Last updated: February 2023
Your privacy is important to ORCA Computing, and we are committed to safeguarding the privacy and security of the personal information in our care. This Privacy Statement explains how we collect your personal information, what we do with it, and your rights in respect of it.
Please note, this Privacy Statement only applies to the use of your personal data provided to us through your interaction with the website https://sdk.orcacomputing.com (hereafter referred to as the “Website”). For details on how we handle your personal data with respect to any other interaction with ORCA, please see here.
The Website is intended to do little more than provide registered users with access to ORCA’s software (in accordance with the Terms of Service and End-User License Agreement for the software).
When we say “we”, “our”, “us”, “ORCA”, or “ORCA Computing” in this policy, we are referring to all or any of the entities which make up the international ORCA Group, as the context requires. An explanation of some of the other terminology that we use in this policy is set out in Section 14, “Terminology”.
Please take a moment to familiarize yourself with our privacy practices and let us know if you have any questions by emailing privacy@orcacomputing.com
ORCA may update its Privacy Statement from time to time. Any changes we make will become effective when we post a modified version of this policy on the Website, and we agree the changes will not be retroactive. The legend at the top of this Privacy Statement indicates when it was last changed/updated.
ORCA Computing Limited is a company incorporated and registered in England and Wales with company number 12285629 whose registered office is at 30 Eastbourne Terrace, London, W2 6LA, UK. ORCA Computing Limited also has subsidiaries and branch offices outside of the UK.
ORCA develops full-stack quantum computing systems and related technologies and provides consultancy services. Our global reach means that we are subject to differing data protection regimes of the jurisdictions in which we operate. We aim to achieve uniformity of data protection practices across all jurisdictions in which we operate, whilst also complying with all relevant data protection laws. This policy reflects the EU’s GDPR standard of protection of personal information and references the relevant Articles of the EU GDPR where appropriate. In those jurisdictions where data protection regimes differ significantly to the EU GDPR, elements of this policy may not apply, for example individuals’ rights in relation to their personal information, and this policy does not establish any rights or obligations which are additional to those prescribed in the applicable local data protection law.
We are the data controller of the information that we process. That is, ORCA is the organisation that determines, alone or jointly with one or more other parties, how your personal information is processed and for what purposes. This means that we are legally responsible for ensuring our systems, processes, suppliers and people comply with data protection laws in relation to the personal information that we handle.
The majority of ORCA’s internal business operations are centralised in the UK, operating out of ORCA Computing Limited to support the business globally. ORCA Computing Limited is the data controller for these centralised services. However, depending on the jurisdiction from which our services are provided to you, or in which your personal information is otherwise processed by us, ORCA Computing Limited or another entity of the ORCA Group may be the data controller in respect of your personal information.
Where we transfer your personal data to third parties, in certain circumstances those third parties may also be data controllers.
If you have any questions or concerns as to how your personal information is handled by ORCA, please email privacy@orcacomputing.com
You are, of course, welcome to write to us at our office directly at the address mentioned in Section 15.
The Website is intended to do little more than provide registered users with access to ORCA’s software and accordingly we collect very little personal data on users through the Website.
We may collect the following personal information:
One or more of the following legal bases for processing your data apply:
We may use your information for the following purposes:
The Website is intended to do little more than provide registered users with access to ORCA’s software (in accordance with the Terms of Service and End User License Agreement for the software). For this purpose, we use a third party provider, Gitea (Gitea). The information that you provide to the Website is stored in one or more servers located in the United Kingdom and Gitea does not have direct access to that data. In the vast majority of your cases, personal data will not leave the Website.
In exceptional circumstances your personal data may be stored in ORCA’s information systems, or third party software applications and service providers which have been procured to support the management of the information in our care.
In all cases, personal information of yours that is shared or stored outside of the ORCA Group will be limited to the minimum required for the relevant purpose and subject to the appropriate provisions and safeguards regarding data subjects’ rights, information security, disclosure, confidentiality and data protection. For more information about personal data transfers, please see Section 7 of this policy.
Your personal information is retained by us in accordance with applicable law and regulation. Our data retention periods vary depending on the location, nature and context of the personal information that we have in our care. Generally speaking, we delete personal information when the purpose for its processing has been fulfilled or the contractual relationship with our customer, contractor or you has ended, and there are no other legal obligations to retain the personal information nor legal bases for further processing.
In accordance with established policies and procedures, ORCA will periodically destroy or erase any personal information that is no longer needed.
The personal data provided through your interaction with our Website will in the vast majority of cases be processed by ORCA Computing Limited, but in rare circumstances may be processed by a member of the ORCA Group other than ORCA Computing Limited. In particular, our global presence means that your personal information may be transferred across the business worldwide due, for example, to our shared IT systems and datacentres, and cross-border working practices. Personal data transfers are facilitated across the ORCA Group by way of an intra-group data transfer agreement which applies contractual protections and other appropriate safeguards required under applicable data protection law to all such transfers of personal data within the ORCA Group. Such contractual protections include obligations on ORCA entities outside the EU and UK to resist and challenge demands for data made by local government agencies, to the extent possible.
We also use a number of suppliers and service providers in connection with the operation of our business who may have access to the personal information that we process. For example, IT suppliers providing us with software support, web hosting services, or cloud services may have access to personal data. In all cases, your personal information is handled in accordance with the relevant data protection laws. Where we use cloud services, our data will generally be hosted within the UK or EU, those being the locations which offer the highest level of data protection regulation of all the regions in which we operate. In the event that any personal data is to be processed by suppliers outside the EEA in countries that the UK and/or EU have not assessed as providing an adequate level of protection, we will ensure that personal data is adequately protected in accordance with applicable data protection law by ensuring information security and other appropriate safeguards are in place, and by ensuring that the contractual clauses govern how the data is to be processed or by ensuring that the supplier has binding corporate rules in place.
If you're already a sdk.orcacomputing.com user, you may access, update, alter, or delete your basic user information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile, or by keeping your information current.
If ORCA Computing processes information about you, such as information receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting our support.
We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our support with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through the Website. You may manage your communication preferences in your user profile.
By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you.
Depending on your email settings, the Website may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support.
We use cookies to make interactions with our service easy and meaningful. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of the Website. For security purposes, we use cookies to identify a device. By using our Website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our services.
Tracking and AnalyticsWe do not use third-party analytics on the Website.
In this Section 11, we have listed the rights that data subjects have under the EU GDPR and UK GDPR data protection laws.
A data subject’s principal rights under data protection law are:
the right to access - you can ask for copies of your personal data;
the right to rectification - you can ask us to rectify inaccurate personal data and to complete incomplete personal data;
the right to erasure - you can ask us to erase your personal data;
the right to restrict processing - you can ask us to restrict the processing of your personal data;
the right to object to processing - you can object to the processing of your personal data;
the right to data portability - you can ask that we transfer your personal data to another organisation or to you;
the right to complain to a supervisory authority - you can complain about our processing of your personal data; and
the right to withdraw consent - to the extent that the legal basis of our processing of your personal data is consent, you can withdraw that consent.
These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/ .
You may exercise any of your rights in relation to your personal data by written notice to us, using the contact details set out below.
We may provide you with links to other websites, but these websites are not under our control. We are not liable to you for any issues arising in connection with their use of your information, the website content or the services offered to you by those websites.
We recommend that you check the privacy policy and terms and conditions on each website to see how each third party will process your information.
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure you are happy with any changes to this policy.
We may notify you of significant changes to this policy by email.
“data controller” means a person who, or organisation which, alone or jointly with others, determines how Personal Information is processed and for what purposes;
“EU GDPR” means Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and repealing Directive 95/46/EC (General Data Protection Regulation) OJ L 119/1. 4.5.2016
“individual” or “you” means the person whose personal information is being collected, held, or processed.
“ORCA Group” means ORCA Computing Limited, its branch office(s) and subsidiaries.
“personal information” or “personal data” means any information relating to an identified or identifiable natural person that is provided through the Website; an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“process”/ “processing” means any activity that involves personal information. It includes obtaining, recording or holding the personal information, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal information to third parties as a result of those third parties having access to it.
“UK GDPR” means the Data Protection Act 2018 and the UK GDPR (as defined in the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU exit) Regulations 2019).
This Website is owned and operated by ORCA Computing Limited.
We are registered in England and Wales under registration number 12285629, and our registered office is at 30 Eastbourne Terrace, London, W2 6LA, UK.
You can contact us: