Informação de Transparência

With the following information, we give you an overview of the processing of personal data by us and the rights that data subjects can assert against us. Which data are processed in detail and how they are used depends largely on the object or purpose of our contact. Therefore not all parts of this information will apply to you.

1. Responsibility and contact

Responsible in accordance with Art. 4 (7) of the General Data Protection Regulation (GDPR) is

Hitachi Solutions Europe Limited

23rd Floor, 110 Bishopsgate, London, United Kingdom, EC2N 4AY

Telephone: +44 (0)204 526 8510
Email: [email protected]

The contact details of our Data Protection Officer are:

Bryan Coley
Hitachi Solutions Europe Limited

Telephone: +44 (0)204 526 8510
Email: [email protected]

2. Sources and data

We process personal data that we receive from our customers or their authorised representatives or interested parties within the scope of our business relationship. These data can be:

Personal data (name, contact details, address, telephone, fax, email, date and place of birth, gender)
Data from the fulfilment of our obligations (name, contact details, address, telephone, fax, email, if applicable others – depending on the respective obligation)
Data advertising and sales (name, contact details, address, telephone, fax, e-mail)
Order data (name, contact details, address, telephone, fax, e-mail, if applicable others – depending on the project)
Other data comparable with the above species

In addition, we process personal data that we have obtained from publicly accessible sources (e.g. commercial register, press, media or Internet) in a permissible manner and whose processing complies with the law.

3. Purpose and legal basis

We process personal data in accordance with the provisions of the GDPR (General Data Protection Regulation) and the DPA (Data Protection Act 2018) and all other relevant laws:

1. to implement our contractual relationships (Art. 6 (1) letter b GDPR)

The processing of data is carried out to provide our services and commercial transactions within the framework of customer contracts or to carry out pre-contractual measures which are carried out on request. The purposes of the data processing are generally based on the subject matter of the contract and may also include, among other things, demand analyses and consultation.

2. as part of the balancing of interests (Art. 6 (1) letter f GDPR)

As far as necessary, we process data to protect legitimate interests. Examples of this are the assertion of legal claims and defence in the event of legal disputes, guaranteeing IT security and our IT system, checking and optimising procedures for analysing requirements for the purpose of directly addressing customers, measures for building and plant security (e.g. access controls) or measures for business management and the further development of services and products.

3. on the basis of legal requirements (Art. 6 (1) letter c GDPR)

We are subject to various legal obligations. These include in particular the fulfilment of fiscal control and reporting obligations

4. on the basis of consent (Article 6 (1) letter a GDPR)

As far as we have received consent to process personal data for specific purposes, the lawfulness of the processing on this basis is given. A given consent can be revoked at any time for the future. The declaration is possible informally.

4. Data receiver

Within our company, those departments receive access to personal data which they need to fulfil our contractual and legal obligations. Service providers and vicarious agents employed by us may also receive data for these purposes, provided they maintain confidentiality and comply with our data protection instructions.

With regard to the passing on of data outside our company, we strictly observe the secrecy law regarding all data of our customers and interested parties. We are allowed to pass on information if we are obliged to provide information by legal regulations or if we have consented to this. Service providers commissioned by us must also ensure compliance with confidentiality and the provisions of the GDPR. These are above all service providers for data medium destruction, EDP/IT support and maintenance service providers, legal advisers, payment transaction service providers and tax consultants.

5. Transmission to Third Countries / international Organisations

A data transfer to countries outside the European Union or the European Economic Area – so-called third countries – takes place only within the group and/or as far as this is necessary or legally prescribed for the execution of our orders (e.g. tax reporting obligations), if we have your consent or in the context of an order processing.

If necessary, in individual cases, personal data will be transferred to an IT service provider in a third country to guarantee our IT operations. If the service provider is used in a third country, the appropriate level of data protection is guaranteed by the conclusion of the EU standard contract clauses.

When processing incoming messages, access may also be required under certain circumstances by such employees of the relevant specialist department who are organisationally located in Germany, Hitachi Solutions Germany GmbH. The employees concerned have their line manager at Hitachi Solutions Germany GmbH. In particular, access may be necessary in order to ensure that the other employees can continue to process the messages received in an orderly manner in the event of illness.

6. Customer relationship management

Our customer relationship processes are software-supported. All European units of Hitachi Solutions use a common tool: Microsoft Dynamics 365 Sales. Data processing within the meaning of section 4.1 takes place here (pre-contractual measures).

Access by our European units (including access from third countries as defined in the GDPR) is controlled by an authorization concept.

For Great Britain applies:

We use Microsoft Dynamics 365 Sales in conjunction with the following tools:

Userlane: Training tool that simulates use cases in the production environment. The personal data mentioned in point 2 can be processed in this context.
ClickDimension: Marketing tool that processes the personal data mentioned in number 2 in order to send newsletters. It also serves as a campaign tool
Introhive: A software solution that helps to visualise customer relationship information across the company. The personal data mentioned in point 2 can be processed in this context.

Microsoft Co-sell opportunities: Part of a Microsoft portal where sales opportunities are entered in order to provide customers with the best possible advice This portal is used to make agreements on sales opportunities directly with the manufacturer Microsoft. First name, surname, e-mail address and telephone number are processed.

7. Storage duration

We process and store data as long as it is necessary for the fulfilment of our contractual or legal obligations.

If the data is no longer necessary for the fulfilment of contractual or legal obligations, it is regularly deleted, unless its temporary further processing is necessary to fulfil commercial or tax law storage obligations. The periods of retention or documentation are usually between 2 and 10 years. In these cases, after the end of the processing purpose, the processing as such will be restricted in such a way that only the purpose of storage from the laws mentioned as examples can be achieved.

8. Data protection rights of data subjects

Every data subject has the right of

Information (Art. 15 GDPR)
Correction or deletion (Art. 16 and 17 GDPR)
Restriction of processing (Art. 18 GDPR)
Opposition to processing (Art. 21 GDPR)
Data transferability (Art. 20 GDPR)

In addition, there is a right of appeal to the Information Commissioner. Should a data subject make use of these rights, we will check whether the legal requirements for this are fulfilled.

Consent to the processing of personal data can be revoked at any time. This also applies to declarations of consent issued to us prior to the validity of the GDPR – i.e. prior to 25.05.2018. It should be noted here that a revocation is only effective for the future. Processing that took place before the revocation remains unaffected.

9. Obligation to provide

Within the framework of a business relationship with our company, those personal data are to be provided which are necessary for the initiation, execution and termination of a business relationship and for the fulfilment of the associated obligations or which we are legally obliged to collect. Without this data, it is generally not possible for us to conclude, execute or terminate a contract.

Final Information

Our business operations require that data be collected and processed. Data protection and data security must be guaranteed wherever data is collected and processed. This is more than just a legal requirement for us.

If you require information that is not included in this transparency information, we can be reached via the contact information mentioned at the beginning.

Information on your right of objection under Art. 21 GDPR

Right of objection in individual cases

You have the right to object at any time, for reasons arising from your individual situation, to the processing of personal data concerning you, which is carried out on the basis of Art. 6 (1) letter f of the GDPR (data processing based on a balancing of interests).

If you object, we will no longer process your personal data, unless we can prove that there are compelling, justified reasons for processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims

Right to object to processing for the purpose of direct marketing

In individual cases we process your personal data in order to carry out direct advertising. You have the right to object at any time to the processing of your personal data for the purpose of such advertising.

If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

Addressee of an objection

The objection can be made in any form with the subject “Objection”, stating your name and address, and should be sent to

Hitachi Solutions Europe Limited

110 Bishopsgate
23rd Floor
London
United Kingdom
EC2N 4AY

Email: [email protected]

Cookie	Duração	Descrição
cookielawinfo-checkbox-advertisement	1 ano	Preparado pelo plugin de consentimento de cookies GDPR, este cookie é usado para gravar o consentimento do utilizador para os cookies na categoria "Anúncios".
cookielawinfo-checkbox-analytics	1 ano	Preparado pelo plugin de consentimento de cookies GDPR, este cookie é usado para gravar o consentimento do utilizador para os cookies na categoria "Analytics".
cookielawinfo-checkbox-functional	1 ano	Este cookie é preparado pelo plugin de consentimento de cookies GDPR para gravar o consentimento do utilizador para os cookies na categoria "Funcional".
cookielawinfo-checkbox-necessary	1 ano	Preparado pelo plugin de consentimento de cookies GDPR, este cookie é usado para gravar o consentimento do utilizador para os cookis na categoria "Necessário".
JSESSIONID	sessão	O cookie JSESSIONID é usado pelo New Relic para armazenar um identificador de sessão de forma a que o New Relic consiga monitorizar a contagem de sessões para uma aplicação.
viewed_cookie_policy	1 ano	O cookie é preparado pelo plugin de consentimento de cookies GDPR para armazenar se o utilizador consentiu ou não o uso de cookies. Não armazena dados pessoais.
wordpress_monolith_access_gated_content	30 Dias	Um cookie para relembrar entradas de conteúdo fechadas.

Cookie	Duração	Descrição
__cf_bm	30 minutos	Este cookie, preparado pelo Cloudfare, é usado para suportar a gestão do CloudFare Bot.
AnalyticsSyncHistory	1 ano	Usado pelo LinkedIn para armazenar informação sobre o tempo em que uma sincronização aconteceu com o cookie lms_analytics.
bcookie	1 ano	O LinkedIn programa este cookie a partir dos botões de partilha do Linkedin e adiciona etiquetas para reconhecer o ID do navegador.
bscookie	1 ano	O LinkedIn programa este cookie para recordar as definições de linguagem de um utilizador.
lang	sessão	O LinkedIn programa este cookie para recordar as definições de linguagem de um utilizador.
li_gc	5 Meses 27 Dias	Usado pelo LinkedIn para armazenar consentimento de utilizadores sobre o uso de cookies para propósitos não essenciais.
lidc	1 Dias	O LinkedIn prepara o cookie lidc para facilitar a seleção do data centre.
ln_or	1 Dias	Usado pelo LinkedIn para determinar se analytics do Oribi podem ser executados num domínio específico.
pll_language	1 ano	O cookie pll_language é usado pelo Polylang para recordar a linguagem selecionada pelo utilizador quando regressa ao website e para obter a informação da linguagem quando não está disponível de outra forma.
UserMatchHistory	1 Meses	O LinkedIn prepara este cookie para a sincronização do ID do LinkedIn Ads.

Cookie	Duração	Descrição
_ga	2 anos	O cookie _ga, instalado pelo Google Analytics, calcula os dados de visitantes, sessões e campanhas e também acompanha a utilização do website para os relatórios analíticos. O cookie armazena informação de forma anónima e atribui um número gerado aleatoriamente para reconhecer visitantes únicos.
_gat_UA-97336965-1	1 minuto	Uma variação do cookie _gat preparado pelo Google Analytics e pelo Google Tag Manager para permitir que os donos do website acompanhem o comportamento dos visitantes e meçam a performance do website. O elemento padrão no nome contém o número único de identidade da conta ou website com o qual se relaciona.
_gid	1 Dias	Instalado pelo Google Analytics, o cookie _gid armazena informação de como os visitantes usam um website e cria relatórios analíticos da performance do website. Alguns dados que são recolhidos incluem o número dos visitantes, a sua fonte e as páginas que visitam de forma anónima.
CONSENT	2 ano	O Youtube prepara este cookie através de vídeos inseridos e regista anonimamente dados estatísticos.
cusid	30 minutos	ClickDimensions prepara este cookie para estabelecer e continuar a sessão de utilizador no website.
cuvid	2 ano	Este cookie, preparado pelo ClickDimensions, é escrito no navegador sobre a primeira visita ao website pa partir desse navegador.
cuvon	30 minutos	O ClickDimensions usa este cookie para armazenar a última vez que um visitante visitou a página.
vuid	2 ano	O Vimeo instala este cookie para recolher informação através do estabelecimento de um ID único inserido nos vídeos inseridos no website.

Cookie	Duração	Descrição
VISITOR_INFO1_LIVE	5 Meses 27 Dias	Um cookie definido pelo Youtube para medir o tamanho da marca que determina se o utilizador recebe o interface novo ou antigo.
YSC	sessão	YSC cookie é definido pelo Youtube e utilizado para acompanhar as visualizações de vídeos inseridos nas páginas de Youtube.
yt-remote-connected-devices	Nunca	O Youtube prepara este cookie para armazenar as preferências de vídeo do utilizador que usa vídeos inseridos do Youtube.
yt-remote-device-id	Nunca	O Youtube prepara este cookie para armazenar as preferências de vídeo do utilizador que usa vídeos inseridos do Youtube.