Murano Systems Limited, and its associated companies (“Murano” and “we”, with “us” and “our” being construed accordingly), takes data privacy seriously. The nature of our business provides that, from time to time, we require personal data from our customers.
We will provide clear information about how we use this personal data, and we will always be transparent with you about what information we collect, what we do with it, with whom we share it, and who you should contact if you have any concerns.
We will ensure that any personal data we collect about you will be held and processed strictly in accordance with the Data Protection Legislation.
Our website is not intended for children and we do not knowingly collect data relating to children.
Separately, we provide further information about:
- the collection and processing of personal data in the course of providing matchmaking or consulting services to our clients. For information about privacy in the context of services provided to our clients, click here.
- the collection and processing of personal data of professional allocators. For further information, click here.
- the collection and processing of personal data about our employees or contractors. For information about privacy in the context of doing work for Murano, please see the employee handbook.
- the collection and processing of personal data in relation to job candidates or applications for roles advertised on this website. For further information, click here.
- the collection and processing of personal data on our suppliers or service providers. For further information, click here.
1.How we obtain Your Data
We obtain personal data about you (“Your Data”) from the following sources:
- by you submitting information to us through our website www.muranoconnect.com for example, or when you subscribe to our newsletter.
- through your use of our marketing resources, such as events or webinars which we run or sponsor.
- from what we learn about you from your visit to our websites by you submitting information to us when you complete one of our surveys.
- by you interacting with us via a prospective, current, or former customer (for example, where you provide your business card to us), other than in connection with ongoing services we are providing to you or your organisation.
- Via phone conversations.
- Via research through the Internet (including social media, like LinkedIn), trade journals and other information made public.
2. Your Data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data including first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data including billing address, delivery address, email address and telephone numbers.
- Financial Data including bank account and payment card details.
- Transaction Data including details about payments to and from you and other details of products and services you have purchased from us.
- Technical Dataincluding internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
- Profile Data including your username and password, enquiries made by you, your interests, preferences, feedback and survey responses.
- Usage Data including information about how you use our website, products and services.
- Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
3.What we use Your Data for
For as long as we have access to Your Data, we use it for the following purposes, unless otherwise required as a result of you exercising your data protection rights:
|(1) To provide you with newsletters or information you have requested||Our legitimate interest in providing you with information you have requested|
|(2) To keep you informed of any activities undertaken by us which we believe may be of interest to you||If you are an existing customer: our legitimate interest in staying in touch with you to discuss potential repeat business. If you are a prospective customer: our legitimate interest in sending you direct marketing to seek business from you, unless you ask us to stop (in which case we will stop).|
|(3) To gather and analyse information on the market for our internal purposes||Our legitimate interest in ensuring we are able to focus our marketing and advertising more effectively|
|(4) To respond to an enquiry you have submitted||Our legitimate interest in responding to your enquiries, e.g. by email, telephone, post or social networks.|
|(5) To provide perception study services to our clients||Our legitimate interests in providing our clients with the services they require.|
|(6) To respond to requests for information from regulated bodies or government agencies||To comply with a legal obligation to respond to such requests or our legitimate interest in responding (as the case may be).|
|(7) Website analytic purposes||Our legitimate interest in providing products, services, choices, operations and websites that meet the requirements of our existing and prospective customers.|
3. Who we share Your Data with
For as long as we have access to your Data, we may share any of it with any of the following to the extent that they need to have access to Your Data in order to perform their role:
- Murano Associated Companies and any employee, contractor and agent within those companies, including but not limited to Murano Systems Limited (UK) and Murano Connect LP (USA)
- Third parties who provide services on our behalf. For example, we use third parties such as MailChimp and GSuite to provide marketing automation services and Quickbooks to provide payment processing services. A complete list of our third-party service providers is available on request.
We may also share Your Data with companies, organisations, or individuals outside of Murano if we believe that disclosure of the information is necessary for legal reasons.
We require all third parties to respect the security of Your Data and to treat it in accordance with the law. We do not allow our third-party service providers to use Your Data for their own purposes and only permit them to process Your Data for specified purposes and in accordance with our instructions.
5. Identity and Contact Details of Data Controller
Murano Systems Limited,
106 New Bond Street,
London W1S 1DN,
FAO: Data Controller
6. International Data Transfers
In certain circumstances, we may transfer Your Data to countries outside the EEA, which may not adhere to the same levels of data protection to which countries within the EEA are subject. Any such transfers are, at all times, made in accordance with the Data Protection Legislation. Details of the circumstances and mechanisms in place to ensure compliance are set out below:
Murano Connect LP (USA)
All personal data used by this office is held on Murano’s central servers located in Ireland and under our control. These transfers are not repetitive and will only occur where necessary to perform a contract or for our legitimate interest in pursuing business operations, and on this basis they are permitted under the Data Protection Legislation.
7. Your Rights in relation to Your Data
Under the Data Protection Legislation, you will have the following rights in relation to how we process Your Data:
- Right to request access: you may obtain confirmation from us as to whether or not Your Data is being processed and, where that is the case, access to Your Data. Your right of access can be exercised in accordance with the Data Protection Legislation. You can submit a data access request at any time. In order to do this, please contact us at email@example.com.
- Right to rectification: you have the right to obtain rectification of inaccurate personal data we hold concerning you.
- Right to restriction of processing: you have the right to ask us to restrict our processing of Your Data to the extent that (a) you have questioned the accuracy of Your Data and we are still checking its accuracy, (b) it is established that we did not have the lawful right to process Your Data, (c) we no longer need to use Your Data for the purposes we collected or used it for but you need it to be preserved for the purposes of legal claims, or (d) you have exercised your right to object to our use of Your Data and no exception applies to permit us to keep using it.
- Right to object to processing: to the extent that (a) we use Your Data on grounds of our legitimate interests and no exception applies to permit us to keep using it, or (b) we use Your Data for direct marketing purposes, or (c) We use it for scientific or historical research purposes or statistical purposes and no exception applies to permit us to keep using it, you may object to us processing Your Data.
- Right to data portability: you have the right to receive Your Data in a structured, commonly used, and machine-readable format.
- Right to withdraw consent: where you have provided your consent to us processing Your Data, you have the right to withdraw your consent at any time..
- Right to lodge a complaint: you may lodge a complaint with any supervisory authority in the EU. The supervisory authority for the United Kingdom is the Information Commissioner’s Office (ICO).
If you would like to exercise any of the above rights, including to withdraw your consent (where our processing of Your Data relies on your consent), please contact us at firstname.lastname@example.org.
For further information on your rights, please see the Information Commissioner’s website here.
8. Data Retention Period
Your Data will be stored for a maximum period of 6 (six) years, after which time it will be destroyed if it is no longer required for the lawful purpose(s) for which it was obtained. If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information, unless we request your consent to store it for a longer period.
9. Additional Information
- There is no statutory or contractual requirement for you to provide Your Data to us and you are not obliged to do so. Please note that we may not be able to provide you with the services you have requested, such as receiving our newsletter, if you do not provide your contact details. As set out in our cookies policy, our website may not be able to fully function if you do not agree to certain cookies being set on your computer.
- We do not undertake automated decision-making or profiling on Your Data.
10. Security of personal information
We recognise the need to ensure that personal information gathered via this website remains secure. Our site has security measures in place to protect against the loss, misuse, and alteration of the personal information under our control. Our security measures include the use of a hardware firewall to prevent unauthorised access. You acknowledge that although we exercise adequate care and security, there remains a risk that information transmitted over the Internet and stored by computer may be intercepted or accessed by an unauthorised third party.
11. Data obtained indirectly
In some circumstances, we may obtain personal data about you from other sources. This information may include your name, contact details and job title, which we obtain from third-party sources such as organisers of events we sponsor or other publicly available sources, such as your company’s website.
12. External Links
Our website contains links to other websites belonging to third parties. We do not control the privacy practices of these other websites. We do not accept any responsibility for the policies of third party controllers, such as providers of search engines and social networks. Please check the third parties’ privacy notices before you submit any personal data to them.
Updated: August 2018