This privacy notice is here to explain how we (Headforwards Solutions LTD) use and protect any information you give us whilst using our site. We want to ensure that your privacy is protected at all times.
This policy was last updated on 24th May 2018.
Whilst using our website, software applications or services, you may provide us your personal information (name, address, email, account details, etc.). We will use this information to administer our website, applications, client databases and marketing material. We will ensure that all personal information supplied is held securely in accordance with the General Data Protection Regulation (EU) 2016/679, as adopted into law of the United Kingdom in the Data Protection Act 2018.
How do we collect information?
Headforwards Solutions Ltd collects information in two possible ways:
When you directly give it to us (“Directly Provided Data”)
When you communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes or completing registration forms. All this information requires a direct action by you at that time in order for us to receive it.
When you give us permission to obtain from other accounts (“User Authorised Data”)
Depending on your settings or the privacy policies for other online services, you may give us permission to obtain information from your account with those other services. For example, this can be via social media or by choosing to send us your location data when accessing our website from your smartphone.
How long do we keep your data for?
Headforwards Solutions Ltd will not retain your personal information for longer than necessary. We will hold onto the information you provide either while your account is in existence, or as needed to be able to provide the Services to you, or (in the case of any contact you may have with our Customer Care team) for as long as is necessary to provide support-related reporting and trend analysis only.
If legally required, or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account or it is no longer needed to provide the Services to you.
Data we collect from job applicants
If you apply for a job with Headforwards we will collect and store the following information:
- Your name
- Your email address
- Your phone number
- Your CV
- Your nationality / citizenship status
We will only ever use this information to process your job application with us on the legal basis that it may lead to us entering into a contract of employment with you.
This information is stored within a system provided by Recruitee, all data submitted with a job application is stored within the EU. Recruitee have their own privacy and data protection measures which are fully GDPR compliant.
You have the option to receive further emails from us regarding new job opportunities, our news, tech learnings and event invites. If you select no, you will never receive these emails. You can unsubscribe from these emails from us by clicking the “unsubscribe” link at the bottom of any email or by contacting us at any time to request this.
We may contact potential candidates via social media to invite them to apply to a position. In the event that we do this we will record the social media contact information for that candidate. If a potential candidate asks us to stop contacting them in this way we will retain enough information on them to ensure that we do not contact them in the future.
Data from applicants will only be retained for the period necessary for us to conclude the recruitment process, however we may retain certain information such as your name and the result of the recruitment process to refer to in the event that you subsequently apply for another role in the future.
Data we collect from potential customers
If you fill in the contact form on our website we will collect the following information:
- Your name
- Your email address
- Your message
- Where you heard about us
We will only use this information to respond to your enquiry.
Customer information will be stored within our customer relationship management system on the basis that it is in our legitimate business interest to maintain records of communications with previous, current and potential customers.
This data is hosted by HubSpot, Inc. in the United States. HubSpot, Inc. has certified to the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for such transfers pursuant to Article 46 of the GDPR.
When you apply for a position or contact via our contact form you will also have the option to receive marketing communications from us. If you select no, you will not be added to our marketing mailing list.
We will periodically send marketing communications to you on the basis that you have given us consent to do so. You can withdraw your consent and unsubscribe from receiving marketing emails from us by clicking the “unsubscribe” link at the bottom of any email. Once you do this, you will no longer receive any marketing emails from us.
When you withdraw your consent for marketing communications we will retain that information about you to ensure that we comply with your wishes.
Data used for email marketing will be stored in Mailchimp. Mailchimp comply with the Privacy Shield Principles for all onward transfers of Personal Information from the EU and Switzerland, including the onward transfer liability provisions.
The controller of your personal data is Headforwards Solutions Ltd. Our registered address is The Engine House, Wheal Kitty, St Agnes. TR5 0RD. Our company registration number is 07576641, company registered in England and Wales.
Data Protection Officer
You can contact our Data Protection Officer by sending an e-mail with the subject line GDPR: DPO to the following address: email@example.com
Headforwards sends sales, commercial and marketing emails using a combination of Hubspot and Outlook (?).
Our Insights newsletters are sent monthly and include information on our services and insights and content relating to software development.
Contacts are automatically subscribed to our mailing list under legitimate interest. You can unsubscribe at any time from the mailing list at the bottom of all Headforwards newsletters. Please note this does not unsubscribe you from our CRM system and you may still be emailed by our team about your specific enquiry.
Recipients of the personal data
Headforwards manages its newsletter service internally. If at any point this service is outsourced, we may transfer your personal data to third party organisations who will provide this service for, and as directed by Headforwards.
Period of data processing
We will process your personal data until you withdraw your consent to receive newsletter from us or for as long as we will be sending the newsletter. You can unsubscribe from our newsletter at any time via the link at the bottom of all Headforwards newsletters.
Due to the fact that we process your personal data you can at any time:
- request access to your data and to correct any errors in it
- withdraw your consent to the processing of your personal data. Please send an email to firstname.lastname@example.org let us know if you would like us to delete your details
- object to the processing of your personal data, on grounds relating to your particular situation, which causes that you don’t want us to process your personal data due to our legitimate interest
- object to the processing of your personal data for direct marketing purposes
- receive personal data that you provided us with, agreeing for their processing or concluding agreement. You will get these data in a structured, commonly used, machine-readable format and you can send these data to another data controller (right to data portability)
- lodge a complaint with the competent supervisory authority if you think that we are processing your personal data with a violation of applicable regulations.
Necessity to provide personal data
Providing your personal data to Headforwards is voluntary, but necessary to engage our services and/or receive our newsletter.
We will not use your data for automated decision-making, including profiling.
Users of our website: The scope of data and recipients of any personal data
Our websites collect data about its users and their behaviour through:
- All contact forms on the website, where information is voluntarily provided
- Storing “cookies” on telecommunication end devices
- Collecting logs from web-servers
- Additional tools installed on website that allow to communicate with us or provide additional information on our users
We do not disclose information about our website users to any third parties.
Data provided in the website contact forms
- We collect data voluntarily provided by the users.
- We might collect additional data about your connection (like IP address, time stamp or user agent).
- Data provided in the form might contain client’s personal data. We do not pass this on to any third parties and follow GDPR regulations in how we use and store this data.
- We process the data appropriately to the purpose of given webform (e.g. to exercise service demand, reply to commercial communication or exercise recruitment process)
- Some data may be disclosed to entities that provide services on behalf of and on commission of Headforwards, (among others, to the entities that handle our contact forms, newsletter, e-mail, hosting, technical support, consulting services or auditing services).
Information about cookies
- Cookies record information about your online preferences and allow us to tailor the websites to your interests. Information supplied by cookies can help us to analyse your use of our sites and help us to provide you with a better user experience.
- Cookies are used on our Website to ‘remember’ information so that it can be passed from page to page and to collect website statistics. This statistical data collected may be used to help improve our Website and the services that we offer to you, but it is not used to identify you.
- Some cookies are used to store you session identifier, and if you are logged in, this might allow us for your identification.
- Restricting cookies in your browser’s settings might impact some functionalities on our websites. This might lead to improper functioning of our website on your browser.
- Some cookies might also be used by our partners (e.g. by our partners to display advertisements based on your usage of our website).
- We are logging some details on our users’ behaviour. This data is only used for server administration purposes and to make ensure our services are running as efficiently as possible.
- Browsed pages are identified through URL addresses.
- Additionally, we might log:
- Request and response times
- Any errors that might have occurred while processing HTTP requests 404 errors is a typical example of something we track
- Referrer link (the URL user came from)
- Details of user’s browser (User-Agent)
- IP address
- We do not identify particular persons based on that data.
The tools we’re using
We use a number of different tools on our website to ensure we are providing a positive experience to users of our website, to integrate our advertising systems, and to allow integration with our CRM system and social media channels.
Some of these tools set their cookies in order work correctly or send the data to the application’s producer servers.
|Google Analytics||Analysing how users interact with our website.|
|Google Tag Manager||Integration of online service, analytics systems, ads systems.|
|Google Ads||Ads monitoring and delivery via the Google Display Network “GDN”|
|Google Optimize||Tool allowing for A/B testing of design elements to tailor our website’s layout and interface with end users|
|YouTube||Integration with YouTube allowing for playing video files on our websites.|
|Hubspot||Includes forms integrated with automation system from Hubspot.|
|Microsoft Ads||Ads system for Microsoft Advertising.|
|Integration with Facebook Analytics and Facebook Ads.|
|Integration with LinkedIn service.|
|Integration with Twitter service.|
|Hotjar||Analysis of user actions to understand behavioural insights to better tailor our online service to suit the needs of the users|
|IP Lookup (ExtremeIP Lookup)||Determining user’s network and location and service provider for anonymous aggregation with Google Analytics. We do not store IP data and instead only aggregate ISP data for the purpose of network forensics and analysis.|
This list is kept up to date and any other tools integrated with our website are added. This list was last updated in September 2020.
What are cookies?
Cookies are small encrypted text files that are stored on your computer or other device when visiting this website.
What do cookies do?
Cookies record information about your online preferences and allow us to see how uses engage with our website to make sure we’re delivering a high quality user experience.
|_ga||Google Analytics||2 years||Used to distinguish users.|
|_gid||Google Analytics||24 hours||Used to distinguish users.|
|_gat||Google Analytics||1 minute||Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named dc_gtm<property-id>.|
|AMP_TOKEN||Google Analytics||30 seconds to 1 year||Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.|
|gac<property-id>||Google Analytics||90 days||Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.|
|__hs_do_not_track||Hubspot||13 months||This cookie can be set to prevent the tracking code from sending any information to HubSpot. Setting this cookie is different from opting out of cookies, as it still allows anonymized information to be sent to HubSpot. It contains the string "yes".|
|__hs_initial_opt_in||Hubspot||7 days||This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode. It contains the string "yes" or "no".|
|__hs_cookie_cat_pref||Hubspot||13 months||This cookie is used to record the categories a visitor consented to. It contains data on the consented categories.|
|hs_ab_test||Hubspot||Session||This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before. It contains the id of the A/B test page and the id of the variation that was chosen for the visitor. It expires at the end of the session.|
|<id>_key||Hubspot||14 days||When visiting a password-protected page, this cookie is set so future visits to the page from the same browser do not require login again. The cookie name is unique for each password-protected page. It contains an encrypted version of the password so future visits to the page will not require the password again.|
|hs-messages-is-open||Hubspot||30 minutes||This cookie is used to determine and save whether the chat widget is open for future visits. It is set in your visitor's browser when they start a new chat, and resets to re-close the widget after 30 minutes of inactivity. It contains a boolean value of True if present.|
|hs-messages-hide-welcome-message||Hubspot||1 day||This cookie is used to prevent the chat widget welcome message from appearing again for one day after it is dismissed. It contains a boolean value of True or False.|
|__hsmem||Hubspot||1 year||This cookie is set when visitors log in to a HubSpot-hosted site. It contains encrypted data that identifies the membership user when they are currently logged in.|
|hs-membership-csrf||Hubspot||Session||This cookie is used to ensure that content membership logins cannot be forged. It contains a random string of letters and numbers used to verify that a membership login is authentic.|
|hs_langswitcher_choice||Hubspot||Session||This cookie is used to save the visitor’s selected language choice when viewing pages in multiple languages. It gets set when an end user selects a language from the language switcher and is used as a language preference to redirect them to sites in their chosen language in the future, if they are available. It contains a colon delimited string with the ISO639 language code choice on the left and the top level private domain it applies to on the right. An example will be "EN-US:hubspot.com".|
|__cfduid||Hubspot||30 days max||This cookie is set by HubSpot’s CDN provider, Cloudflare. It helps Cloudflare detect malicious visitors to your website and minimizes blocking legitimate users. It may be placed on your visitors' devices to identify individual clients behind a shared IP address and apply security settings on a per-client basis. It is necessary for supporting Cloudflare's security features. Learn more about this cookie from Cloudflare.|
|__cfruid||Hubspot||Session||This cookie is set by HubSpot’s CDN provider because of their rate limiting policies. Learn more about Cloudflare cookies. It expires at the end of the session.|
|__hstc||Hubspot||13 months||The main cookie for tracking visitors. It contains the domain, utk, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).|
|hubspotutk||Hubspot||13 months||This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts. It contains an opaque GUID to represent the current visitor.|
|__hssc||Hubspot||30 minutes||This cookie keeps track of sessions. This is used to determine if HubSpot should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.|
|__hssrc||Hubspot||Session||Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser. If this cookie does not exist when HubSpot manages cookies, it is considered a new session. It contains the value "1" when present.|
|messagesUtk||Hubspot||13 months||This cookie is used to recognize visitors who chat with you via the chatflows tool. If the visitor leaves your site before they're added as a contact, they will have this cookie associated with their browser. If you chat with a visitor who later returns to your site in the same cookied browser, the chatflows tool will load their conversation history. The cookie is controlled by the Consent to collect chat cookies setting in your chatflow. If this setting is disabled, the cookie is controlled by the Consent to process setting in your chatflow. HubSpot will not drop the messagesUtk cookie for visitors who have been identified through the Visitor Identification API. The analytics cookie banner will not be impacted. It contains an opaque GUID to represent the current chat user.|
|fr||90 days||Facebook's primary advertising cookie, used to deliver, measure and improve the relevancy of ads.|
|oo||5 years||Used to record advertising opt-outs|
|ddid||28 days||Used to open a specific location in an advertiser's app upon installation|
|_fbc||90 days||Used to deliver, measure and improve the relevancy of ads|
|_fbp||90 days||Identifies browsers for the purposes of providing advertising and site analytics services|
|_gaexp||Google Optimize||Depends on the length of the experiment, but typically 90 days.||Used to determine a user's inclusion in an experiment and the expiry of experiments a user has been included in.|
|_opt_awcid||Google Optimize||24 hours||Used for campaigns mapped to Google Ads Customer IDs.|
|_opt_awmid||Google Optimize||24 hours||Used for campaigns mapped to Google Ads Campaign IDs.|
|_opt_awgid||Google Optimize||24 hours||Used for campaigns mapped to Google Ads Ad Group IDs|
|_opt_awkid||Google Optimize||24 hours||Used for campaigns mapped to Google Ads Criterion IDs|
|_opt_utmc||Google Optimize||24 hours||Stores the last utm_campaign query parameter.|
|lidc||1 day||Used for routing|
|bcookie||1 year||Browser ID cookie|
|bscookie||1 year||Secure browser ID cookie|
|L1c||Current Session||Browser ID cookie|
|BizoID||6 months||LinkedIn Ad analytics|
|BizoData||6 months||LinkedIn Ad analytics|
|BizoUserMatchHistory||6 months||LinkedIn Ad analytics|
|BizoNetworkPartnerIndex||6 months||LinkedIn Ad analytics|
|token||4 hours||Access token|
|Player_settings_0_3||3 weeks||Player settings|
|LyndaLoginStatus||10 years||Login status|
|throttle-XXX||6 months||Throttling on Lynda|
|NSC_XXX||5 minutes||Load balancing|
|_hjClosedSurveyInvites||Hubspot||365 days||Hotjar cookie that is set once a visitor interacts with an External Link Survey invitation modal. It is used to ensure that the same invite does not reappear if it has already been shown.|
|_hjDonePolls||Hubspot||365 days||Hotjar cookie that is set once a visitor completes a survey using the On-site Survey widget. It is used to ensure that the same survey does not reappear if it has already been filled in.|
|_hjMinimizedPolls||Hubspot||365 days||Hotjar cookie that is set once a visitor minimizes an On-site Survey widget. It is used to ensure that the widget stays minimized when the visitor navigates through your site.|
|_hjShownFeedbackMessage||Hubspot||365 days||Hotjar cookie that is set when a visitor minimizes or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimized immediately if the visitor navigates to another page where it is set to show.|
|_hjid||Hubspot||365 days||Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.|
|_hjRecordingLastActivity||Hubspot||Session||This should be found in Session storage (as opposed to cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).|
|_hjTLDTest||Hubspot||Session||When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.|
|_hjUserAttributesHash||Hubspot||Session||User Attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.|
|_hjCachedUserAttributes||Hubspot||Session||This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.|
|_hjLocalStorageTest||Hubspot||Under 100ms||This cookie is used to check if the Hotjar Tracking Script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.|
|_hjIncludedInPageviewSample||Hubspot||30 minutes||This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's pageview limit.|
|_hjIncludedInSessionSample||Hubspot||30 minutes||This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's daily session limit.|
|_hjAbsoluteSessionInProgress||Hubspot||30 Minutes||This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.|
|userIsHfInternal||Headforwards||1 year||For internal HF colleagues visiting the site so they are excluded from Analytics records|
|gtm_isp_lookup||Headforwards||Session||Records the user's internet service providor for Google Analytics|
How do I disable cookies?
If you want to disable cookies you need to change your website browser settings to reject cookies. How to do this will depend on the browser you use.
What happens if I disable cookies?
This depends on which cookies you disable, but in general the site may not operate properly if cookies are switched off. If you only disable 3rd party cookies you will not be prevented from making purchases on this site. If you disable all cookies you will be unable to complete a purchase on this site.
For further information about cookies and how to manage them visit www.allaboutcookies.org.