NoMuda Privacy Policy | Secure Manufacturing Software
header-image

NoMuda Data Protection and Privacy Policy

 

Revised 12/02/2021

 

1. INTRODUCTION

1.1 Everyone has rights with regards to the way in which their personal data is handled. During the course of our activities, we have the potential to, collect, store and process personal data about our personnel, customers, suppliers, and other third parties, and we recognise that the correct and lawful treatment of this data will maintain confidence in the organisation and will provide successful business operations. This protection and safeguarding of personal information are detailed in the UK GDPR legislation / Data Protection Act 2018 (UK DPA 2018).

 

2. PURPOSE

2.1 The purpose of this policy is to ensure that NoMuda meets its obligations under the EU GDPR / UK DPA 2018 and associated legislation.

 

3. SCOPE

3.1 NoMuda Ltd. Registered office: Milton House, High Street, Alcester, B50 4HL, United Kingdom.

3.2 This policy applies all NoMuda sites.

 

4. DEFINITIONS

4.1 DPA 2018 - The DPA 2018 sets out the framework for data protection law in the UK. It updates and replaces the Data Protection Act 1998 and came into effect on 25 May 2018. It was amended on 01 January 2021 by regulations under the European Union (Withdrawal) Act 2018, to reflect the UK’s status outside the EU.

4.2 GDPR - The UK GDPR is the UK General Data Protection Regulation. It is a UK law which came into effect on 01 January 2021. It sets out the key principles, rights, and obligations for most processing of personal data in the UK, except for law enforcement and intelligence agencies. It is based on the EU GDPR (General Data Protection Regulation (EU) 2016/679) which applied in the UK before that date, with some changes to make it work more effectively in a UK context.

4.3 Data Controller - Data Controller means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information is, or is to be, processed.

4.4 Data Processor - means any natural or legal person who processes the data on behalf of the Data Controller.

4.5 Data Subject – means any living individual who is using our service and is subject of Personal Data.

4.6 Personal data - means data relating to a living individual who can be identified from that data (or from that data and other information in our possession). Personal data can be factual (for example, a name, address, or date of birth) or it can be an opinion about that person, their actions and behaviour.

4.7 Processing is any activity that involves use of the data. It includes obtaining, recording, or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing, or destroying it. Processing also includes transferring personal data to third parties.

 

5. PRINCIPLES FOR PROCESSING PERSONAL DATA

5.1 Our principles for processing personal data are:

a) Fairness and lawfulness - When we process personal data, the individual rights of the Data Subjects must be protected. All personal data must be collected and processed in a legal and fair manner.

b) Restricted to a specific purpose - The personal data of Data Subject must be processed only for specific purposes.

c) Transparency - The Data Subject must be informed of how his/her data is being collected, processed, and used.

 

6. HOW WE USE PERSONAL DATA

6.1 NoMuda Ltd. uses the collected personal data for various purposes:

a) To provide you with services

b) To notify you about changes to our services and/or products

c) To provide customer support / access to our Support Site

d) To gather analysis or valuable information so that we can improve our services.

e) To detect, prevent and address technical issues.

 

7. WHAT PERSONNAL DATA WE COLLECT & PROCESS

7.1 NoMuda Ltd. collects several different types of personal data for various purposes. Personal Data may include, but is not limited to:

a) Email address

b) First name and last name

c) Phone number

d) Address, City, County/State/Province, Postal Code/Zip.

 

8. WHAT PERSONNAL DATA WE COLLECT & PROCESS

8.1 NoMuda Ltd uses the collected personal data for various purposes:

a) To provide you with services

b) To notify you about changes to our services and/or products

c) To provide customer support / access to our support site

d) To gather analysis or valuable information so that we can improve our services.

e) To detect, prevent and address technical issues.

 

9. LEGAL BASIS FOR COLLECTING AND PROCESSING PERSONNAL DATA

9.1 NoMuda ltd legal basis for collecting and using the personal data described in this data protection policy depends on the personal data we collect and the specific context in which we collect the information:

a) NoMuda ltd. Needs to perform a contract with you.

b) You have given NoMuda ltd. Permission to do so.

c) Your employer has asked that you be registered as a user of our support site.

d) Processing your personal data is in NoMuda ltd. Legitimate interests.

e) NoMuda Ltd. Needs to comply with the law.

 

10. RETENTION OF PERSONAL DATA

10.1 NoMuda Ltd will retain your personal information only as long as necessary for the purposes set out in this Data Protection Policy.

10.2 NoMuda Ltd will retain and use your information to the extent necessary to comply with our legal obligations, resolve disputes and enforce our policies.

10.3 NoMuda Ltd will not share your data with any third party.

 

11. DATA PROTECTION RIGHTS

11.1 If you are a resident of the UK or European economic area (EEA), you have certain data protection rights. If you wish to be informed what personal data, we hold about you and if you want it to be removed from our systems, please contact us.

11.2 In certain circumstances, you have the following data protection rights:

a) The right to access, update or to delete the information we have on you.

b) The right of rectification

c) The right to object

d) The right of restriction

e) The right to data portability

f) The right to withdraw consent.

 

12. INFORMATION SECURITY MANAGEMENT SYSTEM

12.1 NoMuda Ltd operates an Information Security Management System (ISMS) to the requirements of ISO 27001:2013. This system is independently audited by an accredited Certification Body. If you wish to query the data NoMuda Ltd. holds on yourself, please contact the Information Security Manager.