Supplier Privacy Notice
Data that we hold and how we use it
As a supplier to Nivo, we hold the contact and payment details required to carry out our contract with you and data to manage our relationship with you. This data would have been sourced from you directly, although your contact details may have been sourced from a recommendation or another source, with the intention of entering into a contact with you.
Lawful basis for processing
Our lawful basis for processing your data is contract; all data is used enable us to fulfil our contract with you, including paying you and managing our relationship with you.
Data Sharing and Transfers
Like most companies, we use a number of other companies as part of our data processing, for example cloud services and technology services. We have Data Processing Agreements in place with these providers. We also transfer your data to our accountants to ensure you are paid appropriately. Where data is transferred outside of the EEA, we ensure that appropriate protection and mechanisms are in place, for example US Privacy Shield or Standard Contractual Clauses. We do not sell your data to anybody
We hold data on suppliers for the duration of our contract, plus 7 years to account for accounting regulations and in case of any dispute.
Technical and Operational Security
All data is password protected, access controlled by 2factor authentication, backed up securely and encrypted when appropriate. All employees are trained in data protection and are aware of their obligations to ensure the privacy of all data subjects. Data Privacy by Design and Default is an integral part of our development processes. All devices are protected by leading enterprise mobility management technologies. We are ISO 27001 certified.