INTRODUCTION
We, at Auth Consulting Limited (the “Company”, “we”, “us”, “our”) respect the privacy and data protection rights of our website visitors, platform users and business contacts.
This privacy policy (the “Privacy Policy”) explains how we collect, use, and disclose information collected through each of the following contexts:
- The data practises on our website https://auth.inc/ (the “Website”)
- Our relationship with respentivies of existing and prospective customers, partners, and vendors (the “Representatives”), and the Representatives that login to use our platform (“Platform Users”)
This Notice may be amended from time to time. We will post any change to this Notice on our Website a reasonable time in advance to the effective date of the change, and we will also make efforts to proactively notify you by email of the changes to the Notice if we have your email address.
Scenario
Purposes
Categories of Information Processed
Contacting us with an inquiry through the Website
Contacting us with an inquiry through the Website
Our business development
Managing the contracts and business relationship with customers and partners
Administering the business and professional services relationship with customers and partners Facilitating the provision of support to customers and partners
Name, email address, company affiliation, position, phone number, country, past communications, products, and services used or expressed interest in
Managing the sale contracts and business relationship with vendors and service providers
Administering the business relationship with vendors and service providers Facilitating Auth’s use of vendors and service provider’s products and services
Name, email address, company affiliation, position, phone number, country, past communications
Platform Users accessing and using the Platform
Administering the relationship and service agreement we have with the Platform User’s business. Facilitating the provision of the Platform and support for the Platform
Name, username, email address, password, company; position; phone number; country; past communications; activities performed on the Platform.
If a person abused their rights to use the Website, the Platform, or violated any applicable law while doing business with us
Responding to, handling, and mitigating suspected violations of law in connection with our business
Any of the information mentioned above
METHODS AND SOURCES FOR COLLECTING YOUR PERSONAL INFORMATION
We collect the personal information from several sources:
- Directly from you as when you provide it to us through email communications, a registration form, or when you give us your business card. You are not legally obligated to provide us your personal information, but if you do not, we will not be able to handle or respond to your inquiry, maintain our business contact with you, or fulfil your request to register as a Platform User.
- If another representative of your organisation provides us with your information.
You do not have a legal duty to provide information to us. However, you will not be able to submit a request, access the Platform or be in contact with us, without providing the above information.
SHARING YOUR PERSONAL INFORMATION
We will not share your information with third parties, except in the events listed below or when you provide us with your explicit and informed consent. We do not sell your personal information to third parties.
Scenario
Purposes
Examples of Third Parties involved
We will share your personal information with our service providers who assist us with the internal operations of our business and the Website. These companies are authorised to use your personal information in this context only as necessary to provide these services to us and not for their own promotional purposes
Operating the Website and our business
Google Cloud Platform
If you abused your rights to use the Website or violated any applicable law in the course of doing business with us.
Responding to, handling, and mitigating suspected violations of law in connection with our business.
Competent authorities, legal counsels, and advisors.
If a judicial, governmental, or regulatory authority requires us to disclose your information.
Complying with a binding request from a competent authority.
Competent authorities.
If the operation of the Website or our business is organised within a different framework, or through another legal structure or entity (such as due to a merger or acquisition).
Enabling a structural change in the operation of the Website and our business.
The target entity of the merger or acquisition, legal counsels, and advisors.
DATA RETENTION AND SECURITY
We retain your information for the duration we need it to operate the Website, the Platform and our business, and interact with customers, partners and suppliers, and thereafter as needed for record-keeping purposes.
- We will retain your information for the duration needed to support our ordinary business activities operating the Website, the Platform and interacting with existing and potential customers, suppliers and partners. Thereafter, we will still retain your personal information as necessary to comply with our legal obligations, resolve disputes, establish and defend legal claims and enforce our agreements. The overall period of retention is approximately 3 years.
We implement measures to secure your information
- We implement measures to reduce the risks of damage, loss of information and unauthorised access or use of information. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal information, there is no guarantee that it will be immune from information security risks.
ADDITIONAL INFORMATION FOR INDIVIDUALS IN THE EU OR UK
Controller and GDPR representative.
Name
Address
EU GDPR Representative
Auth Consulting Limited
163 Drumnigh Manor, Portmarnock, Co. Dublin. Ireland
privacy@auth.inc
International data transfers
To facilitate processing your information within the companies in our corporate group and by our service providers, we will transfer your information to countries such as the United Arab Emirates, Ireland and the United States. We do so under the terms of a data transfer agreement which contain standard data protection contract clauses with adequate safeguards determined by the EU Commission.
Legal basis for processing your personal data
Purpose or Scenario
Legal Basis
Responding to your inquiry
Legitimate interests in developing potential leads and responding to business inquiries
Administering the business and services relationship with customers and partners. Facilitating the provision of support to the customer or partner
Legitimate interests in administering and performing the contractual obligations with customers and partners
Administering the business relationship with vendors and service providers Facilitating Auth’s use of vendors and service provider’s products and services
Administering the business relationship with vendors and service providers Facilitating Auth’s use of vendors and service provider’s products and services
Complying with a binding request from a competent authority
Legitimate interests in complying with mandatory legal requirements imposed on us
Enabling a structural change in the operation of the Website and our business
Legitimate interests in our business continuity
Data subject rights
If you are in the EU or the UK, you have the following rights under the GDPR:
- Right to Access and receive a copy of your personal information that we process.
- Right to Rectify inaccurate personal information we have concerning you and to have incomplete personal information completed.
- Right to Data Portability, that is, to receive the personal information that you provided to us, in a structured, commonly used, and machine-readable format. You have the right to transmit this data to another person or entity. Where technically feasible, you have the right to have your personal information transmitted directly from us to the person or entity you designate.
- Right to Object to our processing of your personal information based on our legitimate interest. However, we may override the objection if we demonstrate compelling legitimate grounds, or if we need to process such as personal information for the establishment, exercise, or defence of legal claims
- Right to Restrict us from processing your personal information (except for storing it):
- if you contest the accuracy of the personal information (in which case the restriction applies only for a period enabling us to determine the accuracy of the personal information);
- if the processing is unlawful and you prefer to restrict the processing of the personal information rather than requiring the deletion of such data by us;
- if we no longer need the personal information for the purposes outlined in this Notice, but you require the personal information to establish, exercise or defend legal claims; or
- if you object to our processing based on our legitimate interest (in which case the restriction applies only for the period enabling us to determine whether our legitimate grounds for processing override yours).
- Right to be Forgotten - Under certain circumstances, such as when you object to our processing of your personal information based on our legitimate interest and there are no overriding legitimate grounds for the processing, you have the right to ask us to erase your personal information. However, notwithstanding such request, we may still process your personal information if it is necessary to comply with our legal obligations, or for the establishment, exercise, or defence of legal claims. If you wish to exercise any of these rights, please contact us through the channels listed in this Notice.
- If another representative of your organisation provides us with your information
When you contact us, we reserve the right to ask for reasonable evidence to verify your identity before we provide you with information. Where we are not able to provide you with information that you have asked for, we will explain the reason.
Subject to applicable law, you have the right to lodge a complaint with your local data protection authority. If you are in the EU, then according to Article 77 of the GDPR, you can lodge a complaint to the supervisory authority, in the Member State of your residence, place of work or place of alleged infringement of the GDPR. For a list of supervisory authorities in the EU, click here (
Link to hosted GDPR)
If you are in the UK, you can lodge a complaint to the Information Commissioner’s Office (ICO) pursuant to the instructions provided
here.