Indo-Fuji Europe Ltd Privacy & Cookies Policy
1.Introduction
This Privacy & Cookies policy explains the Privacy & Cookies policy of Indo-Fuji Europe Ltd (“IFEL”), Company No. 04631132, Vat No. 810849040 whose registered address is 116, Regus, 268 Bath Road, Slough, SL1 4DX

IFEL is in the business of providing Information Technology and Consulting services specialising in Software Development and Services. These services (“Services”) are provided to wide array of clients across various industries.

From time to time, as part of running our business, we collect and use certain personal information about individuals with whom we have contact, and in particular our members, clients, suppliers, other third parties with whom we do business and even certain information about members of the general public (we refer to such individuals in this notice as “you” or “your” or “contacts”).

IFEL is committed to protecting and respecting your privacy. Where we decide the purpose or means for which personal data supplied by you or us is processed, we are the "data controller".

Specifically, IFEL is committed to ensuring that all data processing is: -
• processed lawfully, fairly and in a transparent manner;
• collected for specified, explicit and legitimate purposes;
• adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
• accurate and, where necessary, kept up to date;
• kept in a form which permits identification of data subjects for no longer than is necessary; and
• Processed in a manner that ensures appropriate security of the personal data.

The purpose of this document is to explain how IFEL will use your personal information when interacting with us.

We may choose to make changes to this Privacy Policy at any time, to ensure compliance with applicable laws and industry regulations. Please ensure that you review this document from time-to-time to ensure you are familiar with the latest changes. These changes are effective immediately, after they are posted on this page.
2.Collection of personal information
Under data protection law, we have certain legal responsibilities about how we collect, use and share your personal information.

This policy explains our privacy practices and covers the following:
• The type of individuals whose personal information we collect
• What personal information about you we collect and use
• Sources of personal information
• How we use your personal information
• Who we share your personal information with
• How long we retain your personal information for
• Any transfers involving your personal information
• How we legally justify using your personal information
• Your legal rights in relation to your personal information

The reason we chose to collect and process personal information depends on your relationship with IFEL:
Whose personal information do we collect
We collect and use personal information relating to the following types of individuals:
Contacts at our existing members and clients - we collect and use contact details of people who we liaise with at organisations who are our existing clients i.e. organisations who appoint us to deliver services.
Contacts at our potential members and clients – you may express an interest in our services, for example by phoning us or registering an interest via an email or on our website, or we may contact you where we consider that you may be interested in our services.
Visitors to our offices or sites - We also collect certain information about people who visit (or who come in close proximity to) our offices or sites or places where we are working.
Contacts at our advisors and other third party suppliers - we collect and use certain personal information about contacts who work at organisations who provide goods and services to us, i.e. our suppliers and organisations with whom we partner to provide our services, as well as advisors who provide legal, financial services and other advice to our business.
What type of information is collected?
The types of data we will collect may include: -
•Contact Data:your name, corporate email address, workplace address
•Research Data:Written records/notes of conversations that you have had with our sales, research and account management teams; publicly-available information such as that which you have posted on LinkedIn or which is available on a corporate website; reports written by our research team, detailing your supplier preferences and business challenges; job history.
•Visitors Data
i. CCTV recordings from static cameras placed around the buildings – these face exits and entrances;
ii. details of your name, place of work, your contact details – which guests provide when they visit our sites/offices for appointments or meetings,
iii. video images of people who are in the immediate vicinity when we record video images – for example, this may unintentionally involve us recording people in the vicinity at that time.
•Advisors / thirty party suppliers - name, job title, email address, phone number and work address.
• Correspondence Data: records of emails that we have sent you/you have sent us.
• Financial Data: your payment information and transactions, including your payment for subscriptions with us.
• Analytics Data: your IP address or other device identifier, technical log information (as described below under the subheading “Log Data”) cookies (as described below under the subheading “Cookies”), and information about how you use our website

All data collected and processed by IFEL is ‘corporate’ or ‘business to business’ data. IFEL has trained its staff to ensure that no ‘special categories’ or personal data (e.g. the ethnicity, or religious beliefs of data subjects) are collected and/or processed. IFEL does not collect or process personal data on children.
3.Sources of personal information
a.Information you provide - the information you provide where you or your organisation provides to us or receives a services from us; or when you get in touch with us, for instance registering an interest by emailing us, have a telephone conversation, or if we meet at a networking event and you provide your business card; or when you get in touch directly in the event of a complaint or claim.
b. Information from your employer- your employer may pass us your contact details, for instance if you are to act as someone who we will be liaising with regarding a project.
c. Information from a solicitor or insurer- if you are a member of the general public and you make a claim against us, your solicitor or insurer may pass us your contact details.
d. Information from publicly available sources- we may occasionally obtain limited personal information from the internet or from sources such as LinkedIn.
e. Information collected by CCTV or other video cameras- if you are a member of the public or other individual who visits or comes into close proximity with our sites, we may collect personal information about you via CCTV. We also record images – for example at events we host – this may unintentionally involve us recording people in the vicinity at that time.
4.How we use your personal information
a. Day to day communications with customer, suppliers and other third parties who we work with – we need to communicate effectively and efficiently with our members, clients, advisors and third party suppliers, in order to facilitate our provision of high quality and timely communications and services, including service delivery, compliance with all operational, technical, health, safety, environmental & governance standards. Similarly, where your organisation provides services to us, we will need to know which individuals at your organisation we need to communicate with and keep details of your personal information on our systems, including for selection, health & safety and compliance requirements. Therefore, we use personal information for day to day communications with such parties. Our communication methods include written correspondence, email, telephone, online video conferencing and face to face meetings.
b. Assessment of Claims – we need to assess and process personal information relating to a claim that someone may make against us. This may involve us using a claimant’s personal information in our defence or other legal documentation and for obtaining legal advice or insurance etc..
c. Safety and Security of our offices and sites - we collect personal information about you via CCTV at our offices and certain sites where we operate. We record images in this manner for security reasons, to protect our assets and staff, but also to ensure compliance with operational health and safety standards and general governance standards.
d. Business development – as a business, we do not conduct major marketing campaigns using personal information. We do however from time to time use limited personal information (business contact details) to get in touch with existing and potential clients, in order to promote our services and build relationships and to develop and manage existing relationships. For instance, we use LinkedIn, phone calls and emails to invite clients to events.
e. Managing accounts and other internal administrative purposes– we process personal information for other internal administrative purposes, including in relation to setting up and managing accounts with our clients and suppliers, paying and raising invoices etc
5.Parties who we share your personal information with
We share your personal information with the following parties:
Internal sharing:From time to time we may share personal information internally, with other entities in our group.
External sharing:
a. Our Solicitors as required in relation to the provisions of legal services;
b. Our Accountants – as required for the audit of financial statements, tax compliance and advice;
c. Client(s) and Members - to ensure the employee of a subcontractor meets the technical, behavioural, health and safety requirements of the client to the client’s or member’s satisfaction, where relevant;
d. IT service providers – suppliers who provide hosting of our IT services or who provide support and maintenance services for our IT systems may occasionally have supervised access to parts of our IT systems which contain personal information for maintenance and support purposes;
e. Solicitors, insurers and the courts – where we have obtained personal information from claimants we may need to share such information as part of defending a claim; and

Where we share personal information with third parties, where possible, we generally have contracts in place with such third parties,which ensures that they will protect your personal information and not use it for any purposes beyond delivering their services to us
6.How long we retain your personal information for
The length of time that we may retain your personal information for varies, according to the type of individual whose personal information we have collected, and what this is being used for:
Type of individual Applicable retention period
Existing clients and members For the duration of the contract between us plus 6 years.
Claimants Until the claim is resolved
Personal information in CCTV recordings and telephone call recordings 28 days unless we have reasonable grounds to consider that we may need to retain the information for longer, for instance if it contains evidence relating to a potential legal claim or criminal act
Our advisors and other third party suppliers For the duration of the contract between us and such third parties plus 6 years
7.Transfers of your personal information
Unless you request us to do so, we will not actively transfer your personal information outside the European Economic Area (EEA), it will be stored on servers based in the United Kingdom. If you use an email service provider whose servers are based outside of the EEA then please note that any related transfer of your personal information is outside of our control
8.Legal grounds for processing your personal information.
Every use that we make of your information must meet a legal ground in the list set out by data protection law. The legal grounds which we rely on are as follows:
a.Providing Services to Members: The legal ground which is relevant to us processing your personal information for the other purpose of providing services to our member companies outlined in this privacy policy, is: to achieve our legitimate business interests, in a situation where your rights are not jeopardised so as to override this. Our legitimate business interests include: • enabling us to provide effective communications with our members, clients, advisors, suppliers and where applicable members of the general public; • managing accounts and relationships with clients and third party suppliers; • to operate our services efficiently and effectively.

b. Dealing with claims: When we handle personal information in relating to public liability or other claims that are brought directly against us, the legal grounds which we rely on are as follows: a. When this involves handling medical details - the establishment, exercise or defence of a legal claim. b. Where we are subject to liability claims on behalf of a child or other vulnerable person - we will always seek to obtain the explicit consent of their parent or legal guardian or independent advocate, as appropriate, before processing personal information relating to the child or vulnerable person. c. Generally for other personal data – to achieve our legitimate business interests, in a situation where your rights are not jeopardised so as to override this. Our legitimate interests would be to defend ourselves from a claim.

c. CCTV – the legal grounds which we rely on are as follows: a. Where the images are just of people’s faces, bodies’, cars, clothing etc., then the legal ground we rely on is that such use is necessary to achieve our legitimate business interests, in a situation where your rights are not jeopardised to as to override our interests. The specific legitimate interests are for security reasons, to protect our staff, offices, assets and sites from vandalism and theft and other criminal acts. b. Where the images are of a more sensitive nature – our justification for recording such images are where relevant: i. that the personal information is manifestly made public by the individual; or i. that we will need to collect, use and retain such information for the establishment, exercise or defence of a legal claim.

d.Marketing
where we do send marketing communications to clients and /or potential clients, we will only do so if we have first obtained their prior consent to receiving such marketing communications.
e. For other general uses: The legal ground which is relevant to us processing your personal information for the other general purposes outlined in this privacy policy, including telephone call recordings, is: to achieve our legitimate business interests, in a situation where your rights are not jeopardised so as to override this. Our legitimate business interests include: • enabling us to provide effective communications with our clients, advisors, suppliers and where applicable members of the general public;
• managing accounts and relationships with clients and third party suppliers;
• to operate our services efficiently and effectively; and
• to protect our assets and our staff.
9.Your rights in relation to your personal information
If you have any questions in relation to our use of your personal information, you should first contact us using the contact details. Under certain conditions, you may have the right to:
a. require us to provide you with further details on the use we make of your personal information;
b. require us to provide you with an electronic copy of personal information that you have provided to us;
c. require us to update any inaccuracies in the personal information we hold;
d. require us to transfer a copy of your personal information to another data controller, in a structured, machine readable and commonly used format;
e. require us to delete any personal information that we no longer have a lawful ground to use;
f. require us to restrict our use of your personal information;
g. where the processing of your personal information is based on us receiving your consent, the right to withdraw your consent at any time;
h. if we indicate that we use your personal information for direct marketing purposes , a right to object to receiving any further direct marketing from us at any time;
i. complain to the Information Commissioner at any time;
j. object to our uses of your personal information which are based on the 'legitimate interests' legal ground, as indicated above. If any of our uses of your personal information based only on this legal ground is causing you undue harm, then we must cease using your personal information for that purpose.

Your exercise of these rights is subject to certain conditions and exemptions, for example to safeguard the public interest in investigating crimes, or protecting legal privilege. If you exercise any of these rights we will check your entitlement and respond in most cases within a month.
If you are not satisfied with our use of your personal information or our response to you, you can complain to the contact listed.
10. Other Information
We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to your personal information, by contacting us as set out below.
From time to time, we may make changes to our operations and the services we provide and consequently our privacy policy may change at any time in the future. We therefore encourage you to review it from time to time to stay informed of how we are using your personal information.

We are required to employ adequate technical and organisational security measures to protect your personal information from any loss, destruction, damage or unlawful disclosure. However, no transmission of personal information can ever be guaranteed as secure. Consequently, please note that we cannot guarantee the security of any personal information which you transfer to us or which we transfer to you.
If you have questions about either this privacy policy, please contact us at: dpo@indofuji.com, +44 (0) 175371035.
11. Cookies
Cookies are files that include very small amounts of data, commonly used as an anonymous unique identifier. These are transmitted to your web browser from the web page that you have visited, and may subsequently be stored on the hard drive of the computer (or other device) that you are using.
If you are a client of IFEL, when you first access our Services, you will notice a pop-up message informing you about our collection of Cookies and usage of them to improve our Services. This message will allow you to either accept or refuse. If you select the latter, you may find it difficult to optimally use some portions of our Service.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit
http://www.aboutcookies.org or http://www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
12. Links to Other Sites
Our Service may contain links to other sites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review the Privacy Policy of these websites. We have no control over, and assume no responsibility for the content, privacy policies, or practices of any such third-party sites or services.
13. If you email us
We work closely with a third party IT support business to encrypt and protect email traffic in line with government advice. If your email service does not support TLS, please be aware that any emails we may send/receive may not be fully protected after we have sent them to you.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware you have a responsibility to ensure that any email you send is within the bounds of the law
14. The personal information of children
Our Services do not address anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to do necessary actions
15. International Data Transfers
Your Personal Information which you supply to us is generally stored and kept inside the European Economic Area (EEA), however due to the nature of our global business and the technologies required, your Personal Information may be transferred to third party service providers outside the EEA, in countries where there may be a lower legal level of data protection.
Where we transfer your data outside of the EEA, we transfer the minimum amount of data necessary, anonymise it where possible and we have agreements in place with those parties which include standard data protection clauses to ensure that appropriate safeguards are in place to protect your personal data in accordance with this Privacy Policy and European levels of data protection. If you would like to find out more about these safeguards, please contact us
16. Complaints
If you are unhappy with the way we are processing your personal data, please let us know.
If you do not agree with the way we have processed your data or responded to your concerns, or if you do not think we are handling your personal information adequately, you have the right to lodge a complaint with the Information Commissioner's Office. Further information, including contact details, are available at https://ico.org.uk
17. Contact us
If you have any questions or suggestions about our Privacy Policy, please do not hesitate to contact us (emails can be submitted to dpo@indofuji.com, or you can telephone us on +44 (0) 175371035.