Privacy Policy UK

Sharp Privacy Policy

Last Updated: August 2022

1. Introduction

At Sharp (“we”, “us”, “Sharp”), we take your privacy seriously.

This privacy notice explains how Sharp collects and uses personal data, and describes the rights you have with respect to your personal data.

As a responsible organisation, we have implemented numerous technical and organisational measures to ensure the most complete protection of any personal data processed by us, in order to meet the requirements of the General Data Protection Regulation (“GDPR”), and in accordance with any country-specific data protection regulations.

Sharp processes personal data for a variety of purposes. We collect this data directly from you, for example, if you engage us to provide services directly to you, or we may also obtain your personal data from publicly available sources (e.g. LinkedIn), or process your data in the context of providing services to your employer (as our customer).

This privacy notice is intended to cover all aspects and scenarios of how Sharp processes personal data and it is further supplemented by more specific privacy notices, which are provided to you at the time your personal data is collected, where appropriate.

2. Name and Address of the Data Controller 

The joint data controller for the purposes of the GDPR, other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

Sharp Business Systems UK PLC Sharp IT Services (UK) PLC
Phone: 01924 836 455 Phone: 01628 552 850
Email: DataProtection.sbsuk@sharp.eu Email: dataprotection@sharp.co.uk

There is also a secondary data controller of this website:

Sharp Electronics GmbH, Nagelsweg 33-35, 20097, Hamburg, Germany

Phone: +49 (0)40 2376-0

Email: DSchott@intersoft-consulting.de

Please note that each Sharp organisation within Europe is a Data Controller in its own right and you should check the Privacy Policy on the local country website domain (e.g. sharp.co.uk, sharp.fr, sharp.de) which you are accessing or where you reside.

As a data controller we are responsible for deciding how we hold, use and keep personal data secure. It also means we are responsible for responding to requests you make in relation to how your personal data is used. If you have any questions about the way your personal data is processed, you can contact us on the details above

You may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.

3. Data Protection Representative 

Article 27 of the UK General Data Protection Regulation (UK GDPR) requires organizations that are not established in the United Kingdom (UK) to designate a representative in the UK if they are subject to the UK GDPR.

Sharp Business Systems UK PLC  may undertake processing activities to which the GDPR applies. For that reason, Sharp Business Systems UK PLC  has appointed a representative in accordance with the  UK GDPR to act on their behalf if, and when, they undertake data processing activities to which the UK GDPR applies, in accordance with Articles 13 and 14 of the UK GDPR. Such appointment is not intended to be an acknowledgement that the  UK GDPR is applicable to any of their processing activities.

The Data Protection Representative of the Controller is:

Sharp Electronics (Europe) Ltd. Sucursal en España, incorporated in Spain whose registered office is at WTC Almeda Park, Plaça de la Pau s/n, Edificio-6, Planta-4, 08940 Cornellà de Llobregat, Barcelona

Email: proteccion.datos@sharp.eu

4. Personal data

This privacy notice covers any personal data processed by Sharp. “Personal data” means any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier. Personal data also refers to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.

It also includes sensitive personal data (special category data as referenced in the GDPR), including:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Membership of a trade union
  • Genetic data
  • Biometric data
  • Physical or mental health or condition
  • Sex life or sexual orientation

Sensitive personal data also includes personal data relating to criminal convictions and offenses.

5. What data is processed

We will collect personal data when you set up an account with us, purchase products or services from us, complete forms we provide to you, make a report or notification about our products or services, contact us by phone, email or communicate with us directly in some other way.

Below we define types of personal data processed by us depending on the circumstances in which personal data is collected. We collect the following types of personal data from you:

5.1. Visitors to our website 

Personal data we collect about you when you visit our site falls into two categories.

  1. Information provided directly by you

We collect personal data that you provide voluntarily through our site, for example, when completing online forms to contact us, subscribing to a newsletter, using one of our online, subscribing to receive marketing communications from us, participating in surveys or registering for events that we are organizing. The information we collect about you includes the following:

  • Name
  • Job title, job level or function, role
  • Company or organization
  • Company data
  • Contact information, including primary email, email address and telephone numbers
  • Demographic information, such as industry, country, postcode, preferences and interests
  • Other information relevant to client surveys or similar research
  • Information pertinent to fulfilling our services to you
  • Any other personal data that you voluntarily choose to provide to us

We do not intentionally collect sensitive category data, unless you provide us with such data. While there may be free text boxes on the site where you are able to enter any information, we do not intend to process sensitive information and you should therefore refrain from providing any such data. If you choose to provide any sensitive personal information in this manner, you acknowledge your consent to the collection and processing of this sensitive information.

  1. Automatically collected information

When you visit our site, we collect certain personal data automatically from your device, such as your IP address, device type, unique device identification number, browser type, broad geographic location (e.g., country or city-level location) and other technical information. We may also collect information on how you and your device interacted with the content on our site e.g. links clicked, information accessed. We collect this information to gain better understanding of the visitors to our site, where they come from and what content on our sites is of interest to them. This information may further be used for analytics and quality purposes. Further information on how Sharp uses automatically collected data, including cookies and other similar tracking technology, is explained in our Cookie Policy.

We use Leadoo’s tracking service to follow what users are doing on the site and combine this behavioural data with other data we can gather from e.g. chat interactions. Leadoo uses ETag tracking in order to hook together the same user’s behaviour over several sessions. Please check out Leadoo Marketing Technologies Ltd’s Privacy Policy (https://leadoo.com/privacy-policy/) for more information on what is tracked and what your rights are. Leadoo works as the Processor and we work as the Controller for the data in terms of GDPR. You can stop the tracking by emptying your browser’s cache after the visit. For more on how Leadoo works as a GDPR compliant processor, see https://leadoo.com/privacy-policy-processor/.

Our site also uses various social media plugins, please refer to section 4.6 for further information on their use.

5.2 Customers 

When you engage us to provide services to you, we collect and use personal data for valid business purposes in the context of providing services to you. As part of any such service, Sharp may also process personal data of individuals who are not directly our customers (for example, employees, customers or suppliers of our customers).

The majority of the personal data we collect and use to provide our services is supplied voluntarily by our customers. Where such data may concern individuals who are not Sharp’s direct customers, we obtain a confirmation from our customer confirming they have the authority to pass the data to us for lawful onward processing.

We process the following types of personal data

    • Basic information, such as your name, the company you work for, your position and your relationship to a person
    • Contact information, such as your postal address, email address and telephone numbers
    • Financial information, including any information to facilitate payments between the parties
    • Any other personal data relating to you or other third parties which you provide to us for the purpose of receiving our services

5.3 Contacts in our CRM systems

We process personal data about our business contacts (e.g. existing, former or prospective customers, including any individuals employed by them and other business contact) in our Client Relationship Management (CRM) systems.

Our CRM systems provide support to the business and facilitate our marketing operations. Sharp uses the information recorded on such systems to share with contacts information about Sharp products, marketing materials, surveys and invitations to events, and for general customer relationship administration purposes.

We process the following categories of personal data in our CRM systems:

    • Name, job title, address, email address, phone and fax numbers
    • Name of employer or organization the individual is associated with
    • Marketing preferences
    • Invitation responses and event attendance confirmations
    • Any other information voluntarily provided by you in the course of our business relationship

We do not intentionally collect sensitive category data, unless you provide us with such data (for example, special dietary requirements which reveal your religious affiliation or any food allergies), if you attend one of our events. Collection of any such data will be subject to specific privacy notices, relevant to the event you are attending.

5.4 Participants in Sharp events 

We process personal data about participants in events organised by Sharp including meetings, conferences, learning sessions and webinars. We may use various applications and online platforms to manage event registration processes. Please take note of their own privacy notices and read them carefully when you provide your personal data for the purposes of event participation.

We process the following categories of personal data (to the extent they apply a specific event):

  • Name, age or date of birth
  • Client personnel information (home, office and business information)
  • Credit or debit card number
  • Customer information (home, office and business information)
  • Email address
  • Gender
  • Home or other physical address
  • Names of employers
  • Role (job title)
  • Passport number
  • Telephone or fax numbers

We do not intentionally collect sensitive category data, unless you provide us with such data (for example, special dietary requirements which reveal your religious affiliation or any food allergies or other data relating to your health necessary to provide support to participants and facilitate their attendance in Sharp run events).

Sharp may take photographs and audio or video recordings in public areas of the Sharp events. Following the event, recordings may be further edited before they are published or distributed for marketing purposes.

5.5 Individuals who use our platforms and applications 

We provide external users, including our customers and their end users, access to various applications managed by us such as our partner portal service or our online training service (Academy). Any personal data collected via these applications (e.g. name, email address, data and time of registration) is captured to provide the individuals with this service, verify their identity and to provide them with a secure log in to a protected web environment. It also enables Sharp to provide access or deny access due to misuse of service. Any third party applications provided by Sharp are subject to their own privacy notices, please familiarise yourself with their content and read them carefully when you use our platforms and applications.

5.6 Individuals who visit our social media sites and interact with our social media tools 

Social media sites

Sharp uses various social media platforms for recruitment, marketing and business development purposes. We use social media to advertise recruitment opportunities with Sharp and to promote products, services and brand.

Please note that while Sharp is responsible for the content it publishes using social media platforms, Sharp will not be responsible for the management and administration of any social media platforms.  You should always familiarize yourself and read carefully any legal and privacy terms imposed by these social media platforms. If you have any questions on how the social media platform uses your data, you should contact the platform provider directly.

In some circumstances, Sharp may obtain aggregated data from these social media platform providers, e.g. number of “likes” in response to Sharp published content and posts, number of visitors who engage with our posts or information on links clicked and downloaded content.

Social media plugins 

Social media plugins are also implemented on our site e.g. specific button which enables the site to establish a direct connection with the relevant social media platform server. As a result of such direct connection, the social media provider will be informed of the relevant page on our site which triggered such link. If you wish to prevent such sharing, you should review your settings within your social media accounts prior to visiting our website as Sharp has no influence on how the data is collected using social media plugins.

Our site uses the following plugins, widgets:

  • Twitter

Functions of the Twitter service have been integrated into our site. When you use Twitter and the “retweet” function, the websites you visit are connected to your Twitter account and made known to other users. If you are not yet logged into your Twitter account, clicking a Twitter button will show you the Twitter login page for you to enter your login credentials. In doing so, data will also be transferred to Twitter. We would like to point out that we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information, see Twitter’s privacy policy.

  • YouTube

Our site uses plugins from YouTube, which is operated by Google. If you visit one of our pages featuring a YouTube plugin, it is a connection to the YouTube servers. Here, the YouTube server is informed about which pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account. If you are not yet logged in, clicking a YouTube button will show you the YouTube login page for you to enter your login credentials.

For more information, see Google’s privacy policy.

  • LinkedIn Lead Gen Forms

Sharp uses LinkedIn Lead Gen Forms for Sharp sponsored content, and sponsored LinkedIn InMails for recruitment, business development and marketing campaigns. Once LinkedIn members click on Sharp advertisement, they will see a form that is pre-filled with information from their LinkedIn profile, such as their name, contact information, company name, seniority, job title and location. As soon as a LinkedIn member submits a lead form, they will be connected to Sharp. Please click here for LinkedIn’s privacy policy.

  • Google Maps

Our site uses the Google Maps map service via an application programming interface (API).

To use Google Maps, it is necessary to save your IP address. This information is generally translated to a Google server in the United States and stored there. We have no influence on this data transfer. For more information, see Google’s privacy policy.

5.7 Individuals who correspond with Sharp via email

Sharp uses a variety of tools to maintain the security of our IT infrastructure, including our email facilities. Examples of such tools are:

  • Systems that scan incoming emails to Sharp recipients for suspicious attachments and URLs, in order to prevent malware attacks
  • Tools that provide end-point threat detection to detect malicious attacks
  • Tools that block certain content or websites

If you correspond via email with a Sharp recipient, your emails will be scanned by the tools Sharp operates to maintain the security of its IT infrastructure, which could result in content being read by authorized Sharp personnel other than the intended recipient.

5.8 Job applicants 

We process personal data for recruitment purposes, to facilitate the administration of our available employment opportunities and to match your skills, experience and education with specific roles offered by Sharp. Any such data may be collected directly from the candidate or from other third parties, about the candidate.

In general terms, we collect the following types of personal data:

  • CVs/resumes
  • identification documents
  • academic records
  • work history
  • employment information and references.

This information is passed to the relevant hiring managers and persons involved in the recruitment process to decide whether to invite you for an interview. Sharp will collect further information if you are invited to the interview (or equivalent) stage and onward. Such information includes interview notes, assessment results, feedback and offer details.

As part of our recruitment process, we may also collect special category data from candidates where we have an employment law obligation to do so. This information is relevant to their future working environment at Sharp or the future provision of employment benefits, or with the individual’s explicit consent, where collecting such information is permitted by law.

Our recruitment tools and websites contain their own privacy notices explaining why and how personal data is collected and processed by those applications. We encourage individuals using our recruitment tools and websites to refer to the privacy notices available on those tools and websites.

5.9 Suppliers  

We process personal data about our suppliers (including subcontractors, and individuals associated with our suppliers) in order to manage our relationship and contract, and to receive services from our suppliers.

The personal data we process is generally limited to contact information (name, name of employer, phone, email and other contact details) and financial information, including payment-related information.

5.10 Visitors to Sharp offices 

When you visit a Sharp office, we process your personal data in order to provide you with certain facilities (such as access to our buildings and conference rooms or Wi-Fi), to control access to our buildings, and to protect our offices, personnel, goods and confidential information (for example, by using CCTV).

The personal data we collect is generally limited to your name, contact information, location, and the time you enter and leave our office.

  • Visitor records and access badges

We require visitors to our offices to sign in at reception and we keep that record of visitors for a short period of time. Visitors to our offices are provided with a temporary access badge to access our offices. Our visitor records will be used to verify that access badges are returned, to look into a security incident and for emergency purposes (for example, if an office needs to be evacuated).

  • Wi-Fi

We monitor and log traffic on our Wi-Fi networks. This allows us to see limited information about a user’s network behaviour, but will also include being able to see at least the source and destination addresses the user is connecting from and to.

  • CCTV

Sharp uses CCTV monitoring where permitted by law. CCTV images are securely stored and only accessible on a need-to-know basis (for example, to look into an incident).

6. Purposes and legal grounds for processing 

We limit the collection of personal data to only that which is absolutely necessary to carry out our legal or business obligations. In some cases however the provision of personal data may be partly required by law (e.g. tax regulations), is needed as part of contractual negotiations, or as part of providing a service.

Below, we describe:

  • the purposes we collect your personal data for and;
  • the legal basis that allows us to process your personal data.
[table id=1 /]

How we share your personal data

We share your personal information with the following:

  • Our staff: Your personal data will be accessed by our staff but only where this is necessary for their job role.
  • Companies in the same group of companies as us: For the purpose of providing a service to you.
  • Partners and Dealers: For the purpose of answering queries you have about products and services not directly provided by Sharp.
  • External service providers: Sharp use external service providers to assist with, for example, information technology and other administrative support services. Our service providers are contractually bound to maintain appropriate levels of security and data protection
  • Law enforcement and regulatory agencies: if we are required to disclose or share your Personal Data in order to comply with any legal obligation or any regulatory requirement

Changes of Business Ownership and Control 

We may transfer, sell or assign any of the information described in this Privacy Policy to third parties as a result of a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business. Where we are involved in a merger, acquisition or sales of assets, we will always process your data in line with your rights and freedoms and subject to confidentiality agreements between the parties.

Transfers of personal data 

Sharp companies operate in various locations across the globe. Some parts of our internal infrastructure are centralised  which includes provision of information technology services. We may also transfer personal data to third parties (and their affiliates) which provide the above mentioned ancillary services to Sharp.

Therefore, your personal data will sometimes be transferred outside of the jurisdiction in which it was collected and stored. This includes countries outside of the European Economic Area (EEA) and the United Kingdom (UK). Where such a transfer is required, we put in place appropriate security and legal measures to safeguard the safety and security of personal data. Sharp has implemented appropriate intragroup data transfer agreements, providing for a legally binding and enforceable commitment to protect any personal data within the Sharp company group. Where personal data is transferred to a third party service provider, we also ensure legally binding contractual protections are in place, consistent with the GDPR and any other applicable data protection laws.

Your rights 

You have the following rights in relation to your personal data:

    • To access the personal data held by Sharp about you
    • To have your personal data corrected, for example, if it is incomplete or incorrect
    • To opt out of receiving marketing communications at any time
    • To restrict or object to the processing of personal data or request erasing personal data (in certain circumstances and subject to applicable law)
    • To receive a copy of the personal data which you have provided to Sharp, in a structured, commonly used and machine-readable format (known as “data portability”), subject to applicable laws
    • Where you have provided personal data voluntarily, or otherwise consented to its use, the right to withdraw your consent
    • The right to complain to a data protection authority

To exercise your rights to any of the above or to lodge a complaint about an alleged breach of data protection law, please contact us via DataProtection.sbsuk@sharp.eu

Security

Sharp has implemented appropriate organisational and technical controls to protect the confidentiality and security of information it obtains in the course of its business. Access to such information is limited, and policies and procedures are in place that are designed to safeguard the information from loss, misuse and improper disclosure.

Retention 

Our policy is to retain personal data only for as long as it is needed for the purposes described in the section 5 of this Privacy Policy “Purposes and legal grounds for processing”. Note that retention periods vary in different jurisdictions and are set in accordance with local regulatory and professional retention requirements.

Updates to this Policy 

We may update this privacy policy from time to time to reflect changes in the way we process personal data (e.g. if we implement new systems or processes that involve the new uses of personal data) or to clarify information we have provided in this notice. Our changes will be in accordance with applicable data protection laws.

We recommend that you check for updates to this notice from time to time but we will notify you directly about changes to this notice or the way we use your personal data when we are legally required to do so.