Security & Privacy Statement
Anonymous user data is collected by Irisimage Ltd.
Iris Image takes the privacy and security of your data seriously. We have published this data protection guide to ensure that our clients and third parties are fully informed on what data we hold and how it is used. Iris Image operate within the requirements of the Data Protection Act 1998 and the General Data Protection Regulations ("GDPR").
Personal data protection principles
We adhere to the principles relating to processing of personal data set out in the GDPR which require personal data to be:
- processed lawfully, fairly and in a transparent manner (Lawfulness, Fairness and Transparency);
- collected only for specified, explicit and legitimate purposes (Purpose Limitation);
- adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed (Data Minimisation);
- accurate and where necessary kept up to date (Accuracy);
- not kept in a form which permits identification of data subjects for longer than is necessary for the purposes for which the data is processed (Storage Limitation);
- processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage (Security, Integrity and Confidentiality);
- not transferred to another country without appropriate safeguards being in place (Transfer Limitation);
- and made available to data subjects and data subjects allowed to exercise certain rights in relation to their personal data (Data Subject's Rights and Requests).
We are responsible for and must be able to demonstrate compliance with the data protection principles listed above.
Lawfulness and fairness
The GDPR restricts our actions regarding personal data to specified lawful purposes. These restrictions are not intended to prevent processing, but ensure that we process personal data fairly and without adversely affecting the data subject.
The GDPR allows processing for specific purposes, some of which are set out below:
- the data subject has given his or her consent;
- the processing is necessary for the performance of a contract with the data subject;
- to meet our legal compliance obligations;
- to protect the data subject's vital interests; or
- to pursue our legitimate interests for purposes where they are not overridden because the processing prejudices the interests or fundamental rights and freedoms of data subjects. The purposes for which we process personal data for legitimate interests need to be set out in applicable privacy notices or fair processing notices.
Your Rights Under GDPR
You as an individual have rights as follows:
- The right to be informed about processing of your personal data.
- The right to have your personal data corrected in case of inaccuracy and to have incomplete personal information completed.
- The right to object to processing of your personal data.
- The right to restrict processing of your personal data.
- The right to erasure of your personal data.
- The right to request access to your personal data and information about how we process it.
- The right to move your personal data (Data Portability).
- The right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us.
What information do we hold and how do we obtain it?
In general, we receive information directly from clients & third parties.
For what purpose do we use your information?
- To provide you with necessary communications.
- To provide you with details of relevant products and services.
Caring for your data
We undertake that we have in place a level of security appropriate to the nature of the data and the harm that might result from a breach of security. Data is held on our central database.
We further undertake that we will:
- Not hold information about you that is excessive in relation to the purpose(s) for which it is used.
- Use only the very latest data provided by you. To help us do this, please keep us informed if any of your details change.
- Not keep information for any purpose longer than is necessary. We may retain your records to enable us to solve any subsequent queries and comply with legislative requirements.
- Not transfer personal data outside of the EU unless we have entered into a DPA agreement with the supplier that is outside of the EU.
Accuracy of information
Iris Image do not represent or warrant that the material comprised on this site is completely accurate or up to date and Iris Image have no liability in respect of such material or for any use of any such information by any person.