For the purpose of the Data Protection Act 2018 & General Data Protection Regulation (EU Regulation 2016/679), ("GDPR"), and the EU Data Protection Directive (Directive 95/46/EC) the data controller is Product Partnerships Limited of Suite D2 Joseph’s Well, Hanover Walk, Leeds, LS3 1AB.
Product Partnerships Limited is a company registered in England and Wales company number 08716415 (hereinafter referred to as “we", "our" or "us").
By using the Service, you acknowledge you have read and understood the terms of this Notice. Please fully review this Notice before you use the Service or submit information to us.
INFORMATION WE MAY COLLECT FROM YOU AND OTHER SOURCES
Although the precise details of the personal information collected by us will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
- Information that you provide us by filling in forms on our social media pages or on our Websites. This includes information provided at the time of registering to use our Websites, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with our Websites.
- if you contact us by phone, email or otherwise and is provided voluntarily, we may keep a record of that correspondence;
- please note that we may record and monitor telephone conversations that we have with you. The sole purpose of any recording is for training and quality control purposes. Under the GDPR any personal or confidential information disclosed to us by telephone shall not be made available to any third party (unless required by law to do so) or used for marketing purposes;
- we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
- details of your visits to our Websites including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
- we also collect browsing, transactional and behavioural data from you to improve the service/experience we offer and for the purposes of offering you a tailored or personalised online shopping experience; and
- we may collect information about your browsing device, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is anonymous statistical data about our users' browsing actions and patterns and does not identify any individual. We collect some of this information using Cookies. We may also collect any personal information which you allow to be shared that is part of your public profile on a third-party social network.
We may obtain and/or collect certain personal information about you from sources outside our business. We may also receive your personal information from other sources, such as: public databases, our supplier partners, joint marketing partners; social media platforms; as well as from other third parties. This other personal data helps us to:
- provide the relevant services in an accurate manner;
- review and improve the accuracy of the data we hold; and
- improve and measure the effectiveness of our marketing communications, including online advertising.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
- To ensure that content from our Websites is presented in the most effective manner for you and for your browsing device.
- to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- to carry out our obligations arising from any contracts entered into between you and us or our Appointed Representatives;
- to remember your preferences e.g. if you ask not to receive marketing material, we will keep a record of this;
- for our own (or a third party’s) lawful interests (such as marketing, internal record keeping, market research or to improve our products) provided your rights don’t override these.
- to help us identify you and any accounts that you hold with us;
- to notify you about changes to our service;
- to handle queries from regulators;
- to handle complaints;
- to check correct processes are being followed by our Appointed Representatives;
- fraud prevention and detection;
- security vetting.
LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
The personal data that you provide to us in order to purchase our services or other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on opt-in consent as a legal basis to contact new customers by electronic means and/or send direct marketing communications via email to new customers.
You have the right to withdraw your consent at any time.
The following table describes our processing purposes, and on what legal basis we rely on:
- Providing access to the Website
- Maintaining or restoring the security of the Website
- Detecting technical faults and / or errors in the transmission of electronic communications
- Providing products or services
- Carrying out the contractual relationship
- Providing customer care services
- Legitimate interests
- Compliance with legal obligations
- Defending, establishing and exercising legal / insurance claims
- preventing, investigating and detecting crime, fraud and prosecuting offenders, including working with law enforcement agencies
- promoting, marketing and advertising our products and services tailored to individual customers
- Understanding our customers’ behaviour, activities, preferences, and needs
THE USE OF AUTOMATED DECISION MAKING
Your personal data is not used in any automated decision making (a decision made solely by automated means without any human involvement) or profiling (automated processing of personal data to evaluate certain conditions about an individual).
CHANGE OF PURPOSE
We will process your personal data for the purpose for which we collected it. If we process your personal data for another purpose that we reasonably consider to be compatible with the original purpose, we will notify you and explain the legal basis which allows us to do so.
DISCLOSURE OF YOUR INFORMATION
In order to make certain services available to you, we may need to share your personal data with third parties. We only share the personal data provided if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do. We never share personal data outside our organisation for marketing purposes.
We may disclose your personal information to:
- Our trusted service providers acting on our behalf who provide services such as: web hosting, web analytics and integration, IT system providers, customer service web chat, data analysis (including data personalisation), infrastructure provision, email marketing data, review sites of our services, and other services to enable them to provide services;
- our business partners, suppliers of financial products and services and sub-contractors for the delivery of any service to them or you. This information will not be used for marketing purposes;
- third party suppliers who manage our financial accounting or audit process;
- in the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets;
It is sometimes necessary for us to share your data outside of the European Economic Area (EEA). This generally occurs when our service providers are located outside of the EEA or you are based outside of the EEA.
If this happens, we will ensure that the transfer will be compliant with the relevant data protections laws including the GDPR and Data Protection Act 2018.
HOW DO WE PROTECT YOUR DATA
We are committed to keeping your personal data safe and secure and employ a number of security measures such as:
- We ensure our Websites and data is supported with TLS 1.2 technology using RSA 2048-bit security standard and/or other appropriate standards from time to time;
- Monitoring and auditing our service providers to ensure they have an adequate level of protection as required;
- All information you provide to us is stored on our secure servers. For registered users, where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone;
- We use reasonable, organisational, technical and administrative measures to protect personal information under our control. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access;
- Any information provided by our Appointed Representatives is stored on a Customer Relationship Management system, which is secure and we shall ensure that from time to time we use no lesser technical and organisational measures to safeguard personal data which is disclosed to us;
- Our Website may, from time to time, contain links to and from the websites of our third-party partner networks, social media platforms, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites should have their own privacy notices/policies and that we do not accept any responsibility or liability for these third-party websites and the notices/policies. Please check these notices/policies before you submit any personal data to these websites.
We want to ensure that you remain in control of your personal data. Part of this is making sure that you understand your legal rights, which (for individuals) are as follows:
- the right to confirmation as to whether or not we have your personal data and, if we do, to obtain a copy of it (this is known as a subject access request)
- the right to have inaccurate data rectified
- the right to object to your data being used for marketing or profiling
- the right to “be forgotten”, this means you can ask for the information which we hold to be deleted from our records but this will mean that we will be unable to continue to handle your arrangements
Where you request access to your personal data (“Access Request”) and we are unable to deal with or fulfil such Access Request, we will provide you with a reason as to why. You have the right to complain as outlined in PRIVACY QUESTIONS.
You can exercise Access Rights at any time by contacting us in accordance with the section PRIVACY QUESTIONS.
CONSEQUENCES OF NOT PROVIDING INFORMATION
We need your information in order to:
- provide products and services to you
- perform our contract with you
- comply with our legal obligations
- protect our legitimate interests and manage our business.
If you chose not to provide information, we will not be able to:
- provide requested products or services to you
- continue to provide/renew existing products or services.
We will tell you when we ask for information which is not a contractual requirement or
needed to comply with our legal obligations.
HOW LONG DO WE KEEP YOUR DATA?
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
- Our procedures to manage data retention is to retain customer data for 7 years.
- The email marketing unsubscribe function will remove your details from marketing lists and confirmation of your removal will be sent to your email address.
- We will take reasonable steps under Article 17 of the GDPR to meet data subject requests.
CHANGES TO OUR PRIVACY NOTICE
We will occasionally update this Notice, in our sole discretion. When we post changes to this Notice, we will revise the "Issue Date” at the bottom of this Notice in order to notify you of changes. We recommend that you check the Service from time to time to inform yourself of any changes in this Notice or any of our other policies. If you do not agree to any update, please do not use the Service; by continuing to access or use the Service after a change to this Notice becomes effective, you agree to and accept the revised Notice as of the Notice Issue Date.
Notice Issue Date: June 2021
- If you have any questions about how we use your personal data that are not answered here, email: firstname.lastname@example.org
- if you want to exercise your rights of Access Rights regarding your personal data, please contact us by email at: email@example.com or write to us at: Product Partnerships Limited of Suite D2 Joseph’s Well, Hanover Walk, Leeds, LS3 1AB.
- You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.