Privacy Policy
Last updated June 1st, 2026
1. Introduction
Thank you for choosing HC Parent Corp., operating as Acumetis (“Acumetis”). This privacy notice provides a summary of how we use your personal data when you interact with us. We are committed to protecting your personal data in accordance with the applicable data privacy laws.
It is likely that for certain countries where we carry out our business activities, specific and local data protection provisions might apply regarding the processing of personal data. Hence, where such specifications are needed, you can hereunder find the list of those countries that require us to process your personal data according to the relevant data protection law applicable therein.
Specific localized sections
• United States of America
• United Kingdom
• France
• Canada
• Germany
• India
• Argentina
Contact: privacy@acumetisglobal.com
2. What this Privacy Notice covers
This Privacy Notice explains how we collect, use, disclose, transfer and protect personal data when you:
• visit our website;
• contact us or submit an enquiry;
• interact with us as a client, prospective client, supplier or business contact;
• receive marketing or business development communications from us;
• attend one of our meetings, events or webinars;
• participate in research, advisory boards, interviews, surveys or related activities;
• visit one of our offices; or
• otherwise interact with Acumetis in a business or professional context.
This notice does not replace any more specific privacy notice that may be provided to you, for example a candidate privacy notice, employee privacy notice, research participant notice, client-specific notice or project-specific notice.
3. We are protecting your data
This Notice has been adopted by HC Parent Corp., operating as Acumetis (“Acumetis”) We are committed to safeguarding your personal data. This Notice describes how we collect, use, disclose and process your personal data, and applies to personal data we collect about you.
This Notice supplements but does not supersede or replace any other consents you may have provided to us, or any other agreements or arrangements that you may have with us, in respect of your personal data.
4. A culture of privacy and data security
Data protection and privacy is ever changing and enhancing the rights of our customers. As such, we review our uses of personal data and may amend this Notice from time to time to reflect changes in applicable laws or the way we handle personal data. Any updated Notice will supersede earlier versions and will apply to personal data provided to us previously.
You are encouraged to re-visit our Notice from time to time so that you are aware of our culture of privacy and relevant updates we have made to our Notice.
5. Personal data provided by you and others
What is personal data?
The UK GDPR defines personal data:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
6. You can voluntarily provide personal data
We collect personal data that you voluntarily provide to us. The personal data we collect will often depend on the purposes for which the personal data are collected and what you have chosen to provide.
You always have the choice not to provide us with personal data. If you have provided your consent for us to process your personal data, you also have the right to withdraw your consent by contacting our Data Protection Officer. However, if you do so, it may not be possible for us to fulfill the specific purposes for which we were given consent, it could include the provision of products and services you have requested.
7. Accuracy and completeness of personal data
We take reasonable steps to ensure that the personal data we hold about you is accurate, complete, and kept up to date. We will correct or delete inaccurate data promptly when we become aware of it.
We rely on you to inform us of any changes to your personal data. If any of the information we hold about you is inaccurate or has changed, please notify us as soon as possible so that we can update our records accordingly.
You have the right to request rectification of any inaccurate personal data we hold about you, and the right to have incomplete data completed, including by providing a supplementary statement. We will respond to any such request without undue delay and within one month of receipt.
8. Categories of personal data we may collect
Identity Data
Data specifically related to identity may include, first name, maiden name, last name, marital status, title, date of birth.
Contact Data
The contact information for you and others could include, email addresses and telephone numbers, postal address details and social media handles.
Financial Data
To fulfill our services to you we may process financial data including bank account information, direct debit information and payment card details.
Technical Data
In this technical age there’s quite a bit of technical data around, including internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Marketing and Communications Data
We make it our business to develop lasting relationships and to help with this we will be processing data about your preferences in receiving marketing from us and your communication preferences. But don’t worry, we’re not interested in bombarding you with marketing content, just timely and relevant information about services and products we care about and that we think are relevant to you. We put you in control, so you always have the option to decline this or opt out at any point.
Website logs and analytics
Kept for a limited period appropriate to security, analytics and operational purposes.
CCTV and visitor records
Kept for a limited period unless needed for security, investigation or legal reasons.
Special Categories of Personal Data
There may be instances where special categories of personal data are disclosed to us, but this is incidental and not part of an organized processing activity.
9. How we may collect personal data
Personal data you voluntarily provide to us:
We collect personal data that is relevant to our relationship with you. Your personal data may be collected by us, directly or indirectly, for instance:
if you subscribe to our mailing lists; if you attend events or meetings organized by us, or conducted at our offices, for example, sales events, promotional and marketing events, training sessions and social events.
When your images are captured by us via CCTV cameras while you are within the properties we operate and use, or when photographs or videos of you are taken when you attend events, meetings or training sessions organized by us.
When you use our services or enter transactions with us, or express an interest in doing so, including services, products and transactions which you utilize in-person or electronically.
When you communicate with us by telephone, email, via our website or through other communication channels, for example, through social media platforms.
When you voluntarily provide documents or information including your; and/or
When you submit your personal data to us for any other reason.
10. Personal data that has been provided by others
Depending on your relationship with us, we may also collect your personal data from third party sources, for example: from your family members, friends or colleagues who provide your personal data to us on your behalf.
11. Personal data that can be collected automatically
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We have structured our website in a way that asks for your consent for certain cookies, we value your privacy and data rights.
12. Specific purposes and legal basis for processing your information.
Legal basis: We will always have a legal basis for processing personal data, and we have methodically assessed our purposes and legal bases.
When you provide consent to processing: Where you have given your consent for us or a 3rd party of ours to process your data, you can withdraw your consent at any time. Where consent has been used as the lawful basis for processing data, the information we provide about our processing activities will be fair, transparent, and unambiguous and you will have the power to decide whether you give consent.
Where legitimate interest is the most appropriate lawful basis: When processing your personal information is a legitimate interest of ours, or a third-party, we undertake legitimate interest assessments to ensure that our processing is not overridden by the interests, rights and freedoms that you have been afforded by data protection legislation.
Use permitted under applicable laws: We may also collect, use, disclose and process your personal data, without your knowledge or consent, where this is required or permitted by law.
Using your personal data to contact you: When we contact or send you information for the purposes described above, we may do so by post, email, SMS, telephone or such other means provided by you. If you do not wish to receive any communication or information from us or wish to restrict how we may contact or send you information, you can let us know by contacting us.
13. Data being transferred internationally
In the provision of our services to you we use data processors that are in different countries than the country we collected your information in.
The UK GDPR & the EU GDPR both contain strict rules about data transfers to other countries, which we adhere to. We use approved data transfer mechanisms wherever we transfer personal information to another country, these mechanisms include:
Adequacy: Where personal data is transferred between countries that have been granted ‘Adequacy’, this allows transfers of personal data without any additional safeguards, standardized contractual clauses, or derogations.
Standard Contractual Clauses: Where an Adequacy decision has not been granted, these countries are known as ‘Third Countries’. For transfers of personal data to Third Countries, for example, between the EU – US or the UK – US, standard contractual clauses are required, along with additional confirmation of safeguards from the organizations that receives personal data from EU and UK organizations.
14. Due Diligence
We conduct comprehensive due diligence assessments around the suitability of organizations we intend to use as data processors.
15. The security of your personal data
Unauthorized access: We have put in place security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.
Specific access: We limit access to your personal data to those employees, agents, contractors and other third parties who have been authorized to access your personal data.
16. Vulnerabilities
We have put in place procedures to deal with any suspected personal data breach and will notify you and the appropriate supervisory authority of a breach where we are legally required to do so.
However, we cannot guarantee that our systems or applications are invulnerable to security breaches, nor do we make any warranty, guarantee, or representation that your use of our systems or applications is safe and protected from viruses, worms, Trojan horses, and other vulnerabilities.
We also cannot guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
17. How long we keep personal data
Our retention schedules
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available, and you can request more details of that by contacting us.
By law we may have to keep certain information about our customers and this data will be held solely and securely for those legal purposes.
18. You have rights when it comes to your personal data
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
Right of access
You have the right to request a copy of the information that we hold about you. Access to a copy of your personal information is often known as a Subject Access Request, is usually free of charge and we have a one-month period with which to respond.
If requests for information are particularly complex or you have submitted multiple requests, the law permits an extension to the one-month timeline of up to two further months. It is also permitted to apply a fair administration fee for access requests that are deemed manifestly unfounded or excessive or if further copies of data are requested.
Finally, the law allows an organization to refuse a Subject Access request where the request is deemed to be manifestly unfounded or excessive. Any such decision would need to be made on a case-by-case basis.
Right of rectification
You have a right to review and correct data that we hold about you that is inaccurate or incomplete.
Right to be forgotten
In certain circumstances you can ask for the data we hold about you to be erased from our records. As detailed within data protection law, a request to be forgotten is not an absolute right and will be assessed on its merits.
Right to restriction of processing
In certain conditions you can exercise a right to restrict the processing of personal data. Where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing.
Right of portability
You have the right to have the data that you have provided to us, for the fulfillment of a contract or where you have provided your consent, transferred in a structured and machine-readable format to another organization.
Right to object
You have the right to object to certain types of processing, for example where we process your personal data for marketing purposes, this is an absolute right. You will be able to object to or opt out of any marketing message we send you.
Right to object to automated processing, including profiling
You also have the right to object to processing that is automated and involves decision making likely to have a legal effect on you.
Right to lodge a complaint
In the event that we refuse your request under these rights of access, we will provide you with a reason as to why. You have the right to complain, and we have provided a specific section on this below.
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can request access to your personal data
At your request, and for the specific right of access that you have, we can confirm what information we hold about you and how it is processed. There are elements of the information below contained within this Privacy Notice and we would refer you to the relevant sections. Otherwise, you can request the following information:
Identity and the contact details of the person or organization that has determined how and why to process your data.
Contact details of the data protection officer, where applicable.
The purpose of the processing as well as the legal basis for processing.
If the processing is based on the legitimate interests of our business or a third party, information about those interests.
The categories of personal data collected, stored and processed.
Recipient(s) or categories of recipients that the data is/will be disclosed to.
If we intend to transfer personal data to a third country or international organization, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
How long the data will be stored.
Details of your rights to correct, erase, restrict or object to such processing.
Information about your right to withdraw consent at any time.
How to lodge a complaint with the supervisory authority.
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
The source of personal data if it wasn’t collected directly from you.
Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
What forms of ID will I need to provide to access my data?
We will assess the information we process on your behalf, and if we are unable to verify your identity through existing security checks, we may request additional identification that could include: Government issued photo Identification and email address.
What to do when things don’t go as planned
In the event that you wish to make a complaint about how your personal data is being processed by us or third parties, or how your complaint has been handled, you have the right to lodge a complaint directly with the relevant supervisory authority where you live, and with us at privacy@acumetisglobal.com.
Regional Privacy Rights
UK & EU (including France & Germany)
You have rights under GDPR including:
– Access, rectification, erasure
– Restriction and objection
– Data portability
You may lodge a complaint with:
– UK: Information Commissioner’s Office (ICO)
– France: CNIL
– Germany: Relevant State Data Protection Authority
Argentina
Under Law No. 25,326, you have the right to access, update, and correct your personal data.
“The Agency for Access to Public Information, in its capacity as Supervisory Authority of Law No. 25,326, has the authority to address complaints and claims filed by those whose rights are affected by non-compliance with personal data protection regulations.”
India
Under the Digital Personal Data Protection Act:
– You have the right to access, correct, and erase your personal data
– You may withdraw consent at any time
Canada
Under PIPEDA:
– You have the right to access and correct your personal data
– You may withdraw consent, subject to legal or contractual restrictions
You may contact the Office of the Privacy Commissioner of Canada.
United States of America
California (CPRA) (CCPA)
You have the right to:
– Know, delete, and correct personal data
– Opt out of sale or sharing
– Limit use of sensitive personal information
Contact: privacy@acumetisglobal.com
We do not sell personal data in the traditional sense.
Pennsylvania & North Carolina
While comprehensive privacy laws are not yet in place, Acumetis applies consistent data protection standards.
Residents may request access, correction, or deletion of personal data where applicable.
Raleigh, North Carolina
Boston, Massachusetts