- the types of information that we may collect from you when you access or use our website - www.calljames.co and other online services (collectively, our “Services”); and
- our practices for collecting, using, maintaining, protecting and disclosing that information.
This policy applies only to information we collect through our Services.
“User” or “you” or “your” refers to you, as a user of the Services. A User is someone who accesses or uses the Services for the purpose of sharing, displaying, hosting, publishing, transacting or uploading personal data and includes persons authorised by you in using our services.
Prospect files represent records which a User will upload to the James platform. Inevitably, these records are personal data as defined by Data Protection regulations and are uploaded by clients who process such prospect data as data controllers, joint data controllers or data processors authorised by the data controller in control of the original personal data (prospect) file.
“Content” includes (but is not limited to) information or data exchanged between ourselves and Users as part of pre-contract or contract for the use of the James processing platform.
Content also includes all data uploaded to the James platform by Users. Such content may include special categories of personal data as defined by Article 9 GDPR including data in respect of a child.
James is a Trading Name of Guru Jamez Ltd which qualifies as a Data Controller under the Regulation (EU) 2016/679 of The European Parliament and of The Council of 27 April 2016 (General Data Protection Regulation (the “GDPR”)). As such, all Guru Jamez Ltd operations aim to comply with all legal obligations which the GDPR/Data Protection Act 2018 requires of Data Controllers and/or Data Processors.
What information do we collect from our users?
James collects information from Users and/or potential users – i.e. when a User or potential User makes an enquiry through the James web-site for the provision of services. As a data controller, we collect only data which is essential to our operations and enables us to respond to enquiries.
The James service includes the provision of data management systems for other data controllers and data processors to process data. Inevitably, this is personal data. In this particular processing operation, the James team, together with the Guru Jamez Ltd business itself, fall within the scope and provisions of data protection regulation as a Data Processor.
In so far as the James platform is made available to Data Controllers or other Data Processors earlier in a process chain, no liability attaches to James or to Guru Jamez Ltd in respect of responsibilities for the use of the James platform in respect of data governance and privacy regulation as applied to data uploaded to James by that client.
Rather, clients have primary regulatory responsibility to the data subjects within a Prospects file and to be lawful in their processing of it. Clients therefore need to establish a legal basis for such processing amongst other considerations. Note, whilst the James platform provides several labour saving interface tools to data controllers and data processors to more easily manage compliance to regulation, the James platform does not validate the lawfulness of the client’s data processing operations to current data protection regulation standards – i.e. GDPR/DPA2018 and PECR.
It is the sole responsibility of the client themselves to ensure compliance standards concerning personal data processing regulations are met. Likewise, data subjects should first enquire of the data controller or data processor who added or uploaded their personal data in the format of a prospect record to James – e.g. to support a data subject access, rectification or consent removal request.
For the avoidance of doubt, such considerations may include but not be limited to the following processing routines a client is required to assure as part of their use of the James processing platform and under the terms of their commercial agreement with Us;
Provision of data records for upload to James at outset of an outreach campaign – i.e. is there a clear legal basis for processing?
Regarding ‘Consent’ as a legal basis for processing prospect records, do the records included within data-sets on-boarded to the James platform demonstrate the level of integrity of the consent record for processing under the GDPR/Data Protection Act 2018?
Regarding the transfer and storage of data processed through the James processing platform and then exported from this system, does the client meet an appropriate data security standard for the transfer and storage and processing of these exports according to those laid out by the regulation?
Regarding the migration of personal data records from ‘System-A’ to James, a client must ensure a resilient as well as quick turnaround method of updating James with material changes made to System-A records which affect the ability of personnel to fulfil processing – e.g. a procedure to ensure removed consent is applied across all on-premises as well as cloud systems including James and is removed quickly and effectively.
Regarding the addition of new prospect records to the James platform session, that Users reliably follow one of four available routines to ‘add’ new records to the database to ensure GDPR compliance – i.e.
- by adding Account Based Marketing (ABM) Accounts; where no personal data is added, there are no restrictions placed on processing through data regulation
- adding to James records which already exist on an alternative system within the client’s existing domain and where the legal basis for processing is validated at the point of collection
- adding to James, records which are new and are added with layered consent and privacy statements – i.e. as an outcome of a dialogue in real-time
- adding to James, records which are new but not possible to validate consent for as there is no real-time dialogue. Instead, these records should be added using the James ‘List-Building’ feature.
Why we say so much on privacy - a recap
We have extensively outlined these particular considerations to provide assurance to both Users and Prospect data subjects that the James platform together with our operational procedures are comprehensively engineered to respect privacy in outreach campaigning.
For Users and potential Users, outreach campaigning (including where telephone contact is initiated to ‘cold’ contacts in a B2B setting), is otherwise extremely difficult to initiate and navigate for campaign administrators who genuinely want to meet regulatory standards. We believe James is the only Marcoms solution which providing a purposed solution that meets the requirements of both regulation and operations – with Privacy to Prospect data subjects ‘built-in’ at the base architecture level.
All client Users of the James platform are considered either Data Controllers or Data Processors under the scope of data protection regulation including GDPR/Data Protection Act 2018. The use of the James platform to process personal data under the control of a client user is within the scope of data protection regulation including the Data Protection Act 1998, the Privacy and Electronic Communication Regulation (PECR) 2003, the General Data Protection Regulation/Data Protection Act 2018 as well as forthcoming ePrivacy regulation.
Under the terms and conditions of supply, clients are obliged to ensure their processing protocols are in accordance with all relevant regulation and suitable privacy policies are in place between the client and the data subjects themselves in connection with this processing. Clients are also obliged to ensure all personnel who are provided with access to the James system have sufficient expertise as well as internal support (e.g. data processing/protection training) to ensure compliant processing of data.
3rd Party Services
From time to time, James may also use certain performance tracking tools, such as Google Analytics. We only engage this 3rd party service for our own web-site – the James processing platform has no 3rd party links.
Through the use of Google Analytics we gather information regarding behaviour and preferences when visitors interact with our web-site. In order for us to enable enhanced services such as Google Analytic on our web-site, we will ask for your consent to allow us to do so.
We collect two types of information from and about our Users, including information:
- by which you may be personally identified; and/or
- about your internet connection, the equipment you use to access our Services and your usage details (i.e. your Internet Service Provider).
The information we collect on or through our Services may include:
Your contact information, such as email address and other ways of communication.
We collect this information in order to provide you with access to certain features of our Services and to inform you about relevant information concerning your use of our Services.
Your preferences and settings such as time zone and language;
We collect this information in order to enhance your user experience.
Searches and other activities
The search terms you have looked up and results you selected;
We collect this information in order to improve your user experience and provide you with more relevant content and Services.
How long you used our Services, which features you used, etc;
We collect this information in order to analyse the behaviour of our users and improve our Services.
Between you and James support staff regarding the Services.
We collect this information in order to monitor the quality of our support staff and your communications with us.
How we gather information from users
How we collect and store information depends on the pages you are visiting, the activities in which you elect to participate and the services provided. For example, you may be asked to provide information when you register for access to certain portions of our Website, request certain features, such as e-mail newsletters.
What we do with the information we collect
Like many websites, we collect information to enhance your visit and deliver more individualised content. We respect your privacy and do not share your information with anyone, except in cases when that proves necessary.
We will retain the information we collect from web-site visitors for a period of 2 years. After the expiry of this period we undertake to delete any information we have collected from you.
For prospect data maintained on the James platform, data subjects are referred to the data controller or data processor User for further information.
Certain third parties who provide technical support for the operation of our Website – our Web hosting service for example have access to both User and Prospect data. Like many responsible service providers, James ensures each of its suppliers provide adequate assurance to us they meet all regulatory standards including those covering data protection. James also conducts due diligence to ensure developer and host access is controlled and relevant to specific cause. A list of those external parties is available on request – as otherwise it is commercially competitive information. Please email to firstname.lastname@example.org.
We otherwise use information only as permitted by law. We may also disclose your information in response to a court order, at other times when we believe we are reasonably required to do so by the applicable law, in connection with the collection of amounts you may owe to us, and/or to law enforcement authorities, whenever we deem it appropriate or necessary. Please note we may not provide you with notice prior to disclosure in such cases.
Right of consent withdrawal
You may withdraw your consent for collecting your personal information at any time. To do so, please contact us at email@example.com.
Change or review of information
If you would like to review, change or delete personal data we have collected from you or you had submitted or permanently delete your account, please contact us.
Accessing & correcting your personal information
We take reasonable steps to accurately record the personal information that you provide to us, as well as any subsequent updates.
We allow you to review, update, and correct the personal information that we maintain about you. To understand what data is held, simply contact us at firstname.lastname@example.org stating the particular data you are interested to understand (or alternatively, ‘all data’). You may request that we delete personal data about you that is inaccurate, incomplete, irrelevant for legitimate purposes, or is being processed in a way which infringes any applicable legal requirements.
Security: how we protect your information
Through Guru Jamez Ltd, James is registered as a Personal Data Controller pursuant to European Union law.
We have implemented appropriate measures in the form of various technical, physical and other means, including, but not limited to measures regarding the security of our electronic systems and databases, locks, racks, cases and other devices and access controlling systems, fire-notifying and fire extinguishing systems. These means aim at improving the integrity and security of the personal information that we collect and maintain. However, please be advised that even the best security measures cannot guarantee the full elimination of all risks. If we learn of any violation, breach or danger to our security systems, then we will notify you electronically so that timely and appropriate protective steps can be taken. Apart from informing you via e-mail, we may post a notice through the Website if a security breach occurs.
Your personal data safety is important to us. We review and strive to improve our security measures on a regular basis.
If we detect a breach of our security measures, which has the potential of harming you as individual, we will notify you without undue delay.
Controlling your personal data
Other Users may be able to identify you, or associate you with your account, if you include your personal information in any content you post or make publicly available.
You may control and restrict the personal data you share with us by visiting the Settings section of your User Account.
If you have any questions regarding the ways you can control your personal data, please contact us at email@example.com.
As mentioned, you may at any time review or change the personal information we maintain about you by contacting James. Upon your request, we will delete your contact information and personal data from our active databases.
James does not knowingly collect personal information from children under the age of 13. If we learn that we have personal information on a child under the age of 13, we will delete that information from our servers. James encourages parents to go online with their children.
Changes to this policy
The copyrights of our Website are the property of James.
Texts, graphics, photographs, animations, videos and clips, visible on the Website are the object of copyright and are part of the intellectual property of James. Those may not be reproduced, used, presented or represented without an explicit written permission by James. Any distribution of files, obtained by the Users under the Terms and Conditions of the Website, or of parts of such files, constitutes a violation of the relevant intellectual property protection laws and is prosecuted by the law.
Nothing contained on this Website may be interpreted as granting a license or right of use as a trademark without the prior explicit written consent of James.
James is controlled, operated and administered entirely within United Kingdom.
If you are accessing the James Website from an EU jurisdiction, please be advised that you are transferring your personal information to James in the United Kingdom and, by using the Website, you consent to that transfer and to abide by the applicable laws concerning your use of the Website and your agreements with us.
By default, the James platform does not operate in data environments outside of the EU (currently including the UK). For privileges to allow international access to the James processing platform, please contact firstname.lastname@example.org.