Your Rights and Choices
The privacy law of the jurisdictions to which Pythian is subject grants you certain rights with respect to your personal information and choices you can make to ensure your information is used for the purposes for which you provided it. The law does not make these rights absolute, and the law also determines the exceptions that apply or the circumstances where the exercise of your rights has limitations. The following information is provided to you so that you can better understand your rights and the choices you can make, including how to make a complaint in the event that you believe Pythian has not handled your information in accordance with applicable legislation:
- PIPEDA in Canada requires that we only collect personal information with your consent, and only collect the amount of information that is essential to the business transaction.
You have the right to expect that your personal information will be protected by Pythian using appropriate security safeguards. This privacy policy should be understandable to you, and if you require any clarification, you have the right to ask for them and obtain a satisfactory response. Finally, if you have a complaint, you have the right to present it to Pythian. If you think Pythian is not in compliance with PIPEDA you may opt to file a complaint with the Privacy Commissioner Office. It is important that you know that PIPEDA does not apply to an employee’s name, title, business address, telephone number and email address, which Pythian collects, uses and discloses solely for the purposes of communicating with you in the course of our business relationship with you. For more information about your rights and responsibilities with respect to your privacy, visit https://www.priv.gc.ca/en/about-the-opc/publications/guide_ind/. - GDPR became effective on May 25, 2018, and it applies consistently in all EU member states. GDPR gives people more control over their personal data while at the same time enabling the free flow of data. For more information about your rights under EU law, visit https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/my-rights_en. If you think that Pythian has used your personal information in a way that is not consistent with this privacy policy, there are actions you can take about it, including involving the national data protection authority. For more information about actions you can take, visit https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens/redress_en.
- Upon Brexit, the UK is no longer part of the EU and therefore the EU GDPR does not automatically apply in the UK. Companies in the UK will be subject to the EU GDPR if they meet the threshold required for any non-EU company. With that said, the UK’s Data Protection Act of 2018 (DPA 2018) had already enacted the EU GDPR’s requirements into UK law, and with effect from January 1, 2021, the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 amended the DPA 2018 and merged it with the requirements of the EU GDPR to form a new, UK specific data protection regime, known as the UK GDPR. If you require more detailed information about your rights and obligations under the UK GDPR, visit https://ico.org.uk/your-data-matters/.
- The Australia Privacy Act 1988(Cth) provides individuals with greater control over their personal information. For more information about your rights and responsibilities under the Privacy Act, please visit https://www.oaic.gov.au/privacy/the-privacy-act/rights-and-responsibilities/.