Xactware Online Privacy Notice EN-GB

Last Updated: 29 November 2023

Xactware Solutions, Inc. (“Xactware”) respects your concerns about privacy. This Online Privacy Notice (the “Notice”) applies to personal data we collect. The Notice describes the types of personal data we obtain, how we use the personal data, and with whom we share it. We also describe the rights you may have and how you can contact us about our privacy practises. This Policy outlines our general practises for Consumer Personal Data.

For purposes of this Policy:

“Consumer” means any natural person who is located in the EEA and the United Kingdom.

“Customer” means any entity that purchases or otherwise obtains products or services from Xactware.

“Personal Data” means any information, including Sensitive Data, that (i) is transferred to Xactware in the U.S. from the EEA and the United Kingdom, (ii) is recorded in any form, (iii) relates to an identified or identifiable Consumer, and (iv) can be linked to that individual.

“Sensitive Data” means Personal Data specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life, the commission or alleged commission of any offense, any proceedings for any offense committed or alleged to have been committed by the individual, or the disposal of such proceedings, or the sentence of any court in such proceedings.

How Xactware Obtains Personal Data

As a service provider for its customers, Xactware Solutions, Inc. (“Xactware”) receives personal data from its Customers’ Consumers located in the EEA and the United Kingdom. Xactware’s Customers provide the Personal Data to Xactware in connection with Xactware’s provision of services to its customers. Xactware processes these Personal Data in the U.S. for the purposes of performing technology support services including network, host, or infrastructure configuration and maintenance. Xactware acts as a service provider to its Customers and pursuant to their instructions.

Xactware also obtains personal data directly from consumers when, for example, they visit a Xactware website and provide personal data online. In addition, Xactware obtains personal data, such as contact information, in connection with maintaining its customer relationships and providing its products and services to its customers.

Xactware’s practises regarding the collection, storage, use, transfer, and other processing of Personal Data comply, as appropriate.

Notice

Xactware provides information in this Policy regarding its Consumer Personal Data practices including the purposes for which Xactware collects and uses Consumer Personal Data.

When Xactware acts as a service provider (data processor) for its Customers, and Consumer data is transferred to the United States, Xactware’s Customers are responsible for providing appropriate notice to their Consumers and obtaining any requisite consent. Privacy notices pertaining to specific data processing activities also may contain relevant information.

Choice

When Xactware collects Personal Data directly from Consumers, it offers Consumers the opportunity to choose whether Xactware may (i) disclose their Personal Data to certain third parties or (ii) use their Personal Data for purposes incompatible with the purposes for which the information was originally collected or subsequently authorised by the individual. Consumers may contact Xactware as indicated below regarding the company’s use or disclosure of their Personal Data.

Xactware may disclose Personal Data without offering an opportunity to opt out (i) to service providers the company has retained to perform services on its behalf to process Personal Data in the U.S. for the purposes of performing technology support services including network, host, or infrastructure configuration and maintenance (ii) if it is required to do so by law or legal process, (iii) to law enforcement or other government authorities, or (iv) when Xactware believes disclosure is necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual illegal activity. Xactware also reserves the right to transfer Personal Data in the event it sells or transfers all or a portion of its business or assets (including in the event of a reorganisation, dissolution or liquidation). Should such a sale or transfer occur, Xactware will use reasonable efforts to direct the transferee to use the Personal Data in a manner that is consistent with Xactware’ privacy policies.

Xactware uses Personal Data only for the purposes indicated in this Statement unless it has a legal basis, such as consent, to use it for other purposes. To the extent required by law, Xactware obtains prior opt-in consent at the time of collection for the processing of (i) Personal Data for marketing purposes and (ii) Sensitive Data.

Onward Transfer of Personal Data

Xactware may share Consumer Personal Data with third parties as indicated in the “Choice” section above. Except as permitted or required by applicable law, Xactware requires third parties to whom it discloses Personal Data and who are not subject to the European Union Data Protection Directive 95/46 or an adequacy finding to contractually agree to provide at least the same level of protection for Personal Data as is required.

Access

Where appropriate, Xactware provides Consumers with reasonable access to the Personal Data Xactware maintains about them. Xactware also provides a reasonable opportunity for Consumers to correct, amend or delete that information where it is inaccurate, as appropriate. Xactware may limit or deny access to Personal Data where providing such access is unreasonably burdensome or expensive under the circumstances. The right to access Personal Data also may be limited in some circumstances by local law requirements. Consumers may request access to their Personal Data by contacting Xactware as indicated below.

When Xactware maintains Personal Data about Consumers with whom Xactware does not have a direct relationship because Xactware obtained or maintains the Consumers’ data as a service provider for its Customers, Xactware’ Customers are responsible for providing Consumers with access to the Personal Data and the right to correct, amend or delete the information where it is inaccurate. In these circumstances, Consumers should direct their questions to the appropriate Xactware Customer. When a Consumer is unable to contact the appropriate Customer, or does not obtain a response from the Customer, Xactware will provide reasonable assistance in forwarding the individual’s request to the Customer.

Security

Xactware takes reasonable precautions to protect Personal Data from loss, misuse and unauthorised access, disclosure, alteration, and destruction.

Data Integrity

Xactware takes reasonable steps to ensure that the Personal Data the company processes are (i) relevant for the purposes for which they are to be used, (ii) reliable for their intended use, and (iii) accurate, complete, and current. In this regard, Xactware depends on its Consumers and Customers (with respect to Personal Data of Consumers with whom Xactware does not have a direct relationship) to update and correct Personal Data to the extent necessary for the purposes for which the information was collected or subsequently authorised by the individuals. Consumers (and Customers, as appropriate) may contact Xactware as indicated below to request that Xactware update or correct relevant Personal Data.

When Xactware maintains Personal Data about Consumers with whom Xactware does not have a direct relationship because Xactware obtained or maintains the Consumers’ data as a service provider for its Customers, Consumers may submit complaints concerning the processing of their Personal Data to the relevant Customer, in accordance with the Customer’s dispute resolution process. Xactware will participate in this process at the request of the Customer or the Consumer. If the issue cannot be resolved through the Customer’s internal dispute resolution mechanism, the Consumer may submit the complaint to the relevant data protection authority in the EEA and the United Kingdom.

How to Contact Xactware

To contact Xactware about questions or concerns about this Policy or Xactware’s practises concerning Personal Data:

Write to:

Xactware
Attn: Privacy Coordinator
New London House
6 London Street
London EC3R7LP

Xactware
Attn: Privacy Coordinator
1100 West Traverse Parkway
Lehi, UT 84043
USA

Our EU Representative

If you are located in the European Union (“EU”) and have any questions or comments about this Notice, any issue relating to your personal data, or if you would like us to update your preferences, you may contact our EU representative.
Please include your name and the name of the business (Xactware) to which your request refers.

By email at:
privacy@verisk.com

In writing at:
Verisk – Insurance Solutions
Level 1, Unit 1A
3 Custom House Plaza
Harbour Master Place
I.F.S.C
Dublin 1 Ireland

Our UK Representative

If you are located in the United Kingdom (“UK”) and have any questions or comments about this Notice, any issue relating to your personal data, or if you would like us to update your preferences, you may contact our UK representative.
Please include your name and the name of the business (Xactware) to which your request refers.
By email at:
privacy@verisk.com

In writing at:
Verisk Limited
Attention: Privacy Inquiries
22 Bishopsgate London
EC2N 4BQ