Privacy Policy

Introduction

MapStand Limited (“MapStand” or “we”) respects your privacy. This Privacy Policy describes how we collect, use and share your personal data. MapStand is a company registered in England & Wales, with company number 09648878 whose registered address is on the 2nd Floor, Regis House, King William Street, London, EC4R 9AN, United Kingdom.

Scope of this Policy

The purpose of this Privacy Policy is to inform you about our privacy practices and to ensure that you understand the purposes for which we collect and process your personal data. The following is a brief summary of our privacy practices. This Privacy Policy does not apply to any data insofar as it is held, processed, disclosed or published in a form which cannot be linked to a living individual (such as anonymised data or aggregated data which cannot be used to extract your personal data). We reserve the right to generate anonymised and aggregated data extracted out of any databases containing your personal data and to make such use of such data as we see fit.

Questions and complaints

If you have any questions or wish to make any complaint in relation to our use of your personal data, please contact privacy@mapstand.com at this email address.

MapStand is responsible for the processing of personal data collected from you.

How we collect and use your data

1. Information that you provide directly or authorise someone else to give us. We may ask you to provide certain information including, but not limited to your name, email address, telephone number, employer, job title, and any passwords for services that we may need, and other information. We retain emails and other communications you send to us along with other information you provide to us. We use this information to operate, maintain our business and provide our services to you insofar as applicable, as further detailed below.
2. Information collected or received from third parties. We may receive information about you from third parties, including, but not limited to, third-party service providers who you permit to share information with us. You should always review and, if necessary, seek to adjust any privacy settings in respect of any such third-party service providers. We may also collect information about you from our third-party business associates, publicly available sources and our subsidiaries and affiliates.
3. Analytics information. We collect, measure and analyse traffic and usage trends of our website and our social media accounts (including LinkedIn and Twitter), and we use third-party analytics tools to help us. This allows us to understand, among other things, who is visiting our website, how they are using it, and ways to improve it. Such third-party analytics tools use cookies and persistent device identifiers to collect and store information including, but not limited to time of visit, pages visited, time spent on each page, IP address, and type of operating system used.
4. Cookies. When you visit our website, we sometimes send one or more cookies (small text files containing a string of alphanumeric characters) to your computer that uniquely identify your browser and enhance your navigation of our website. A cookie may also convey information to us about how you use the website (e.g., the pages you view, the links you click and other actions you take), and allow us or our third-party analytics tools we use to track your usage of our website. There are at least two different types of cookies: persistent and session cookies. A persistent cookie remains on your hard drive after you close your browser. Persistent cookies may be used by your browser on subsequent visits to our website. Persistent cookies can be removed by following your web browser's directions for the removal of cookies. A session cookie is temporary and disappears after you close your browser. You can reset your web browser to refuse all cookies or to notify you when a cookie is being sent. However, some features of our website may not function properly if cookies are disabled.
5. Log file. Log file information is automatically reported by your browser each time you access a web page. When you access or use our website, our servers may automatically record certain log file information, including but not limited to your web request, Internet Protocol address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on our website, domain names, landing pages, and pages viewed.
6. Clear GIFs/web beacons. Clear GIFs (also known as web beacons) allow for the tracking of a user's response to an email or usage of a website in a manner that does not reveal personally identifiable information. We may use clear GIFs or similar technologies to assess responses to emails and the usage of our website. For example, we may use clear GIFs to track when emails are opened and which links are clicked by recipients. You can disable certain abilities of clear GIFs to capture information by blocking cookies.
7. Device identifiers. When you visit our website using a mobile device, we may access, collect, monitor and/or remotely store one or more "device identifiers," such as a universally unique identifier. Device identifiers are small data files or similar data structures stored on or associated with your device that uniquely identify your device. A device identifier may consist of data stored in connection with the device hardware, operating system or other software, or data sent to the device by us. A device identifier may convey information to us about how you browse and use our website. A device identifier may remain persistently on your device to enhance your navigation on our website. Some features of our website may not function properly if the use or availability of device identifiers is impaired or disabled.
8. Advertising identifiers. Advertising identifiers are unique strings associated with your mobile device that are provided by the operating system. Certain advertising identifiers may be modified or disabled by users in the operating system's settings.
9. Location data. When you visit our website using a mobile device, we may access, collect, monitor and/or remotely store "location data," which may include GPS coordinates (e.g. latitude and/or longitude) or similar information regarding the location of your device. Location data may convey to us information about how you browse and use our website. Some features of our website, particularly location-based services, may not function properly if the use or availability of location data is impaired or disabled.
10. Commercial communications. Insofar as permitted under applicable law, we may use the information we collect or receive to communicate directly with you about the services we offer. Subject to your consent to receiving such communications, we may use the information to communicate with you about other services that we and our affiliates offer. For example, we may use the information to send you emails containing newsletters, promotions and special offers. We may also use the information to send you service-related notices (e.g., account verification, technical and security notices).
11. Use of certain service-type information. We may use information from cookies, log files, device identifiers, location data, clear GIFs and other tools to: (i) remember information so that you will not have to re-enter it during your visit or the next time you use our website; (ii) provide custom, personalised content or information to you or others; (iii) monitor the effectiveness of our website; (iv) monitor aggregate metrics, such as total number of visitors, traffic and demographic patterns; (v) diagnose or fix technology problems; (vi) provide advertising to your browser or device; and (vii) conduct research or surveys.
12. Use of information with your consent. We may use your information for any other purpose for which you provide consent.

The purposes for which we use your personal data

We collect and process your personal data for the following purposes:

• to meet our obligations to you, to deliver services to you and to handle enquiries and complaints;
• insofar as permitted under applicable law, to communicate with you in relation to our services and other services that we or our affiliates may offer;
• to personalise, test, monitor, improve and upgrade the services that are offered to you and our business;
• to aggregate data and to anonymise or depersonalise data to allow it to be used for statistical and research purposes;
• to meet our legal obligations and the regulatory requirements to which we are subject, for loss prevention purposes and to protect and enforce our rights and meet our obligations to third parties; or
• for our internal business purposes such as keeping records of our communications, and compiling and analysing information for general operational, statistical and business purposes.

Legal basis for processing your personal data

The processing of your personal data is lawful based on the following:

• the fulfilment of our contractual obligations to you or at your request before entering into a contract with us, where we process your personal data as your request as part of our services;
• where relevant, your express consent (if your consent is requested);
• compliance with legal obligations to which we are subject, including to comply with legal process (see further below); or
• our legitimate interests in (among other things) performing our services, conducting commercial research, improving and maintaining our services, protecting the security or integrity of our databases, protecting our business or reputation, taking precautions against legal liability, dealing with our assets in the event of a business change (see further below), protecting and defending our rights or property, or for resolving disputes, investigating and attending to inquiries or complaints with respect to the performance of our services.

How we may share your information

• (a) Business associates and service providers. We may share your personal data with third-party business associates and service providers that perform services on our behalf in connection with our business. Where your information is shared with such third parties, we ensure that the third-party service provider will deal with your information only on our behalf and on our written instructions and solely for the benefit of our business (and not for its own benefit).
• Business change. If we become involved in a merger, consolidation, acquisition, sale of assets, joint venture, securities offering, bankruptcy, reorganisation, liquidation, dissolution or other transaction, or if the ownership of all or substantially all of our business otherwise changes, we may share or transfer your personal data to successor party or parties in connection with such transaction or change in ownership.
• Necessary disclosure. Regardless of the choices you make regarding your personal data and to the extent permitted or required by applicable law, we may disclose your personal data to third parties to: (i) enforce or apply the terms of our agreement with you; (ii) comply with laws, subpoenas, warrants, court orders, legal processes or requests of government or law enforcement officials; (iii) protect our rights, reputation, safety or property, or that of our customers, users or others; (iv) protect against legal liability; (v) establish or exercise our rights to defend against legal claims; or (vi) investigate, prevent or take action regarding known or suspected illegal activities; fraud; our rights, reputation, safety or property, or those of our customers, users or others; violation of our terms and conditions, our policies or agreements; or as otherwise required by law.
• Sharing information. We may share certain service-type information, including information obtained through tools such as cookies, log files, device identifiers, location data and clear GIFs (such as anonymous usage data, referring/exit pages and URLs, platform types, number of clicks, etc.) with our third-party business associates who may use such information for the purposes described in the section titled “How we collect and use your data”.
• Aggregated data. As mentioned above, we may also aggregate or otherwise strip information of all personally identifying characteristics and may share that aggregated and anonymised data with third parties or publish it. This data does not personally identify you and helps us to measure the success of our services and to improve our customer experiences. We reserve the right to make use of any such aggregated and anonymised data as we see fit.

How we protect your information

We take certain physical, technological and administrative measures to protect the personal data you provide to us against loss, theft, and unauthorised access, use, disclosure or modification. However, we cannot ensure or warrant the security of any information you transmit to or share with us or guarantee that information may not be accessed, disclosed, altered or destroyed. Email sent to or from us may not be secure. You should use caution whenever submitting information online and take special care in deciding what information you send to us via email.

Your choices about your information

Controlling Your Settings. You can limit your browser or mobile device from providing certain information by adjusting the settings in the browser, operating system or device. Please consult the documentation for the applicable browser, operating system or device for the controls available to you. You can also stop receiving promotional emails from us by following the unsubscribe instructions in those emails. Note that unsubscribe is not available for certain emails concerning your relationship or dealings with us.

How long we keep your information

We retain your information as long as you engage our services and for a commercially reasonable time thereafter as necessary for backup, archival, fraud prevention or detection, or audit purposes, or as otherwise required by law. If you end our engagement, all personal information we hold about you (except to the extent it resides in back-up files) will be erased.

Transfer of personal data across borders

We operate our business in the United Kingdom. We may use servers and cloud services to store and process data in other countries and may transfer the data to other countries for the purpose of storage and data management. Our business associates and service providers may have access to your personal data in different countries including, without limitation, the UK, the EU and the USA. We ensure that when personal data is transferred across borders, we do so in compliance with the law including (in the case of data exported from the EU) by putting in place, between us and the party receiving the data, contractual terms for the protection of the interests of data subjects in the form approved by the European Commission or, where relevant, we may rely on the recipient of the data participating in a certification programme such as the EU-US Privacy Shield.

Third-party sites and services

Our website may reference or provide links to other websites, applications, or resources. If you access any website, application, or resources provided by a third party, our Privacy Policy will not apply. Your interactions with such websites, applications, and resources are subject to the privacy policies of the third parties that operate them. Please review those policies carefully to understand how those parties will treat your personal data.

Your legal rights

You have the following legal rights in respect of your personal data:

1. The right to require us to advise you of the categories of your personal data that we process, the purpose of any such processing, the identity of third parties who receive your data from us, the period for which your personal data is stored and whether any automated decision-making processes are being used in relation to your personal data. You also have the right to ask for a copy of your personal data records;
2. The right to require us to rectify inaccurate personal data records without undue delay;
3. The right to request the erasure of your personal data records where:
   • the data is no longer necessary in relation to the purpose for which it was collected, such as where you choose to no longer engage our services;
   • the processing of the data is based on your consent and such consent is withdrawn (provided that the other circumstances described in the sections “Legal basis for processing your personal data” above no longer apply); or
   • you object to the processing of your data and there are no overriding legitimate grounds for justifying the data processing;

• The right to restrict the processing of your personal data in certain circumstances (for example, where an objection has been raised and is being investigated);
• The right to receive your personal data from us in a structured, commonly used and machine-readable format;
• The right to object to the processing of your data in certain circumstances; and
• The right to lodge a complaint with the data protection supervisory authority of the EU member state where you reside.

The rights referred to above may be limited for example where compliance with your request is detrimental to the use of the data for statistical or research purposes.

Privacy Policy changes

This Privacy Policy was last changed on 01 July 2019. If we make changes to the Policy, the new version will be made available by posting it on our website. We may change, modify, add or remove portions of this Policy from time to time, and any changes will become effective immediately upon being posted unless stated otherwise.

MapStand is registered with the ICO (UK Information Commissioner's Office) under the Data Protection Register; our registration number is ZA457213. You have the right to complain to the ICO at www.ico.org.uk if you feel there is a problem with the way we are handling your data.