We can be contacted at the email address UKDataProtection@nttdata.com
We collect (1) registration data, (2) data that you have voluntarily shared, (3) data collected when you access and interact with the Website or the Company Service (“Activity Data), and (4) information from other sources. More specifically:
When the information collected from or about you does not directly or indirectly identify you as a specific person, we may use that information for any purpose or share it with third parties to the extent permitted by applicable data protection laws and regulations.
We do not collect:
We use the personal data we collect from and about you to:
When the data collected from or about you does not identify you personally, we may use that information for additional purposes or share it with third parties.
The legal basis of processing is as follows:
As set out in Section 3 above, your data is processed through both electronic and manual means subject always to appropriate security measures. Please note that although we use appropriate administrative, technical, personnel and physical measures to safeguard the personal data we collect from loss, theft and unauthorised use, disclosure or modification, we cannot guarantee the full exclusion of all cyber-risks.
Although this data is collected on an anonymized basis, this information will be decrypted in the event of an attack, the decrypted information may include email and IP addresses.
For the purposes set out at Section 3 above, we may share your personal data to the following categories of recipients in compliance and with Section 7 below:
Third parties service providers entrusted with processing activities and duly appointed as processors when required by applicable laws, e.g. cloud service providers, other entities of the group, providers of services instrumental to or supporting the Company Services – and thus, by way of example and without limitation, companies that provide IT services, experts, consultants and lawyers – companies resulting from possible mergers, demergers, or other transformations. The processing undertaken by third parties is governed by an appropriate Data Processing Agreement or Standard Contractual Clause Contract
Competent national authorities/regulatory bodies in order to comply with applicable laws and regulations.
Providers of marketing communications
Personal data may be shared with third parties, e.g. Pardot, in order that marketing communications can be sent to you.
To unsubscribe to marketing communications please contact the Data Protection Officer: firstname.lastname@example.org or click on the unsubscribe link in the communication
Your personal data may be transferred to countries within and outside the European Economic Area (EEA), in particular to the USA and India. Some non-EEA countries are recognised by the European Commission as providing an adequate level of data protection according to EEA standards. The full list of these countries is available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en.
For transfers from the EEA to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data. Any transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses per Articles 45 and 46 of the UK General Data Protection Regulation 2016 (the “UK GDPR”).
You have the right to request a copy of the above measures or further information on your personal data by contacting the Company at the address indicated in Section 11 below.
You have the right, at any given time, to:
To exercise these rights, you may send a request to the contact listed in Section 11 below. Your request should include your email address, name, address, and telephone number and specify clearly what information you would like to access, change, update, suppress or delete.
After you cancel your account, or if you ask us to delete your personal data, copies of some information may remain viewable in certain circumstances. For example, where you have shared information with social media or other services. In addition, due to the nature of cache technology, your account may not be instantly inaccessible to others. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion, to comply with applicable law.
If you no longer want to receive marketing-related emails from us, you may opt-out by following the unsubscribe instructions in our communications or sending a request to the contact listed in Section 11 below.
Section 9 outlines additional rights, effective from 25 May 2018.
On 25 May 2018, the UK Data Protection Act 2018 and the EU GDPR came into force and the following provisions apply:
A. Retention period applying to your personal data
At the end of the retention period your personal data will be either deleted, anonymised or aggregated.
B. Additional rights
From 25 May 2018 you also have the right at any given moment to:
On 31 January 2020, the UK left the EU. The UK Data Protection Act 2018 and the UK GDPR became known as the UK Data Protection Framework
Last modified 27 January 2022
The Data Protection Officer is Lynda Osborne. NTT Data UK. 2 Royal Exchange. London EC3V 3DG
In the event of a complaint which NTT DATA UK cannot resolve, you can submit your complaint to the ICO at the following address;
Information Commissioner’s Office
Tel 0303 123 1113
For EU Citizens please contact Roberta Tisci
If NTT DATA EMEA cannot resolve your complaint, you can submit your complaint to: