SessionCam is committed to protecting and respecting your privacy
By “Personal Information” we refer to information collected or held by SessionCam, that identifies and relates to you as an individual.
Who we are
SESSIONCAM LIMITED is a private limited company incorporated and registered in England and Wales with the company number 09502309 whose registered office is at St. Vedast House, St. Vedast Street, Norwich, England, NR1 1BT (“SessionCam”)
For the purposes of the Data Protection Act 1998, the General Data Protection Regulations and any other applicable data protection and privacy laws and regulations (“Data Protection Legislation”), SessionCam will be the ‘data controller’ for all personal information we determine the means and purpose of processing and has registered with the Information Commissioners Office under registration number ZA115103.
If you are a visitor of a website using SessionCam services (“SessionCam Client”), we will be the ‘data processor’ for the SessionCam Client. If you wish to discover how your data is handled under Data Protection Legislation, please refer to the privacy notice belonging to the SessionCam Client. The ‘Information we collect for our clients’ section below provides further information regarding the services we provide as a data processor.
Information we collect and process for our own use
We gather and use personal information in the following circumstances.
When you register with us as a customer
As part of the account registration process, we will collect the information required to set up a SessionCam account including your name, email address and the website on which you wish to use our service. We may also collect credit/debit card payment information from clients purchasing a SessionCam subscription directly via our website.
We may collect additional information you volunteer to us when calling our support staff regarding any elements of the service. We will only retain the personal information pertinent to delivering your services.
When you express an interest in our services
If you have opted in via our website to receive a product demonstration, free trial or marketing communications from us, we will handle your personal information (including: your name, email address, postal address, telephone number and the website you wish to use our services on) to provide you with marketing communications in line with any preferences you have told us about or for servicing your free trial.
You are not under any obligation to provide us with your Personal Information for marketing purposes.
When we send you marketing emails, we rely on your consent to contact you for marketing purposes. Every email we send to you for marketing purposes will also contain instructions on how to unsubscribe from receiving them.
The information we request on our contact, product demonstration or free trial forms is processed specifically to provide you with the services you have requested or respond to your enquiry appropriately.
When you complete a survey provided by us
From time to time, we may invite visitors to participate in a web-based survey. We will always state the purpose of each of these surveys.
In addition to any information you provide to us completing the individual surveys, we may also request your name, email address telephone number. Participation is entirely optional and any information we collect is only used to improve the products and services we offer to our clients.
We process the information collected from the surveys with your feedback and you have the right to withdraw this consent and stop our processing of this information at any time. If you wish to withdraw your consent, please email [email protected].
When you phone us
When you phone us, we may also handle your personal information (your name, contact details and the other details you provide to us during the call) in order to service your enquiry or provide the customer services you have asked us to perform.
When you email us
When you email us, we may also handle your personal information (your name, contact details and the other details you provide to us during the call) in order to service your enquiry or provide the customer services you have asked us to perform.
If you fail to provide us with Personal Information
You always reserve the right to withhold your personal information, but this may affect how we provide our services.
Where we need to collect Personal Information by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.
Lawful basis of processing
We will only process your information for as long as we have a relevant legal basis to do so. This is usually in order to provide you with the services you have requested from SessionCam and unless stated, all of the above processing is conducted under the legal basis of performance of a contract.
We will only use your Personal Information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we consider the new purpose to be incompatible with the original purpose of collection, we will conduct a Privacy Impact Assessment or contact you to request your consent for further processing. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us at [email protected] and we will direct your request to our Data Protection officer.
A cookie is a small data file that certain websites write to your hard drive when you visit them. The only personal information a cookie can obtain is information supplied by the user. A cookie cannot read data from your hard disk or read cookie files created by other sites.
SessionCam uses a cookie to store details of the last time you were invited to participate in one of our surveys. SessionCam also uses a cookie to identify return visits to our website by regular users. This information is used to understand the differences in use between a new user and a returning user.
We use the following cookies:
- Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
- Analytical/performance cookies. They allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
- Functionality cookies. These are used to recognize you when you return to our website. This enables us to personalize our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
- Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about the individual cookies we use and the purposes for which we use them here:
Purpose: These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Click here for an overview of privacy at Google
Purpose: These cookies are used to collect information about how visitors use oursite. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Protecting your information
We take our security obligations very seriously and constantly monitor for breaches and potential weaknesses. SessionCam is committed to ensuring that data is stored, archived or disposed of in a safe and secure manner. We have procedures in place to try and prevent any unauthorized access or disclosures and to safeguard and keep secure the information that we collect.
We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorise access to personal information only for those employees who require it to fulfil their job responsibilities. SessionCam is accredited with the ISO27001 Information Security Management Standard.
However, you should be aware that providing information over the internet can never be guaranteed as being completely safe and if you choose to send such information to us via the internet, you do so at your own risk.
Data Protection Officer
To ensure we continue to monitor our obligations under Data Protection Legislation and comply accordingly, SessionCam has appointed a Data Protection Officer who coordinates all matters of data protection across the entire organization and can be contacted by emailing [email protected].
Transfer of data outside of the EU
We shall not transfer any Personal Information to any country outside of the European Economic Area unless we ensure that such Personal Information is subject to an adequate level of protection and appropriate legal safeguards in accordance with Data Protection Legislation. If you wish to access your Personal Information, we will inform you of the transfers we make (if any) and the legal safeguards we have employed to ensure the ongoing security and protection of your data.
SessionCam uses an AWS hosting system based in the US-East territory. The transfer of this personal information is governed by the EU-US Privacy Shield Certification which provides an adequate safeguard for the transfer of personal information to a third country outside of the EU.
Sharing your information with others
If and when we share your data, we always do so under a written agreement governing how your data must be protected.
- we may use carefully selected sub-processors to help us collect, store or manage your information. This will always be managed under the terms of a written data processing agreement.
- analytics and search engine providers that assist us in the improvement and optimization of the Website; and
- if SessionCam is acquired by a third party, in which case Personal Information held by it about its customers will be one of the transferred assets. We process your Personal Information for this purpose because we have a legitimate interest to ensure our business can be continued by the buyer. If you object to our use of your Personal Information in this way, the relevant seller or buyer of our business may not be able to provide services to you.
Retaining your Personal Information
We will only retain your Personal Information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal .
Your right to object under data protection laws
You have the right to object to us handling your personal information when:
- we are handling your personal information based on our legitimate interests (as described in the “How do you use my data” section above). If you ask us to stop handling your personal information in this way, we will stop unless we can show you that we have compelling grounds as to why our use of your personal information should continue
- for marketing purposes. If you ask us to stop handling your personal information on this basis, we will stop.
Your rights under data protection laws
You can exercise the following rights to your data by contacting us at [email protected].
Right of access
You are entitled to receive confirmation as to whether your personal information is being processed by us, as well as various other information relating to our use of your personal information. You also have the right to a copy of the personal information which we are handling regarding you.
Right to rectification
You have the right to require us to rectify any inaccurate personal information we hold about you. You also have the right to have incomplete personal information we hold about you completed, by providing a supplementary statement to us.
Right to restriction
You can restrict our processing of your personal information where:
- you think we hold inaccurate personal information about you
- our handling of your personal information breaks the law, but you do not want us to delete it
- we no longer need to process your personal information, but you want us to keep it for legal reasons
- we are handling your personal information because we have a legitimate interest (as described in the “How We Use your Data” section above, and are in the process of objecting to this use of your personal information
Where you exercise your right to restrict us from using your personal information, we will then only process your personal information when you agree, except for storage purposes and to handle legal claims.
Right to data portability
You have the right to receive the personal information we hold about you in a structured, standard machine-readable format and to send this to another organization controlling your personal information.
Right to erasure
You have the right to require us to erase your personal information which we are handling in the following circumstances:
- we no longer need to use your personal information for the reasons we told you we collected it for
- where we needed your consent to use your personal information and you have withdrawn your consent
- you object to our use of your personal information and we have no compelling reason to carry on handling your personal information
- our handling of your personal information has broken the law
- we must erase your personal information to comply with a law we are subject to
Right to complain
You have the right to issue a complaint directly with the Information Commissioners Office, the data protection supervisory authority for England and Wales.
Information we collect for our clients as a data processor
SessionCam is a website analytics and conversion optimization tool that enables our clients to gather details of how their customers use their site.
We do not permit the recording of PCI data by our clients. Any data recorded by SessionCam on behalf of our clients is recorded exclusively for their own use.
We do not sell, share or use the data recorded for clients by SessionCam ourselves or with any other third-party organization.
All of the information collected by SessionCam for our clients is encrypted using AES-256 at the point of recording.
The information collected is stored and managed within our secure infrastructure which includes physical, hardware and software-based security controls. Access to the information we collect is carefully controlled and restricted to authorized individuals only.
Our clients have access to the information collected from their customers only via SessionCam. Client access to the data gathered by SessionCam is restricted to defined, individual user accounts through our web-based reporting console, which is under 256-bit SSL encryption.
Customers with Google Analytics bi-directional integration
SessionCam offers customers the ability to link their Google Analytics accounts to SessionCam in order to allow SessionCam recordings to be filtered by Segments defined within Google Analytics.
As part of the setup process for this, you will be asked to authenticate with your Google account.
Please note that we connect to Google using the following “Scope”:
This allows SessionCam read-only access to your Google Analytics data. More information on this can be found here.
Once authenticated, SessionCam will periodically retrieve the following data:
- A list of defined Google Segments
We discard “built in” segments and only store Segment names and ID’s for “custom” Segments
- For each of those Google Segments, a list of SessionCam ID’s
We store this list of SessionCam ID’s and match these to SessionCam recordings.
Changes to this Privacy Notice
We may change this Privacy Notice at any time to ensure it always accurately reflects the way we collect, use and safeguard your Personal Information.
Please check this notice from time to time to ensure you are aware of any updates we may have made to our Personal Information handling practices. The date of the changes will be listed in the ‘Last updated’ section below. We will endeavor to notify all of our current clients of any updates to this notice via email and we will post the relevant announcement on our website homepage.
We recommend that you print a copy of this page for your reference.
Please contact us at [email protected] if you have any questions, comments or requests regarding this Privacy Notice.
Last updated 23 May 2018