Protecting the security and privacy of your personal data is important to Idox plc and all its group companies (the "Idox Group"). Therefore, the Idox company referred to under corporate information on the website ("Idox") operates this website in compliance with applicable laws on data privacy protection and data security.
Idox processes and stores personal data in accordance with Data Protection Legislation.
Idox is committed to safeguarding and preserving your privacy when visiting our Site or communicating with us.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal data we collect.
- We are considerate about the personal information we ask you to provide and the personal information that we collect about you through the operation of our services.
- We store personal information only for as long as we have a reason to keep it.
- We aim for full transparency on how we gather, use, and share your personal information.
- Idox acknowledges the rights of individuals to whom the personal data relates, and ensures that these rights can be exercised in accordance with the Data Protection Legislation.
In this policy, "Data Protection Legislation" refers to the General Data Protection Regulation (Regulation (EU) 2016/679), and the Data Protection Act 2018 to the extent that it relates to the processing of personal data and privacy and all applicable Law about the processing of personal data and privacy.
In the above statement, 'Law' means any law, subordinate legislation within the meaning of Section 21(1) of the Interpretation Act 1978, bye-law, enforceable right within the meaning of Section 2 of the European Communities Act 1972, regulation, order, regulatory policy, mandatory guidance or code of practice, judgement of a relevant court of law, or directives or requirements with which Idox is bound to comply.
What information do we collect about you?
We only collect information about you if we have a reason to do so – for example, to provide services or information more tailored to your needs, to communicate with you, or to improve our services.
In operating our Site, we may collect and process the following data about you:
- Details of your visits to our Site and the resources that you access, including, but not limited to, traffic data, location data, weblogs, IP address, operating system, access times, what browser you are using and other communication data.
- A number of Sites within our group of companies are tracked using Google Analytics.
- Information that you provide by filling in forms on our Site, such as when you register for information or make a purchase.
- Information provided to us when you communicate with us for any reason.
Your choices about marketing communications:
Personal information will only be collected with your consent. Here are some examples:
When you opt-in to receive email communications from us, we will ask you to provide us with the minimum information needed to facilitate your request such as your name, email address, company, country and phone number. We will also invite you to select your communication preferences and topics you would like to receive information about which may be provided by other Idox group companies. By submitting your personal information and selecting your preferences, you are consenting to receive the particular piece of information you requested.
Types of communications may include:
- Product Updates
- Whitepaper and Intelligence including reports, blogs, guides and surveys
- Exhibition and Event
- Video, Podcast and Webinar
- Promotional Offer
- Idox Company Updates
- Communications from another part of the Idox group, providing you have opted in to do so
Preferred communication method:
- Direct Mail
- Public Sector and Government
- Grants and Funding
- Electoral Management
- Engineering Information Management
- Facilities Management
- Web and Creative Services
- Hospital Management
- Sexual Health
- Social Care
Third party mailing lists
Personalised and tailored communications
In our email communications we may use web beacons that track your IP address (until you opt-in to receive communications you remain anonymous), to help us identify and monitor how visitors interact with our brand (e.g. website visits, content downloads, emails opened, social media engagement and which forms they've filled in).
We may also use tracked hyperlinks in our email broadcasts, which help us monitor which parts of our emails our audience are most interested in. We may use this data to develop future communications and promotions which we hope will be more relevant to you. The information we collect is used to help us segment our database by profiling our customers using marketing automation tools.
We use this information to profile and identify audiences and to target future messages according to your preferences and personal experiences which enables us to deliver personalised, tailored and targeted content and messages that match your specific wants and needs.
How we use information
We use information about you as described above and as follows:
- To communicate with you about offers and promotions offered by Idox, solicit your feedback, or keep you up to date on Idox and our products and services;
- To personalise your experience using our Sites, provide content recommendations and serve relevant advertisements;
- To monitor and analyse trends and better understand how users interact with our websites, which helps us improve our services and make them easier to use;
- To monitor and protect the security of our services, fight spam, and protect the rights and property of Idox.
How long do we retain your personal information?
We may retain your personal data as long as you are registered to use the Site. You may close your account by either clicking on the opt-out link provided in one of our communications or email email@example.com.
In some cases, there are legal requirements to keep personal data for a minimum period, for example if it must be retained by court or tribunal order or where Idox is under a contractual obligation to retain it. If there is no such legal requirement, Idox will only keep the personal data for so long as it is necessary for the purposes for which it was collected, or as expressly consented. If we no longer need your personal information, we will delete or de-identify it. Even if we delete your personal data, it may persist on backup or archival media for an additional period of time for legal, tax or regulatory reasons, or for legitimate and lawful business purposes.
If you apply for a job with us, and if your application is not successful in the first instance, we may retain your personal information for up to twelve months so that we can consider you for other positions that may become available. If you would prefer us not to retain your personal information for recruitment purposes, please email firstname.lastname@example.org.
Sharing of information
We do not share or sell your personal information with any other organisation, and we won't pass on your details except when we need to do so in order to complete a transaction – e.g. when arranging for a courier company to deliver goods that you have ordered.
There are, however, certain circumstances in which we may disclose, transfer or share your personal data with certain third parties without further notice to you, which are as follow:
- you have consented to the transfer/sharing of data;
- the transferring/sharing of data is necessary for the performance of a contract;
- the transferring/sharing of data is required under a legal obligation;
- the transferring/sharing of data is necessary to protect your vital interests;
- the transferring/sharing of data is necessary to carry out public functions (such as the administration of justice); or
- the transferring/sharing of data is necessary to pursue the legitimate interests of the company or third parties (unless it could unjustifiably prejudice your interests).
Parent companies, subsidiaries and affiliates
Employees, independent contractors and service providers
We ensure that all employees understand their individual responsibility relating to the requirements of the Data Protection Legislation. Employees are provided with appropriate training, instruction and supervision so that duties are carried out effectively and consistently. Employees will only be given access to personal data that is appropriate for the effective completion of their duties and tasks.
We may engage service providers and contractors that act on behalf and under the instructions of Idox to perform certain business-related functions. These service providers will only be provided with appropriate and minimal information for the duties/tasks to be undertaken. Idox requires that all such service providers endorse the principles set out under the Data Protection Legislation and adopt adequate technical and organisational security measures to ensure the processing of personal data only as instructed by Idox and for no other purposes.
Where information is stored
We use appropriate technical, organisational and administrative measures to protect any personal information we process about you. All personal information collected from you is stored on servers in the United Kingdom and other countries within the European Economic Area ("EEA").
With regards to Opidis customers (only), your personal information may be transferred outside of the EEA and stored on servers in the US. It may also be processed by staff operating outside the EEA who work for us or a member of our group.
We will protect your personal information in accordance with this Privacy Statement wherever it is processed.
Cookies & other technologies
On occasion, we may gather information about your computer to provide statistical information regarding the use of our Site. Similarly, we may gather information about your general internet use by using a cookie file. This information helps us improve our Site and the services that we provide to you.
Such information will not identify you personally – it is statistical data about our visitors and their use of our Site. This statistical data does not identify any personal details whatsoever. Examples of statistical information that we collect automatically:
When you visit our Site, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information.
We collect information about your usage of our Site. For example, we collect information about your page views, referring/exit pages, duration of your visit, along with information about the type of device you used to access our Site. We use this information to perform statistical analyses of user behaviour and characteristics in order to measure interest in, and use of, the various areas of the Site. You cannot be identified from this information.
We may determine the approximate location of your device from your IP address. We collect and use this information to, for example, calculate how many people visit our Site from a geographic region.
For more information about the cookies used on our Site, see our Cookie Statement.
Our policy towards children
We do not knowingly collect personal data from children. Please do not supply any personally identifiable information for a person under the age of 13 through any of our sites. If you are under the age of 13 and believe you have already provided personally identifiable information through the site, please have your parent or guardian contact us immediately at email@example.com so that we can remove such information from our records.
Accessing, Correcting, Updating or Deleting Personal information
You may at any time review or update your preferences or opt-out of any marketing mailing list for which you previously asked us to include you by sending us an email at firstname.lastname@example.org or by clicking 'Preferences' or 'Unsubscribe' in any marketing email communication that we have sent to you.
However, if you want to delete or receive a copy of the personal information we hold about you in our systems, you will need to email your request to email@example.com
We want to make it as easy as possible for you to opt-out of receiving telemarketing calls. You have the option to either email us at firstname.lastname@example.org or phone us on +44 333 011 1671 where we will invite you to leave a voicemail. Voicemail messages are picked up every working day and we will respond to your request within two working days.
Links to other sites
This site contains links to other sites. this privacy notice does not cover how that organisation processes personal information. We encourage you to read the privacy notices on the other websites you visit.
If you have questions about the data collection procedures of linked sites, please contact those companies directly.
General Data Protection Regulation Compliance
1. Data protection information
You are hereby informed of the processing of your personal data in accordance with Articles 13, 14 and 21 of the General Data Protection Regulation (GDPR).
2. Identity of the controller
Idox Software Limited, Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB
T +44 (0)333 011 1200
3. Contact details of the data protection officer
Data Protection Officer, Idox Software, Unit 5, Woking 8, Forsyth Road, Woking, Surrey GU21 5SB
Mail: email@example.com, by calling us on
Tel: +44 333 011 1671.
4. Processing purposes and legal basis
The processing of your data only occurs if a legal basis exists:
Art. 6 para. 2 lit. (b) GDPR in the context of pre-contractual or contractual measures with the data subject.
5. Data categories and data origin
- You have registered to run a search of one of our information databases
- You have requested information about one of our products/services
- You have made general enquiry us.
- You have made an information request to us.
- You wish to attend, or have attended, an event.
- You subscribe to our newsletter.
- You have applied for a job or secondment with us
We also receive personal information indirectly, in the following scenarios:
- Your organisation�s administrator has registered you to run search of one of our information databases
- You have approached an intermediary organisation who have entered your details to find information for you.
6. Recipient and third country transfer
Within our company, we will only transfer your personal data to departments and persons who need it to enable delivery of the service which you requested. There is no transfer of personally identifiable data to third countries.
7. Your rights
When processing your data, you are entitled to the following rights according to Art. 15 to 22 GDPR:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right to restrict processing
- Right to data portability
- Right to object
Insofar as the processing of your personal data pursuant to Art. 6 para. 1 lit.(a) is carried out on the basis of your consent or (f) GDPR to safeguard legitimate interests, you have the right under Art. 21 GDPR to object to the processing of such data at any time without needing a reason. We will then no longer process this personal data unless we can prove compelling reasons worthy of protection to continue processing. These must outweigh your interests, rights and freedoms, or the processing must serve to assert, exercise or defend legal claims.
To exercise any of the above rights at any time, please email: firstname.lastname@example.org
8. Duration of storage
We process your personal data as long as this is necessary for the execution of the service. In addition, the data is stored for a duration of 6 months after the end of the active use.
9. No automated decision making
No automated decision making (including profiling) is carried out.
10. Right of appeal to the supervisory authority
Under Art. 77 GDPR, you have the right to complain to the supervisory authority if you believe that the processing of your personal data is not lawful. For example, you can contact the supervisory authority responsible for our company:
Information Commissioner's Office
Telephone: 0303 123 1113
Fax: 01625 524510
In principle, however, you can contact any data protection supervisory authority of your choice located in Europe.
We may change this Privacy Statement from time to time. If we make any changes, we will post these on this page and change the "Last Updated" date below. We encourage you to check this Privacy Statement frequently to stay informed of the latest modifications.
Last updated: July 2023.