GOSS Interactive Ltd ("GOSS") , Company No 3553908, whose registered office is at 24 Darklake View, Estover, Plymouth, PL6 7TL. GOSS is registered with the Information Commissioner's Office as data controllers under registration number: Z5344639
GOSS is the controller and is responsible for your personal data.
You can contact GOSS at the above address and also using the following details:
Telephone: 0844 880 3637
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact GOSS Privacy team in the first instance.
This privacy notice applies to personal data GOSS collects about:
Visitors to GOSS websites (including demosites)
Recipients of our sales and marketing collateral
Potential GOSS clients
Current and former Clients
Current and former employees
Suppliers and Partners
General public via CCTV camera at GOSS premises
This website and our services are not intended for children and we do not knowingly collect data relating to children.
THE DATA WE COLLECT ABOUT YOU
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
Identity Data includes first name, maiden name, last name, email address, username or similar identifier, marital status, title, date of birth and gender.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Financial Data includes bank account and payment card details.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
Usage Data includes information about how you use our website, products and services.
Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
IF YOU FAIL TO PROVIDE PERSONAL DATA
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Some parts of the GOSS website may require visitors to register and log in prior to viewing certain pages. Registered users of the GOSS website (www.gossinteractive.com) will be able to opt in/ out of GOSS correspondence via their User Preference page on the website.
GOSS Session Cookies
The GOSS website uses a single session cookie, JSESSIONID. This cookie holds a unique ID, used to identify your browsing session while you interact with the site. It expires when your browsing session ends.
GOSS uses third party cookies
Google analytics cookies to track visitor usage of our website and demosites including the number of visitors and their user journeys. This information will help GOSS understand the interest of our site users and improve our sites. If you would like to opt out of being tracked by Google Analytics across all websites please visit http://tools.google.com/dlpage/gaoptout
Pardot cookies as part of its marketing automation. Pardot uses first party cookies for tracking purposes and sets third party cookies for redundancy. These cookies do not store personally identifying information, they store only unique identifiers.
The visitor cookie is composed of a unique visitor ID and the unique identifier for your account. For example, the cookie name "visitor_id12345" stores the visitor value "1010101010", and "12345" is the account identifier. This cookie is set for all visitors to the GOSS website by the Pardot tracking code.
Any personal data collected via demosite is only used for the purpose of sales demo.
Demosite users will be able to contact GOSS sales team to remove their user information from demosite.
GOSS uses Google Analytics cookies to track visitor usage of our website and demosites including the number of visitors and their user journeys. This information will help GOSS understand interest of our site users and improve our sites. If you would like to opt out of being tracked by Google Analytics across all websites please visit http://tools.google.com/dlpage/gaoptout
The contact details of suppliers, clients (current and former) and potential clients are managed by GOSS using Cloud CRM software.
Newsletter and Other Mailings
Statistics are gathered on all mailings sent by GOSS via a third party provider, Salesforce Pardot, around email opening and the number of click through. This is to help monitor and improve the content of the newsletter. For more information regarding Saleforce Pardot please see https://www.pardot.com/legal/
GOSS may use marketing supplier to conduct campaign on its behalf, if so an appropriate confidential and/or data processing agreement would be in-place to protect your personal data.
GOSS may send you marketing communications to provide you with information about our product and services, events, client success stories, and other activities. You may choose to update your subscriptions via Users preference page on the GOSS website.
Any registered users will be able to opt in/ out of GOSS correspondence via their Users preference page on the GOSS website.
GOSS uses Microsoft Teams to facilitate our Webinar. Attendees information; usernames, email address, etc and any video recording of the meetings will be retained in accordance to GOSS retention policy. All recordings of meetings are accompanied by a notice to attendees that a recording is taking place. For more information regarding Microsoft Teams please refer to https://privacy.microsoft.com/en-gb/privacystatement
Events organised by GOSS
GOSS record information about the attendees of GOSS events for the purpose of event administration (for example, dietary preferences, accessibility requirements, feedback, etc). Any photograph taken at the event may be used for sales and marketing collateral.
Events organised by third parties
GOSS may purchase data from event organisers in order to contact event visitors and registered users about product and/ or services that may be of interest. GOSS will inform the recipients of such correspondence about the source from which their contact details were obtained.
GOSS uses Slack to facilitate discussion amongst current clients and potential clients. Personal data such as username and email address. For more information please refer to Slack https://slack.com/privacy-policy
To de-activate your user account please refer to https://get.slack.help/hc/en-us/articles/203953146-Deactivate-your-Slack-account
GOSS processes current client contact details for the purpose of project work, support, invoicing, business continuity plan, and various client administration tasks in order to fulfil its contractual obligations. This information will be retained in accordance with our data retention schedule. Please note that this retention policy does not apply to any personal data GOSS may be processing on behalf of its clients as data processor. GOSS will follow instructions provided by its Clients regarding the processing of that personal data.
Former clients contact details in various task or project management systems are stored with access disabled but not deleted for the purpose of maintaining record of project delivery and audit purposes.
In addition to using JIRA project tracking software to manage project works, GOSS also uses this software to facilitate discussion of our product roadmap and request new features (" Product Suggestion Project"). GOSS is relying on legitimate interest to process client's information for the Product Suggestion Project in order to understand how to improve our products and services. Client will be able to opt-out from this product suggestion project by contacting GOSS support team. User information associated with any submitted suggestions, comments or vote will still be displayed post opt-out for the purpose of maintaining record and validity of the submission. Opting out from the Product Suggestion Project will not automatically remove the user from accessing JIRA for the purpose of GOSS contractual obligation to deliver and support various client related projects.
GOSS uses Microsoft Teams to facilitate our online meetings. Attendees information; usernames, email address, etc and any video recording of the meetings will be retained in accordance to GOSS retention policy. All recordings of meetings are accompanied by a notice to attendees that a recording is taking place. For more information regarding Microsoft Teams please refer to https://privacy.microsoft.com/en-gb/privacystatement.
GOSS may uses video recordings when providing online training, or meetings. Such recordings will be stored in accordance to our data retention schedule. When requested, GOSS may provide a copy of the recording to client's organisations (that are involved in the training or meetings) for their audit and backup purposes.
GOSS may engage service providers that act on behalf and under instructions from GOSS to support its infrastructure and services. GOSS will ensure sufficient and appropriate security and service contract are in place to protect your personal information and to follow any contractual obligations specified by our Clients in relations to sub-contracting.
Please refer to Sales and Marketing section of this Privacy notice for any other communications outside of the GOSS contractual obligations.
GOSS will only use the information the applicant provided for the purpose of progressing their job application or to fulfil our legal or regulatory requirements as necessary.
The information the applicant provided throughout the recruitment process will be used to assess their suitability for employment at GOSS.
For unsuccessful applications, GOSS will retain the application files in accordance with the GOSS retention schedule. GOSS may also ask the applicant permission to contact them should any further suitable vacancies arise.
Interview notes and test results (as applicable) will be stored by GOSS in accordance with the GOSS retention schedule.
During the job offer stage, GOSS will be required to confirm the applicant identity, their right to work in the United Kingdom and to seek references. For this purpose GOSS will require
proof of identity (original documents to be provided to which GOSS will take copies)
declaration of any unspent convictions,
details of the applicant's referees for GOSS to contact
a completed health questionnaire(to establish fitness to work)
As part of making a job offer GOSS also collects personal data from third parties such as references supplied by former employers, referees, information from employment background check providers, credit reference agencies, internet searches, and information from criminal records checks permitted by law.
Information provided by the applicant as part of application for Baseline Personnel Security Standard (BPSS) and/ or BS7858 Security screening (role dependent) will be passed to GOSS's agent's for processing with the applicant's consent.
GOSS processes health information to ensure that it makes reasonable adjustments to the recruitment process for applicants who have a disability and to protect our employee welfare.
Some client' projects may require an enhanced security check, this will be discussed as and when requirement arise. Personal data processed for this security check may be held by our GOSS, GOSS Clients and/or their screening providers.
At the start of employment GOSS will require information for HR purposes such as
bank details for payroll
National Insurance number for payroll
copy of driving licence (including driving points) for insurance purposes
next of kin details (to be used when there is emergency at work)
Where GOSS processes special category of personal data, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment.
SUPPLIERS AND PARTNERS
GOSS will only use the information you provide for the purpose of project work, support, invoicing, business continuity planning, and various supplier and or partner administration tasks in order to fulfil our contractual obligations.
CCTV cameras are installed in GOSS premises for the purpose of crime detection, crime prevention and the safety of both the public and employees. Images captured by CCTV will not be kept for longer than necessary.
GOSS will only disclose recorded images to authorised bodies who intend to use it for the purposes stated above.
In order to ensure you remain in control of your personal data, as individuals you have the following legal rights in relations to your personal data, which are held by GOSS:
right to obtain a copy of your personal data (data subject access request)
right to rectify incorrect personal data
right to request deletion of your personal data where it is no longer required for GOSS to retain such data
right to withdraw consent to processing when consent is the only basis use for collection and processing
right to request further processing where there is a dispute in relation to accuracy or processing of your personal data
right to object to your personal data being used for marketing or where processing is based on legitimate interest
If you would like to exercise any of your legal rights above, please contact GOSS Privacy team
Please keep in mind that there are exclusions to the rights outlined above and although GOSS will endeavour to respond to your request, there may be circumstances where we are unable to do. If you are unsatisfied with our response or you believe that your privacy rights have been infringed you should contact the UK Information Commissioner's Office (ICO), who oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk.
It is important that the personal information that we hold about you is accurate and current. Please keep us informed of your personal information changes during your relationship with us.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please GOSS Privacy team.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
The majority of GOSS data is stored within UK. For personal data which is stored outside of the UK or EEA, GOSS will ensure appropriate safeguarding is in placed with the data processor.
The following systems store and process their data outside the UK
Slack - USA and Ireland (link to their privacy notice https://slack.com/privacy-policy)
Optimal Workshop - USA, Ireland and New Zealand (link to their privacy notice https://www.optimalworkshop.com/privacy)
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us. By law we have to keep basic information about our clients (including Contact, Identity, Financial and Transaction Data) for seven years after they cease being clients for tax and contractual purposes.
In some circumstances we may anonymised your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
LINKS TO OTHER WEBSITES
GOSS websites may contain links to other websites. GOSS does not control those other sites and we cannot be responsible for the content of those sites or for the protection of any information you provide to other sites (which are not governed by this privacy notice). GOSS accepts no responsibility or liability for such other websites. You should exercise caution when entering personal information online and look at the privacy statement applicable to the website in question.
Any queries in relation to your personal data or this privacy notice should be directed to GOSS Privacy team.
Changes to this privacy notice
This privacy notice may be updated from time to time. The latest version will always appear on GOSS website
Last modified: 14/04/2021