1. Introduction

NC Squared is committed to safeguarding the privacy of our website users, users of our Booking Engine and Distribution Engine software, and the personnel of our customers, prospective customers and suppliers. 

For users of our Booking Engine software, this policy should be read alongside our supplemental privacy policy for Booking Engine, available here:

https://nc-squared.com/privacy/booking-engine-privacy-policy

In addition, you can find information about the cookies and similar systems used on our website and by our applications here: https://nc-squared.com/privacy/nc-squared-limited-cookies-policy

In this policy, “we”, “us” and “our” refer to NC Squared Limited, NC Squared, Inc and our other group companies from time to time. Information about our group companies is set out at the end of this policy.

When does this policy apply?

This policy applies where we act as a "controller" of personal data. In most cases, we act as a controller. 

However, with respect to the personal data supplied to us under a support ticket, we do not act as a controller; instead, we act as a processor. Our legal obligations as a processor are set out in the contracts between us and our customers, and this policy does not apply with respect to our handling of that data.

{{nc-squared-privacy-overview="/utility/matrix"}}

2. The personal data we collect

In this table, we have set out the general categories of personal data that we process and information about the source and specific categories of that data.

{{nc-privacy-personal-data="/utility/matrix"}}

If you contact us via an online form, then metadata relating to that contact may be generated automatically by our systems. This could include the date and time of your contact, and associated usage and analytics data.

3. Purposes of processing and legal bases

In this table, we have set out the purposes for which we may process personal data and the legal bases of the processing under UK and EU data protection laws.

{{nc-privacy-processing="/utility/matrix"}}

Calendar, availability and booking data may be used in accordance with the privacy policy at: https://nc-squared.com/privacy/booking-engine-privacy-policy

Occasionally, we may process your personal data for a different purpose, but only where that purpose is compatible with the original purpose for which the data was collected, and subject always to applicable law.

Where we rely on legitimate interests to process personal data, we will ensure that those legitimate interests are recognised in law, or that we balance our interests with your own interests, rights and freedoms, ensuring that we protect these as required by law.

4. Providing your personal data to others

Our group companies (listed at the end of this policy) act as joint controllers of your personal data with respect to the processing described in this policy and may share personal data insofar as reasonably necessary for internal administrative purposes (this sharing is on the basis of our legitimate interests).

We may share your personal data with our services providers and providers of integrated services, as detailed at:

https://nc-squared.com/privacy/service-providers

Where that data is gathered by means of cookies and similar systems, our cookies policy explains the purposes for which those systems are used: https://nc-squared.com/privacy/nc-squared-limited-cookies-policy

We may also disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice. We may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We may disclose your personal data where such disclosure is necessary for the establishment, exercise, or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

5. International transfers of your personal data

We and our other group companies have offices in the UK and USA. Transfers to the USA will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the competent data protection authorities.

We may transfer your personal data from the European Economic Area (EEA) to the UK and process that personal data in the UK for the purposes set out in this policy, and may permit our suppliers and subcontractors to do so, during any period with respect to which the UK benefits from an adequacy decision under EU data protection law; and we may transfer your personal data from the UK to the EEA and process that personal data in the EEA for the purposes set out in this policy, and may permit our suppliers and subcontractors to do so, during any period with respect to which EEA states benefit from adequacy regulations under UK data protection law.

In addition, we may transfer your personal data to our services providers, and permit those services providers to transfer your personal data, in those jurisdictions detailed in the pages linked to in Section 4 above, subject to the specified safeguards.

6. Retaining and deleting of personal data

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

This table sets out our maximum data retention periods – in each case following the specified reference date.

{{nc-privacy-retaining-data="/utility/matrix"}}

Notwithstanding the foregoing, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or to protect your vital interests or the vital interests of another natural person.

7. Your rights

In this table, we have listed the key rights of individuals under UK and EU data protection law.

{{nc-privacy-rights="/utility/matrix"}}

These rights are available where UK and/or EU data protection laws apply but are subject to certain limitations and exceptions. You can learn more about the rights of data subjects, from a UK perspective, by visiting: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

You may exercise any of your rights in relation to your personal data by written policy to us, using the contact details set out below.

You also have the right under California Civil Code Section 1798.83 (the Shine the Light Law) to request certain information regarding the disclosure of your personal data to third parties for such third parties’ direct marketing purposes. We do not share your personal information with third parties for such purposes.

8. Third party websites

Our website includes hyperlinks to, and details of, third party websites. In general, we have no control over, and are not responsible for, the privacy policies and practices of third parties. The applicable privacy notice of the relevant third party will govern.

9. Children’s privacy

Our website is not intended for use by children and we do not knowingly collect personal data from children. If you have reason to believe that we may have accidentally received personal data from an individual under the age of majority, please contact us using the contact details set out below.

10. Updating information

Please let us know if the personal information that we hold about you needs to be corrected or updated – see below for contact details.

11. Amendments

We may update this policy from time to time by publishing a new version on our website. Any use of our website or applications after a new version of this policy has been published will be subject to that version. You should check this page occasionally to ensure you are happy with any changes to this policy.

12. Our details

Details of our group companies are set out in this table.

{{nc-privacy-our-details="/utility/matrix"}}

13. Personal data manager and registration

Our personal data manager with respect to our obligations under data protection law can contacted by writing to privacy@nc-squared.com.

If you have any complaints regarding our handling of personal data, please address them to the data protection manager.

We are registered as a data controller with the UK Information Commissioner’s Office. Our data protection registration number is ZB941157.

If you are unsatisfied with how your data has been processed, you may also lodge a complaint at the Information Commissioner’s Office.

Contact details for the Information Commissioner’s Office can be found at: https://ico.org.uk/global/contact-us/contact-us-public/

1. Introduction

Our website and our Distribution Engine and Booking Engine applications use cookies and local storage.

Insofar as cookies and local storage are not strictly necessary for the provision of our website and services or otherwise exempted, we will ask you to consent to their use when you first visit our website or use the relevant application.

This cookies policy should be read alongside our privacy policy at:

https://nc-squared.com/privacy-policy

Details of our business and companies are set out in that policy. 

For users of Booking Engine, that policy should be read alongside our supplemental privacy policy for Booking Engine, available here:

https://nc-squared.com/booking-engine/privacy-policy 

2. About Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

Cookies may not contain any information that personally identifies a user, but personal data that we store about you may be linked to the information stored in and obtained from cookies.

Local storage is a browser-based key–value store that lets a web application save data on a user’s device so it persists across page loads and browser sessions. Like a cookie, it can hold information about a user's preferences or previous actions (for example, remembering consent choices or UI settings) and then be read on later visits to adapt the page. The main difference is that, unlike cookies, local storage data is not automatically sent with every HTTP request; instead, JavaScript reads and writes it on the client side, so developers can use it as a "cookie‑like" mechanism for storing identifiers or state while avoiding extra traffic on each request.

3. Cookie Details

We and our services providers use cookies and local storage for the following purposes: 

{{nc-squared-cookies-policy="/utility/matrix"}}

4. Managing Cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser and from version to version. You can obtain up-to-date information about managing cookies via these links:

• https://support.google.com/chrome/answer/95647 (Chrome);
• https://support.mozilla.org/en-US/products/firefox/privacy-and-security (Firefox);
• https://help.opera.com/en/latest/security-and-privacy/ (Opera);
• https://support.apple.com/en-gb/guide/safari/welcome/mac (Safari); and
• https://support.microsoft.com/en-gb/windows/microsoft-edge-browsing-data-and-privacy-bb8174ba-9d73-dcf2-9b4a-c582b4e640dd (Edge).

Blocking all cookies will have a negative impact upon the usability of many websites. If you block cookies, you will not be able to use all the features on our website.

Policy

This notice contains information about how the Booking Engine service provided by NC Squared Ltd collects and processes personal data, and in particular personal data collected from users' calendar apps. 

In this notice, data collected from the calendar apps is referred to as "calendar data", data regarding the availability of participants derived from this is referred to as "availability data", and data describing specific bookings that is returned to the calendar apps is referred to as "booking data".

All data collection and processing will occur in the context of a contract between NC Squared and an NC Squared customer, referred to here as "our customer". Our customer may be your employer.

{{booking-engine-privacy="/utility/matrix"}}

Booking Engine will not use or transfer calendar data, availability data or booking data except as specified above.

We will never sell calendar data, availability data or booking data.

For the purpose of the UK and EU GDPRs, our customer will be a controller with respect to the processing activity referred to in this notice. For more information about how our customer uses personal data, see the customer's own privacy policy.

For more information about how we handle personal data, see the privacy policy on our website at https://nc-squared.com.

Introduction

This page contains information about the service providers we use – specifically those categories of services providers that may collect or process your personal data. 

For more information about how we handle personal data, including definitions of the personal data categories referred to on this page, see our privacy policies at:

https://nc-squared.com/privacy/nc-squared-limited-privacy-policy

https://nc-squared.com/privacy/booking-engine-privacy-policy

Unless stated otherwise, transfers of personal data to or by the service providers referenced below shall, where required by EU or UK data protection law, be protected by adequacy determinations or approved contractual protections. "Adequacy determinations" include, in the case of transfers of personal data to the US, a reference to the EU–US Data Privacy Framework and its extensions, including the US-UK Data Bridge; and "approved contractual protections" include the EU's Standard Contractual Clauses (sometimes referred to as the SCCs), the UK's International Data Transfer Agreement and the UK's International Data Transfer Addendum.

1. Relationships, Communications and Accounting

We use third party service providers to provide our customer relationship management systems, our accounting systems, communications systems and integrations between our various systems.

These services providers may process customer data, other communication data, endorsement data, usage and analytics data and/or marketing data.

Details of some of our key service providers in this category are set out below.

{{service-providers-relationships="/utility/matrix"}}

2. Research, Marketing and Analytics

We may use third party service providers to provide research, marketing and analytics services.

These services providers may process customer data, endorsement data, usage and analytics data, survey data and/or marketing data.

Details of some of our key service providers in this category are set out below.

{{service-providers-research="/utility/matrix"}}

3. Contracting and Workflows

We may use third party services providers to provide our contracting systems, calendars, and meeting note transcription services.

These services providers may process customer data and/or other communication data.

Details of some of our key service providers in this category are set out below.

{{service-providers-contracting="/utility/matrix"}}