inventAsia is fully committed to providing the highest levels of security in the protection of your data, we can proudly say that we have 100% track record in terms of Data Security since our operations began in 2004.

We encourage you to read our policy carefully, you are welcome to contact us with any questions or concerns about your privacy practices.

What information do we collect?

We may collect the following information:

• Your name and job title

• Your business/organisation information including email address, business telephone numbers and business address

Should you decide that you want to delete any of the above information from our system, please send an email to info@invent-asia.com using the subject line – Personal Data Opt-Out.

If you believe that any information that we are holding on you is incorrect or incomplete, please send us an email at the above address. We will promptly correct any information found to be incorrect and confirm that to you by return email.

What we do with the information we gather?

We require the following information to understand your business or organisation needs to provide you with the best possible service, in particular for the following reasons:

• Internal record keeping

• Providing you with an efficient customer support service

• We may use the information to improve our products and services

• We may periodically send promotional emails about new products or other information which we think you may find helpful, using the email address we have at the date of this notice or otherwise as subsequently instructed by you.

TERRITORY SPECIFIC INFORMATION

UK

• We are fully compliant with GDPR.

• Our primary and secondary servers with load balancing and failover capabilities are in the UK, hosted in secure ISO 27001, G-Cloud approved Tier III and IV Data Centres

• Cloud hosting is with Amazon Web Services and Microsoft Azure.

• We are registered with the Information Commissioner’s Office. Our registration number is Z9717899.

• We are accredited to ISO 27001 (Information Security Management System) and ISO 9001 (Quality Management System).

• We have satisfactorily achieved compliance with the NHS Data Security and Protection Toolkit (previously known as NHS Information Governance Toolkit)>

• Our IT infrastructure and applications have passed (third-party) security testing and are certified as Cyber Essentials Plus Compliant.

• Data Sharing Agreements are submitted to NHS clients prior to commencement of work.

Australia

• Our servers in Australia are hosted in a Tier III, ISO 27001, 14001 and 9001 certified Data Centres and cloud-hosted with AWS.

• We are fully compliant with the Australian Privacy Principles as contained in Schedule 1 of the Privacy Act 1988 - as amended.

• Fully accredited to ISO 27001 (Information Security Management System).

• Prescribe Digital Pty. Ltd. is a registered Australian Company ABN 13 163 067 409.

New Zealand

• Our servers in New Zealand are hosted in an ISO27002 accredited Data Centres in Auckland.

• We are fully compliant with the Privacy Act of 1993.

Philippines

• We have servers located within our Data Centres which only contain information pertaining to our employees and other pertinent applications used for administrative purposes. No client data is saved in our in-house servers.

• We are fully registered with the Philippine National Privacy Commission and compliant with the Philippine Data Privacy Act of 2012 see: https://www.privacy.gov.ph/data-privacy-act/

Hong Kong

• We are fully compliant with Hong Kong’s Personal Data (Privacy) Ordinance (Cap. 486).

• Hong Kong registered Company CR 0503280.