https://www.xperience-group.com/site-pages/privacy-statement/
This privacy statement is effective as of June 2023 and will be updated regularly to reflect any changes in the way we handle your personal data or any changes in applicable laws.
This page will provide you with everything you need to know about Xperience Ltd and any newly acquired companies (“Xperience”; “we”) and will protect the personal data we process and control relating to you (“your personal data”; “your data”) and which rights you have in relation to the processing of your personal data.
Below, we will provide you with an outline of how Xperience protects your personal data. Further below, we also include specific information on the following:
Xperience takes your right to privacy and the protection of your data seriously. Our aim is to make you feel secure that when you deal with Xperience, your personal data is in safe hands.
We protect your personal data in accordance with the law and our data privacy policies. In addition, Xperience has taken the correct business and technical measures to protect your personal data against unauthorised or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction or damage.
We collect personal data of our employees, potential employees, clients, suppliers, business contacts, shareholders and website users. If we collect data that is not listed in the privacy statement, we will give individuals (when required by law) appropriate notice of which other data will be collected and how they will be used.
Except for certain information that is required by law or by Xperience policies, your decision to provide any personal data to us is voluntary. You are not obliged to provide personal data, but if you do not provide certain information, we may not be able to achieve some of the elements or purposes outlined in this privacy statement, and you may not be able to use certain tools and systems which require the use of such personal data.
If you provide us with personal data not relating to you, for example another person (for instance, a potential employee/referral), you are responsible for ensuring that the person is made aware of the information contained in this privacy statement and that the person has given you their consent for sharing the information with Xperience.
We may collect data from you via a number of ways either directly from you (for example, when you provide information to sign up for a newsletter or register to download content from our website) or indirectly from certain third parties (for example, through our website’s technology). Such third parties include our public websites and social media, suppliers and vendors.
Xperience uses your personal data only where required for specific purposes. Please view the table below for a list of the purposes for which Xperience uses your personal data and an overview of the legal basis for each such purpose.
| Purpose | Legal Basis |
|---|---|
| Managing our employee contractual relationships | Employee contractual obligations to which you are party to. |
| Recruitment | Based on our legitimate interest for facilitating the recruitment of the appropriate employees. |
| Maintaining communication with you (for emergencies, and to provide you with requested information, or to notify you about updates to our service) | Based on our legitimate interests for maintaining appropriate communication and emergency handling within the business. |
| Operating and managing our business | Based on our legitimate interests for maintaining the efficient and appropriate functioning of our business operations. |
| Legal compliance | Based on legal compliance to which we are subject. |
| Monitoring your use of our systems (including monitoring the use of our website and any systems or apps that you use) | Based on our legitimate interests of remaining compliant and to protect our reputation. |
| Social listening – assessing and analysing the wellbeing of our brand on social media (only publicly accessible content) and to understand sentiment, intent, mood and market trends. We may do this through key-word searches and our goal is to gain insights in conversation trends over a specified period and not to identify an individual. | Based on our legitimate interest of protecting our assets and our brand on social media . |
| Reviewing the functionality and security and functioning of our website, networks and information | Based on our legitimate interests for ensuring that you receive the best possible user experience and to ensure that our IT infrastructure and information is secure. |
| Undertaking data analysis, to improve company performance | Based on our legitimate interests to ensure that the business functions properly. |
| Marketing our products and services to prospective customers via email or telephone (all personal data is sourced from data providers such as ZoomInfo and communications will include the option to unsubscribe at any time from future communications. ZoomInfo Privacy Centre can be found zoominfo.com/privacy-center)
Marketing our products and services to existing customers via email or telephone (with prior consent) |
Legitimate Interest – Prospective customers may find additional business value in learning about the Xperience group portfolio of services that seek to increase business security, efficiencies or savings. In turn, Xperience group are able to continue to invest in the ongoing development of existing and new complementary service offerings that deliver value to our existing and prospective customers.
Legitimate Interest – Existing customers may find additional business value in learning about other complementary services delivered by Xperience group that seek to increase business security, efficiencies or savings. In turn, Xperience group are able to continue to invest in the ongoing development of existing and new complementary service offerings that deliver value to our clients. |
Where we have stated “legitimate interests” this is based on not over-riding your legitimate interests, rights or freedoms.
We will only process your personal data for the purposes mentioned in the table above.
To the extent you are asked to click on/check “I accept”, “I agree” or similar buttons/checkboxes/functionalities in relation to a privacy statement, doing so will be considered as providing your consent to process your personal data.
We will not use your personal data for purposes other than those listed in the table and where you have been informed, unless it is required or authorised by law, or it is in your own important interest for example in case of a medical emergency.
We may transfer personal data to third parties in the case where we are working with a trusted partner to provide you with a solution. For example, for registration of your Software Licencing and Warranty with our third-party vendors or third level support e.g. Microsoft, Sage, Infor, IBM, Sophos. We will not provide your personal data to third parties without your prior consent.
We do not collect sensitive data (also known as special category data) through our website or otherwise. In the limited cases where we do seek to collect such data, we will do this in accordance with data privacy law requirements and/or ask for your consent.
These categories include racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offences (including information about suspected criminal activities).
We as an organisation maintain physical and technical security arrangements for all the personal data we hold. We have protocols, policies, procedures and guidance to maintain these arrangements and to minimise risks associated with the personal data and the processing we undertake.
We hold market leading security measures to protect your personal data. This includes:
Xperience operates within the UK only, therefore all data is processed and is only accessible in the UK. Any transfers of data between our company locations in Lisburn, Peterborough, Glasgow and Bury St Edmunds will take place in accordance with data privacy laws. The companies within the Xperience Group are as follows:
Xperience Dynamics Ltd – Lisburn
Xperience IT Solutions Ltd – Lisburn
The Cloud Simplified Ltd – Lisburn
Xperience Dynamics Ltd – Glasgow
DMC Software Solutions Ltd – Peterborough
Green Duck Ltd – Bury St Edmunds
Riverlite Ltd – Bury St Edmunds
We will only hold your personal data for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data are deleted after a reasonable time.
You are entitled under the following conditions (there may be exceptions according to the applicable laws) to:
To the extent that the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time by contacting Xperience. This will not affect Xperience’s right to process personal data obtained prior to the withdrawal of your consent.
If, despite our efforts to protect your personal data, you believe that your data privacy rights have not been adhered to, we encourage individuals to seek a resolution with Xperience in the first instance.
Xperience collects personal data at its website either through individuals signing up to a newsletter or downloading marketing collateral or through our website technology.
We may collect and process the following personal data:
Our websites may include:
We do not accept any responsibility or liability for such third parties’ sites or programs.
As part of day-to-day maintenance we analyse your IP and browser information to determine what is most effective about our website, to help us identify ways to improve the customer experience and make it more effective
Please review our Cookie Policy which will outline how we use Cookies and other tracking technologies.
We analyse our website on a continual basis to ensure that we provide the best user experience and to optimise the site.
By using our website, you agree that we can place cookies and other similar technologies on your device as explained in our cookies policy.
When you come to our offices across the various locations we will ask for your details to provide you with a pass. This process is part of our ISO 27001 certification which requires that we know who is in our offices at all times to ensure that we protect the security of our data.
Sources of marketing data include individuals who have subscribed to a newsletter, downloaded marketing collateral from our website, from events, individuals or companies with whom we have been in discussions with from a sales perspective and those who we currently do business with. We may also obtain contact information from publicly available sources such as social media websites, to make an initial contact with a relevant individual at a client or other company.
We do send targeted commercial emails to individuals and companies with whom we do business and individuals or companies that have registered their interest in the products and services that we offer and have opted in to receive emails from us. Our targeted e-mail messages enable us to know whether you open, read, or delete the message, and any links you may click. If you click in a link you will be taken through to our website at which point you will be required to accept our cookie policy.
We have a Customer Relationship Management system to track and manage our sales and marketing activities. Our CRM database holds personal data belonging to individuals at our client companies, suppliers, and other companies with whom we already have a business relationship or want to develop one. The information that we hold will only include contact information, products or solutions that have been purchased, products or solutions that a prospect may be interested in. It may also include publicly listed information that we have gleaned from social media, interest that has been shown in relation to commercial emails or visits to the Xperience website.
We do not share information with third parties unless it is required as part of the contractual agreement that we have with the client. For example, we work with third parties to deliver some of our solutions and would be required to provide contact details of the client in order to provide the full solution. We do however, ensure that we inform and gain consent from individual / companies prior to releasing information to the third party.
You can stop marketing emails at any time by checking certain boxes on the forms we use to collect your personal data, or by opting-out of emails that we send you. Even if you have opted into emails you can stop emails by unsubscribing to them.
If you have any questions, please contact us at the following: