If you are visiting the APIMS website or are a user of APIMS software as a service, this is where you can find all you need to know about how we use your personal information (referred to here as “your Information”) and also about your rights and how to exercise them.

We are APIMS Limited and we are the “controller” of your Information, which means we are answerable to you and to the ICO* for how we collect, use, share, store and protect it.

* Information Commissioner’s Office, the UK’s data protection regulator.

We make this Privacy Promise to everyone whose Personal Information we process:

We will be open and honest with you about our use of your Information.

We will only use and share your Information as described in our Privacy Notices

We will explain below why it’s lawful for us to use your Information for each purpose

We will not collect more of your Information than we need for these purposes

We will work with you to make sure your Information is accurate and kept up to date

We will tell you how long we are legally permitted or required to keep your Information

We will uphold your Privacy Rights respond quickly to any requests and concerns you raise

We will protect your Information and respond appropriately to threats and incidents.

If you are a registered APIMS user

Login Credentials

We need to control access to APIMS in order to protect our customers’ information, our software and the systems on which APIMS is hosted.

We therefore require you to provide your name and login credentials (usually your email and password but may include your mobile phone number for multi-factor authentication), which we and our third party service providers then use to authenticate your login requests and grant you access to APIMS.

Our use of this Information is lawful because it is necessary for us to fulfil our legitimate interests and those of your organisation in protecting our respective information and assets. We believe that this use of your Information does not adversely affect you or your rights.

We will keep this Information for as long as you require access to APIMS and destroy it upon receipt of instructions from you or your organisation that access is no longer required.

Usage data

We use cookies in the APIMS software to understand how people and organisations are using it. Although technically it would be possible to trace usage data back to you, we don’t do that but we do analyse aggregated (i.e. anonymous) data to identify usage patterns for the purpose of improving both the product and the user experience.

Anonymising and aggregating your Information to help produce statistical data is lawful because we have a legitimate interest in improving our products and services and anonymising your Information does not put it or your rights at risk.

If you visit our website

We use cookies to collect limited data (see our Cookie Notice)

We only keep this cookie data in identifiable form for a matter of hours or, at most, a few days because we cannot use it until it has been aggregated and, therefore, rendered anonymous.

Using cookies to collect this data is lawful because you consent to it. You can withdraw your consent at any time by clicking on the cookie cutter in the bottom left corner of our site.

If you provide feedback or testimonials

We may occasionally ask you for feedback or you may send us unsolicited feedback about our service. If we quote your comments in our marketing and advertising, we will only identify you and your organisation if you have consented.

Otherwise, we will only publish your initials and the type of organisation you represent to indicate that the quote is genuine.

If we market our products and services to you

We will use your business contact details to send you information about APIMS and related services that we think may be of interest to you. We will always give you a clear opportunity to “opt-out” at any time.

Business to business marketing via email and post is lawful because it is necessary for the pursuit of our legitimate interests and we have performed an assessment, which determined that these interests were not overridden by your personal information rights and freedoms.

We only keep this cookie data in identifiable form for a matter of hours or, at most, a few days because we cannot use it until it has been aggregated and, therefore, rendered anonymous.

Your Information will only be processed in the UK. If this changes, we will put in place legally binding measures, approved by the ICO, to ensure that our processing of your Information complies with UK law and we will provide details in this Privacy Notice.

We engage a number of third parties to provide IT services, including Microsoft (Azure Cloud hosting, MS 365 Office suite) and Input Squared (software development).

They have access to data, which may include your Information, on our website and on the systems they operate for us but only where necessary to maintain and support those systems.

Your Information is also encrypted so, in many cases, even those third parties will not be able to see it in identifiable form.

We would disclose your Information if required to do so by law, for example, under a court order.

In the event that APIMS is acquired by another company, your Information will be passed to them so they can continue to provide the APIMS service and to process your Information in accordance with the applicable Terms and Conditions and this Privacy Notice.

If you are a registered APIMS user

Login Credentials

We will keep your login credentials Information for as long as you require access to APIMS and destroy it upon receipt of instructions from you or your organisation that access is no longer required.

APIMS Cookies

We only keep this cookie data in individually attributable form for hours or, at most, a few days as we cannot use it until it has been aggregated and, therefore, rendered anonymous.

If you visit our website

For details of how long we keep various types of data collected by cookies on our website, please see our Cookie Notice.

If you provide feedback or testimonials

We will review the published testimonials on our website each year and offer you options to Keep, Edit or Remove your testimonial.

You can also ask us to remove a testimonial at any time.

If we market our products and services to you

We keep marketing contact details under review and delete them when:

You ask us to stop sending you emails, e.g. by “opting-out” or “unsubscribing”

We see that emails we send you have not been opened for six months

We see that emails we send you have been opened but we have had no response from you for two years.

Your Personal Information is just that – it’s personal and it’s yours – so we will make sure it’s easy for you to take control of it.

These are your legal rights and the ICO will help you to enforce them if we slip up:

Right of access to your Information – we will provide you with a copy of the Information we hold

Right to have inaccurate or out of date Information corrected

Right to unsubscribe from marketing messages and emails

Right not to be profiled for marketing purposes (we don’t do this anyway)

Right to restrict processing of your Information in certain circumstances

Right to have your Information deleted in some circumstances

Where the lawful basis for our processing is your consent, you may withdraw it at any time

Right to make a complaint to the ICO (see “Lodging a complaint” below).

If you tell us you want to exercise your rights, we’ll confirm that we have received your request and let you know if we need anything else from you, then we will respond as quickly as possible and, in any case, within a month.

Lodging a complaint

If we fail to respond within a month when you send us a request to exercise any of these rights, or if you are unhappy about the way we are handling your Personal Information, you can lodge a complaint by contacting.

If you are not happy with our response or handling of your complaint, you have the right to report your concern to the Information Commissioner’s Office, whose contact details can be found on their website at: www.ico.org.uk/global/contact-us.

If you have any questions or concerns about our handling of your Information, you can contact our Data Protection Officer at: [email protected]

Our registered address is APIMS Limited, Stanley House, Phoenix Park, Blackburn, BB1 5RW, United Kingdom

Registered Company No. 13109590. ICO Registration number: ZB028265