Here, you can find out how The Inner Vyou Ltd safeguards your information and how we use it to improve our products and services for the benefit of all our customers and website users. In accordance with the EU Data Protection Directive 95/46/EC when transferring personal data from the EEA to the UK, The Inner Vyou Ltd have implemented measures to ensure adequate protection for data subjects. This includes our Standard Contractual Clauses for Controller to Processor. If you are a client of The Inner Vyou Ltd within the EEA, and you are transferring personal data in connection with The Inner Vyou Ltd’s services, please contact us to complete the Standard Contractual Clauses and return it to firstname.lastname@example.org.
The nature of The Inner Vyou Ltd means that, from time to time, we’ll require some personal details from our customers and website users. The data we collect could just be a name and an email address, but depending on your level of engagement with The Inner Vyou Ltd, it could be much more than that.
The personal information you’ve shared with us, along with data on how you use our website – what you search for and what preferences you select, for example – help us to provide a range of products and services that meet your needs.
What information does The Inner Vyou Ltd collect about me?
Personal information that we collect may include your name, contact details (phone numbers, email address and addresses), your date of birth, job, course information, your personal interests, and data about the pages you visit, and your other activity on our website, as well as any other personal information relating to you that you supply to us. Our website may also collect other information that you supply to us, such as information relating to your education, skills or job experience, where relevant in the context of the website or the services provided through the website. Except where stated otherwise on the website at the time such personal information is submitted, it is only processed for the purposes for which you have submitted it to us.
How does The Inner Vyou Ltd collect my personal information?
We collect your information in two ways:
- Personal information you choose to disclose. You may, for example, provide us with your information when you post something on our site, when you register for any features on our site that require registration, when you contact us (online or offline) or when you order goods or services from us.
We will inform you prior to collecting your personal information if it is requested on a voluntary basis and the consequences of not providing voluntary personal information.
In a separate automatic operation, the web server will collect your IP address and browser type and details of the website, application or email communication you came from before entering our site. This information is used to:
- work out how many times our site has been visited
- record which parts of our site have been visited so we can improve the content and layout of the site
- understand the effectiveness of our email communications
We may from time to time supply this data to third parties in an anonymised form for uses in connection with our site.
What will The Inner Vyou Ltd do with my personal information?
We use your personal information for a variety of business purposes which are in our legitimate interests (“Business Purposes"), and/or in order to enter into or perform a contract with you (“Contractual"), and/or with your consent (“Consent"), and/or compliance with our legal obligations (“Legal Reasons").
For example, we may use your personal information:
- to provide you with the relevant services through our applicable site, for Contractual Reasons
- to process your online purchases, for Contractual Reasons
- to inform you about and provide more information on products and services offered by us, for our Business Purposes or with your Consent
- to invite you to participate in surveys, discussions and prize draws and ask for your views on our services via online surveys and discussion forums, for our Business Purposes and/or with your Consent
- to improve the products and services offered to you for our Business Purposes
- for marketing for our Business Purposes and/or with your Consent
- for statistical or analytical purposes for our Business Purposes
- to detect, prevent or investigate security breaches or fraud for our Business Purposes and/or Legal Reasons
- to otherwise to better meet the needs and preferences of our customers for our Business Purposes
We will not allow unrelated third parties to use your personal information for marketing without your consent. Where we rely on your consent, you have the right to withdraw it at any time.
For how long will The Inner Vyou Ltd keep my personal information?
We will keep your personal information only for as long as necessary to fulfil the purposes for which we are processing your personal information unless the law permits or requires longer. For example, we might need to keep your personal data for quality assurance of the service we have provided, or we might need to keep it to defend future legal claims. After this period, your account will be deleted. You can request your account to be deleted at any time.
Email marketing and opt out
We will not send you marketing emails if you have opted out of receiving them. Any marketing emails we send you will include an unsubscribe link at the end of the email. We provide contact details you may use if you want to contact us by email, post or telephone in order to unsubscribe.
How does The Inner Vyou Ltd keep my personal information safe?
The Inner Vyou Ltd stores your data on secure servers that are based in the UK. Data is processed in the UK, and we use standard industry security protocols. We seek to protect the safety of all your personal information by implementing appropriate technical and organisational measures. For example, provided your browser accepts HTTPS (Hyper Text Transfer Protocol) Secure encryption, we seek to protect your payment information against unauthorised access through a secure server.
Where we use third parties to process personal information, we require them to ensure the safety of your information. Any personal information that you voluntarily post on a public area of our site, such as a bulletin board or discussion forum, or an interactive area requiring registration and/or subscription, may be collected and used by others. Please be careful what personal information you disclose in this way. You understand that we cannot control the actions of other users.
Will The Inner Vyou share my personal information with anyone else?
We will never sell your personal information. We may disclose and share your personal information:
- any entity which acquires any part of our business
- our service providers (including, for example, credit reference agencies and payment processors, distributors/agents of our products, suppliers who develop or host our sites)
- regulators or government bodies if requested
- third-party search engines that may index user profile pages and usernames as part of the URL of the user profile page by default if required or permitted by law
- relevant third parties (such as your employers, school, internet service provider, law enforcement agencies) if we reasonably believe you may be in breach of the law (for example, if you have posted defamatory content on our sites) or if required to do so in accordance with applicable law
- other third parties with your consent
Will The Inner Vyou Ltd send my personal information to another country?
We may transfer your personal information to other countries around the world, including countries outside of the European Economic Area (“EEA"), which may not have the same data protection laws as those of the country where you access our sites. Where we transfer your personal information to countries outside of the EEA we will take appropriate steps to ensure your personal information is afforded the same level of protection as described in our Standard Contractual Clause agreement.
What rights do I have?
In some regions, such as the EEA (European Economic Area), you may have certain rights in relation to your personal information, including the right to:
- request access to and obtain a copy of your personal information
- rectification of your personal information if it is no longer accurate or erasure of your personal information if our retention is no longer necessary for the purposes for which it was collected
- restrict or object to the processing of your personal information in certain circumstances
- data portability (if applicable)
If you wish to exercise any of your rights in relation to your personal information please send your request to us using the details set out in the “Contacting Pearson" section below. We will consider and act upon any request in accordance with applicable data protection laws.
You may also have the right to complain to the Information Commissioner (if you are in the UK) or to your local data protection supervisory authority if you are unhappy with our privacy practices notified under this Privacy Notice.
What if I am under 16?
If you are under 16, please be sure to read this Privacy Notice with your parent or guardian and ask them questions about anything you don’t understand.
Misuse of personal information
You agree not to misuse any personal information available on our sites or to gather it or use robots or other automated scripts, codes or functionalities to do so.
We may immediately suspend or terminate your access to our site without notice if we become aware that you are in breach of applicable terms and conditions of use or of this Privacy Notice.
Changes to this Privacy Notice
We may update this Privacy Notice from time to time. We will always include the date of a new version so that you know when there has been a change.
Description of the technical and organisational security measures implemented by The Inner Vyou Ltd (“data importer") in accordance with Clauses 4 (d) and 5 (c) of the Standard Contractual Clauses between an EEA Controller and non-EEA Data Processor.
The Inner Vyou Ltd will maintain administrative, physical and technical safeguards for the protection of the security, confidentiality and integrity of the data exporter’s data including but not limited to those set forth in the underlying agreement between the data importer and the data exporter to which these Clauses are attached. In the event that the underlying agreement does not specify technical and organisational security measures, the parties agree that, at a minimum, the Data Protection Protocols are available below:
The Inner Vyou Ltd agrees and warrants that it has implemented technical and organisational measures appropriate to protect Confidential Information (including Personal Data) against accidental or unlawful destruction or accidental loss, alteration, unauthorised disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing, and that these measures ensure a level of security appropriate to the risks presented by the processing and the nature of the data to be protected having regard to the state of the art and the cost of their implementation.
The measures The Inner Vyou Ltd has taken include, as appropriate and without limitation:
1. Implementing and complying with a written information security program consistent with established industry standards and including administrative, technical, and physical safeguards appropriate to the nature of Confidential Information and designed to protect such information from: unauthorised access, destruction, use, modification, or disclosure; unauthorised access to or use that could result in substantial harm or inconvenience to The Inner Vyou Ltd, its clients or employees; and any anticipated threats or hazards to the security or integrity of such information;
2. Adopting and implementing reasonable policies and standards related to security;
3. Assigning responsibility for information security management and data protection and to provide to The Inner Vyou Ltd contact details of responsible persons of Service Provider;
4. Devoting adequate personnel resources to information security;
5. Carrying out verification checks on subcontractors that will have access to Confidential Information;
6. Conducting appropriate background checks and requiring employees, vendors and others with access to the Confidential Information to enter into written confidentiality agreements and non-disclosure agreements.
7. Conducting training to make subcontractors and others with access to Confidential Information aware of information security risks and to enhance compliance with its policies and standards related to data protection, as well as requiring such personnel to sign an obligation to keep all Confidential Information confidential and secure (data secrecy) during their assignment and thereafter;
8. Preventing unauthorised access to the Confidential Information through the use, as appropriate, of physical and logical (passwords) entry controls, secure areas for data processing, procedures for monitoring the use of data processing facilities, built-in system audit trails, use of secure passwords, network intrusion detection technology, encryption and authentication technology, secure log-on procedures, and virus protection, monitoring compliance with its policies and standards related to data protection on an ongoing basis. In particular, The Inner Vyou Ltd has implemented and complies with, as appropriate and without limitation:
• Denial-of-use control measures to prevent unauthorised use of data protection systems by technical (keyword/password protection) and organisational (user master record) measures concerning user identification and authentication (e.g., automatically enforced password complexity (inter alia special characters, minimum length, regular change of keyword), automatic disabling (e.g., keyword or screensaver password activation) and change requirements, creation of one master user record per user, encoding of data carriers, firewalls);
• Requirements-driven authorisation scheme and access rights (including different forms of profiles, roles, transactions and objects), and monitoring and logging of system access to ensure that persons entitled to use a data processing system have access only to the data to which they have a right of access, and that Confidential Information cannot be read, copied, modified or removed without authorisation;
• Data transmission control measures to ensure that Confidential Information cannot be read, copied, modified or removed without authorisation during electronic transmission, transport or storage on data media, and transfer and receipt records. In particular, The Inner Vyou Ltd’s information security program shall be designed:
i. To encrypt in storage any data sets in The Inner Vyou Ltd’s possession that includes sensitive Confidential Information.
ii. To ensure that any sensitive Confidential Information transmitted electronically (other than by facsimile) to a person outside of The Inner Vyou Ltd’s IT system or transmitted over a wireless network uses encryption to protect the security of the transmission.
iii. To use adequate measures for any other Confidential Information (e.g., encryption, encoding/tunnel connection (VPN = Virtual Private Network), electronic signature, logging, transport security).
• Data entry control measures to ensure that it is possible to check and establish whether and by whom Confidential Information has been input into data processing systems, modified, or removed by logging and log evaluation systems;
• Subcontractor supervision measures to ensure that, where the The Inner Vyou Ltd is permitted to subcontract under the Services Agreement and any part of the Services involves (i) the processing of Confidential Information, (ii) access to systems through which access to Confidential Information may be gained or (iii) the fulfilment of information security functions, the Service Provider shall (a) notify The Inner Vyou Ltd of the relevant subcontractor(s) and (b) execute formal agreements with each approved subcontractor that require the subcontractor to implement security controls at least as stringent and comprehensive as those provided in the Services Agreement and this Description of the technical and organisational security measures.
• Measures to ensure that Confidential Information is protected from accidental destruction or loss including, as appropriate and without limitation, data backup (mirroring of data), retention and secure destruction policies, secure offsite storage of data sufficient for disaster recovery, uninterrupted power supply, and disaster recovery and emergency programs;
• Measures to ensure that data collected for different purposes can be processed separately including, as appropriate and without limitation, physical or adequate logical separation of client data (e.g., “internal client capability”/purpose limitation, separation of functions as production and test).
• The ability to correct, delete or block the Confidential Information processed on behalf of The Inner Vyou Ltd only in accordance with the instructions of The Inner Vyou Ltd. Should a data subject directly contact the The Inner Vyou Ltd requesting the correction or deletion of his data, The Inner Vyou Ltd address this request without undue delay.
• Upon the earlier of the termination of the processing activities under the Services Agreement or The Inner Vyou Ltd’s demand, the return or secure destruction (as determined by The Inner Vyou Ltd) of the Confidential Information processed in connection with the delivery of the Services under the Services Agreement. Secure destruction shall include numerous overwriting of hard drives in accordance with recognised industry standards and confidential disposal of data carriers through specialised vendors with prior demagnetisation of storage media. The same applies to test material and discarded material. Records of any deletions or destructions must be presented to The Inner Vyou Ltd upon demand.
• Reporting incidents to The Inner Vyou Ltd that threaten or may threaten the Service Provider’s IT systems, including any unauthorised access, disclosure or use of Confidential Information or a compromise of the security, integrity, confidentiality or availability of the Service Provider’s IT system or Confidential Information (“Security Incident”) within 24 hours of the Security Incident being detected by notifying us.
Contacting The Inner Vyou Ltd
If you have any questions about our Privacy Notice, please do not hesitate to contact us at:
Cosmin Gabriel Sofron
The Inner Vyou Ltd
71-75 Shelton Street
Covent Garden, London
You may also email us at email@example.com
This Privacy Notice is provided on behalf of The Inner Vyou Ltd. (registered office 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom, registered number 11907583).