This privacy notice provides you with details of how we collect and process your personal data through your use of our website including any information you may provide through our site when you purchase a product or service, sign up to our newsletter or take part in a prize draw or competition.
By providing us with your data, you warrant to us that you are over 13 years of age.
Cirrus Research plc is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
Cirrus Research plc may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
This policy is effective from 1st August 2016. Updated 19 March 2018.
Our full details are:
Cirrus Research plc
Telephone: +44 1723 891655
with company number 987160
Whose registered address is:
Cirrus Research plc
and whose operating address is:Cirrus Research plc
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at email@example.com or by clicking the update link in any marketing emails that we may send you.
Along with our business and internal IT systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- UK Data Protection Act 1988 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
This site’s compliance with the legislation listed above, means that this site is likely compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
Why we store your personal information
We require your information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping
- We may use the information to improve our products and services
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests
What information do we collect about you?
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process certain types of personal data about you as follows:
- Identity Data may include your first name, maiden name, last name, username, and title
- Contact Data may include your billing address, delivery address, email address and telephone numbers
- Financial Data may include your bank account and payment card details
- Transaction Data may include details about payments between us and other details of purchases made by you
- Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site
- Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses
- Usage Data may include information about how you use our website, products and services
Marketing and Communications Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.
We may also process Aggregated Data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example of this is where we review your Usage Data to work out the percentage of website users using a specific feature of our site. If we link the Aggregated Data with your personal data so that you can be identified from it, then it is treated as personal data.
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
How we collect information about you
We collect data about you through a variety of different methods including:
- Direct interactions: You may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you:
- order our products or services;
- create an account on our site;
- subscribe to our service or publications;
- request resources or marketing be sent to you;
- enter a competition, prize draw, promotion or survey; or
- give us feedback.
- Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below;
- Technical Data from the following parties:
- analytics providers such as Google based outside the EU;
- search information providers
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services
- Identity and Contact Data from data brokers or aggregators
- Identity and Contact Data from publicly availably sources such as Companies House and the Electoral Register based inside the EU
- Information that you provide to us at meetings, conferences, exhibitions, seminars and training courses
Additional information that our websites collect
Our websites collect and use personal information for the following reasons:
Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third-party data processor.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
Contact forms and email links
Should you choose to contact us using the contact form on our Contact us page or an email link, that information will be sent to us via either SMTP or via a third-party data processor. If information is sent via a third-party data processor, it is not stored by them and is only used during transmission of that information to us.
We may store the information within our CRM or Email marketing system. If the information is stored within our email marketing system, you will only be sent transactional emails unless you have subscribed to our newsletter. Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
A record of form submissions is stored on an encrypted, secure server for audit purposes and as a backup in case of internal system failures.
If you choose to join our email newsletter, the email address that you submit to us will be forwarded to Force24 who provide us with email marketing services. We consider Force24 to be a third-party data processor (see below).
Your email address will remain within Force24's database for as long as we continue to use Force24's services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
We may use email marketing systems for transactional emails (ie information that you will receive in relation to products and services that you have purchased from Cirrus).
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the Force24 database, you will receive periodic newsletter-style emails where you have signed up to do so.
We may also contact you with other relevant information such as product updates or software releases that are pertinent to the products or services that you have purchased from us or from our distributors.
How we use your personal information
We will only use your personal data when legally permitted. The most common uses of your personal data are:
- Where we need to perform the contract between us
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by emailing us at firstname.lastname@example.org
Purposes for processing your personal data
Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data. We have also explained what our legitimate interests are where relevant.
We may process your personal data for more than one lawful ground, depending on the specific purpose for which we are using your data. Please email us at email@example.com if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To register you as a new customer||
|Performance of a contract with you|
To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
(e) Marketing and Communications
(a) Performance of a contract with you
(b) Necessary for our legitimate interests to recover debts owed to us
|To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
(d) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services
|To enable you to partake in a prize draw, competition or complete a survey||(a) Identity
(e) Marketing and Communications
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests to study how customers use our products/services, to develop them and grow our business
|To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity
|(a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise
(b) Necessary to comply with a legal obligation
|To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising||(a) Identity
(e) Marketing and Communications
|Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical
|Necessary for our legitimate interests to define types of customers for our products and services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||(a) Identity
|Necessary for our legitimate interests to develop our products/services and grow our business|
You will receive marketing communications from us if you have:
- requested information from us or purchased goods or services from us; or
- if you provided us with your details and ticked the box at the point of entry of your details for us to send you marketing communications; and
- in each case, you have not opted out of receiving that marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
You can ask us or third parties to stop sending you marketing messages at any by following the opt-out links on any marketing message sent to you or by emailing us at firstname.lastname@example.org
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to find out more about how the processing for the new purpose is compatible with the original purpose, please email us at email@example.com
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
Third party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out above.
About our website server
This website is hosted by Layershift within a UK data centre.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Disclosures of your personal data
We may have to share your personal data with the parties set out below for the purposes set out in the table in section 8 above:
- Other companies in our group who provide IT and system administration services and undertake leadership reporting
- Service providers who provide IT and system administration services
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
- Third parties to whom we sell, transfer, or merge parts of our business or our assets e require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Please email us at firstname.lastname@example.org< if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent
You can see more about these rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you wish to exercise any of the rights set out above, please email us at email@example.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.
Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.
You should exercise caution and look at the privacy statement applicable to the website in question.
The content of this website, any illustrations, technical information and descriptions within this website were correct at the time of going to production.
Cirrus Research plc reserves the right to make any changes necessary, without notice, in line with the policy of continuing product development and improvement.
No part of this website may be duplicated, reprinted, stored in a data processing system or transmitted by electronic, mechanical, photographic or other means, or recorded, translated, edited, abridged or expanded without the prior written consent of Cirrus Research plc.
No liability is accepted for any inaccuracies or omissions in this website, although due care has been taken to ensure that is it complete and accurate as possible. Accessories supplied by Cirrus Research plc have been designed for use with the instrumentation manufactured by Cirrus Research plc.
No responsibility is accepted for damage caused by the use of any other parts or accessories. In order to take account of a policy of continual development, Cirrus Research plc reserves the right to change any of the information contained in this website and any associated publications without prior notice.
Cirrus Research plc® Cirrus Research plc Logo®, doseBadge®, DOSEBADGE®, optimus®, VoiceTag™ Auditstore™, Acoustic Fingerprint™, the NoiseTools Logo and the Noise-Hub Logo are either registered trademarks or trademarks of Cirrus Research plc in the United Kingdom and/or other countries. All other Trademarks are acknowledged.
Produced by Cirrus Research plc, Acoustic House, Bridlington Road, Hunmanby, North Yorkshire, YO14 0PH.
Find out more
If you have any questions or if you would like any more information, please contact us and we will be pleased to help.
From the UK, contact us on 01723 891655.
From outside the UK, please contact us on +44 1723 891655.
You can also contact us via our contact form.