This privacy statement was last updated on April 3, 2023.

Introduction

Elenox Networks & Developments is strongly committed to the protection of personal data. This privacy statement describes why and how we collect and use personal data and provides information about the rights of individuals in relation to personal data. It applies to personal data provided to us, both by the individuals themselves and by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the time of collection.

As used in this privacy statement, "Elenox Networks and Developments," "we," "us," and "us" refer to the Elenox Networks and Developments network and/or one or more of its member firms that may process your personal information. Each member firm of the Elenox Networks and Developments network is a separate legal entity.

This privacy statement also applies to personal data that may be provided to the global strategy consulting firm of Elenox Networks & Developments, either by the individuals themselves or by others.  We may use personal information for any of the reasons described in this statement or as otherwise indicated at the time of data collection by Elenox Networks and Developments.

Elenox Networks and Developments processes personal data for a number of purposes. Our policy is to be transparent about why and how we process personal data.

For more information about our specific processing activities, go to our processing activities.

Our legal basis for processing your personal data

Local law may require us to set out in this privacy statement the legal grounds on which we rely to process your personal information. In such cases, we rely on one or more of the following processing conditions:

our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our business and the legitimate interests of our customers in receiving professional services from us as part of the operation of their organization (provided that these do not interfere with their rights);

our legitimate interests in developing and improving our business, services and offerings and in developing new technologies and offerings from Elenox Networks and Developments (provided that they do not interfere with your rights);

to satisfy any legal, regulatory or professional body requirements of which we are a member (for example, for some of our services, we have a legal obligation to provide the service in a certain way);

to fulfill our obligations under a contractual agreement with you; or where no other processing conditions are available, if you have agreed to us processing your personal information for the relevant purpose.

Transfers of personal data

Cross-border transfers

If we process your personal information, your personal information may be transferred to and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.

We may share personal data with other Elenox Networks and Developments member firms as necessary in connection with the purposes described in this privacy statement. For example, when we provide professional services to a client, we may share personal information with Elenox Networks and Developments member firms in different territories that are involved in providing advice to that client.

Third-party suppliers

We may transfer or disclose the personal data we collect to third party contractors, subcontractors and/or their subsidiaries and affiliates. Third parties support the Elenox Networks and Developments network in the delivery of its services and help provide, run and manage IT systems. Examples of third party contractors we use are providers of identity management, website hosting and management, data analytics, data backup, security and cloud storage services. The servers that power and facilitate our IT infrastructure are located in secure data centers around the world, and personal data may be stored in any of them.

Third-party vendors may use their own third-party subcontractors who have access to personal data (sub-processors). Our policy is to use only outside vendors who are obligated to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by Elenox Networks and Developments, and to pass those same obligations on to their sub-processors.

Other disclosures

We may also disclose personal information in the following circumstances:

with professional advisors, e.g., law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the operation of our business. Personal data may be shared with these advisors as necessary in connection with the services for which they have been engaged;

when explicitly requested by you;

when necessary to deliver publications or reference materials requested by you;

when necessary to facilitate conferences or events organized by a third party;

To law enforcement, regulatory and other governmental agencies and professional bodies as required and/or in accordance with applicable law or regulation. Elenox Networks and Developments may also review and use your personal information to determine whether disclosure is required or permitted.

Our processing activities

For more information, go to the sections of this statement that are relevant to you.

Business contacts

Corporate customers (and individuals associated with our corporate customers)

Personal customers

Individuals using our applications

Individuals whose personal data we obtain in connection with the provision of professional services to our clients.

web sites

Marketing activities

Others who contact us

Recruitment applicants

Suppliers (including subcontractors and persons associated with our suppliers and subcontractors)

Elenox Networks and Developments personnel (partners, staff and contractors)

Insolvency and restructuring

Visitors to our offices

Security

We have implemented generally accepted standards of technology and operational security to protect personal information from loss, misuse, alteration or destruction. Only authorized persons have access to personal information; such persons have agreed to maintain the confidentiality of this information.

Although we use appropriate security measures once we have received your personal data, data transmission over the Internet (including e-mail) is never completely secure. We strive to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.

Your legal rights in relation to personal data

You may have certain rights under local law in relation to the personal information we hold about you. In particular, you may have legal rights to:

obtain confirmation as to whether we process personal data about you, receive a copy of your personal data and obtain certain other information about how and why we process your personal data

the right to request that your personal data be amended or rectified if it is inaccurate (for example, if your address changes) and that incomplete personal data be completed

Right to delete your personal data in the following cases:

the personal data are no longer necessary in relation to the purposes for which they were collected and processed;

our lawful basis for processing is consent, you withdraw consent and we have no other lawful basis for processing;

our lawful basis for processing is that the processing is necessary for the legitimate interests pursued by us or a third party, you object to the processing and we do not have overriding legitimate grounds;

objects to processing for direct marketing purposes;

your personal data has been unlawfully processed; or

your personal data must be deleted in order to comply with a legal obligation to which we are subject.

The right to restrict the processing of personal data in the following cases:

for a period of time to allow us to verify the accuracy of the personal data when you dispute the accuracy of the personal data;

your personal data has been unlawfully processed and you request restriction of processing instead of deletion;

your personal data are no longer necessary in relation to the purposes for which they were collected and processed, but you need them to establish, exercise or defend legal claims; or

for a period to enable us to verify whether the legitimate grounds on which we rely override your interests where you have objected to processing on the basis that it is necessary for the pursuit of a legitimate interest identified by us.

The right to object to the processing of your personal data in the following cases:

our lawful basis for processing is that the processing is necessary for a legitimate interest pursued by us or by a third party; or

our processing is for direct marketing purposes.

The right to data portability

The right to receive your personal data provided by you and the right to send the data to another organization (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contract with you and the processing is carried out by automated means.

The right to withdraw consent

Where we process personal data based on consent, individuals have the right to withdraw consent at any time. Generally, we do not process personal data based on consent (as we can generally rely on another lawful basis).

If you believe that the processing of your personal data infringes the law, you may have the right to lodge a complaint with the data protection regulatory authority responsible for enforcing data protection law in the country where you normally reside or work, or in the place where the alleged infringement occurred.

Changes to this privacy statement

We may update this privacy statement at any time by posting an updated version here. Then, when we make changes to this privacy statement, we will revise the revision date at the top of this page. The new revised or amended privacy statement will apply as of that revision date. Therefore, we encourage you to periodically review this privacy statement to stay informed about how we are protecting your information.

Contact us at

Use our general contact form to exercise a legal right in relation to your personal data, or an inquiry if you have a question or complaint about the handling of your personal data.