Privacy Policy

This privacy policy notice is for these websites; [www.coniq.com, platform.coniq.com and platform.r02.coniq.com] and served by Codilink UK Ltd t/a Coniq, 3rd Floor, 15 Long Lane, London, UK, EC1A 9PN (“Codilink”, the Client and Codilink together being the “Parties”) and governs the privacy of those who use it. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website. Beyond the privacy policy, your use of our services is also subject to our Terms of Service (coniq.com/terms-of-use/)We are registered with the ICO under the Data Protection Register, our registration number is Z2669789.

Processing of your personal data

As set out by the GDPR, all processing of personal data must be:

processed lawfully, fairly and in a transparent manner in relation to individuals;
collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals; and
processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.

Under the GDPR (General Data Protection Regulation) we control and/or process any personal information about you electronically using the following lawful bases. Basis of processing:

Coniq Website Browsing

Coniq acting as:

Data Controller

Lawful basis:

Consent

We process your information in the following ways:

If you visit the site, we will collect:
- IP address, web browser type, and operating system version;
- Your inferred general location information, for example by using your internet protocol (IP) address;
- Information about your interactions with our services, like the pages or other content you view, and the searches you conduct;
- If you contact us directly, we may receive additional information about you. For example, when you contact us for a demo or customer support, we may receive your name, email address, phone number, company the contents of a message or attachments that you may send to us, and other information you choose to provide;
- If you subscribe to our newsletter, then we will collect certain information from you, such as your email address. When we send you emails, we may track whether you open them to learn how to deliver a better customer experience and improve our Services.
Additionally, cookies will collect information from you. Please see our Cookie Policy for more information.
The information we collect will be used:
- To provide, maintain, improve, and enhance our services; please note that some services cannot be provided without cookies;
- To personalize your experience on our services such as by providing tailored content;
- To understand and analyze how you use our services and develop new products, services, features, and functionality;
- To communicate with you, provide you with updates and other information relating to our services, provide information that you request, respond to comments and questions, and otherwise provide customer support;
- For marketing and advertising purposes, such as developing and providing promotional and advertising materials that may be relevant, valuable or otherwise of interest to you;
- To find and prevent fraud, and respond to trust and safety issues that may arise;
- For compliance purposes, including enforcing our Terms of Service or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency; and
- For other purposes for which we provide specific notice at the time the information is collected.

Please see our Cookie Policy for further information about Cookies and how we use them.

Data retention period:

Cookies will contain varying expiry dates. Please see our Cookie Policy for further information about Cookies and how we use them.

Sharing your information:

We may share any information we receive with our affiliates for any of the purposes described in this privacy policy.
Vendors and Service Providers. We may share any information we receive with vendors and service providers retained in connection with the provision of our services.
Analytics Partners. We use analytics services such as Google Analytics to collect and process certain analytics data. These services may also collect information about your use of other websites, apps, and online resources You can learn more about Google’s practices by visiting https://www.google.com/policies/privacy/partners/. To help us understand how you use our Services and to help us improve them, we automatically receive information about your interactions with our Services, like the pages or other content you view, the searches you conduct, and the dates and times of your visits.
Advertising Partners. We work with third party advertising partners to show you ads that we think may interest you. Some of our advertising partners are members of the Network Advertising Initiative (https://optout.networkadvertising.org) or the Digital Advertising Alliance (https://optout.aboutads.info). If you do not wish to receive personalized ads, please visit their opt-out pages to learn about how you may opt out of receiving web-based personalized ads from member companies. You can access any settings offered by your mobile operating system to limit ad tracking, or you can install the AppChoices mobile app to learn more about how you may opt out of personalized ads in mobile apps.
As Required By Law and Similar Disclosures. We may access, preserve, and disclose your information if we believe doing so is required or appropriate to: (a) comply with law enforcement requests and legal process, such as a court order or subpoena; (b) respond to your requests; or (c) protect your, our, or others’ rights, property, or safety.
Merger, Sale, or Other Asset Transfers. We may transfer your information to service providers, advisors, potential transactional partners, or other third parties in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, or transfer all or a portion of our assets. The use of your information following any of these events will be governed by the provisions of this Privacy Policy in effect at the time the applicable information was collected.
Consent. We may also disclose your information with your permission.

Basis of processing:

Platform user accounts

Coniq acting as:

Data Controller

Lawful basis:

Performance of a contract

Information collected: In addition to the information collection described in relation to Coniq Website Browsing, discussed above, we will collect:

First Name
Last Name
Email

We process your information in the following ways: In addition to the uses of information described in relation to Coniq Website Browsing, discussed above, we use the information we collect:

For the performance of a contract with a client
To provide access to the Coniq Platform
For logging purposes

Data retention period:

Platform user accounts are kept for the length of the contract with our client + 1 year.

Sharing your information: In addition to the sharing of information described in relation to Coniq Website Browsing, discussed above, we share the information we collect with:

Codilink DOOEL Skopje, a Macedonian based company with unique company number 7274980 and company address at 8-mi Septemvri Blvd. 16, Hiperium Business Center, 2nd Floor, 1000 Skopje, Republic of Macedonia
- The data may be accessed by the employees of our Macedonian entity (Codilink DOOEL), in order to provide you technical support on the basis of the Model Contractual Clauses between Coniq UK and Codilink DOOEL. We have a data processing agreement in place based on Standard Contractual Clauses that provides for access to the EU data center by the employees of Codilink DOOEL. However, there is no physical transfer of data out of the EU.
Amazon Web Services EMEA SARL, 5 rue Plaetis, L-2338 Luxembourg, is the data controller of personal information collected or processed through AWS Offerings. Amazon Web Services EMEA SARL, is the authorized representative of Amazon Web Services, Inc. in the EEA.
- Hosting of Coniq databases

Basis of processing:

Sales & Marketing

Coniq acting as:

Data Controller

Lawful basis:

Consent

Information collected: In addition to the information collection described in relation to Coniq Website Browsing, discussed above, we will collect:

First Name
Last Name
Job Title
Company Name
Phone Number
Email

We process your information in the following ways: In addition to the uses of information described in relation to Coniq Website Browsing, discussed above, we use the information we collect:

To contact interested parties regarding our products and services by Coniq
To send marketing communications covering thought-leadership pieces, articles, new product features, webinars, company updates, blogs and events

Data retention period:

Data is kept for 7 years unless otherwise requested.

Sharing your information: In addition to the sharing of information described in relation to Coniq Website Browsing, discussed above, we share the information we collect with:

com, incorporated and registered in the United States of America with company number whose registered office is at Salesforce Tower, 415 Mission Street, 3^rd Floor, San Francisco, California, 94105, USA
- Storing contact information and sending of email marketing communications
Amazon Web Services EMEA SARL, 5 rue Plaetis, L-2338 Luxembourg, is the data controller of personal information collected or processed through AWS Offerings. Amazon Web Services EMEA SARL, is the authorized representative of Amazon Web Services, Inc. in the EEA.
Amazon Web Services Inc, 410 Terry Avenue, North Seattle, WA, 98109, USA
- Hosting of Coniq internal database
Google, services are provided by Google Ireland Limited (“Google”), a company incorporated and operating under the laws of Ireland (Registered Number: 368047), and located at Gordon House, Barrow Street, Dublin 4, Ireland.
- Hosting of documents and staff emails
- Google Firebase for sending Push messages from the Coniq platform
Mailjet SAS, a company registered under the laws of France under number 524 536 992 with the Paris Trade & Companies Register, and having its registered office at 13-13 bis, rue de l’Aubrac 75012 Paris, France.
- Sending email communications from the Coniq Platform
Sendgrid (owned by Twilio Inc), a Delaware Corporation located at 375 Beale Street, Suite 300, San Francisco, California, 94105, USA
- Sending email communications from the Coniq platform
Sinch UK Limited, incorporated and registered in the United Kingdom with company number 03049312 and located at Cap House, 9-12 Long Lane, London, UK, EC1A 9HA
- Sending email communications from the Coniq platform

Basis of processing:

Careers (CVs)

Coniq acting as:

Data Controller

Lawful basis:

Consent

Information collected: In addition to the information collection described in relation to Coniq Website Browsing, discussed above, we will collect:

Name
Address
Phone numbers
Email address

We process your information in the following ways: In addition to the uses of information described in relation to Coniq Website Browsing, discussed above, we use the information we collect to:

Assess suitability for current or future job openings
Retain CVs and notes for a period of time to future job openings

Data retention period:

CVs for applications are held for up to 2 years before being deleted from our HR system

Sharing your information: In addition to the sharing of information described in relation to Coniq Website Browsing, discussed above, we share the information we collect with:

Hi Bob Limited operates the hibob.com website and is incorporated and registered in England and Wales with company number 09787994 with registered office at 5 New Street Square, London, UK, EC4A 3TW
- storage HR data including CVs and notes on applicants
- notification to applicants of progress through recruitment process

If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.

Your individual rights

As part of our data protection policy, Coniq ensures that Data Subjects will have the following rights. In the event of a request, Coniq will adhere to its Data Subject Access Requests which outlines the steps to be taken for the following requests data subject rights. Coniq will always verify the identity of an individual making a data subject request before handing over any information. In the event that a request is made by or on behalf of a data subject that Coniq is a processor for, Coniq will notify the Controller of such request before processing the request. All requests or any complaints regarding the handling of personal data or these rights should be made to privacyrequests@coniq.com If you are dissatisfied with the way we have handled your complaint or request and want to make a complaint, you may write to the Information Commissioner’s Office (ICO), who is an independent regulator. ICO can be contacted at: Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire, UK, SK9 5AF Tel: 08456 30 60 60 or 01625 54 57 45 Fax: 01625 524510. Website: https://ico.org.uk

the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.

Your Choices

Marketing Communications. You can unsubscribe from our promotional emails via the link provided in the emails. Even if you opt out of receiving promotional messages from us, you will continue to receive administrative messages from us.

Internet cookies

We use cookies on this website to provide you with a better user experience. We do this by placing a small text file on your device / computer hard drive to track how you use the website, to record or log whether you have seen particular messages that we display, to keep you logged into the website where applicable, to display relevant adverts or content, referred you to a third party website.

Data Transfers

We may transfer your personal information to the United Kingdom and to the United States. Laws governing data collection and use in these countries may differ from the laws applicable in your jurisdiction. When we transfer your personal information outside of your jurisdiction, we take steps to comply with applicable data protection law, in particular legal requirements regarding adequate protection for data transfers. If you are located in Europe, we will comply with applicable data protection laws when transferring your personal information outside of Europe. We may transfer your personal information to countries which have been found to provide adequate protection according to the competent authorities (such as the European Commission), use contractual protections for the transfer of personal information, or transfer to recipients who have adopted Binding Corporate Rules. For more information about how we transfer personal information outside of Europe, or to obtain a copy of the contractual safeguards we use for such transfers, you may contact us as specified below.

Data security and protection

We make reasonable efforts to protect your information by using physical and electronic safeguards designed to improve the security of the information we maintain. These include such measures as:

Staff information security training
Access Control Processes
Password Policy
System Backups
Antivirus and Malware Software
Firewall and Network Protection

However, as no electronic transmission or storage of information can be entirely secure, we can make no guarantees as to the security or privacy of your information For further details regarding our information security, please email us at dataprotection@coniq.com.

Third Parties

Our services may contain links to other websites, products, or services that we do not own or operate. We are not responsible for the privacy practices of these third parties. Please be aware that this privacy policy does not apply to your activities on these third party services or any information you disclose to these third parties. We encourage you to read their privacy policies before providing any information to them.

Children’s Privacy

We do not knowingly collect, maintain, or use personal information from children under 13 years of age, and no part of our Service is directed to children. If you learn that a child has provided us with personal information in violation of this Privacy Policy, then you may alert us at dataprotection@coniq.com.

Changes to the Policy

Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice.

Queries

If you have any queries about this Privacy Policy, please email us at dataprotection@coniq.com or write to us at: Data Protection Coordinator Codilink UK Limited 3rd Floor, 15 Long Lane, London, EC1A 9PN

Last Updated: March 8^th 2021

Cookie	Duration	Description
__cf_bm	30 minutes	Cloudflare set the cookie to support Cloudflare Bot Management.
li_gc	5 months 27 days	Linkedin set this cookie for storing visitor's consent regarding using cookies for non-essential purposes.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.
_fbp	3 months	Facebook sets this cookie to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising after visiting the website.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
AnalyticsSyncHistory	1 month	Linkedin set this cookie to store information about the time a sync took place with the lms_analytics cookie.
CONSENT	2 years	YouTube sets this cookie via embedded YouTube videos and registers anonymous statistical data.
ln_or	1 day	Linkedin sets this cookie to registers statistical data on users' behaviour on the website for internal analytics.
vuid	1 year 1 month 4 days	Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos on the website.
wmc	1 year 1 month 4 days	Workable sets this cookie to assign a unique visitor ID for statistical purposes.

Cookie	Duration	Description
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.
__Host-GAPS	2 years	This cookie allows the website to identify a user and provide enhanced functionality and personalisation.
bcookie	1 year	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser IDs.
bscookie	1 year	LinkedIn sets this cookie to store performed actions on the website.
GoogleAdServingTest	session	Google sets this cookie to determine what ads have been shown to the website visitor.
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
li_sugr	3 months	LinkedIn sets this cookie to collect user behaviour data to optimise the website and make advertisements on the website more relevant.
muc_ads	1 year 1 month 4 days	Twitter sets this cookie to collect user behaviour and interaction data to optimize the website.
NID	6 months	Google sets the cookie for advertising purposes; to limit the number of times the user sees an ad, to unwanted mute ads, and to measure the effectiveness of ads.
personalization_id	1 year 1 month 4 days	Twitter sets this cookie to integrate and share features for social media and also store information about how the user uses the website, for tracking and targeting.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	YouTube sets this cookie to measure bandwidth, determining whether the user gets the new or old player interface.
YSC	session	Youtube sets this cookie to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt-remote-device-id	never	YouTube sets this cookie to store the user's video preferences using embedded YouTube videos.
yt.innertube::nextId	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	YouTube sets this cookie to register a unique ID to store data on what videos from YouTube the user has seen.

Learn how to implement a personalization strategy at your retail destination -

Read the white paper

Login

Digital Platform

Services

Data Capture

Customer Engagement

Loyalty Management

Reporting & Analytics

Tenant Engagement

Blog

Whitepapers

News

Product Releases

Webinars

Events

Case Studies

About Us

Leadership

Careers

Contact Us

Privacy Policy

Processing of your personal data

Your individual rights

Your Choices

Internet cookies

Data Transfers

Data security and protection

Third Parties

Children’s Privacy

Changes to the Policy

Queries