×

WHO WE ARE

Synergy Commercial Lighting Ltd (“we”, “us”, “our”) is lighting manufacturing enterprise based in Hoddesdon, United Kingdom. We build and offer Commercial lighting products and services to design and build professionals and contractors.

OUR CORE VALUES


At Synergy Commercial Lighting Ltd, privacy and ethics are at the core of our business: We are transparent, and we use data responsibly. We will never use personal data for unlawful or illegitimate purposes, and we work under the principles of the privacy legal regulations. We are continuously improving: We keep up with the latest global regulations updates and technology trends to progressively improve our solutions.

WHAT IS A PRIVACY NOTICE?

Sometimes, when you use our website or platform, we may collect personal data that is relevant and necessary for our essential activities. Please note that we will only collect your personal data for marketing purposes if you previously consent to this type of activity.

This privacy notice is the document we have created to keep you informed about our activities involving your personal data and your legal rights regarding how we collect, use, share, store, protect, and delete your information.

WHAT IS PERSONAL DATA?

Personal data is any information related to an identified or identifiable natural person, such as names, surnames, location data, home address, identification card number, e-mail address, internet protocol (IP) address, financial information, etc.

It includes any data or set of information that could be linked to you and used to contact, locate, or track you.

WHAT PERSONAL INFORMATION WE DIRECTLY COLLECT FROM YOU

To provide the best possible experience for you when surfing on our website or using our products, we may directly collect your names, surnames, credentials, e-mail addresses, telephone numbers, home addresses, financial information, and information about your working position in your company.

When subscribing to our services, you may decide to add, collect, organise, and manage Personal Data of your customers, team colleagues or vendors on Synergy.

We at Synergy process such data as a processor under your direction. You as a data controller, are responsible for complying with data privacy rights for any regulations or laws using the Synergy subscription service.

This policy covers how we collect, store, use and process your personal data.

WHAT PERSONAL DATA WE COLLECT BY AUTOMATED SOURCES

We may also collect information through cookies and other similar technologies (e.g: Google Analytics) about how you use our products and navigate through our websites, such as dates of access to the platform, IP address, how much time Synergy is used, and what features the user has been using.

This personal information may be collected by the time you register on our website or platform or during your experience using our products or engaging in our services.

We can guarantee that this personal information is collected and processed purely for our essential activities, such as to improve our platform’s performance, features, and security or to fix bugs.

For more information about cookies and automated technologies, see Cookies & Data Analytics.

HOW WE USE YOUR PERSONAL INFORMATION

We will only use your personal data for legitimate purposes regarding our essential activities and under very specific legal permissions:

1. To guarantee the performance of our contract:

   •  Register you on Synergy and set up a user account;

   •  Use cookies that track and collect information related to your user account, language settings and log in details;

   •  Send you administrative communication, privacy, and technical alerts;

   •  Improve our products, services, and the user’s experience;

   •  Fulfill your requests, complaints, or questions regarding the products and services, and

   •  Process and send you payments and transactions related documents, such as invoices;

   •  Send you an e-mail informing you about major updates on our services, changes to our policies and terms and conditions; and

   •  Create and keep an entry in our CRM about your user account for account management purposes.

2. With your consent we:

   •  Send you our newsletter,

   •  Send you marketing content, and

   •  Improve and administer our website by collecting information through optional data analytics’ cookies.

3. To fulfill our legitimate interests:

   •  Contact you about new products and features we think you may be interested in unless you actively opt-out, and

   •  Generate trend’s insights for us to improve our marketing and advertising activities. Where possible we will always anonymize and aggregate data.

4. To improve our information security measures according to the applicable regulations;

5. To fulfill legal obligations when demanded by administrative, governmental, or judicial authorities, and

6. For other necessary purposes upon the customers and users further notification.

FOR HOW LONG DO WE KEEP YOUR DATA AND HOW WE STORE IT

We will only keep your personal data stored for as long as you use our platform and services.

Once our relationship ends, your personal data will be eliminated in conformity with our information security policies, although we may retain some personal information that is strictly necessary to comply with legal or governmental obligations:

   •  Financial and transactional data: 7 years

   •  Synergy user account details: immediately upon termination or after 2 years since last login

   •  Contracts and legal documentation: 10 years after expiry

   •  Synergy aggregated user data for internal statistical purposes and analytics – indefinite

At Synergy, the security of the personal data we collect from our customers and users is a high priority and we make sure to adopt the proper technical, organisational, and administrative measures to protect the information we hold in our websites and products against loss, unauthorised access, misuse, modification, or destruction.

We use Amazon Web Services (AWS) in Ireland to store all collected data through our Synergy platform. AWS possesses strong physical and technological security programs, such as:

   •  Access control management

   •  Multi-factor authentication

   •  Automated threat detection and analysis

   •  Automated monitoring and incident-correcting tools

   •  Data recovery tools, and

   •  Data encryption

For more information about the AWS information security standards, please check: https://aws.amazon.com/pt/compliance/data-privacy-faq/ and https://aws.amazon.com/pt/security/

Besides, we:

   •  Follow the ISO/IEC 27001:2013 guidance when managing our security tools and designing our information security program,

   •  Use client-side encryption on our website before sending any personal information to our cloud storage service, and

   •  Require our collaborators to sign Non-Disclosure Agreements and complete security and data privacy training.

DO WE SELL YOUR DATA?

We never sell personal data.

Despite that, in conformity with the California Consumer Privacy Act, we do engage in personal data sharing activities that could be considered “sales” under the CCPA, such as sharing commercial information, identifiers, or virtual network activity with advertising companies or website analytics companies.

Because you have the right to not have your personal data sold, if you wish to opt-out from these personal data transfers (“sales”), send an e-mail to dpo@synergycreativ.com to learn more and fill out your request.

THIRD-PARTY SHARING

We share personal information from our customers and users with third parties outside Synergy under the very limited circumstances and specific purposes below:

 •  Vendors: We may share personal data with third-party vendors, consultants, or service providers who perform tasks on our behalf, such as data analytics companies (e.g., Google Analytics), payment processing providers (e.g.: Stripe), email providers (e.g.: Hubspot and eShot), technology aid platforms (e.g. OGL ProfitIT and Hubspot ) and cloud service providers (e.g.: Amazon Web Service)

 •  National Security Authorities or Law Enforcement: Synergy may share personal information upon the valid request from a public authority to meet legal obligations or law enforcement requirements.

Synergy is responsible for background checking our vendors to ensure that such companies process your personal information in conformity with the applicable data privacy regulations – including the LGPD, UK GDPR, DPA 2018, PECR, the EU GDPR, and CCPA – and information security standards.

INTERNATIONAL DATA SHARING

The personal information we collect from our customers and users may be transferred internationally to third parties vendors, consultants, or server providers located in a foreign country.

For instance, we share personal information with Amazon Web Services (Ireland), Stripe (US), Google Analytics from Google (US), where the personal data will be stored and processed on our behalf. Because we use Amazon Web Services (AWS) as our database, any data we collect will be stored within the EEA in AWS Ireland.

Regarding users from the EEA or the UK, Synergy informs that the international transfer of personal data to the United States or other non-EEA countries relies on the Adequacy Decisions, as adopted by the European Commission based on Article 45 of Regulation (EU) 2016/679 (GDPR) and International Data Transfer Agreements, or where applicable, approved Corporate Binding Rules.

We also periodically monitor the circumstances concerning international transfer to the United States or to other non-EEA countries to guarantee that these maintain a level of privacy protection equivalent to the one demanded by the UK GDPR and EU GDPR.

Your personal data is always going to be protected in accordance with this Privacy Notice wherever it is possible.

COOKIES AND DATA ANALYTICS

Cookies are pieces of data collected from your activities on a website that are stored by your browser in your device and programmed to remember your information and preferences such as login information, location, language preferences, time spent logged in, most used features, among others.

Synergy’s website and products may place cookies on your browser to improve our customers’ and users’ experiences, assist navigation, improve and administer our website and gather insights for further improvement of our technologies.

To specify, we classify the current cookies we have in place and their purposes in the categories below:

1. Essential cookies: used to be able to access our products and website. Those cookies are related to offering and maintaining our products and services, their use is obligatory and you can’t opt-out from them. Currently, the essential cookies we place in your browser when you access our website and products are:

     • “pq_accessToken” for authentication;

     • “pq_refreshToken”  to refresh the authentication token;

     • “pq_loginSessionId”  to complete the multi-factor authentication, and

     • “pq_selectedLocale” to define the website’s language.

2. Optional cookies: Be aware that, unlike the essential cookies, you can opt-out from any optional cookies. We use Google Analytics – a data analytics service provider – on our website as an automated tracking tool to gather data and generate statistic reports for further analysis:

     • IP address;

     • Country of access;

     • Tracking which website pages our users were accessing before visiting our website;

     • Identifying when the users are visiting our website;

     • Identifying how long the users stay on our website;

     • Tracking what activities the users performed on our website (e.g. book a demo of -our products, read our policies, etc), and

     • Identifying which pages from our website the users have visited.

INFORMATION SECURITY

At Synergy, the security of the personal data we collect from our customers and users is a high priority and we make sure to adopt the proper technical, organizational, and administrative measures to protect the information we hold in our websites and products against loss, unauthorized access, misuse, modification or destruction.

We use Amazon Web Services to store all collected data. AWS possesses strong physical and technological security programs, such as:

  • Access control management;

  • Multi-factor authentication;

  • Automated threat detection and analysis;

  • Automated monitoring and incident correcting tools;

  • Data recovery tools, and

  • Data encryption.

For more information about the AWS information security standards, please check: https://aws.amazon.com/pt/compliance/data-privacy-faq/ and https://aws.amazon.com/pt/security/

Besides, we follow the ISO/IEC 27001:2013 and 27701:2019 guidance when managing our security tools and designing our information security program.

We also use client-side encryption on our website before sending any personal information to our cloud storage service.

At last, all of Synergy’s collaborators are required to sign Non-Disclosure Agreements and complete security and data privacy training.

INCIDENT MANAGEMENT

In case of an unlikely incident regarding information security and the integrity of the personal information we hold, we adopt a series of administrative and technical measures to mitigate damage and stay compliant to the privacy regulations, such as:

   •  Data Recovery

   •  Response Plan for incidents

   •  Business Continuity Plan

   •  Data Protection Impact Assessment

KNOW YOUR RIGHTS

You can always request the access, review, amendment, update, and elimination of any personal information we have been holding about you.

Moreover, you have the right to opt-out (deny consent) from certain services we provide, such as receiving our newsletter, our marketing, and advertising emails or certain cookies.

Have in mind that we can still store some of our users’ anonymized personal information, as it is not possible to directly link it to their identity. We may also retain some personal information that is strictly necessary to comply with legal or governmental obligations.

Besides, be aware that opting out from our services or restricting consent to have your personal data collected may impair your experience with the website or with our platform and can even diminish the available features on our products.

To exercise these or any of the data subject rights available under the GDPR, click here.

THE CALIFORNIA CONSUMER PRIVACY ACT – CCPA

If you’re a California resident, you have certain rights concerning your personal information under the California Consumer Privacy Act:

 •  The right to know what personal information we have collected used and stored in the past 12 months;

 •  The right to know how we have been using your personal information in the past 12 months;

 •  The right to know what is the purpose of using your personal data;

 •  The right to ask us to delete your personal data from our database (certain conditions and restrictions that may apply);

 •  The right to opt-out from any activities considered to be “sale” under the CCPA: we do not sell, trade, share, or rent personal data for commercial purposes. See more in the section “DO WE SELL YOUR DATA?”, and

 •  The right to not be discriminated against when exercising any of your rights concerning privacy.

In the sections “WHAT PERSONAL INFORMATION WE DIRECTLY COLLECT FROM YOU” “WHAT PERSONAL DATA WE COLLECTED BY AUTOMATED SOURCES”, and “HOW WE USE YOUR PERSONAL INFORMATION” you can find a detailed description of what kind of personal data we collect from you and how we use it in our activities.

In the past 12 months, Synergy has collected data such:

 •  Identifiers such as name, email address, phone number, and IP address;

 •  Personal information categories that are listed in the California Customer Records statute, such as names, contact information, and employment information.

 •  Commercial information such as transaction and payment information.

 •  Internet or network activity records when using our products, such as time spent on the platform, features used, among others.

 •  Professional or employment-related information, such as job title and your business contact information.

To exercise your rights under the CCPA or request further information on the topic, please contact us.

PRIVACY UPDATES

As we exponentially improve our products and website, we may also update this Privacy Notice from time to time. It is your responsibility to periodically check this document and maintain yourself informed about eventual changes in our activities regarding personal data.

We will let you know about the privacy updates on our website, either by changing the date on top of this document or by posting a notice on our homepage.

We will also notify you by sending you an email whenever we update our Privacy Notice.

CONTACT US

If you have questions, complaints, or requests about your personal data or privacy rights, let us know how we can help.

Controller Details:

Synergy Commercial Lighting LTD

Unit 4, Charlton Mead Lane, HODDESDON,

HERTFORDSHIRE EN11 0DJ

Data Protection Officer: Operations@synergycreativ.com

Synergy Newsletter

Subscribe to the Synergy newsletter today for new product information, special offers, hints and tips, plus broader lighting industry news.

Optimized by Optimole