Privacy Notice


Please read these Privacy and Cookies notices carefully before using this site.

Overview

Opia Limited (referred to as “Opia Limited”, “we”, “us” or “our” in this privacy notice), respects the privacy rights of individuals who visit this website. We are committed to your right to privacy and to the handling of personal information collected through this website, responsibly and in full accordance with all applicable laws.

As you review this privacy notice, here are a few general principles to keep in mind:

  • Our website is hosted from the United Kingdom. If you visit our website or use one of our online services, your information may be transferred or processed in the United Kingdom.
  • If you are a resident of California, Virginia or elsewhere in the United States of America, you may have rights under the California Consumer Privacy Act of 2018 (the “CCPA”), the California Privacy Rights Act (the “CPRA”), the Virginia Consumer Data Protection Act (the “CDPA”) or other applicable U.S. state privacy laws and regulations (depending on your location). Please see “Additional Information for Residents of the USA” below.
  • UK and EEA residents may have rights under the UK Data Protection Act of 2018 (“DPA”) and the General Data Protection Regulation (the “GDPR”), respectively. Learn more in the section entitled ‘UK/EEA Residents’ below.

Our social media websites or pages may have additional terms about the privacy of your information. Please review the privacy policy for the specific online service you are using.

Application of this Privacy Notice

This privacy notice explains how we may collect, share, use and protect your personal information when you visit or use this website and online services that reference this privacy notice. This privacy notice does not apply to information collected by us offline or through any other means, including on any other website hosted or operated by us or any third party or through any application or content (including advertising) that may link to or be accessible from our website.

We ask that you read this website privacy notice carefully, as it contains important information on who we are, how and why we collect, store, use and share your personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint or would like further information on any of the above.

How to Contact Us

You can contact us in relation to this privacy notice in one of the following ways:

  1. using our online form at com/contact-us;
  2. via email at: [email protected];
  3. via telephone at: +44 (0)333 888 4020; or
  4. via post at: 184 Shepherds Bush Road, W6 7NL, London, UK.

What is Personal Information?

Personal data, or personal information, means any information about a living individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

The Data we Collect about You

We collect personal information), about you when you access our website, contact us, send us feedback, or when you apply for a job with us.

We collect this personal information from you either directly, such as when you contact us through the website or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).

We use this personal information to:

  • customise our website and its content to your preferences
  • notify you of any changes to our website or to our services that may affect you
  • improve our services

This website is not intended for use by or directed at children and we do not knowingly collect or use personal information relating to children. You represent by your use and access to this website that you are an adult above the age of majority.

Our Legal Basis for Processing your Personal Information

When we collect and/or use your personal information, we are required to have a legal basis for doing so. There are various legal bases upon which we may rely, dependant on what personal information is being processed and why.

The legal bases we may rely on include:

  • Consent:where you have given us clear consent for us to process your personal information for a specific purpose. Generally, we will not rely on consent as a legal basis for processing your personal information although we will get obtain consent before sending direct marketing communications to you via email or other medium You have the right to withdraw consent to marketing at any time by contacting us via one of the methods listed above.
  • Legal Obligations: where our use of your personal information is necessary for us to comply with the law
  • Legitimate Interests:where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

Sharing your Information

We may share your personal information with third parties, including vendors, consultants and service providers. These third parties process data on behalf of Opia for us to in turn provide services to you in the form of our website. As per our agreements with such sub processors they shall process your data in full accordance with this Privacy Notice.

USA Residents: We have contracts in place with our third parties, which are designed to help safeguard your personal information. Each such service provider is a for­ profit entity that processes the information on our behalf, following the same strict privacy protection obligations mandated by the CCPA, Virginia CDPA and other applicable U.S. state privacy laws.

UK/EEA Residents: Some of these third-party recipients may be based outside the United Kingdom and/or the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your Information outside the UK/EEA’ below.

We will share personal information with law enforcement or other authorities if required by applicable law.

Opting out of Sharing your Personal Information to Third Parties

You may request to opt out from future sharing of your personal information to third parties by contacting us at [email protected]. Upon receiving an opt-out request, we will act upon the request as soon as feasibly possible.

Residents of the EEA and UK

EU and UK data protection laws provide EEA and UK residents with specific rights with respect to our collection, retention and use of personal information. This privacy notice informs EEA and UK residents who access this website about such rights.

Transfer of your Information outside the UK/EEA

We will not routinely share your personal information with parties located outside the United Kingdom (UK) or European Economic Area (EEA). If we do so, we will always rely upon a European Commission adequacy decision, as set in art.45 of the General Data Protection regulation or to appropriate safeguards, as set n art.46 of the GDPR, or in the case of UK residents we will only transfer your personal information is transferred outside the United Kingdom where we are satisfied that the relevant protections under the UK data protection regime will not be undermined.

If you would like further information, please contact our Data Protection Officer at [email protected].

Information for Residents of the USA

The CCPA provides eligible California residents with specific rights with respect to our collection, retention and use of their personal information. The Virginia CDPA and other state privacy laws also similarly provide comprehensive privacy legislation to protect the rights of their residents.

Opia Limited has not sold any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months.

Opia Limited has disclosed personal information to the following third parties for a business or commercial purpose in the preceding twelve (12) months:

  • Cloud Computing Services
  • Communication & Collaboration Tools
  • Data Storage Service Providers
  • Finance & Accounting Tools
  • Order Fulfillment Service Providers
  • Payment Processors
  • Performance Monitoring Tools
  • Product Engineering & Design Tools
  • Sales & Marketing Tools
  • Testing and Quality Assurance Tools
  • User Account Registration & Authentication Services
  • Law Enforcement Authorities
  • Website Hosting Service Providers

Cookies and Similar Technologies

A cookie is a small text file which is placed onto your device when you use our website. We use cookies and other similar tracking technologies on our website. These help us recognise you and your device and store some information about your preferences or past actions.

For further information specifically relating to Opia’s use of cookies, please see our Cookie Notice.

For further information on cookies generally, please visit www.aboutcookies.org or www.allaboutcookies.org.

Marketing

We would like to send you information relating to our services which may be of interest to you. Where we have your consent, or it is in our legitimate interests to do so, we may email you to send such information.

If you no longer wish to be contacted in such way, you can unsubscribe at any time by:

— contacting us at [email protected]

— using the ‘unsubscribe’ link in emails.

For more information on your rights in relation to marketing, see ‘Your Rights’ below.

Your Rights

Under data protection law, you may have certain rights dependant on the circumstance. Those include rights to the following:

  1. Request access to your personal data;
  2. Request correction of your personal data;
  3. Request erasure of your personal data;
  4. Object to processing of your personal data;
  5. Right to withdraw consent.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO), whose website is here: Information Commissioner’s Office (ICO).

If you would like to exercise any of those rights, please:

  • Email, call or write to us or contact our Data Protection Officer at [email protected]..
  • You can designate an authorized agent to make a request on your behalf. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
  • We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made several requests. In this case, we will notify you and keep you updated.

We will not discriminate against you if you exercise your privacy rights.

Right to appeal

If we decline to take action regarding your request, we will inform you of our decision and reasoning behind it. If you wish to appeal our decision, please email us at [email protected]. We aim to respond within sixty (60) days of receipt of an appeal, by informing you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. For residents of the USA, if your appeal if denied, you may contact the Attorney General of your State of residence to submit a complaint.

Keeping your Personal Information Secure

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How to Complain

We hope that our Data Protection Officer can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/.

Changes to this Privacy Notice

This website privacy notice was published on [   27  ] March 2024  and last updated on  [  27   ] March 2024.

We may change this website privacy notice from time to time, when we do, we will inform you via email.