Privacy Notice

Introduction

DataPro Consulting Ltd, (“DataPro”, “we”, “us”, “our”) is an international network of data privacy specialists committed to data protection and strengthening privacy and information security networks.

We know that your privacy is important to you, that’s why we at DataPro are committed to protecting your privacy. We have prepared this Privacy Notice to describe to you our practices regarding the personal information we collect from users of our Site and Services (as defined in our Terms of Service). Capitalized terms not defined in this Privacy Notice have the meanings given in our Terms of Service.

This Privacy Policy describes how DataPro collects, uses and shares and stores your Personal Data, and informs you of your rights regarding your Personal Data. This Privacy Notice applies to data we collect when you use our website, when you subscribe to our newsletter, take part in a survey, access our products and services, or any other marketing initiatives. 

We ensure that the processing of your Personal Data is compliant with Jamaica’s Data Protection Act (JDPA), the European Union’s (EU) General Data Protection Regulation (“GDPR”) to the extent applicable, and any country-specific data protection laws and regulations as may be applicable to DataPro. We have implemented a number of technical, organizational and physical measures to ensure the most complete protection of Personal Data processed through the Site or use of our Services.

When you visit the Site, you are free to explore without providing any Personal Data about yourself. We only collect Personal Data from you when you register, subscribe to a service or fill out a form. 

“Personal Data” means any information that allows someone to identify you, including, such as: your name, address, telephone number, e-mail address, as well as any other non-public information about you that is associated with any of these.

“Anonymous Data” means data that is not associated with or linked to your Personal Data and which does not, by itself, permit the identification of individual persons. 

We collect Personal Data and Anonymous Data, as described below.

 

How we Collect Data

We collect Personal Data through the following means:

  • Information you provide to us when you register for a service by filling out forms, subscribe to our newsletter and when you contact us;
  • Third parties;
  • Interactions with social networks such as LinkedIn and Instagram; and 
  • Cookies.

Bases for Collecting Personal Data:

  • User Consent – We will always obtain your clear, infomed and freely given consent before processing your Personal Data, except in circumstances where it is not possible to obtain your consent but your Personal Data still needs to be processed (for example due to legal obligations we may have or to protect your vital interests, the public interest or to aid in the administration of justice). You may withdraw your consent at any time by the same method it was provided to us or by contacting our Privacy Officer identified below at [email protected].
  • Contractual Obligation – We may process your Personal Data in contemplation of entering into a contract with you or to fulfill our existing contractual obligations to you.
  • Legitimate Interest – We process your Personal Data in order to efficiently provide and market our services to you. However, we will not process your personal data where doing so poses a risk to your rights and freedoms and vital interests.
  • Legal Obligation- There may be instances when we will have to process your Personal Data in order to  comply with the law.  

Types of Data We Collect: 

  • Personal Data – We collect this data so that we can communicate with you. We also collect Personal Data in order to provide and market our services to you and to keep you informed about our products and services.
  • Account Data –  We collect this data so that we can create an account for you to receive our products and services, including newsletters, transactions, etc.
  • Payment Data – This information is necessary for processing payments made to us for our products and services.
  • Personnel Data –To make our Site and Services more useful to you, we may collect Personal Data about your staff (including your employees, contractors, subcontractors, agents and officers) to provide personalized services to you.
  • Subscription Data – This data is processed for the purpose of providing you with information about our products and services on a regular basis by means of a newsletter or other offer form.
  • Log Data – This data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you.
  • Google Analytics – We collect this data so that we can improve our website and access to it.
  • Cookies – We also use cookies and URL information to gather information regarding the date and time of your visit and the information for which you searched and which you viewed. “Cookies” are small pieces of information that a website sends to your computer’s hard drive while you are viewing a web site. Upon your initial visit to the website, you will have the option of accepting or refusing cookies and you will be able to choose the type of cookie you accept or reject. You may also configure your browser to ensure no cookies are stored on your hard drive. We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which stay on your computer until you delete them) to provide you with a more personal and interactive experience on our Site. Persistent Cookies can be removed by following Internet browser help file directions. Cookies may enable automatic logins when you visit in the future and may enable content customization. We sometimes use cookies to show remarketing communications via third party networks like Google Display network and Facebook. To opt out of these communications please contact our Privacy Officer identified.

 

How We Use Your Personal Data

Your personal data is processed by DataPro in Jamaica. Personal Data you submit to us is used either to respond to requests that you make, or to aid us in providing the Services in a personalized, safe and efficient manner. The Services include: Consultancies, Policy Drafting and Review, Privacy Compliance Packages, Data Protection Risk Assessment and Audits, I.T. and Cybersecurity Audits, Data Protection Training and Resources, provision of Data Protection Officers on Contract, Data Protection Officer Support Services and Regulatory Compliance.

 

Third Parties and International Data Transfers

Our website may contain links to other sites that are not operated by us. We have no control over and assume no responsibility for the content, privacy policies or practices of any third party site or service. We may disclose your Personal Data to third parties to whom you expressly ask us to send your Personal Data or to third parties for whom you consent to us sending your personal information. Third parties include our partners, affiliates, service providers and professional advisors. Personal Data may also be shared with regulators in order to demonstrate compliance with legal obligations. Personal Data will only be shared with third parties to provide our services to you and/or to comply with legal obligations. These third parties do not retain, share, use or process personal data beyond the defined purpose of providing our services to you.

 

How we protect your personal data

DataPro is committed to protecting the security of your Personal Data. We (and our third party service providers) use a variety of industry-standard security technologies and  procedures, as well as organizational measures to help protect your Personal Data from unauthorized access, use, or disclosure. We also require you to enter a password to access your Account information. Please do not disclose your Account password to unauthorized persons. No method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while DataPro uses reasonable efforts to protect your Personal Data, we cannot guarantee its absolute security.

 

Your Rights

Under Jamaica’s Data Protection Act your rights include:

  • Right to access your personal data You are entitled to make a written request to us to be informed whether your Personal Data is being processed by us. You are also entitled to request a copy of your data. You may also request that your Personal Data be transferred to a third party;
  • Right to rectification – You may request that inaccuracies in your Personal Data be rectified. “Rectification” means amend, block, erase or destroy, as may be required to correct the inaccuracy. You may request that your personal data be erased on the expiration of any applicable retention period.
  • Right to prevent processing You are entitled to make a written request to us to cease or not to begin processing your Personal Data in a specific manner or for a specific purpose; and
  • Right to be informed about automated decision making – You may request in writing that decisions regarding your Personal Data that have been made solely on the basis of automated processing be reconsidered with human involvement;

 

Retention Policy

 We only retain your Personal Data for as long as it is needed to provide our services to you. We also retain Personal Data in line with legal requirements which may stipulate retention periods for different categories of Personal Data.

 

Notifiable data breaches

We take data breaches very seriously. We will endeavour to meet the 72 hour deadline as imposed by the JDPA and the GDPR, to report any data breach to the Information Commissioner. Further, where there is likely to be a high risk to your rights we will endeavour to contact you without undue delay (JDPA) or within 72 hours (GDPR). 

Our report will inform you of:

  • the nature of the security breach;
  • the measures taken or proposed to be taken to mitigate or address the possible adverse effects of the breach; and
  • the name, address and other relevant contact information of our Data Protection Officer or other designated representative.

We will review every incident and take action to prevent future incidents or breaches.

 
Children’s privacy

Our services are not offered to persons under the age of 18. We do not knowingly collect Personal Data from such visitors without parental or guardian consent and require our clients to fully comply with applicable laws in relation to the data collected from children under the age of 18. Any information that is in breach of this provision will be deleted. If you become aware that a child has provided us with information please contact our Privacy Office at [email protected].  

 
Changes to This Privacy Policy

Data privacy and protection is an ongoing responsibility and so this Privacy Policy is subject to occasional revision to ensure that it remains in line with the ever-evolving regulatory and security landscape. DataPro therefore reserves the right, at its sole discretion, to modify or replace any part of this Privacy Policy. It is your responsibility to check this Privacy Policy periodically for changes. The last date of modification will be noted at the bottom. Continued use of our Site or Services indicates your acknowledgement that it is your responsibility to review this Privacy Policy periodically and become aware of any modifications. Changes to this policy are effective once they have been uploaded to the Site.

 

Contact Information

DataPro welcomes your comments or questions regarding this Privacy Policy. If you have a question or comment regarding this Privacy Policy or you would like to make a complaint, please contact our Privacy Office using the details below.

If you reside in Jamaica, the data controller that is responsible for your Personal Data is: DataPro. You can confidentially contact René Roper, our Privacy Officer at:

  • Email: [email protected]
  • Postal Address: 9th Floor PanJam Building, 60 Knutsford Boulevard, Kingston 5.

If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, feel free to contact the Information Commissioner’s Office. 

If you reside in the European Union or EFTA States, the data controller that is responsible for your Personal Data is: DataPro. You can confidentially contact  René Roper, our Privacy Officer at:

  • Email: [email protected]
  • Postal Address: 9th Floor PanJam Building, 60 Knutsford Boulevard, Kingston 5.

If you wish to raise a concern about our use of your information you have the right to do so by contacting the Office of the Information Commissioner: https://oic.gov.jm/ .