Privacy and Cookies Policy

About this Policy

Here at Madgex, we are committed to protecting the privacy and security of your personal information. This policy explains what we collect, how and why we collect it, how we use it and how it is protected.

This policy was last updated on December 29th 2020. We may change the policy from time to time so please revisit this page to ensure you’re still happy.

Who we are

We’re Madgex, the market-leading career technology and solutions provider and we’re formed of Madgex Ltd operating from the UK and Toronto and Madgex Inc operating from the USA.

Under the terms of GDPR for the purposes of general sales and marketing, Madgex Ltd acts as the ‘Data Controller’, the company which manages and decides why and how your personal information is processed. This Privacy Policy sets out how we manage and protect that data.

How do we collect information from you?

The information you provide voluntarily

We collect the information you give to us when you visit www.madgex.com or any of our landing pages and provide your details via our online forms, including requests for us to contact you for product demos, registration for events and webinars, participation in research opportunities, or requests for any content and information and when you subscribe to our blog. We also collect information you provide to us when we communicate with each other in other contexts, for example, when you email or telephone us.

The types of information that Madgex collects directly from you or through your use of our websites and services may include the following depending on how you interact with Madgex:

Contact information, such as your name, email and telephone number;
Your employment information and preferences;
Usernames and passwords;
Communication preferences;
Other personal information, such as your location and gender;
Photos, video, audio and screenshots (with additional consent).

If you would like to unsubscribe from our emails or notifications at any point, you can click on the subscription links at the bottom of any of our emails. You can pick and choose the types of emails and notifications you want to receive and those you don’t.

The information we automatically collect

When you browse www.madgex.com or interact with an email that we send to you, we may collect information about your browsing activities. This may include details of your location via your IP address, your browser details and site interaction information. We collect this information through the use of cookies and other tracking technologies. See the sections on cookies and analytics below for more details.

Information from elsewhere

If you have registered with a conference or exhibition which Madgex have sponsored or attended, we may be provided your details by the event organizer via the delegate lists. We will only ever use this personal information if you have expressly agreed, and always in accordance to the usage guidelines provided by the conference organizer.

What information are we collecting?

You’ll see when you complete one of the forms on our website that we’re asking for your name and email address and, where appropriate, job title, phone number (if you’re asking us to contact you) and company name. We might also ask you some additional questions when you complete a form to help us understand your requirements, for example, ‘Do you already have a job board?’ and ‘Who is your current provider?’.

How do we use that information?

We use your personal information to:

Enable you to use our website and services
To carry out our obligations relating to any contract we may have with you
Respond to your requests for contact and information
Improve our site through monitoring your usage
Send information to you regarding changes to our terms of service, privacy policy and other legal agreements that affect you
To comply with requests from you for the exercising of your rights
If you are an existing customer or in discussions with us to become a customer, to send you promotional information about our products and services, unless you opt-out
If you have expressly agreed, to send you articles, e‑books, reports and event and webinar invitations that we think you’ll find useful, unless you unsubscribe
To otherwise administer our website and business

Where information has been provided for the primary purpose of research, Madgex will use this to manage and improve our products & services. Your participation in research, together with your individual responses to research questions will be kept strictly confidential. We will not share personal information from research with third parties.

Where you have provided your information to us through a request for contact, web browsing, or completion of one of our online forms, we will send communications to you or otherwise contact you based on legitimate interests as the lawful basis for processing your information. You will always be given the right to ask us not to contact you.

If you are a customer of Madgex we will process your information and contact you and other personnel within your organization based on the performance of contractual obligations.

If you have expressly agreed to our use of your personal information, the lawful basis of our processing of your information will be consent, unless one of the above also applies.

If you have any questions about the lawful basis on which we are processing your personal data, please contact us.

Will we ever share your information?

Sharing with third parties

We may need to disclose your personal information to third parties (provided that they are bound by appropriate obligations to safeguard your information) as follows:

To our employees, officers, insurers, professional advisors, agents, suppliers or subcontractors to the extent that it is reasonably necessary to do so for the above permitted purposes;
If we are required to do so by law or in any legal proceedings;
If we need to for fraud prevention or to protect the rights, property or safety of us, our customers or others.
To third parties wishing to purchase our business or assets.

We will not share your personal information with third parties for the purposes of further marketing. We’re good like that.

Where are we storing your data?

Our main hosting data centres are located in the EEA, currently in London (UK) and [other hosting regions].

Transfers to third countries and safeguards

We are an international business with a global customer base. We may need to transfer personal information between any of the countries we operate in and to our suppliers and subcontractors in other countries. We do not transfer any data to third counties or international organisations unless they are deemed by applicable law to have adequate privacy protection or recognized legal mechanisms are in place to ensure adequate protection of your information (e.g. EU Model Contract Clauses or EU-US / Swiss-US Privacy Shield frameworks).

Any international transfers of your personal information will also be subject to binding privacy and confidentiality terms enabling us to ensure compliance with this Privacy Policy.

How do we protect your information?

We take Data Security very seriously, in fact, we pride ourselves on it.

We regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access.

We restrict access to personal information to our employees, contractors and agents on a need-to-know basis and ensure that they are subject to contractual confidentiality obligations and may be disciplined or terminated if they fail to meet those obligations.

We will only ever work with trusted third parties having first completed due diligence to ensure they also enforce an adequate level of data security to protect your information.

We have multiple layers of security in place to protect the security of our clients and their clients’ information. Details of these measures may be provided upon request.

How long do we hold your information for?

We will endeavor not to keep your personal information for longer than necessary. We will delete your data on request, according to the Erasure section below. Subject to this, your information is retained and deleted as follows:

We will delete information provided by you through one of our web forms after 5 years by default.
We will delete information gathered through lead generation research after 5 years by default.
We may need to retain certain information for reasonable business purposes (e.g. accounts information, unsubscribe records, information needed to prevent identity theft, legal disputes and misconduct) even if deletion has been requested. Normally this information will be deleted after 5 years by default unless we have a legitimate reason to retain it for longer.
We may also need to retain information by law or in relation to pending or prospective legal proceedings, in which case we will normally retain it for the length of our contract plus 7 years thereafter.

What are your rights?

We regard the principles of GDPR as the gold standard in Data Protection and therefore will extend the rights outlined below to all our global contacts, regardless of whether you’re within the territorial scope of GDPR.

You have several rights as a data subject as summarised below:

Access:

You have the right to obtain confirmation as to whether your personal information is being processed by us and, if it is, to access your information and details of how we process it, as long as this does not adversely affect the rights and freedoms of others.

Rectification:

We will rectify any errors in the personal information we hold on request.

Erasure:

In addition to any Madgex functionality that enables you to delete information, you may ask us to erase your personal information from our systems in the following situations:

The information is no longer necessary in relation to the purpose for which it was collected;
You withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
You object to the processing and there are no overriding legitimate grounds for the processing;
The information has been unlawfully processed;
The information has to be erased for compliance with a legal obligation to which we are subject.
Right to restrict processing:You have the right to restrict our processing on specified grounds.

Notification:

Where you have asked us to rectify, erase or restrict processing of your information, we shall communicate the same to each recipient to whom your information has been disclosed, unless this proves impossible or involves disproportionate effort, in which case we shall let you know.

Data portability:

You have the right in specific circumstances where processing is based on consent to receive your information in a structured, commonly used and machine-readable format and have the right to transmit the information to another controller without hindrance, provided that our processing is carried out by automated means.

Right to object:

In certain circumstances you have the right to object to our processing of your information, including in relation to profiling, direct marketing or scientific or historical research purposes.

Automated individual decision making:

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you unless this is necessary for our contract, is authorised under applicable law or is based on your explicit consent.

How can I exercise my rights?

If you would like to exercise any of these rights, please email, call or write to us using the contact details below.

We will require additional information from you so that we can correctly verify your identity.

For more information about the circumstances in which these data subject rights apply, see the guidance provided by your local regulatory authority, for example in the UK; https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Complaining to the regulator

We hope we can help you to resolve any query or concern you have over the use of your information, however the General Data Protection Regulation also gives you the right to make a complaint with your local supervisory authority where any alleged infringement of data protection law has occurred.

The supervisory authority within the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone at 0303 123 1113 or other channels as updated at https://ico.org.uk/global/contact-us/.

What happens if a data breach occurs?

Whilst we endeavor to keep your personal information safe, we acknowledge that security incidents can occur and so have incident management procedures in place which are regularly reviewed to be prepared should an event ever occur.

In the event of data theft, we may suspend access to our servers, emails and online systems and take other urgent steps to prevent further unauthorized access to information.

If we believe that our data has been compromised, we will report the issue to the Information Commissioner’s Office (ICO).

We will notify you without delay if we believe a data breach is likely to result in a significant risk to your rights and freedoms. Any notification will describe in clear and plain language the nature of the personal data breach and contain all required information.

Cookies

On madgex.com we use cookies to store information to improve the functionality of the website and allow us to understand you as our audience. The majority of our cookies are ‘first party cookies’ which means we set them ourselves, however we also use ’third party’ cookies to incorporate elements from other sites, such as images, social media plugins, advertising and user tracking so we can analyse trends to help improve our services.

For more information on the cookies used on our website and how to manage your preferences, please see our Cookie Policy.

Madgex as data processor

This Privacy Policy applies where Madgex is deemed the ‘data controller’ of personal information i.e. where we exercise control over the data processing, decide what personal information to collect, how to process it and for what purposes. In some situations we may be deemed under applicable law to be your ‘data processor’ e.g. under a Madgex SaaS Agreement i.e. where we process personal information controlled by you, on your behalf. In those situations, our Data Processor Terms shall apply to our processing activities.

Changes to this Policy

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates.

We may also notify you in other ways from time to time about the processing of your personal information.

Our details

Please contact us if you have any questions regarding this privacy notice or the information we hold about you.

You can send us an email at data.protection@madgex.com, or visit our Contact page for your relevant local mailing address and contact phone numbers.

Our Data Protection Officer services are provided by John Wiley & Sons Ltd, 9600 Garsington Road, Oxford OX4 2DQ.

Representation for data subjects in the EU

We value your privacy and your rights as a data subject and have therefore appointed Prighter as our EU GDPR privacy representative and your point of contact.

If you want to contact us via our EU representative or make use of your data subject rights, please visit: https://prighter.com/q/12151813

Privacy and Cookies Policy

About this Policy

Who we are

How do we col­lect infor­ma­tion from you?

What infor­ma­tion are we collecting?

How do we use that information?

Will we ever share your information?

Where are we stor­ing your data?

Trans­fers to third coun­tries and safeguards

How do we pro­tect your information?

How long do we hold your infor­ma­tion for?

What are your rights?

Access:

Rec­ti­fi­ca­tion:

Era­sure:

Noti­fi­ca­tion:

Data porta­bil­i­ty: