User/Cookie Privacy Notice - Website and Services

Who we are

OpenCorporates is a trading name of OpenCorporates Ltd, which is a company incorporated in England and Wales (Company Registration Number 07444723).

In order to provide our services, we collect, use and make available certain personal information. We do this in accordance with the principles set out in this Privacy Notice, and in compliance with the General Data Protection Regulation (“GDPR”) which applies across the European Union (including in the United Kingdom).

For the purposes of GDPR, we are a “controller” of personal information.

The personal information we collect and use

In the course of operating this website and providing services, we collect the following personal information about you.

Information you give us

If you register for an account with us, we will collect the following information from you:

• your name;
• your email address;
• your social media handles (Twitter/LinkedIn/etc);
• payment information; and
• password details.

If you correspond with us (e.g. by contacting the helpdesk or submitting a sales enquiry), we will also collect personal information about you contained in that correspondence.

Information we collect automatically (Cookies)

This site, like many others, uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the US. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.

More information about how Google uses this information can be found here.

By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

You may refuse the use of cookies by selecting the appropriate settings on your browser.

How we use your personal information

We use the personal information we collect to:

• operate, monitor and improve this website and the services we offer, including allowing you to log into your OpenCorporates account (if any) and for us to personalise it for you;
• communicate with you in order to respond to questions or comments that you have raised with us;
• send information to you regarding your account – this may include copies of invoices, security alerts and messages regarding technical and administrative support issues; and
• send information to you regarding news, developments in our service, upcoming events, and other services offered by us and selected third parties that we believe will be of interest to you.

Who we share your personal information with

We will only share your personal information in the following circumstances:

• where you have given us permission to do so;
• where you have made a submission to the OpenCorporates corporate database and we wish to include your registered name in order to identify you as the author of such submission;
• with third parties who work with us and need it in order to provide our services to you (e.g. payment processors, help-desk support providers, email service providers, etc.); and
• when required to do so by applicable law.

Some of these third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.

We will not otherwise share your personal information with a third party.

How long your personal information will be kept

We will retain your personal information for as long as is necessary to fulfil the purposes outlined in this policy, except where a longer period is permitted or required under applicable law.

Reasons we can collect and use your personal information

We rely on two principles as the lawful basis on which we collect and use your personal information – namely consent and our legitimate interest.

Legitimate Interest

Under the General Data Protection Regulations, it is lawful for us to process your personal information if we have a legitimate interest in doing so provided this legitimate interest is not overridden by the need to protect your rights and interests. In practice, this means that we will process your data when

• It is necessary in order for us to provide services to you;
• Our processing is in line with what you would reasonably expect us to do with your data; and
• Your interests and our interests are aligned.

You have the right to object to this processing. If you wish to do so, please contact our data team at data.protection@opencorporates.com

Consent

We may also process your information in ways that you have consented to. Whenever we ask you for consent, we will do so in a way that is unambiguous, requires a clear affirmative act (i.e. an opt-in rather than an opt-out) and gives you all the information necessary to make an informed decision as to whether you wish to provide us with such consent.

You have the right to withdraw any consent you have provided at any time. If you wish to do so, please contact our data team at data.protection@opencorporates.com

Transfer of your information out of the EEA

In providing the services through this website, we often work with third party suppliers who are based outside of the European Economic Area (“EEA”). Where we transfer your personal information to a third party outside of the EEA we will ensure that adequate safeguards are in place that are designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information, such as ensuring the recipient:

• is registered with the US Privacy Shield (see here for more information); or
• has agreed to be bound by standard contractual clauses that have been approved by the EU.

Your rights

Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:

• fair processing of information and transparency over how we use your use personal information
• access to a copy of your personal information
• require us to correct any mistakes in the information we hold about you
• require the erasure of personal information concerning you in certain situations
• receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
• object at any time to processing of personal information concerning you for direct marketing
• object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
• object in certain other situations to our continued processing of your personal information
• restrict our processing of your personal information in certain circumstances
• claim compensation for damages caused by our breach of any data protection laws

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

• email us at data.protection@opencorporates.com
• let us have enough information to identify you (e.g. your name and registered email address) – note we may ask for proof of identity; and
• let us know the information to which your request relates

If you would like to unsubscribe from any email newsletter we send to you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. Note that it may take up to 5 days for this to take place.

Keeping your personal information secure

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

How to complain

We hope our data team would be able to resolve any query or concern you raise about our use of your information (see Contact us below).

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

Contact us

If you have any questions about this Privacy Notice, or the information we hold about you, please contact our data team via email at data.protection@opencorporates.com

If you wish to contact us for any other reason, we can be contacted:

By Email: helpdesk@opencorporates.com

By Post: OpenCorporates Ltd, Aston House, Cornwall Avenue, London, N3 1LF, United Kingdom

Changes to this privacy notice

This privacy notice was published on 25 May 2018 and last updated on 25 May 2018.

We may change this privacy notice from time to time, when we do we will inform you via email if you have a registered account with us.