Privacy Collection Notice

When you enter your email and submit a request for information, Hepapi collects the personal information you provide for the purpose of responding with the requested information and retaining the information in a new business enquiry list. By providing this information you are consenting to us using your details to send you selected information about our products and services. You can opt-out of receiving these emails from us at any time by clicking the “unsubscribe” function in the email we send you. Hepapi will otherwise use, disclose, process and handle the personal information you submit via this form in accordance with this Privacy Policy

Hepapi services clients nationally and internationally. We are committed to managing personal information in accordance with relevant local privacy and data protection laws which apply which include the General Data Protection Regulation (EU) 2016/679 (GDPR) and other local applicable privacy laws.

This document tells you how we generally manage your personal information and is referred to as our GDPRPrivacy Policy. In this Privacy Policy, “we“, “us“, and “our” refers to Hepapi and “you” refers to any individual we collect personal information about.

This Privacy Policy applies to all personal information collected by us, or submitted to us, whether offline or online, including personal information collected or submitted through our website https://hepapi.com/ as well as through email messages that we send to you.

Other terms may also apply to you and the information we hold about you. For example, if you are employed with us you will have specific privacy terms in your employment contract with us.

The Information collect about you

For our current client base ; prospective customers and other business partners

We will collect information about:

  • All clients
  • prospective customers;

We generally deal directly with our customers (see above). When your organisation enquires about our products or services or when your organisation becomes our customer, or we otherwise do business with you (because you attend an event we host, work for one of our suppliers, or other business partners), a record is made which may include your personal information.

The type of personal information that we collect will vary depending on the circumstances of collection and the purpose for which we are dealing with you, but will typically include:

  • personal details such as your name, title, e-mail address, postal address and other business contact details (such as your LinkedIn profile);
  • information about your employer or an organisation who you represent;
  • your professional details (such as your job title);
  • any additional personal information you provide to us, or authorise us to collect, as part of your interaction with us; and
  • other contact details regarding our interactions and transactions with you and the organisation you represent.

What happens if you don’t provide your personal information?

You can always decline to provide any personal information we request, but that may mean we cannot provide you with some or all of the services you have requested, or we may not be able to do business with you effectively. If you have any concerns about personal information we have requested, please let us know.

Visitors to our websites

The way in which we handle the personal information of visitors to our websites is discussed below.

How and why we collect and use your personal information

We collect personal information reasonably necessary to carry out our business, to assess and manage our customer’s needs, and to provide products and services. We may also collect information to fulfil administrative functions associated with these services, for example billing, entering into contracts with you and/or third parties and managing customer and other business relationships.

The purposes for which we usually collect and use personal information depends on the nature of your interaction with us, but may include:

  • responding to requests for information and other general inquiries about our products and services (for example when you request a demo and / or information);
  • managing our relationship with you if you are a customer, supplier or other business partner;
  • managing, planning, advertising and administering programs and events which may be of interest to you including workshops and training;
  • researching, developing and expanding our products and services;
  • informing you of our activities, products and services;
  • recruitment processes (including for contractors); and
  • responding to enquires and complaints.

We generally collect personal information directly from you. We may collect and update your personal information over the phone, by email, over the internet or social media, or in person. We may also collect personal information about you from other sources, for example:

  • our affiliated and related companies; and
  • third party suppliers and contractors who assist us to operate our business.

We also collect and use personal information for market research purposes and to innovate our delivery of products and services.

We have a legitimate interest in using your information in the ways listed above. In some cases, it will be lawful for us to collect and use your personal information, for example where it is necessary as part of our, or a third party’s, statutory or public functions or because the law permits or requires us to.

How do we interact with you online?

You may visit our website without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), any personal information you provide to us will be managed in accordance with this Privacy Policy.

How do we hold information?

We store information in electronic record keeping methods in secure databases or paper-based files. Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed) as per our data retention policy).

We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.

How long will your personal information be kept?

We will only keep the personal information we collect about you for as long as is necessary for the purposes set out in this Privacy Policy or as required to comply with any legal obligations to which we are subject. The retention periods we apply take account of:

  • legal and regulatory requirements and guidance;
  • limitation periods that apply in respect of taking legal action;
  • our ability to defend ourselves against legal claims and complaints;
  • good practice; and
  • the operational requirements of our business.

We take steps to destroy or de-identify information that we no longer require or as required by an applicable law.

Do we use or disclose your personal information for direct marketing?

We have a legitimate interest in processing your personal information for promotional purposes and we may use or disclose your personal information for the purpose of informing you about our services, upcoming promotions and events, or other opportunities that may interest you or as otherwise permitted under applicable privacy laws.

This means under certain privacy laws we do not usually need your consent to send you marketing communications such as our newsletter. However, where consent is required under applicable privacy laws, we will ask for this consent separately and clearly. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below or using the opt-out functionality contained in the electronic message.

If you opt-out of receiving marketing material from us, we may still contact you in relation to its ongoing relationship with you.

How do we use and disclose personal information?

For customers and other business partners

The purposes for which we may use and disclose your personal information will depend on the reason we are interacting with you. For example, if you have engaged us to deliver our products and services to your organisation, we may disclose information about you to our service providers where required to provide your organisation with the relevant products and services.

Disclosure to contractors and other service providers

We may disclose information to third parties we engage in order to provide our services, including contractors and service providers used for logistical services, data processing, data analysis, customer satisfaction surveys, information technology services and support, website maintenance/development, printing, archiving, mail-outs, and market research.

Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.

Residents in the EEA

If the GDPR applies to you, you have the following additional and specific rights in relation to your personal information (where applicable):

  • Access : you have the right to request a copy of any personal information we hold about you. Any request for access to or a copy of your personal information must in writing, and we will endeavour to respond within a reasonable period and in any event within one month (in compliance with the GDPR).
  • Rectification : you have the right to the rectification of your personal data, if you consider that it is inaccurate.
  • Deletion : you have the right to request that we delete personal information that we process about you, except we are not obliged to do so if we need to retain such personal information in order to comply with a legal obligation or to establish, exercise or defend legal claims.
  • Restriction : you have the right to erasure of your personal information, if you consider that we do not have the right to hold it.
  • Portability : you have the right to ask us to transfer a copy of your personal information to you or to another service provider or third party where technically feasible.
  • Objection : you have the right to object to your personal information being processed for a particular purpose or to request that we stop using your information.
  • Complaint : If you are unhappy with our treatment of your personal information, and you have contacted us as set out below, you have the right to lodge a complaint with the local data protection authority.

If you have consented to our processing of your personal information, you have the right to withdraw, at any time, any consent that you have previously given to us for use of your personal information. In certain circumstances even if you withdraw your consent, we may still be able to process your personal information if required or permitted by law or for the purpose of exercising or defending our legal rights or meeting our legal and regulatory obligations.

To make a request to exercise any of these rights (where applicable) in relation to your personal information, please contact us using the contact details below.

How can you access or see correction of your personal information?

You are entitled to access your personal information held by us on request. To request access to your personal information please contact our HR Compliance Officer using the contact details set out below.

We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information, we hold about you and letting us know if your personal details change.

However, if you consider any personal information, we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.

We may decline your request to access or correct your personal information in certain circumstances in accordance with GDPR. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.

What should you do if you have a complaint about the handling of your personal information?

You may contact us at any time if you have any questions or concerns about this Privacy Policy or about the way in which your personal information has been handled.

You may make a complaint about privacy to the HR Compliance Officer at the contact details set out below.

The HR Compliance Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week

If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.

If you are not satisfied with our response to your complaint, or you consider that we may have breached the General Data Protection Regulation 2016/679, a complaint may be made to the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or call their helpline number: 0303 123 1113 (local rate) or 01625 545 745

If you are outside of the United Kingdom, you may wish to take your complaint up with the local data protection authority in your jurisdiction.

How changes are made to this Privacy Policy

We may amend this Privacy Policy from time to time, with or without notice to you. We recommend that you visit our website regularly to keep up to date with any changes. We also try to let you know about major changes to our Privacy Policy (for example by putting a notice up on our website).