This Privacy Notice explains the information practices and policies of Hughes Consortium Ltd (“Hughes Solutions / Hughes Info Tech”). It describes how we collect, use, and disclose information of: (a) individuals (i.e. employees or other staff users) of business partners or clients such as our MSPs (collectively “clients”) that use our managed information technology services; (b) individuals (i.e. employees or other staff users) of any prospective business partners or clients; and/or (c) any visitors to any websites owned by Hughes Solutions (“Hughes Solutions Websites”).
For the purposes of this Privacy Notice, the terms “we”, “us” and “our” refer to Hughes Solutions and “you” refers to you, anyone whose information we process for the purposes above.
This Privacy Notice does not reflect the privacy policies or practices of our clients or any other third party. Hughes Solutions is not responsible for the privacy policies or practices of any client, end-clients of clients or other third party.
In using our Services, our clients may backup and/or store or otherwise process business or other information or allow us to have access to such information, including Personal Information (defined below) on our Services (“Client Information”). In providing our Services, we process Client Information on behalf of and under the direction and instruction of our applicable client. It is the responsibility of Hughes Solutions’s client (or its end client if any) to ensure that the Client Information that it collects backups, stores or otherwise processes or allows us to access through the client’s use of Hughes Solutions’s Services has been legally collected and is processed in accordance with applicable data protection laws.
Information Collected through Our Services and Hughes Solutions Websites
We may collect information, including Personal Information, in the following ways:
Information That You Provide To Us Voluntarily
General Contact Information. We will collect any Personal Information that you voluntarily provide to us when you visit a Hughes Solutions Website, subscribe for or enquire about any of our Services. For example, if you submit a sales enquiry or subscribe for a newsletter via a Hughes Solutions Website web form or request additional information or contact from Hughes Solutions via email, you will provide us with certain Personal Information, which may include names, company name, address, and email address.
In addition, if you choose to communicate with us via a web form, email, or by telephone, we will keep a copy of our communication together with your email address or phone number and our responses.
Information That We Collect Automatically
Device-related Information. When you visit any Hughes Solutions Website or use our Services, we may also collect device related information from the user’s device, including information such as an IP address, device type, unique device identification numbers, browser-type, broad geographic location (e.g. country or city-level location), the date and time of use of our Services, the date and time of an event on the client’s IT systems, system logs, and technical attributes about the device or a web browser. In some countries, including countries in the European Economic Area, this information may be considered “personal data” under applicable data protection laws. This information enables us to better understand use of our Hughes Solutions Websites and Services. Some of this information may be collected using cookies and similar tracking technology, as explained further under the heading “Cookies or Similar Technologies” below.
Cookies or Similar Technologies
If you have arrived at any Hughes Solutions Website by clicking on a banner ad for one of Hughes Solutions’s products or services, a session cookie may be used. This cookie contains an identification number for the advertisement that you clicked on, and it helps Hughes Solutions determine which of its ads attracts the most visitors. If you choose to request further information from us about Hughes Solutions’s products and services, the personal information that you provide in that request will be linked to the information in the session cookie.
In order to better understand how our sites are used, Hughes Solutions Websites may also use persistent cookies along with other information collected in our servers’ files (e.g., IP Address, referring URLs, etc.). For more information about the nature of cookies and similar technologies that Hughes Solutions Websites use, and for information about how to reject cookies from Hughes Solutions websites please refer to our Cookie Management Page at https://www.Hughes Solutions.net/privacy-center/cookie-usage. Each browser is different, so you should check your browser’s “Help” menu to learn how to change your cookie preferences. If you reject or block cookies, Hughes Solutions Websites may not function as intended.
Information That We Obtain From Third Party Sources
Commercially Available Information.. Hughes Solutions may also collect information from commercially available sources but only where we are legally permitted to collect the information. Such information may include names, addresses, email addresses, and demographic data. The information Hughes Solutions collects from these commercial sources may be combined and cross-referenced with information collected through the Services. We use this information for communications purposes to provide direct marketing materials for our business customers or prospects.
From time to time, we may also ask our partners or clients to voluntarily provide us with the email addresses of contacts of other organisations, so they too can benefit from the various products and services offered by Hughes Solutions and Hughes Solutions’s trusted affiliates. Where we do, we will ask that they have the permission to pass on these details to us.
How We Use Information Collected through Our Services and Hughes Solutions Websites
To Serve Our Clients. We use the information we collect, including Personal Information, to provide our Services to the clients on whose behalf we are acting. For example, in order to provide technical support, we may contact a user (such as employees or staff members) of Hughes Solutions’s clients using any contact information provided to us.
To Serve You. We use the information we collect, including Personal Information, to respond to any request or query directed to us (for example through web forms or email), to provide you/your organisation with our products and Services and to manage our relationship with you. For example, we may respond to a job application, address any enquiries or complaints you may have, endeavour to improve the Services we provide, or provide you with information about other products and services we offer that we think you may be interested in.
For Direct Marketing. If we have the right to do so, we will use your Personal Information for the purposes of direct marketing communications to your organisation, such as by adding your contact and other details to a marketing database. Where we do, we will provide you with an opportunity to opt out in accordance with section III.
For Internal and Service-Related Purposes.We may use any information we collect through the Services and/or any Hughes Solutions Websites for internal and service-related purposes, including providing it to third parties as necessary to allow us to facilitate provision of the Services, maintain or improve Hughes Solutions Website security, and/or invoicing for example.
Anonymized and Aggregate Data. From time to time, we will anonymize and aggregate data collected through our Services for analytics purposes, product improvement purposes and other commercial purposes.
How We May Disclose Information Collected through Our Services and Hughes Solutions Websites
We may share any information we collect, including Personal Information with the following categories of recipients and/or in the following circumstances:
With Our Group Companies, Third-Party Vendors and Service Providers. As appropriate, we may share any information, including Personal Information, with any of our group companies, vendors and/or service providers in connection with the provision or marketing of the Services, Hughes Solutions Websites. These third parties have access to Personal Information to the extent necessary to permit them to do their jobs, however, they are bound by confidentiality agreements before any information is provided to them, and they are restricted from using the information for other purposes. For Personal Information transferred to us from European Union member countries under the EU-US Privacy Shield, we will remain liable under the Privacy Shield Principles if our agents or service providers process such Personal Information in a manner inconsistent with the Privacy Shield Principles, unless we will prove that we are not responsible. A list of our current service providers and partners is available to current Hughes Solutions customers and can be found here.. A list of providers and partners that we use with our website visitors is available on Hughes
Solutions’s Privacy Center.
As Required by Law and Similar Disclosures. We may access, preserve, and disclose information, including Personal Information, if we believe it is necessary: to comply with national security or law enforcement requests and legal process, such as a court order or subpoena; to respond to your requests; to prevent or address fraud, security, or technical issues; or to protect our property or other legal rights or the rights or property of others, or to protect the vital interests of others.
Merger, Sale, or Other Asset Transfers. If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, information collected through the Services or Hughes Solutions Websites (or both) may be sold or transferred as part of such a transaction, as permitted by law and/or contract.
Other than as stated in this Privacy Notice, we will not release Personal Information to unaffiliated third parties, and we will not cross-reference Personal Information collected through one client’s use of our Services with that of any other client or entity.
III. Access, Integrity, Retention, and Choices
Personal Information of clients’ clients
Please note that if you are an end-user of one of our clients’ clients whose Personal Information we may backup or otherwise process in providing Services to our clients, you must submit any requests for access to, correction, amendment, or deletion of your Personal Information, to our applicable client’s client.
Access & Correction
If you wish to request access to, correction, or deletion of Personal Information you have submitted through the Hughes Solutions Websites, you can log into your account or contact Hughes Solutions at privacy@Hughes Solutions.net. If you are a resident in the European Union, you may have additional rights which we have set out below.
Data Integrity and Purpose Limitation
Hughes Solutions will use Personal Information only for the purpose of or in ways compatible with the purposes for which it was collected.
We keep information we need to provide our Services only so long as we have a valid business purpose, in accordance with applicable law and our client agreements. For example, to provide you with Services you have requested or to comply with applicable legal, tax or accounting requirements.
When we have no ongoing legitimate business need to process your Personal Information, we will delete it. If immediate deletion is not possible (for example, because your Personal Information has been stored in backup archives), then we will securely store your Personal Information and isolate it from any further processing until deletion is possible or unless as otherwise required by law.
We include an “unsubscribe” hyperlink in Hughes Solutions marketing emails for those users who wish to stop receiving email communication from Hughes Solutions. The hyperlink will connect to one of our websites, which will confirm the email address that has been automatically unsubscribed and will no longer receive emails from Hughes Solutions.
We have certified with the EU-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the processing of certain Personal Information from the European Union member countries. We have certified that we adhere to the Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. If there is any conflict between the policies in this Privacy Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/.
If you have any inquiries or complaints about our handling of your Personal Information under the Privacy Shield, you should first contact us at privacy@Hughes Solutions.net and we will respond to your inquiry promptly. If we are unable to satisfactorily resolve your complaint, or we fail to acknowledge your complaint in a timely fashion, we have further committed to cooperate and comply with the panel of European data protection authorities (DPAs) in the resolution of any Privacy Shield complaints. If you reside in the European Union, you may also have the opportunity under certain conditions to invoke binding arbitration for complaints regarding the Privacy Shield not resolved by the above mechanisms. For more information, please see the “Complaints and How To Contact Us” section below.
Hughes Solutions is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) and of other relevant US statutory bodies authorized to verify and ensure compliance with the Privacy Shield Principles.
Legal Basis for processing your Personal Information
Our legal basis for collecting and using the Personal Information described above will depend on the Personal Information concerned and the specific context in which we collect it.
However, we will normally collect Personal Information from you only where we need the Personal Information to perform our contract for our Services with our clients, where the processing is in our legitimate interests (provided these interests are not overridden by your data protection interests or fundamental rights and freedoms), or otherwise if we have your consent to do so. In some cases, we may also have a legal obligation to collect Personal Information from you such as to comply with background check requirements, tax details, or other benefit information for Hughes Solutions employees.
If we ask you to provide Personal Information to comply with a legal requirement or to contact you, we will make this clear at the relevant time and advise you whether the provision of your Personal Information is mandatory or not (as well as of the possible consequences if you do not provide your Personal Information). Similarly, if we collect and use your Personal Information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are and before doing so will ensure that we have considered your rights and interests.
If you have questions about or need further information concerning the legal basis on which we collect and use your Personal Information, please contact us at privacy@Hughes Solutions.net.
VII. For users in Australia
We comply with the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth) (“Privacy Act”) regarding the collection, storage, use and disclosure of Personal Information from Australian users.
In addition to the uses set out in the section titled “How We Use Information Collected through Our Services and Hughes Solutions Websites”, we may also use your information, including Personal Information, for a secondary purpose that is related to a purpose for which we collected it, where you would reasonably expect us to use your Personal Information for that secondary purpose.
Under the Privacy Act, we have an obligation (the “Obligation”) to take reasonable steps, in the circumstances, before disclosing Personal Information to an overseas recipient to ensure that the overseas recipient does not breach privacy laws in relation to that information. However, should we obtain your consent to disclose your Personal Information to an overseas recipient, the Obligation does not apply. In obtaining your consent, we will not be accountable and you will not be able to seek redress against us under the Privacy Act if the overseas recipient handles your Personal Information in breach of the Australian Privacy Principles (“APPs”) under the Privacy Act. In providing your consent under this Privacy Notice, you acknowledge and agree to the risks associated with the disclosure of your Personal Information overseas. These risks may include the overseas recipient not being subject to any privacy obligations or privacy principles similar to the APPs and the overseas recipient being subject to foreign law that could compel the disclosure of your Personal Information to a third party, such as an overseas authority.
If you are a user in Australia and wish to access, correct or update your information in accordance with section III, Hughes Solutions may refuse certain requests but only in circumstances where this is permitted under the Privacy Act.
VIII. Your Rights
We acknowledge individuals’ rights in relation to their personal data under application data protection laws.
In addition, if EU data protection laws apply to your Personal Information, you may have the following data protection rights which you may exercise at any time by using the contact details provided under the “Complaints and How to Contact Us” section below:
You may access, correct, update or request deletion of your Personal Information.
You can object to processing of your Personal Information, ask us to restrict processing of your Personal Information or request portability of your Personal Information.
You have the right to opt-out of marketing communications we send you at any time. In addition to using our contact details below, for email marketing communications you can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you.
Similarly, if we have collected and process your Personal Information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your Personal Information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your Personal Information. For more information, please contact your local data protection authority. (Contact details for data protection authorities in the European Economic Area, Switzerland are available here [Link to http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080])
We will respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Please note, if you are an individual whose personal information Hughes Solutions processes as a “data processor”, for example to provide services on behalf of its clients, you must contact the relevant data controller of your Personal Information in order to exercise your rights. This might be one of our clients or one of our clients’ customers.
XII. Complaints and How to Contact Us
If you have any questions, comments, or concerns about this Privacy Notice or our information practices, please email us at privacy@Hughes Solutions.net.
If you don’t receive adequate resolution of a privacy-related problem, you may write to our Chief Information Security Officer at:
For EU Individuals: If a complaint cannot be resolved by any of the mechanisms described above, you also have a right, under certain conditions, to invoke binding arbitration under the Privacy Shield Panel in compliance with the EU-US Privacy Shield. If you want to initiate this arbitration procedure, you are required to first formally notify us of your intention to do so by writing to privacy@Hughes Solutions.net. Please remember to include a summary of the steps you have already taken to resolve your complaint and a description of the alleged violation. See also XI above on your right to complain to EU data protection authorities.
Specifically, if you are a European Union individual and a complaint cannot be resolved through Hughes Solutions’s internal process, we have further committed to refer such complaints, under the EU-US Privacy Shield Principles to utilize JAMS as an alternative dispute resolution provider. Information regarding JAMS and the process for initiating a claim can be found at https://www.jamsadr.com/eu-us-privacy-shield.