The meaning of Personal Data
“Personal Data” is defined in data protection laws applicable in your country. It includes any information relating to an identified or identifiable natural person. This means any individual who can be identified directly or indirectly by reference to an identifier such as name, identification number, location data, online identifiers (for example, IP addresses – if they can be used to identify you) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Put simply, this includes data which either by itself or with other data held by us or available to us, can be used to identify you.
Important notice about international transfers
We are part of the Aspen Group which has databases in different jurisdictions. We may transfer your data to one of the Group’s databases outside your country of domicile. These other countries will either have different data protection laws than your country of residence or they will not have data protection laws. They may not be deemed by the European Commission as providing adequate protection for Personal Data. Even if the country to which the data is to be transferred does not require us to provide adequate protection for your data, we will nonetheless seek to ensure that data transfers to Aspen Group databases in that country are adequately protected.
The categories of Personal Data we may collect, the purpose and the lawful basis
Personal Data collected from you include the following:
|Categories of Personal Data||Purpose||Lawful basis|
|Browsing information (IP address, browser information)||Monitoring and producing statistical information regarding the use of our platforms, and analysing and improving their functionality.||Legitimate interests – we need to perform this limited routine monitoring to make sure our website work properly, to diagnose any problems with our server and administer our Site|
|All information||Establishing and enforcing our legal rights and obligations and monitoring to identify and record fraudulent activity
Complying with instructions from law enforcement agencies, any court or otherwise as required by law
For our general record-keeping and customer relationship management
Managing the proposed sale, restructuring or merging of any or all part(s) of our business, including to respond to queries from the prospective buyer or merging organisation
Resolving any complaints from or disputes with you
|Legitimate interest (see column on left)|
In summary, we need certain categories of Personal Data because that is necessary in order to administer any contract with you (where relevant). Certain other Personal Data is processed for our legitimate interests in cases where this does not result in prejudice to you.
Data anonymisation and use of aggregated information
We may convert your Personal Data into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from that data. We may use this aggregated data to conduct market research and analysis, including to produce statistical research and reports.
In particular, we use technology to collect anonymous information about the use of this Site. For example:
1. we use technology to track which pages of our Site visitors view. We also use technology to determine which web browsers our visitors use. This technology does not identify you personally, it simply enables us to compile statistics about our visitors and their use of our Site.
2. certain pages of this Site may contain hyperlinks to other pages of it. We may use technology to track how often these links are used and which pages on our Site our visitors choose to view. Again this technology does not identify you personally — it simply enables us to compile statistics about the use of these hyperlinks.
We use this anonymous data to improve the content and functionality of this Site and consider areas and subjects which are attracting interest so that we can focus our e-mail updates (for those that wish to receive such communications). This allows us to better understand our Site visitors’ interest areas generally and therefore to improve our Site and products and services we offer.
Cookies and analytic tools
The cookies that our Web sites may deploy can be divided into four categories:
1. Strictly Necessary Cookies
These cookies are essential, because they enable you to move around our Web sites and use certain features, e.g., to access secure areas of the Web site or in connection with information searches. Without these cookies, certain services you may ask for could not be provided.
2. Performance Cookies
These cookies may be used to collect information about how you use our Web sites, for example which pages you visit most often. These cookies do not collect information that identifies you. These cookies are only used to learn how our Web sites are performing and make relevant improvements.
3. Functionality & Profile Cookies
These cookies may be used to allow our Web sites to store information about choices that you make and provide you with more personal features. We may also use such cookies to ensure that onsite marketing and experience is relevant to you. The information these cookies collect may be anonymous and they cannot track your browsing activity on other Web sites.
4. Advertising Cookies
These cookies may be used to deliver advertisements that are more relevant to you and your interests. They are usually placed by advertising networks with our permission.
We use Google Analytics on our Site with the extension “anonymizeIP()”, IP addresses being truncated before further processing in order to rule out direct associations to persons.
You can disable cookies using your Internet browser settings. Please consult your browser’s help function for information on how to disable cookies. Note that if you disable cookies, certain features of our Site may not function properly.
We use the “Facebook Pixel” from Facebook Inc. (“Facebook”).
This allows user behaviour to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. This data is also stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/ . You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
Additionally, this feature enables us to display personalized advertisements (“Facebook Ads”) to website users, when they visit Facebook or other websites that also use this feature. We are interested in showing you personalized advertisements in order to make our website more interesting to you. We do not use “Facebook Custom Audience Customer List”. Due to “Facebook Custom Audiences Pixel”, your browser automatically establishes a direct connection to the Facebook server. We have no control over the extent and the further use of the data, which are collected by the use of this feature by Facebook and inform you therefore according to our knowledge level: By the integration of “Facebook Custom Audiences Pixel” Facebook receives the following information: HTTP-Header, pixel-specific data, button-click data, optional information and form field name (for details please see https://www.facebook.com/business/gdpr). If you are registered with Facebook, Facebook can assign your visit to our website to your account. Even if you are not registered with Facebook or have not logged in, there is a chance that Facebook will find out and store your IP address and other identifying features in order to track you.
You may opt-out of participation in “Facebook Pixel” by clicking https://www.facebook.com/settings?tab=ads.
The legal basis for the processing of your personal data is Art. 6 (1) (f) GDPR. For more information about data processing through Facebook, please visit https://www.facebook.com/about/privacy. Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation: (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
Disclosure of your Personal Data to third parties
We may disclose your Personal Data to third parties, including but not limited to as follows:
2. to third parties who supply services to us and who help us and our group of companies to operate our business. For example, sometimes a third party may have access to your Personal Data in order to support our information technology;
3. to our legal and other professional advisers;
4. as necessary in order to comply with a legal requirement, to protect vital interests, to protect the security or integrity of our databases or this Site, to take precautions against legal liability;
5. to regulatory authorities, courts and governmental agencies to comply with legal orders, legal or regulatory requirements and government requests; and
Security of Personal Data
We endeavour to use appropriate technical and physical security measures to protect Personal Data which is transmitted, stored or otherwise processed by us, from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access, in connection with our Site. These measures include computer safeguards and secured files and facilities. Our service providers are also selected carefully and required to use appropriate protective measures. In certain areas, Aspen UK uses industry-standard SSL-encryption to protect data transmissions. Most current browsers support the level of security needed to use these areas.
In particular, we endeavour to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including as appropriate: (a) pseudonymisation (such as where data is separated from direct identifiers so that linkage to an identity is not possible without additional information that is held separately) and encryption, (b) ensuring the ongoing confidentiality, integrity, availability and resilience of systems and services used to process your Personal Data, (c) ensuring the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident; and (d) ensuring a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational security measures.
Retention period or criteria used to determine the retention period
We keep your Personal Data for as long as it is necessary to do so to fulfil the purposes for which it was collected as described above.
The criteria we use to determine data retention periods for Personal Data includes the following: (i) Retention in case of queries. We will retain it for a reasonable period after the relationship between us has ceased (up to 6 months) in case of queries from you; (ii) Retention in case of claims. We will retain it for the period in which you might legally bring claims against us (in Germany this means we will retain it for 10 years) if and to the extent we have entered into any contract with you; (iii) Retention in accordance with legal and regulatory requirements. We will consider whether we need to retain it after the period described in (ii) because of a legal or regulatory requirement.
If your application for employment is successful and you commence employment with Aspen UK, your Personal Data will be transferred to your personnel file and will be processed for employment purposes. If your application for employment is not successful, we will keep your Personal Data for a period compliant with applicable laws, after notification that your application was not successful.
If you would like further information about our data retention practices please contact us (see “Contact Us” below).
Your rights under data privacy laws
You have various rights under data privacy laws in your country. These may include (as relevant): the right to request access to the Personal Data we hold about you; the right to rectification including to require us to correct inaccurate Personal Data; the right to request restriction of processing concerning you or to object to processing of your Personal Data, the right to request the erasure of your Personal Data where it is no longer necessary for us to retain it; the right to data portability including to obtain Personal Data in a commonly used machine readable format in certain circumstances such as where our processing of it is based on a consent; the right object to automated decision making including profiling (if any) that has a legal or significant effect on you as an individual; and the right to withdraw your consent to any processing for which you have previously given that consent. Please be aware that some of these rights will only become relevant when changes to data privacy laws come into force in May 2018. You can also lodge a complaint with a supervisory authority in the country of your residence.
Please see “Contact Us” if you wish to exercise any of these rights (as relevant).
Links to Other Websites
Public Scientific Service Phone: +44 1748 828391
Be sure to include your email address and telephone number with your correspondence.
Alternatively, write to: Aspen UK, 6 Bell Street, Maidenhead, Berkshire, SL6 1BU
Last updated: July 2018