Perera Consultants ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and engage our business technology and software consultancy services and is entered into as of the date of signing and confirmation of the quotation ("Effective Date") by and between us and The Client, as identified in the signed and confirmed quotation ("Receiving Party") together referred to as the "Parties".
Information We Collect
We may collect and process the following data about you:
- Personal Identification Information
Name, email address, phone number, job title, company name. - Technical Data
IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website. - Usage Data
Information about how you use our website, products, and services. - Marketing and Communications Data
Your preferences in receiving marketing from us and your communication preferences.
How We Collect Your Data
We use different methods to collect data from and about you including:
- Direct Interactions
You may provide data by filling in forms or by corresponding with us by video conferencing, post, phone, email, or otherwise. - Automated Technologies or Interactions
As you interact with our websites and services, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
How We Use Your Data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- To perform the contract we are about to enter into or have entered into with you.
- To manage our relationship with you.
- To administer and protect our business and this website.
- To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
- To use data analytics to improve our website, products/services, marketing, customer relationships, and experiences.
Legal Basis for Processing
We will only use your personal data when the law allows us to. Under the GDPR, the legal basis for processing your personal data includes:
- Consent
You have given clear consent for us to process your personal data for a specific purpose. - Contract
The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract. - Legal Obligation
The processing is necessary for us to comply with the law (not including contractual obligations). - Vital Interests
The processing is necessary to protect someone’s life. - Public Task
The processing is necessary for us to perform a task in the public interest or in the exercise of official authority, and the task or authority has a clear basis in law. - Legitimate Interests
The processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.
Disclosure of Your Data
We may share your personal data with the following parties:
- Service Providers
Third parties who provide services such as IT and system administration, payment processing, and marketing assistance. - Professional Advisors
Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services. - Regulatory Authorities
Authorities that require reporting of processing activities in certain circumstances. - Business Transfers
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
International Transfers
Your personal data may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different from the laws of your country.
Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- Adequacy Decisions
We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. - Standard Contractual Clauses
Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. - Binding Corporate Rules
Where applicable, we may use binding corporate rules, approved by the European Commission, to provide protection for your data within our corporate group. - Explicit Consent
In specific situations, where no other transfer mechanism is available, we may transfer your data outside of the EEA if you have explicitly consented to the proposed transfer after being informed of any potential risks.
If you would like further information on the specific mechanism used by us when transferring your personal data out of the EEA, please reach out to your point of contact in our Company.
Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Data Retention
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Your Legal Rights
Under data protection laws, you have certain rights regarding your personal data. These rights include:
- Access
You have the right to request access to the personal data we hold about you. This allows you to obtain a copy of your data and verify that we are processing it lawfully. - Correction
You can request that we correct any inaccuracies or complete any incomplete personal data we hold about you. We may need to verify the accuracy of the new information you provide. - Erasure
You have the right to ask us to delete or remove your personal data if there is no valid reason for us to continue processing it. You may also request erasure if you have exercised your right to object to processing, if we have processed your data unlawfully, or if we are required to delete your data to comply with legal obligations. However, there may be legal reasons we cannot fulfill your request, which we will explain to you if applicable. - Objection
You have the right to object to the processing of your personal data if we are relying on legitimate interests (or those of a third party) and you have grounds related to your particular situation. You also have the right to object to the processing of your data for direct marketing purposes. In certain circumstances, we may be able to demonstrate that our reasons for processing your data outweigh your rights and freedoms. - Restriction
You can request that we limit the processing of your personal data in the following situations:- If you believe the data we hold is inaccurate and wish us to verify it.
- If our processing is unlawful, but you prefer that we restrict its use rather than erase it.
- If you need us to retain the data for legal claims, even if we no longer need it for processing.
- If you have objected to our processing and we are determining whether our legitimate interests override your objections.
- Data Portability
You have the right to request the transfer of your personal data to another organization or directly to you, in a structured, commonly used, and machine-readable format. This right applies when the processing is based on consent or a contract and is carried out by automated means.
How to Exercise Your Rights
To exercise any of these rights, please reach out to your point of contact in our Company. We will respond to your request within one month, although this period may be extended by two additional months if your request is particularly complex or you have made multiple requests. We will notify you of any such extension within one month of receiving your request.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Any changes we make will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Policy.
Contact Us
If you have any questions about this Privacy Policy or our data practices, or if you wish to exercise any of your rights, please reach out to your point of contact in our Company.
Effectiveness
This Privacy Policy automatically comes into effect when a client confirms and signs a service quotation issued by an authorized representative of Perera Consultants.