Reviewed in May 2018. GDPR version
Who are we?
Orases Consulting Corporation (Orases). Our address is 5728 Industry Lane, Frederick, MD 21704
email@example.com is the right email to contact us about any privacy issues.
Orases, U.S.A. is a company with its headquarters in Frederick, MD is the owner of this website. It is the controller of your personal data and you should blame us if anything goes wrong.
Orases is providing a broad spectrum of technology services to businesses around the globe. This website is our marketing tool and generally speaking, any personal data processed on this website is used for marketing purposes as described in this Policy in more details.
Why do we process your data?
Generally, we use your data for marketing purposes.
- If you leave a contact request or approach us by email, we’ll use the personal data you’ve provided to contact you regarding your request. In this case, we process your personal data based on our legitimate interest to build client relations with your company.
- If you download a case study or a whitepaper from our website, we’ll need to collect your personal data to know who have downloaded our marketing materials and conduct some marketing analytics based on that information. We do that based on our legitimate interest to stick to effective marketing practices and know how to promote our services in future. The same applies to the information about what website has referred you to us.
- If you tick the box to receive news and updates from us, we’ll send you emails with some information about our expertise, latest work and relevant technology trends. We are relying on your consent which you provide by ticking that box. Also, we’ll personalize these emails based on the information we have about you, such as the division of your company, so it is more relevant to your business and more useful for you.
- Also, we may add your contact information, received from you through our website or by email, together with some publicly available information about you and your company to our CRM system for marketing analytics. We do that based on our legitimate interest to know our client’s profile and conduct some market analytics as well.
Please keep in mind that you can always withdraw your consent by leaving us a clear note at firstname.lastname@example.org at any time or by clicking the Unsubscribe button under any email received from us.
Also, you may always object to our processing activities based on the legitimate interest and have your data completely erased from all our systems. Just write us about your intent at email@example.com.
In both cases, we’ll stop the processing of your data as soon as we find your note in our Inbox, which shall not take more than a business day.
Please also not that if you withdraw your consent for direct marketing by clicking Unsubscribe button, we will not delete the rest of your data automatically. But you may request us to do so by sending us an email to the address above.
What information do we process?
Here is a complete list of the personal data we may want to know about you:
- Your name
- Your email
- Your phone number
- The company you work at
- Where is your company located
- Your job title
- The fact that you’ve visited our website
- What website refered you to orases.com
- Have you downloaded any marketing materials from our website
- Your LinkedIn profile address
Most of the information comes directly from you. We could add some information that is not a secret, like your job title or address to LinkedIn profile, if you’ve made those publicly available.
Who will we share your data with?
We may disclose your information to our affiliates, which may help us to process it.
We may disclose your data to third party vendors, service providers, contractors or agents who perform functions on our behalf, such as website management, hosting, technical support and marketing analytics. We’ll make sure that they treat it as protective as we do.
Where is your data processed?
Your data is processed in Orases in the US. Nevertheless, your data will always be safe and under GDPR protection, despite where it is processed.
We treat your data as protective as the GDPR requires from the moment we’ve received it. If we transfer your data inside or outside our group, we’ll use appropriate safeguards, such as standard contractual clauses, for personal data not to get outside of the GDPR scope.
How long will my data be kept?
We will delete your personal data as soon, as we no longer have a need or a legal basis to process it. What does it mean?
- We’ll always delete your data when we receive a request from you to do so. In the unlikely event that we are still obliged under the law to keep your data, we’ll inform you about that.
- We will not store or otherwise process your data for “unlimited period” in other cases. If we rely on legitimate interest for processing, your data will be kept as long as we are in a business relationship with you. If we don’t start a business relationship with you, your data will be stored in our systems for some limited time for our analytics to be done. In no case we will keep it for more than 1 year, the period which is necessary for communicating with your company as our potential client and after which we treat old analytics outdated, so your personal data is not needed anymore.
Don’t forget that you may always command us to delete all the information have about you.
What are my rights?
We treat all our visitors equaly according to the rules offered by the GDPR, which is believed to be the most progressive and extensive piece of privacy legislation as for now.
Your rights are as follows:
- The right to be informed
You have the right to know, what is going on with your data.
- The right of the access
You have the right to request us to provide you with information that we have about you.
- The right to rectificate
You have the right to command us to correct your personal data, if the information we store is for some reason inaccurate or outdated.
- The right of erasure
You have the right to request us to delete all your data.
- The right to restrict processing
You have the right to ask us to stop processing your data if it is unclear whether we must delete your data.
- The right for data portability
You have the right to ask us to transfer your data that we are processing based on your consent to another controller. However, this right will not apply in the case of interaction between you and us, because it is only applicable when personal data is processed based on the consent or contract, while we rely on your consent only to provide you with our direct marketing materials.
- The right to object
You have the right to object to our processing based on legitimate interest.
- Your rights in relation to automated decision making and profiling
You have the right not to be subject to a decision based solely on the automated means, incase the decision has a legal effect on you or significantly affects you in a similar way. However, we don’t do anything like that.
- The right to withdraw your consent
- The right to lodge a complaint with a supervisory authority
You have the right to complain either to a supervisory authority in the Member State where you live/work or other Data Protection Authroity.
For more information about your rights and how to exercise them we recommend visiting this perfect resource from the European Commission, which is available in many languages.
Do you profile me?
If you’ve consented to receive marketing materials from us, we’ll use the information we have about you, as described in this Policy, to provide you with more relevant materials. That’s all the profiling we do.
What about cookies?
If you’ve read this Policy up to this moment, we believe that you’ve deserved to have yourself a delicious cookie. Also, we want to believe that we deserve to place some of those tasty bits of data on your device.
What are cookies?
Cookies are small pieces of text that are stored on your device when you visit a website. During your further visits to that website, the information stored in the cookie is sent back to the site. This allows the website to recognize you and tailor its content to your needs.
Basically, almost every website places some cookies on your device, unless you’ve blocked cookies in your browser.
This may be done for few reasons.
- Functional, when cookies are used to tailor your experience. For instance, cookies permit:
- Our website to remember the details you’ve provided when filling in forms – so that you don’t have to enter the same information multiple times.
- You to share website pages on social networks like Facebook, Twitter and LinkedIn.
How to reject and delete cookies?
Is my data secured?
We don’t allow any unreliable practices regarding the security of the information we deal with. Consequently, we take all appropriate technical and organizational measures to keep your data safe, as required by the GDPR. Below are the examples of how we do that.
- All our employees, consultants or any recipients of your data are bound by confidentiality and are not authorized to process your data for the purposes other than described in this Policy. We take full responsibility for that.
- We follow the Information Security Policy, which is mandatory and applies to all our consultants, contractors, and all other individuals who can have authorized access to information resources.
- Our Information Security Policy applies to all the information stored on physical or electronic data carriers, as well as any software and hardware that we possess or use temporarily.
- All our security practices and documents are reviewed on a yearly basis, approved by the executive management and are implemented throughout the group as well as are communicated to all our employees and consultants.
- We conduct mandatory training for all our employees and consultants on privacy and security.
- We ensure authentication and authorization controls are robust and properly treated.
- We continuously gather and analyze data regarding all the new and existing threats and vulnerabilities, actual attacks on other organization, as well as the information about the effectiveness of the existing security controls.
- Our servers, workstations and internet gateway devices are updated periodically with the latest antivirus definitions that include zero-day anti-malware protection.
- We conduct risk assessment on a yearly basis.
Still have some questions?
You can reach us at firstname.lastname@example.org, if you:
- Want to know more about privacy of your information
- Want to make any kind of claim or request with regard to your personal data
- Want to say that we are wrong in any privacy issue
- Want to share your thought how we could make our privacy practices better
- Just bored and want to talk about privacy
We promise that we’ll reply. At least once, if you are just bored.