Making the
world a
safer place

Privacy & Cookie Policy

 

CQR Consulting Pty Ltd (AU) Privacy & Cookies Policy

This policy describes the manner that CQR manages any personal information that it collects, uses and discloses about those with whom we who we do business and how to contact us if you have any queries. This policy is a public document and will be made available on request.

Scope

CQR is subject to the Privacy Act, including the National Privacy Principles. This Policy has been prepared to comply with that Act and those Principles.

This Policy covers all personal information that is collected or maintained by CQR. Personal information is defined in this context as “information or an opinion, in any form and whether true or not, about an individual whose identity is apparent or can be reasonably ascertained from the information or opinion”.

This Policy does not apply to any information or records that are related to any current or former employment relationship(s).

Information Collected

The kind of personal information that we collect can be of any of the following types:

  • Information about individuals who have used our services;
  • Information about individuals who we have contacted in the past for the purposes of seeking business;
  • Information about individuals working for, or associated with, any partner or supplier organisations; or
  • Information about individuals who seek employment with CQR;.

This personal information is collected in a variety of ways, including by mail, telephone, email, Internet and intranet access, personal contact, and through business activities and events.

At or before the time of collecting your personal information, CQR will take reasonable steps to make you aware:

  • that we are collecting personal information about you;
  • of the purposes for which personal information about you is being collected;
  • of the organisations to which personal information about you is usually disclosed;
  • of what happens if you do not provide the required personal information; and
  • of how to access personal information about yourself.

CQR uses personal information to market, promote and deliver information security services and services to organisations. If you do not want personal information about you to be used as a basis for further contact with you, then we will respect your wishes.

Cookies

Cookies help us identify your device, performance of typical actions on this website or when you are logged in to specific secure zones. We use strictly necessary and functional cookies to enable you to move around the site and to provide basic features. Tracking and performance cookies are used to provide a better overall user experience. Below are the type of cookies present on our website:

  1. Strictly necessary cookies
    Some cookies are strictly necessary in enabling you to move around this website and use its most basic features. Without these cookies, for example, you would not be able to login to secure zones or keep track of your online shopping cart.
    These cookies can’t be disabled.
  2. Tracking and other optional cookies
    We use performance and tracking cookies internally to enable us to provide you with a better user experience. Information supplied by these cookies helps us understand how our visitors behave on this website, track unique visitors or time spent on the site, and on different web pages so that we can improve how we present content to you.

CQR Business Partners

If you are a contact person for one of our business partners, personal information about you may be used by us to administer and develop CQR’s business relationships with the organisation you represent.

CQR Supplier

If you are a contact person for one of our suppliers, personal information about you may be used by CQR in its dealings with the supplier you represent.

Protection of Personal Information

CQR takes reasonable steps to protect all personal information we hold from misuse, loss, unauthorized access, modification or disclosure. Access to your information within our organisation is restricted to authorised employees and based on a business need.

Access to and Correction of Personal Information

To obtain access to your personal information that we hold, please contact us at the contact details below. If this information is not accurate or complete, you may ask us to amend it.

Contact Details

If you have any questions or concerns about our Privacy Policy or if you would like more information, please contact our privacy officer.

Complaints

If you have a complaint about the way that we have dealt with your personal information, please contact us using the contact details above. If you are not satisfied with the outcome, you may refer the matter to the Office of the Federal Privacy Commissioner at:

Website: www.privacy.gov.au
Phone: 1300 363 992

 

CQR Consulting Ltd (UK) Privacy & Cookies Policy

Who are CQR?

CQR Consulting Ltd (herein collectively referred to as the ‘Company’ ‘us’ ‘we’, or ‘our’) is an independent provider of cyber security services.

What is this?

This policy describes how we collect, use and process your personal data, and how in doing so, we comply with our legal obligation to you.

When you deal with CQR you trust us with your information. You give us information about yourself when you make any enquiry to CQR, or engage us to provide security consultancy, or by entering information via our website, this is considered your contact identification details.

This policy may change from time to time, so please ensure that you periodically check this page to ensure you are still happy with any changes.

Information we receive from other sources.

We could receive information about you from various third parties.

  • Recruitment companies, as part of the recruitment process;
  • Employers may provide references about you to CQR;
  • Clients provide information relating to actual or potential engagement;
  • Suppliers and
  • Clients.

If your application for employment is successful, the information you provided during the application process will be retained by us as part of your employee file for the duration of your employment, plus a further 6 years following the end of your employment.

We may contact previous/present employers, asking them to provide a reference.

If you are unsuccessful at any stage of the process, the information will be retained for 6 months following the closure of the recruitment drive.

Information obtained from suppliers

We collect information about you from third parties, and we may retain this information so that we may contact you in the future, to promote our services. The information that you give to us will include your contact details, and any information in connection with any services that we have previously provided. Where we have received information about you, we will only use this information for the purposes of providing you with consulting services.

We use your personal information supplied to us by a third party

We are often given contact details from current clients referring us to their clients regarding the consultation services we offer. If you do not wish us to contact you, please use the ‘’opt out’’ tab on our website, or at the bottom of the email you have received.

Where we store your personal information.

All information you provide to us for our use is stored on our secure servers which are located within the UK and Australia.

Retention of Data.

If we hold your personal information, the length of time we retain it is determined by a number of factors, including the purpose for which we use that information and our obligations under other relevant laws.

We will not collect more information than we need, and we will not retain it for longer than is necessary.

Your rights

You have rights in relation to your personal information under the data protection law. In relation to certain rights, we may ask you for information to confirm your identity and where applicable, to help us to search for your personal information.

Data Subject Access Rights

You have the right to ask for a copy of the information we hold about you. You can obtain this by writing or emailing us using the addresses at the end of this policy. We will respond to you within 30 days, unless there are exceptional circumstances.

Correcting and updating your personal information

The accuracy of your information is important to us.  If you change any of your contact information or you discover that any of the information we hold is inaccurate or out of date, please let us know by contacting us in any of the forms described at the end of this policy.

Withdrawing your consent

Where we rely on your consent as the legal basis for processing your personal information, you may withdraw your consent at anytime by contacting us using the address and email address at the end of this policy.

If you would like to withdraw your consent to receiving any marketing to which you previously opted in, you can do so using the ‘unsubscribe tool’ at the end of the marketing literature.

Erasing your personal information

You are entitled to ask us to remove your data from our systems, by emailing or writing to us at the address at the end of this policy. Provided we do not have any lawful reason to continue processing or holding your personal information, we will make reasonable efforts to comply with your request.

You are entitled to ask us to limit the processing of your personal information where you believe it is unlawful to continue to do so.

Transferring your personal information in a structured data file

Where we rely on your consent as the legal basis for processing your personal information or need to process it in a contract as set out under how we use your personal information. You may ask us to provide you with a copy of that information in a structured data file. This would be supplied to you via secure file transfer. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.

Complaining to the UK data protection regulator

You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed any of your personal information. For more information on this please visit the ICO website.

Security measures we put in place to protect your personal information

Unfortunately the use of the internet is not entirely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website. Any transmissions are done so at your own risk.

Once we have received your personal information we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.

We will collect special categories of personal data. Where requested we can apply additional security controls to this data.

Use of ‘’cookies’’

Like many websites we use cookies. Cookies are small pieces of information sent to your device and stored on its internal storage to allow our website to recognise you, and optimize the actions performed by you on our website. We use strictly necessary and functional cookies to enable you to move around the site to provide basic features.

Links to other Websites

Our website may contain links to other websites run by other organisations. This policy does not apply to any other websites or applications, so we encourage you to read their privacy statements. We are not responsible for other websites or applications privacy policies and practices, even if they are accessed through our website.

Additionally, if you visited our website via a third-party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that website. We recommend that you visit their privacy statements on their website.

Marketing

You will only receive direct marketing information from CQR if you indicate to us a preference to do so, via our ‘’Subscribe’’ option on the website. You will be invited to complete a client consent/opt in process by email as a result of the following:

  • Becoming a client
  • Your attendance at an event
  • Providing us with a business card directly to a CQR employee or provided at a business event.
  • You registering your brief contact details in order to obtain information, or free downloads from our website.
  • An email request from you to attend an event.
  • Your attendance at an event organised or co hosted by CQR that has been promoted via social media or other advertisement.

We may use and process your personal information where you have consented for us to do so via our consent process. This consent can be withdrawn at any time via our ‘’unsubscribe from the list’’ option.

Contact us

Our data protection lead is Matt Kingdon. He acts as head of Privacy and Data protection queries. Please direct any queries about this policy or the way we process your personal information to our data protection lead using the contact details below.

If you wish to write to us please write to the Data Protection Lead at CQR, Home Park, Grove Road, Bladon, Oxfordshire OX20 1FX Tel 01993 812835

Email address: matthew.kingdon@cqr.com

 

CQR Inc (US) Privacy & Cookies Policy

CQR Consulting Ltd and CQR Inc (the “Company”) is an Independent Information Security business, this policy describes the manner that CQR manages any personal information that it collects, uses and discloses about those with whom we do business and how to contact us if you have any queries. This policy is a public document and will be made available on request.

Protecting consumer privacy is important the company. The Company (hereinafter collectively referred to as the “Company”, “us”, “we”, or “our”) complies with the UK data protection act and further the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the processing of personal data (“PII”). CQR Inc has certified that it adheres to all applicable provisions of the Privacy Shield Framework, including the Privacy Principles, the Supplemental Principles and Annex 1 of the Framework. To learn more about the Privacy Shield program, and to view CQR Inc’s certification please visit https://www.privacyshield.gov.

This privacy policy outlines our general policy and practices for implementing the Principles, including the types of information we gather, how we use it and the notice and choice affected individuals have regarding our use of and their ability to correct that information. This privacy policy applies to all personal information received by the Company whether electronic, paper or verbal format.

Definitions

“Personal Information” or “Information” means information that (1) is held within the confines of CQR’s systems within the EU and US locations or is transferred from the EU or Switzerland to the United States; (2) is recorded in any form; (3) is about, or pertains to a specific individual; and (4) can be linked to that individual.

“Sensitive Personal Information” means personal information that reveals race, ethnic origin, sexual orientation, political opinions, religious or philosophical beliefs, trade union membership or that concerns an individual’s health.

Information Collected

The kind of personal information that we collect can be of any of the following types:

  • Information about individuals who have used our services;
  • Information about individuals who we have contacted in the past for the purposes of seeking business;
  • Information about individuals working for, or associated with, any partner or supplier organisations; or
  • information about individuals who seek employment or have held employment with CQR;

This personal information is collected in a variety of ways, including by mail, telephone, email, Internet and intranet access, personal contact, and through business activities and events. Access to your information within our organisation is restricted to authorised employees and based on business needs.

Personal information collected by CQR for the purpose of employment is used solely for this and no other reason. Your information may be shared with third party services for the purpose of employment applications and where successful, payment of salary, pensions and expenses, no further use is required or permitted.

Personal information collected by CQR for the purpose of commercial activities are used solely for this purpose, information is used to manage relationships and activities as requested by you. CQR do not need or require personal information for any other use.

Please be aware that CQR is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and UK Data Protection Authorities. In addition, CQR may, at times be requested disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Cookies

Cookies help us identify your device, performance of typical actions on this website or when you are logged in to specific secure zones. We use strictly necessary and functional cookies to enable you to move around the site and to provide basic features. Tracking and performance cookies are used to provide a better overall user experience. To read more and/or disable cookies please see Managing Cookies.

Data Integrity

The Company shall only process Personal Information in a way that is compatible with and relevant for the purpose for which it was collected or authorized by the individual. To the extent necessary for those purposes, The Company shall take all reasonable steps to ensure that Personal Information is accurate, complete, current and reliable for its intended use.

Accessing, Opting Out or Updating Your Personal Data

If at any time you wish to access, update or delete the information CQR hold about you please contact us on the information provided later in this document (Contact Information). CQR will accommodate all such requests, processing such requests as quickly as possible and at no cost to you.

Limitations of Use

As prescribed above, CQR use your personal information for the purposes of employment or commercial engagements only. If you have any request to limit such uses, you should contact us on the information provided below (Contact Information). CQR will ensure all such requests are facilitated and processed as quickly as possible, again, at no cost you.

Onward Transfers

CQR are responsible for the processing of any personal data it receives or holds about you, and any subsequent transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data, including the onward transfer liability provisions.

Security

The Company shall take reasonable and appropriate steps to protect the Information from loss, misuse and unauthorized access, disclosure, alteration and destruction. The Company has put in place appropriate physical, electronic and managerial procedures to safeguard and secure the Information from loss, misuse, unauthorized access or disclosure, alteration or destruction. While all efforts are made, the Company cannot guarantee the security of Information on or transmitted via the Internet.

Enforcement

The Company uses a self-assessment approach to assure compliance with this privacy policy and periodically verifies that the policy is accurate, comprehensive for the information intended to be covered, prominently displayed, completely implemented and accessible and in conformity with the Principles. We encourage interested persons to raise any concerns using the contact information provided below and we will investigate and attempt to resolve any complaints and disputes regarding use and disclosure of Personal Information in accordance with the Principles.

CQR has further committed to cooperate with EU data protection authorities (DPAs) with regard to unresolved Privacy Shield complaints.  If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact the EU DPAs for more information or to file a complaint.  The services of EU DPAs are provided at no cost to you

Under certain circumstances, described fully on the Privacy Shield website (Click Here), you may invoke binding arbitration when other dispute resolution procedures have been exhausted.

Amendments

This privacy policy maybe amended from time to time consistent with the requirements of the relevant Data Protection Authority and EU-U.S. Privacy Shield Framework. We will post any revised policy on this website. The Company is committed to following the Privacy Principles for all Personal Information within the scope of the Privacy Shield Framework.

Contact Information

Questions, comments or complaints regarding the Company’s Privacy Shield Policy or data collection and processing practices should be sent to or contact made via the details provided below:

CQR Inc
Attn: Legal Department
90 Park Avenue, 17th Floor,
New York, NY, USA 10016
Phone:- +1 212-364-5192

 

We use cookies on this site to provide you with a better user experience. Read More