Our Privacy Statement

Hey Please Read Me

Firstlythanks for your interest in what we do.

We’ve invested a significant amount of time researching the human factor and how to demonstrably raise awareness, influence behaviour and foster an appropriate organisational culture were security is truly valued.

Naturally we’d like to share this with you in a way which respects your right to privacy and data security whilst acknowledging the value of our work and our own commercial interests in seeing our organisation grow so that we can achieve our vision for change within our industry.

This policy is a statement from us outlining what data we collect, for what purposes, what rights you have and how you can pursue them.

Just as a reminder, Re-thinking the Human Factor™ is a Trademark of Marmalade Box Limited.

What We Expect of Ourselves and Promise to You

Doing the Right Thing v Legal Obligation

Ok, whilst we recognise that we have obligations regarding your data that you have, or may, share with us we ultimately believe that these rights and obligations are just how things should be done in between two parties when getting to know each other.

What Data Do We Ask you For:

We won’t be collecting information for the sake of collecting information. We also will not collect more information than is necessary for us to fulfil the purpose for which we request and gather information. You can find a list of categories of information at the end of this policy, but the main types of information we gather include:

Name: We’re focused on the human factor and we firmly believe in personal relationships. Knowing your name helps us deliver a more personal service.

Job Title: We want to ensure that we send content which best suits your needs based on your role. We’d also like to know what types of roles are most interested in the work we do.

Company: We want to understand what types of organisations have an interest in our work. This helps us tailor content, events, training and products and services towards specific industry needs. We also want to ensure we don’t go sharing useful insights to our competitors!

Company Size: We want to understand what size of organisations have an interest in our work to better tailor our communications to them and also to identify where we are failing to engage and share our work effectively.

Work Email Address: We’d love to sit down and have a face to face chat but you’re busy and quite possibly somewhere far more exotic than where we are. Email is going to be the best way to remain in contact we think.But, we are always here to have a one to one call, if you need.

Financial Data: We hope that one day you’ll like what we do so much that we become a supplier to you and your organisation. When this happens we will need to generate and process financial data relating to the services we provide to you.

Cookies: These help make you’re experience of engaging with us through, for example, our website and email campaigns, more slick, easier for you and engaging. People like to be remembered and we like to remember those who have engaged with us and returned to find out and explore more. If you want to know what cookies we collect you can find out here.

We may combine this data with other third party sources of data but will always check that third parties have been given, by you, your express permission to share this data.

Why Do We Collect This Data?

We believe in being transparent about the reasons for collecting data. You can find a full list of the types of data we collect and our reasons for doing so in Table 1 at the end of this policy. However the main reasons we collect data are as follows:

• Being human we like to develop and nurture relationships with people through communication, inter action and where appropriate delivering our products and services. This requires an exchange of data, some of which is personal. Without this data we would never survive as an organisation.
• We need to ask for data to be able to deliver our services which you register or purchase from us.
• We are committed to supporting the industry to step up its game when it comes to security awareness, behaviour and culture. However for our work to have a meaningful impact in society we need to share it with those, like yourself, who are the champions of change.To do this we would love to stay in contact to share research, marketing, promotions, and other content we believe you have shown an interest in regarding information security, security awareness, security behaviour and security culture.
• We collect data to help us improve the delivery of our services and the effectiveness of our marketing and sales efforts.
• We collect data as part of our research activities.

Preferences

We only ever use your data for the purpose for which it was given. We like to listen so it is up to you to tell us what your preferences are. If you should wish to change your preferences you will be able todo so hereand hopefully, in the unlikely situation where you wish to unsubscribe from hearing from us,you can unsubscribeusing the unsubscribe link in every email or via your preferences here. We will always remove your data from our systems unless we have a legal obligation to store and/or archive such data.

Being reminded of what data do we hold about you?

If you want to know what data we hold about you can contact us and we will tell you what categories of data we hold once we are happy that you are who you say you are or if there is a legal reason for not sharing those details with you. You can make a request to us here.

Data Selling of Exchange with Third Parties

You gave us the data so we will be keeping what you gave us and not selling it on to others.However it makes sense that should we find ourselves looking to merge or be purchased by a third party that this will also include a transfer of data and permission to use such data to a third party.

Data Accuracy

You will want us to keep the data we hold on you accurate. We would like to do that to. We will send you one email a year to give you the opportunity to check it and, if necessary, change it. If in the mean time you wish to amend it then you will be able to by simply getting in contact with us and making the changes here.

Data Transfer to Third Parties and Across National Borders

We leverage information systems that are dispersed around the world. This is for resilience purposes and because we look for great business partners who can help us engage with and deliver our services to you. Sometimes that means data travels across national borders. We hope you understand this and are OK with it.

If you’re uncertain, then we understand why! After all not every nation or service provider provides the same level of protection of your privacy and security. It may seem a bit of a lottery! So, to help you and us be a winner, we have:

• Sought re-assurance from partners, who handle data, that they have appropriate systems and controls in place to ensure the privacy and data security rights you expect, and we have promised, are in place and that they are reviewed periodically.
• Ascertained whether the country, where the data resides provides adequate legislative or other protection for the privacy and data security rights of others.

Just to be double sure we also periodically review the third parties assurances and the countries protection of privacy rights. If things change we’ll let you know and you can then make an informed choice.

Data Security

You will want your data kept confidential. But you already understand that nothing can be 100 percent secure.So we will be taking steps to minimise the likelihood of a breach of data confidentiality, integrity or availability happening. And if there is a breach we will let you know swiftly once we are aware of it and where we have a legal obligation to do so.

If it helps you feel more comfortable we use ISO27001 as our benchmark for understanding and managing all information and data security risk.

This site uses cookies to give you the best possible experience. By continuing to use the site you agree that we can save cookies on your device. Cookies are small text files placed on your device that remember your preferences and some details of your visit. Our cookies don’t collect personal information. For more information and details of how to disable cookies, please read our updated privacy and cookie policy.

What is a cookie?

A cookie is a small file consisting of letters and numbers that is downloaded onto your computer or device when visiting a website. Cookies are used by many websites and can do a number of things e.g. remembering your preferences, remembering what you have put in your shopping basket, and counting the number of people looking at a website at any given time.
By accessing this website, you agree that we can place cookies on your device. You can disable cookies completely by changing your browser settings (see “Managing Cookies” below) however some areas of the site will not be accessible or may not function properly.

Cookie Uses

Most websites use cookies but not all use them for the same purpose. The International Chamber of Commerce (ICC) categorises cookies into four main groups. Below is a guide to the different types of cookies and how we use them.

Strictly necessary cookies

These are essential for you to move around the website and use its features. Without these cookies, services you have asked for cannot be provided, including gaining access to secure areas of website. ‘Strictly necessary’ cookies will not be used to gather information about you that could be used for marketing, or remember where you’ve been on the internet.
We use these cookies for, but not limited to;

• Remembering the information you have entered on forms so that you do not have to re-enter these details if you go back to a previous page.

• Identifying you as being securely logged on to online banking.

Performance cookies

Performance cookies collect information about how visitors use a website. These cookies do not collect information that can identify a user of the site. All information these cookies collect is aggregated and therefore anonymous. The information collected is only used to improve the performance of the site.

We use performance cookies for:

• Providing statistics about how people use our site, e.g. the number of visitors to a page
• Identifying any errors that occur so that we can improve our website
• Testing different designs of our website.

Functionality cookies

Functionality cookies allow the website to remember the choices you make (such as your username, language, or the region you are in) and provide enhanced, more personalised features. For example a news website may use functionality cookies to store your location and provide you with the most up to date local news.

Functionality cookies are used for:

• Remembering the font size you set on some of our application forms.

The information these cookies collect may be anonymised. These cookies cannot track your browsing activity on other websites.

Targeting and advertising cookies

Targeting and advertising cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. Targeting and advertising cookies remember that you have visited a website and share this information with other organisations such as advertisers.

We use advertising on other websites to bring visitors to our site. We use cookies provided by a number of sites to track the number of visitors from advertisements to see how successful they have been.