Updated: 23 May 2018
This Privacy Policy forms part of our Terms and Conditions. Any changes made to our privacy policy will be posted on this page and registered users will be notified by email.
Orderspace provides services that enable companies to take business-to-business orders online. We collect a limited amount of personal data in order to provide our services. We always collect the minimum amount of personal data needed, store and process it securely, and dispose of it as soon as it is no longer needed.
The controller for the personal data involved when you use Orderspace, visit our website or communicate with us, is:
HighSpire Ltd.
40 Debdale Road,
Wellingborough.
NN8 5AJ.
United Kingdom
If you have any questions about our Privacy Policy, or wish to exercise your data protection rights, you can contact us via email at support at orderspace dot com.
Companies who use Orderspace are also data controllers. If you have questions about how a company using Orderspace handles your personal data, or if you wish to exercise your rights for the personal data they hold, please contact them directly.
The EU General Data Protection Regulation (GDPR) gives EU citizens certain rights over the use of their personal data. These include the right to ask Orderspace for a copy of your personal data, to correct, delete or restrict processing of it, and to obtain personal data in a format you can share with a new provider. You may have the right to object to processing. These rights may be limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your data.
We collect personal data when you use our website, make an inquiry or communicate with us.
When you access our website, your computer automatically sends us information such as the URL on our website that you have visited, your IP address, your browser type and language, and the date and time of your request.
When you email us we will store your email in order to keep a history of your account, and to allow us to improve our customer support services.
We also collect information about your use of our online content and emails, such as how you came to our website, which pages you visit, how long you remain on a page, and whether you opened an email or clicked a link. To collect this data, we use cookies and other tracking technologies.
We collect personal data when you set up and use an Orderspace account. When you register for Orderspace we ask for your name, email address, phone number, company name and address.
As part of our service we collect personal data on behalf of our customers. When users register for an account with an Orderspace customer, we may collect their name, email address, phone number, company name and address.
A cookie is a small amount of data sent from a web site to your browser and stored on your computer.
We use a cookie to log you in to your Orderspace account and keep track of your session. This is required in order to use Orderspace. This cookie is deleted when your browser is closed.
We use Google Analytics on the marketing pages of our website. Google Analytics stores information about what pages you visit, how long you are on the site, how you got here and what you click on. This information cannot be used to identify who you are. You can opt out of Google Analytics cookies by visiting https://tools.google.com/dlpage/gaoptout.
We do not allow any advertiser or third party to place pop-ups, pop-unders or anything else that will enable them to use cookies on your computer.
We use the information provided for the following purposes: providing our products and services, billing, user authentication, communication and improving our services. We will use your email address to communicate with you about our service. We may also use your data internally to compile statistics, this is non-personal data and simply refers to such information as number of registrations, traffic patterns and website user trends.
When you email us we will store your email in order to keep a history of your account, and to allow us to improve our customer support services.
We use third party organisations and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run our services. If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
We may store or transfer some or all of your personal data in countries that are not part of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and Liechtenstein). These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means that we will take additional steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR as follows.
We use specific contracts with external third parties that are approved by the European Commission for the transfer of personal data to third countries. These contracts ensure the same levels of personal data protection that would apply under the GDPR.
Where we transfer your data to a third party based in the US, this may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar to those in Europe.
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible. Backups of deleted data are stored for a maximum of 30 days.
We implement a variety of security measures to maintain the safety of your personal data when you enter, submit, or access it. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information. Our Security Policy contains details on the specific measures we take to secure your data.