Privacy Policy

Definitions

Consent” means any freely given, specific, informed and unambiguous indication by which you signify agreement to the Processing of Your Personal Data.

Data” includes, but is not limited to:

  • Personal Data;
  • Data provided by a customer for use by Optimatics in delivering its services;
  • Contractual information and terms.

Data Subject” means a natural person who can be directly or indirectly identified by reference to an identifier such as a name, number, location, or an online identifier to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal Data” and “Personally Identifiable Information” and “PII” means any information relating to, and that may identify, a Data Subject

Processing” means any operation or set of operations which is performed on Personal Data, whether automated or manual, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, or disclosure.

Sensitive Personal Data” is any information about an individual’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership (or non-membership), physical or mental health or condition, criminal offences, or related proceedings.

User”, “You” or “Your” means a person visiting Optimatics’ website, or accessing Optimatics’ products or services, who may also be referred to as a Data Subject.

We” or “Us” or “Our” means Optimatics.

Data Optimatics Collects

Optimatics collects Data when Users access Our products and services.

  • Account Information: To access Optimatics products, Users must provide a valid email address and password.
  • Content: Users’ interactions during events such as live streams and webinars, or with other users (e.g., comments, “likes,” poll responses) may be seen by others.
  • Financial Information: Suppliers must provide bank account details in order to receive payment. Optimatics does not collect credit or debit card numbers, nor allow purchase through third party platforms.
  • Other Information: Users may submit Data to Optimatics for limited purposes such as requesting customer support; participating in a study or survey; applying for a job; or signing up to receive communications from Us or another user.
  • Automatically-Collected Information: We automatically collect certain types of Data when You use Our services, regardless of whether You have an account. This Data includes Your IP address, technical information about Your device (e.g., browser type, operating system, basic device information), the web page you visited or search query You entered before reaching Us, and Your activities.
  • Information Collected by Third Parties:
    • Some third parties may collect Data about You when You use Our services. This may include Data You submit (such as payment information) or automatically collected information (in the case of third-party analytics providers and advertising partners).
    • We may obtain Data from third parties about You. We may combine that Data with information that We have collected. For example, some advertisers or advertising platforms may allow Us to determine what other online services You might use so that We may place relevant ads on those services.

Conditions under which Optimatics Processes Personal Data

Personal Data will be processed in compliance with the data protection principles of the GDPR, and the terms of this policy, and only if at least one of the conditions set out below under 3.3 Lawfulness, fairness and transparency is met.

All employees who are responsible for Processing Personal Data will be aware of the conditions for Processing. The conditions for Processing are made available to Data Subjects in the form of this policy.

Additional justification will be required for the Processing of Sensitive Personal Data, which in most cases will require the Data Subject’s explicit Consent, unless exceptional circumstances apply or it is required to be done by law. Any such Consent will need to identify clearly what the relevant Data is, why it is being processed and to whom it will be disclosed.

Lawfulness, fairness and transparency in Processing of Personal Data

Optimatics commits to being transparent about how Personal Data will be collected and used.

Under GDPR, Processing is lawful only if at least one of the following apply:

  1. The Data Subject has given Consent to the Processing of their Personal Data for one or more specific purposes;
  2. Processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into the contract;
  3. Processing is necessary for compliance with a legal obligation to which Optimatics is subject;
  4. Processing is necessary in order to protect the vital interests or safety of the Data Subject or another natural person;
  5. Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Optimatics;
  6. Processing is necessary for the purposes of the legitimate interests pursued by Optimatics or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of Personal Data, in particular where the Data Subject is a child.

The Personal Data collected by Optimatics is subject to active Consent by the Data Subject. The Data Subject can revoke their Consent at any time.

How Optimatics uses Personal Data

Optimatics may use Personal Data for the following purposes:

  • dentification and authentication: To verify when a User accesses their account.
  • Providing Our services: To provide Our services, process and fulfill orders, provide customer support, receive and process payments, and to otherwise comply with Our contractual obligations.
  • Communicating: To communicate with customers, Users and suppliers (eg. when responding to a customer support request).
  • Improving our services: To understand how Our products and services are being used and how We can improve them. In general, We analyse aggregated Data, rather than specific User Data. We may, however, need to analyse a specific case to address a specific problem (eg. a bug that affects only a few Users).
  • Customizing experience: To personalise the service provided to a customer or User.
  • Exercising Our rights: Where reasonably necessary, to exercise Our legal rights and prevent abuse of Our products or services.
  • Legal compliance: Where We are legally required to do so.
  • Protecting Your information: We may anonymize, backup, and delete certain Data.

We may use algorithms and other automated means to implement any of the above.

Limitation on the use of Personal Data

Personal Data will be Processed only where it is necessary to deliver Optimatics’ services; it is in the legitimate interests of Optimatics; and it will not unduly prejudice the privacy of individuals. In most cases this provision will apply to routine business data processing activities.

Any Personal Data processed by Optimatics will be accurate, adequate, relevant and not excessive, given the purpose for which it was obtained. Personal Data obtained for one purpose will not be processed for any unconnected purpose, unless the Data Subject has agreed to this or would otherwise reasonably expect this.

Access to Personal Data will be limited to only those of Optimatics’ employees and third party vendors who need it. Third party vendors may include:

  • cloud-based hosting services,
  • payment processors,
  • email service providers,
  • fraud prevention services,
  • document management services,
  • analytics providers,
  • customer relations management (CRM) vendors,
  • Our auditors and advisors for planning, financial reporting, accounting, auditing, tax and legal compliance.

Data minimisation and accuracy

You may ask that inaccurate Personal Data relating to You is corrected. If You believe that Your Personal Data is inaccurate, You should record that the accuracy of the information is in dispute and inform the Data Protection Officer.

Limitations on the retention of Data and the right to be forgotten

Personal Data will not be retained for longer than is necessary. What is “necessary” will depend on the circumstances of each case, taking into account the reasons that the Personal Data was obtained. Optimatics will delete Personal Data on request, or after a customer has ceased working with Optimatics, which may be evidenced by non-renewal of subscription, or when there is no longer a business reason to retain the data.

You may request that Optimatics delete any information held on You. Any third parties who Process or use that Data must also comply with such request. An erasure request can only be refused if an exemption applies.

You may choose not to provide Personal Data to Optimatics.

Data security

Optimatics will keep Personal Data secure against loss or misuse, and will encrypt Data wherever possible, including the encryption of Data by default.

Optimatics uses physical, technical, and organisational security measures to safeguard Personal Data from unauthorised or accidental disclosure. Despite these efforts, no information system can be 100% secure, so absolute security of information cannot be guaranteed. Users also have a role to play in keeping their data safe. Optimatics encourages the use of unique and hard-to-guess passwords for accounts and not to share them with others. Optimatics requires the use of multi factor authentication to gain access to all Optimatics’ products.

Users should monitor their accounts regularly, and contact the Optimatics Help Desk at support@optimatics.com if they suspect unauthorised access has occurred.

Optimatics has an “Information Security Policy” and a set of subordinate security policies and controls relating to the management of data and information security.

Accountability

Optimatics undertakes to maintain compliance with the GDPR and the data protection principles.

Optimatics incorporates privacy by design in its approach to projects, that promotes privacy and data protection compliance from the start. The Data Protection Officer is responsible for conducting reviews of compliance with data protection laws.

When relevant, and when it does not have a negative impact on the Data Subject, privacy settings will be set to the most private by default.

Data access and portability

Upon request, You have the right to receive a copy of the data Optimatics holds on You. Your request will be processed within one month, provided there is no undue burden and it does not compromise the privacy of other individuals.

You may request Your Data be transferred directly to another system or organisation. Where Data is located in Saudi Arabia, it cannot be transferred outside of Saudi Arabia, unless required to comply with a contract to which the Kingdom is a party.

Optimatics may, in the course of delivering Our services, be required to give Personal Data to third parties, such as expert witnesses and other professional advisers.

Personal Data may not be disclosed if it would pose a security risk to Saudi Arabia, or damage the reputation of the Kingdom, or impact Saudi Arabia’s relationship with other countries.

Cookies

Cookies are text files placed on Your computer to collect standard Internet log information and visitor behaviour information. When You visit Optimatics’ website, information may be collected from You automatically through cookies or similar technology.

Optimatics uses cookies in a range of ways to improve Your experience on our website.

You may opt out of using cookies when visiting Our website.

Piano Analytics (opt-out mode)

The “opt-out” option implemented by the Piano Analytics (AT Internet) service allows you to exclude your browsing data from this website, which uses the Piano Analytics (AT Internet) audience measurement service, which collects statistical data.

To activate this option, you must first activate the “analyticsOptOut” cookie. This activation ensures that your opt-out request will be recognised and stored each time you visit this website. This option will only be taken into account on the browser on which the opt-out cookie is set. If you do not activate this cookie, if you delete it later, or if you visit this website in private browsing mode, we will not be able to detect your request and we will continue to collect tracking data.

I understand that after activating this option, I will be counted as an internet user who refuses to be audited and that my browsing data will be excluded from the data returned by Piano Analytics (AT Internet).

Activate the “opt-out” option

Contact

Any questions, enquiries or complaints relating to privacy, Processing and use of Personal Data should be addressed to the Data Protection Officer at

Optimatics
318 W Adams St, suite 1300A, Chicago, IL 60606, USA
support@optimatics.com