Claromentis Privacy
and Cookie Policy
1. Introduction
Claromentis has created this privacy statement in order to demonstrate our firm commitment to privacy. We operate websites based in the UK, Europe, Australia, and United States of America.
These websites are owned by Claromentis Limited or its wholly owned subsidiaries. As the central administration for the websites is based in the UK we apply UK law to the privacy principles for each one. For US residents, we also process personal data in accordance with applicable US state privacy laws including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), Connecticut Data Privacy Act (CTDPA), and Utah Consumer Privacy Act (UCPA). This Privacy Statement also applies to any other websites we may establish in the future, in any location, and which are not specifically named here.
2. Definitions and Interpretation
In this Policy, the following terms shall have the following meanings:
| “websites” | www.claromentis.com, discover.claromentis.com, workplace.claromentis.com |
|---|---|
| “cookie(s)” | This is a small text file that is placed on your computer or device by the browser when you visit certain parts of our websites and/or when you use certain features of our websites. Details of the Cookies used by websites are set out below. |
| UK GDPR | The UK GDPR refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018. |
| “personal data” | Any data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you give to us on these websites. This definition shall, where applicable, incorporate the definitions provided in the UK GDPR. |
| "Controller/Business" | Under EU/UK law, has the meaning given in the UK GDPR and EU GDPR. Under US Data Protection Laws, this includes "Business" as defined in the CCPA and equivalent terms under other state laws. |
| "Processor/Service Provider" |
Under EU/UK law, has the meaning given in the UK GDPR and EU GDPR. Under US Data Protection Laws, this includes "Service Provider" and "Contractor" as defined in the CCPA and equivalent terms under other state laws. When handling personal data on behalf of our customers, Claromentis acts as a Processor/Service Provider. |
| “we/us/our” | Claromentis Ltd – see section 3 for further details |
3. Claromentis Ltd
These websites are owned and operated by Claromentis, a limited company registered in England under company number 03672955, whose registered address is Claromentis Ltd, 15 West Street, Brighton, England, BN1 2RL.
Our Data Protection Manager is Will Emmerson, and can be contacted by email at data-protection@claromentis.com, by telephone on UK) 0800 409 6101 US) 1 (844) 238 6868 , or by post at Claromentis Ltd, 6th Floor, Vantage Point, New England Road, Brighton, East Sussex, BN1 4GW.
4. Your Rights
As a data subject, you have the following rights under the UK GDPR, which this Policy and our use of personal data have been designed to uphold:
- The right to be informed about our collection and use of personal data
- The right of access to the personal data we hold about you (see section 10)
- The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in section 12)
- The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you
- The right to restrict (i.e. prevent) the processing of your personal data
- The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation)
- The right to object to us using your personal data for particular purposes
- Rights with respect to automated decision making and profiling
If you have any cause for complaint about our use of your personal data, please contact us using the details provided in section 12 and we will do our best to solve the problem for you. If we are unable to help, you also have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office.
For further information about your rights, please contact the Information Commissioner's Office or your local Citizens Advice Bureau.
4a. Your Rights Under US State Privacy Laws
If you are a resident of California, Virginia, Colorado, Connecticut, Utah, or another US state with applicable privacy legislation, you may have additional rights under those laws, including:
- The right to know what personal information we collect, use, disclose, and sell or share
- The right to request deletion of your personal information
- The right to correct inaccurate personal information
- The right to opt out of the sale or sharing of your personal information
- The right to data portability
- The right to non-discrimination for exercising your privacy rights
To exercise any of these rights, please contact us at data-protection@claromentis.com. We will respond to your request within the timeframes required by applicable law (generally 45 days for CCPA requests, with possible extensions as permitted by law).
You may also designate an authorised agent to make a request on your behalf. If you use an authorised agent, we may require verification of your identity and confirmation that you have authorised the agent to act on your behalf.
5. What data do we collect?
| Cookie(s) | Please see section 9 for further information on the use cookies on this site |
|---|---|
| Quote requests | We collect basic company and personal data so that we can provide accurate quotes for the products and services we provide |
| Personalised demo | In order to arrange a personalised demo with a member of our team, we ask for a few personal contact details in order to fulfil this request |
| Brochure/advice guide/e-book downloads | We collect basic personal data so that we can provide you with a link to the downloads and information about Claromentis |
| Instant access demo (“try our software) – workplace.claromentis.com | We’ll ask for certain contact details in order to provision an account for this system |
| Contact form | If you’d like to get in contact with us, the contact form require basic personal information that will allow us to email you back |
| Support portal – discover.claromentis.com | Our support portal will collect personal data that will allow us to process support tickets, change requests, upgrades that allow us to fulfil each contract with our clients. We’ll also collect statistics and feedback that allows us to improve the products and services that we provides. |
| HubSpot | We use HubSpot to gain insight into website user activity, such as page views, workflows, traffic sources, etc in order to provide tailored content that’s relevant to our visitors’ needs. For more information, please visit HubSpot’s privacy policy. We also use HubSpot’s instant messaging app, where you can ask questions and speak directly to a member of our Sales team. Basic personal information is required that will allow us to reply to your messages and email you back. |
6. How do we use your data?
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the UK GDPR at all times.
Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests. Specifically, we may use your data for the following purposes:
- Providing and managing your access to our websites
- Personalising and tailoring your experience on our websites
- Supplying our products and services to you
- Replying to emails and messages from you
- Supplying you with emails when you download content or request demos
- Market research
- To gain feedback and opinion on the product and/or services that we provide
- Newsletter/Marketing data: Removed if subscriber signed up over 5 years ago AND hasn't opened any of the last 5 campaigns
- Potential customer data: Kept for up to 5 years after initial enquiry
- Contractual data: Kept for the length of contract plus up to 5 years after termination
With your permission and/or where permitted by law, we may also use your data for marketing purposes. We will not, however, send you any unsolicited marketing or spam.
Data retention periods:
For customers under contract, personal data processed on behalf of the customer is deleted within thirty (30) days of contract termination unless retention is required by applicable law. Where legal retention is required, we will notify the customer, continue to protect the data, and delete it when the legal requirement ceases to apply.
7. How and where do we store your data?
We only keep your personal data for as long as we need to in order to use it as described above in section 6, and/or for as long as we have your permission to keep it.
Some or all of your data may be stored outside of the European Economic Area ("the EEA"). If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as the EU or UK.
Our SaaS platform can be hosted in:
- London (europe-west2)
- Frankfurt (europe-west3)
- South Carolina (us-east1)
We maintain security controls according to HIPAA and ISO 27001 standards. This includes secure hosting with Google Cloud Platform, strong encryption, background checks for staff, regular vulnerability scanning, monitoring, firewalls, endpoint protection, incident management, and regular audits.
US Data Storage
For US-based customers, we implement appropriate technical and organisational measures to protect the security, confidentiality, integrity, and availability of your data in accordance with applicable US state privacy laws. Our security measures are described at claromentis.com/legal/security.
8. Do we share your data?
Personal information will not be released to any other third parties (such as a Claromentis Business Partner) except to progress the matter for which you provided the information in the first instance unless the release of your personal information is required by law or is pertinent to governmental or judicial investigations or proceedings.
We Do Not Sell or Share Your Personal Data
Claromentis does not sell your personal data. We do not share personal data collected within our 'Claromentis' software applications for cross-context behavioural advertising. However, our marketing website may use third-party tracking tools (such as the LinkedIn Insight Tag) to provide relevant advertising to visitors on the website. You can manage your preferences via our Cookie Settings. We do not retain, use, or disclose personal data for any purpose other than performing our services as described in this policy and our agreements with customers. We do not combine personal data received from you with personal data received from other sources except as permitted under applicable privacy laws for the purposes of providing our services.
We may sometimes contract with third parties to supply services to you on our behalf. These may include search engine facilities, analytics, advertising, and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
Please see the list below for a summary of our key sub-processors:
| Our cloud infrastructure provider is the Google Cloud Platform. We use this to host our SaaS software and the services that support this. | ||
|---|---|---|
| HubSpot | We host and manage our website via HubSpot, this provides a Content Delivery Network and caching to ensure optimal performance of our website (claromentis.com) to our global audience. We also use HubSpot to manage marketing campaigns, contact details and sales nurturing. | |
| Primer | We use Primer to build audiences for advertising and remarketing purposes. | |
| Apollo Io | We use Apollo Io for sales outreach and audience building. | |
| SendGrid | SendGrid is used on our SaaS infrastructure in order to send out email notifications (an email relay service) from the clients digital workplace to the end user(s). For example, a simple notification about a new document upload would be sent out using this service. | |
| G2 | On occasion, we use G2 to collect customer reviews. Either G2 or Claromentis will communicate directly with customers to request a review. | |
| Slashdot Media | On occasion, we use Slashdot Media’s software review generation service, SourceForge, to collect customer reviews. Either SourceForge or Claromentis will communicate directly with customers to request a review. | |
| Automate.io | We use Automate.io to send customer upgrade feedback to HubSpot. | |
| Survicate | We use Survicate to collect feedback on tickets completed on our Discover support portal. |
9. Cookie policy
Our websites may place and access certain first party cookies on your computer or device. First party cookies are those placed directly by us and are used only by us. We use cookies to facilitate and improve your experience of our websites and to provide and improve our services.
All cookies used by and on our websites are used in accordance with current laws under the UK GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Essential Cookies
|
Cookie Name |
Purpose |
|
JSESSIONID |
Maintains user state across page requests |
|
__cfduid |
CloudFlare security - identifies clients behind shared IP |
|
PHPSESSID |
WordPress session variables |
|
CookieYes |
Remembers visitor cookie consent choices |
|
_GRECAPTCHA |
Google Recaptcha bot protection |
|
__cfruid |
Cloudflare trusted web traffic identification |
|
__cf_bm |
Cloudflare Bot Management |
Marketing Cookies
|
Cookie Name |
Provider |
Purpose |
|
UserMatchHistory |
|
Tracks visitors for relevant advertising |
|
__hssrc |
HubSpot |
Determines if visitor restarted browser |
|
__hssc |
HubSpot |
Keeps track of sessions |
|
test_cookie |
DoubleClick |
Determines if browser supports cookies |
|
Google Adwords |
|
Conversion tracking for ad clicks |
|
_uetsid |
Bing |
Microsoft Bing Ads tracking |
Analytics Cookies
|
Cookie Name |
Provider |
Purpose |
|
_ga |
|
Calculates visitor, session, campaign data for analytics |
|
_gid |
|
Stores information on website usage |
|
_gat |
|
Throttles request rate on high traffic sites |
|
__hstc |
HubSpot |
Tracking visitors with timestamps |
|
hubspotutk |
HubSpot |
Keeps track of website visitors |
|
MUID/MUIDB |
Bing |
Anonymously identifies user sessions |
Personalisation Cookies
|
Cookie Name |
Provider |
Purpose |
|
YouTube cookies |
YouTube |
Set when YouTube video is present |
|
lang |
|
Stores language preferences |
|
messagesUtk |
HubSpot |
Recognises users who have chatted |
|
vuid |
Vimeo |
Collects tracking information for embedded videos |
Managing Cookies
You can manage your cookies by loading the cookie banner and clicking "Cookies Preference Centre". You can choose to delete cookies on your computer or device at any time, however you may lose any information that enables you to access our website more quickly/efficiently including login and personalisation settings.
10. Request for access / accuracy & retention of data
The Claromentis product:
We provide services to organisations, rather than end users. It is therefore the organisation who is the Data Controller, according to the UK GDPR. As an end user of our product, you can edit your profile within the Claromentis product. Contact your intranet administrator if you would like to amend/delete personal data or have your account deactivated.
Our websites:
This applies to any data held by us related to websites we control for Sales and Marketing, Billing/Administration or Support. You have the right to access, correct, amend or delete personal data held by us. Under the UK GDPR, no fee is payable and we will provide any and all information in response to your request free of charge. Please contact us at data-protection@claromentis.com.
11. Your Right to Withhold Information
You may access our websites without providing any data at all. However, to use all features and functions available on our websites you may be required to submit or allow for the collection of certain data.
You may restrict our use of Cookies. For more information, see section 9 (our cookie policy).
12. California-Specific Disclosures
This section provides additional disclosures required under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).
Categories of Personal Information Collected:
We may collect identifiers (name, email, IP address), commercial information (transaction history), internet activity (browsing history on our sites), and professional information (job title, employer).
Business Purposes for Collection:
We collect personal information to provide our services, respond to enquiries, process transactions, improve our products, and for marketing purposes where you have consented.
Sale and Sharing:
We do not sell personal information. We do not share personal information for cross-context behavioural advertising. However, our marketing website may use third-party tracking tools (such as the LinkedIn Insight Tag) to provide relevant advertising to visitors on the website. You can manage your preferences via our Cookie Settings.
Retention:
We retain personal information as described in Section 6 of this policy.
Sensitive Personal Information:
We do not collect sensitive personal information as defined under CPRA for purposes other than those permitted under the law.
13. Contacting Us
If you have any questions about our websites or this privacy policy, please contact us:
- Email: data-protection@claromentis.com
- Telephone (UK): 0800 409 6101
- Telephone (US): 1 (844) 238 6868
- Post: Claromentis Ltd, 15 West Street, Brighton, England, BN1 2RL
Please ensure that your query is clear, particularly if it is a request for information about the data we hold about you.
For US residents wishing to exercise rights under state privacy laws, please contact us at data-protection@claromentis.com with the subject line "US Privacy Rights Request".
Give staff a workplace to call home
Access every app, share information, and collaborate in one central workplace. To find out more, book a demo with our experts.
