Contact Information Nine is a service provided by Satigo. SATIGO’s appointed Data Protection officer is Joanne Shand (Director). If you have any questions regarding our data policies, please feel free to email us at datapolicy@satigo.com or call us on +44 (0) 2072 563 210. Cookie Policy SATIGO uses cookies which are necessary for the proper functioning of its websites. SATIGO may also use cookies, subject to your preferences, to improve your experience, to remember log-in details, session management, to provide secure log-in, collect statistics, to optimise sites functionality and to deliver content tailored to your interests. These cookies are needed to provide basic functionalities as you browse around SATIGO websites. These capabilities include cookie preferences, load balancing, session management, language selection, and checkout processes. These cookies ensure the site is performing the requested task and collect data for audit purposes. The information that is collected is aggregated for analysis. Our cookie policy automatically pops up when browsing our website for the first time, and remembers your choice for 30 days. By using the site or clicking on “Accept”, we assume you agree to this. If you wish to decline our cookie policy, please leave our website immediately. Satigo Privacy Standard Policy 1. Introduction This Privacy Standard sets out how SATIGO (we”, “our”, “us”, “the Company) handle the Personal Data of our clients, candidates, suppliers, employees, workers and other third parties. This Privacy Standard applies to all Personal Data we Process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients, candidates, supplier contacts, shareholders, website users or any other Data Subject. This Privacy Standard applies to all Company Personnel (“you”, “your”). You must read, understand and comply with this Privacy Standard when Processing Personal data on our behalf and attend training on its requirements. This Privacy Standard sets out what we expect from you in order for the Company to comply with applicable law. Your compliance with this Privacy Standard is mandatory. From time to time we may provide further guidance to help you interpret and act in accordance with this Privacy Standard. You must also comply with all such further guidance. Any breach of this Privacy Standard may result in disciplinary action. This Privacy Standard (together with any further guidance we may give you) is an internal document and cannot be shared with third parties, clients or regulators without prior authorisation from the DO. 2. Scope P Type here to search We recognise that the correct and lawful treatment of Personal Data will maintain confidence in the organisation and will provide for successful business operations. Protecting the confidentiality and integrity of Personal Data is a critical responsibility that we take seriously at all times. We are exposed to potential fines of up to wat we lake semoussy ac an unes. we ale exposeu to polenual amnes o1 up lo eunzu million (approximately £18 million) or 4% of total worldwide annual turnover, whichever is higher and depending on the breach, for failure to comply with the provisions of the GDPR. We are responsible for ensuring all Company Personnel comply with this Privacy Standard and will implement appropriate practices, processes, controls and training to ensure such compliance. The DPO is responsible for overseeing this Privacy Standard and, as applicable, developing Related Policies and Privacy Guidelines. That post is held by Joanne Shand. Please contact the DPO with any questions about the operation of this Privacy Standard or the GDPR or if you have any concerns that this Privacy Standard is not being or has not been followed. In particular, you must always contact the DO in the following circumstances: P Type here to search • if vou are unsure of the lawful basis which you are relying on to process Personal Data (including the legitimate interests used by the Company) (see section 4.1 below); if vou need to relv on Consent and/or need to capture Explicit 0 5 0 + New • Edit Page (VI N Nine landing page – Figma X a Steal Our SEO Repo… 6 Popup Maker all Insichts 1 Paraphrasing Tool |.. E Google Docs • Learn Dashboard | i… Hi site admin Other bookmarks Q . if you need to rely on Consent and/or need to capture Explicit Consent (see section 4.2 below); if you need to draft Privacy Notices (see section 4.3 below); if you are unsure about the retention period for the Personal Data being Processed (see section 8 below); • if you are unsure about what security or other measures you need to implement to protect Personal Data (see 9.1 below); • if there has been a Personal Data Breach (section 9.2 below); • if you are unsure on what basis to transfer Personal Data outside the BEA (see section 10 below); if you need any assistance dealing with any rights invoked by a Data Subject (see section 11 below); whenever you are engaging in a significant new, or change in, Processing activity which is likely to require a DPIA (see section 12.4 below) or plan to use Personal Data for purposes others than what it was collected for; If you plan to undertake any activities involving Automated Processing including profiling or Automated Decision-Making (see section 12.5 below); If you need help complying with applicable law when carrying out direct marketing activities (see section 12.6 below); or if you need help with any contracts or other areas in relation to sharing Personal Data with third parties (see section 12.7 below). 3. Personal data protection principles We adhere to the principles relating to Processing of Personal Data set out in the GDPR