will be deleted from your device once your browser-session has ended (session Cookies). We will not use the information stored in essential Cookies for any other purpose than as strictly necessary to provide you with the services and functionalities requested. Cookies will not be used by us to contact you for marketing purposes.

Cookie Consent & personalized tracking

When you access our Website, if applicable, we will ask for your consent to place additional Cookies on your device by displaying a Cookie banner ("Cookie Consent"). These Cookies will not be strictly necessary for the functioning and performance of our Website but will help us to collect some of your personal data relating to your Website usage behaviour in order to improve our Website offering and services and/or to provide you with more personalized information and services. The Cookie banner informs you about the main purposes of the additional Cookies and provides you with information about your choices and where you may access further information. Your continued use of our Website after having been displayed with the Cookie banner will signify your consent to the described practices.

At all times, you have the right to withdraw your Cookie Consent and individually opt-out from the placement of Cookies and any collection of your information for the different purposes at any time with effect for the future. You can do so in your browser settings. You will need to do this for each device on which you access the Website.

More information on the Cookies we use

Essential/necessary cookies: these are required to make the Website work. If you do not accept the Cookie Consent (or later change your Cookie preferences), and you continue to use the Website, only these Essential/necessary Cookies will be used.

Cookie

Description

Expires after

__hs_opt_out

This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again. This cookie is set when you give visitors the choice to opt-out of cookies.

13 months

__hs_do_not_track

This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, as it still allows anonymized information to be sent to HubSpot.

13 months

hs_ab_test

This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before.

End of session

<id>_key

When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page.

14 days

hs-messages-is-open

This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity.

30 minutes

hs-messages-hide-welcome-message

This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed.

1 day

__hsmem

This cookie is set when visitors log in to a HubSpot-hosted site.

1 year

hs-membership-csrf

This cookie is used to ensure that content membership logins cannot be forged.

End of session

hs_langswitcher_choice

This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages.

2 years

__cfduid

This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to your website and minimizes blocking legitimate users. It may be placed on your visitors' devices to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare's security features. Learn more about this cookie from Cloudflare.

Session cookie lasts a maximum of 30 days

__cfruid

This cookie is set by HubSpot’s CDN provider because of their rate limiting policies

End of session

Analytics Cookies: we use these in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. If you click “accept” on the Cookie Consent, we will use these. You can change your cookie preferences at any time, more information on how to do this is below.

Hubspot Analytics cookies

Cookie

Description

Expires after

__hstc

The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).

13 months

hubspotutk

This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.

13 months

__hssc

This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp. 

30 mins

__hssrc

Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session.

End of session

 

Google Analytics cookies

Cookie name

Description

Expires after

_ga

Used to distinguish users.

2 years

_gid

Used to distinguish users.

24 hours

_gat

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

1 minute

AMP_TOKEN

Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

30 seconds to 1 year

_gac_<property-id>

Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out. Learn more.

90 days

__utma

Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.

2 years from set/update

utmt

Used to throttle request rate.

10 minutes

__utmb

Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.

30 mins from set/update

__utmc

Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.

End of session

__utmz

Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.

6 months from set/update

__utmv

Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics

2 years from set/update

 

Use of Google Analytics and Hubspot

Any information generated by the cookie about your use of our Website will be transmitted to and stored by Google and HubSpot on its servers. For more information about the information gathered using Google Analytics and HubSpot please visit http://www.google.com/intl/en/analytics/privacyoverview.html and https://legal.hubspot.com/data-privacy.

You can block these cookies by activating the setting on your browser as explained below. To opt-out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.

Managing your cookie settings

If you prefer, you can change your settings to generally refuse cookies, to delete cookies that have already been placed on your device, or to warn you before a cookie is placed. Please refer to your browser instructions to learn more about how to adjust or modify your browser settings. If you choose not to accept cookies, and you still use the Website, only the necessary Cookies will be collected. Your opt-ing out of Analytics Cookies may impair the certain usability of the Website and you may not be able to take advantage of some of our features and services offered.

If you use different devices to access our Website (e.g., smartphone, tablet, computer, etc.) you will need to ensure that each browser on each device is adjusted to reflect your Cookie preferences.

You can block Google Analytics Cookies by activating the setting on your browser as explained below. To opt-out of being tracked by Google Analytics across the Website visit http://tools.google.com/dlpage/gaoptout.

You can block HubSpot Analytics Cookies by activating the setting on your browser as explained below. To opt-out of being tracked by HubSpot across the Website please declare this using our Cookie notification banner when you visit our website.

Changes to this Cookies Policy

We reserve the right to make changes to this Cookies Policy at any time with effect for the future. The then-current version of this Cookies Policy will be made available on the Website. While we do not intend to make changes to this Cookies Policy very often, we would encourage you to review our most current policy when you visit us to be sure that you have read and agree with what information we collect, how we use it and under what circumstances we disclose it.

Cookie Policy last modified: February 2020