We only share personal data with other organisations when we have a lawful basis to do so. When we share data with other organisations, we put contractual arrangements and security mechanisms in place to protect personal data and to comply with our data protection, confidentiality and security standards.
Data sharing within the Azets group of companies
Personal data held by us may be transferred to, or disclosed to, other companies in the Azets group of companies (see Appendix A) and our ultimate parent company Hg Capital. We may share personal data with other Azets companies where necessary for administrative purposes and to provide professional services to our customers.
All companies in the Azets group of companies are bound by a Data Sharing Agreement which commits them to share personal data in a secure and lawful manner that respects the rights and freedoms of data subjects.
Data sharing with other controllers
Depending upon the nature of the service being provided to you we may lawfully share personal data with other organisations. This may change from time to time, so for the latest information please refer to the following:
Azets does not share your personal data with third-parties who intend to use the data for marketing purposes if you have not given your consent to this.
Azets may share your personal data with third-parties for other purposes but only in the following contexts:
a. Business partners
Azets may share your personal information with our partners in the event that this is legitimate from a business perspective. For example, if you purchase a service on behalf of your employer that we provide through one of our certified partners.
b. Public authorities
The police and/or other authorities may demand the handover of personal information from Azets. In these cases, Azets will only hand over the data if there is a court order or another legal obligation to do so.
c. Mergers and acquisitions
In connection with mergers, acquisitions or divestiture of all or parts of Azets’ business, the acquiring entity as well as its consultants and Azets’ will obtain access to data managed by the Azets entity/entities involved and this may in some cases include personal data. In which case, such external parties will enter into a Non-Disclosure Agreement (NDA) with Azets, which will also cover potential disclosure of personal data.
We use specialist organisations to provide certain services, such as data hosting. These organisations (defined as processors in data protection legislation) are bound by a written contract which defines their tasks and responsibilities. Azets only employs processors that comply with data protection legislation and processors are subject to audit or certification review to ensure continuing compliance.
The processors used by Azets group companies may change from time to time, so for the latest information please refer to the following: https://www.azets.com/trust-center/sub-processors/