iplicit Group Limited (iplicit) and its associated companies, including iplicit Limited (iplicit) understand that the privacy of your data is important to you and that you care about how your personal data is used.
This policy has been prepared in accordance with currently applicable EU and UK data protection laws.
Personal data is defined by the UK and EU General Data Protection Regulations (the “GDPR”) as ‘any information relating to an identifiable individual who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, technical data relating to users of our website and details of usage and other online identifiers. The personal data that we use is set out in Part 3, below.
Our website is provided for business users and not intended for use by minors.
We do not normally collate sensitive personal data such as racial, political,, religious or health information about our users.
Under the GDPR, you have the following rights, which can be exercised in accordance with various conditions set out in the GDPR.
We will always work to uphold our obligations regarding the following:
a. The right to be informed about our collection and use of your personal data.
b. The right to access the personal data we hold about you.
c. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
d. The right to be forgotten, i.e. the right to request to ask us to delete or otherwise dispose of any of your personal data that we have.
e. The right to restrict (i.e. prevent) the processing of your personal data.
f. The right to object to us using your personal data for a particular purpose or purposes.
g. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data.
h. Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
We will collect and process information about you including the following:
a. Information that you provide by filling in forms on our websites. This includes information provided at the time of registering to use our websites and subscribing to or using our services. This may include your name, address, email address and telephone number.
We also obtain data if you:
b. Place an order using our websites, application or services; this may include your name (including business name), address, contact (including telephone number and email address) and payment details;
c. Complete online forms or participate in any other interactive areas that appear on our website or within our application or service
d. Interact with us using social media
e. Contact us offline, for example by telephone, SMS, email or post
We may also collect data which is available form public sources or registers or from third parties such as credit agencies.
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. Your personal data may be used for one of the following purposes:
a. Managing and administering your use of applications, products and services you have asked us to provide
b. Supplying our products and services to you. Your personal details are required in order for us to enter into a contract with you and carry out those obligations under that contract
c. Personalising and tailoring our products and services for you and communicating these changes
d. Managing our relationship with you. This may include responding to emails or calls from you
e. Supplying you with information by email or post that you have opted-in to (you may unsubscribe or opt-out at any time by contacting us at firstname.lastname@example.org.
f. Providing you with any information that we are required to send you to comply with our regulatory or legal obligations
g. Contacting you to see if you would like to take part in our customer research, for example, feedback on your use of our applications, products and services;
iplicit and its subsidiaries will retain personal data for as long as your account is active; as needed to provide you products or services; as needed for the purposes outlined in this Policy or at the time of collection and it may be retained for reasonable periods as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We may also use or retain data for archival or regulatory purposes or where we are required to use or retain it by law.
At the end of the appropriate retention period, iplicit and subsidiaries will delete your personal information in a manner designed to ensure that it cannot be reconstructed or read.
We will only store or transfer your personal data for processing within the UK or countries in the EU or European Economic Area or other states which apply rules relating to personal data which enable the lawful transfer of data by us to them. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.
The security of your personal data is very important to us. We use physical, electronic, and administrative safeguards that are designed to protect your personal data from loss, misuse and unauthorised access, disclosure, alteration and destruction.
Furthermore, iplicit will use standard security protocols and mechanisms to exchange the transmission of sensitive data. In addition, all our staff, contractors and agents accessing data on our behalf will do so on the basis that they understand the confidential nature of the data where it is confidential and are subject to appropriate confidentiality obligations in accordance with prevailing industry standards.
In the event that your personal data is acquired, or is reasonably believed to have been acquired, by an unauthorised person as a result of a data breach on our part, we, will notify you promptly by e-mail or mail where required in accordance with GDPR. We will determine the scope of the breach and investigate and implement all reasonable steps to remedy the situation and restore the integrity of the relevant data system.
We may share your information with:
a. Our service providers and agents (including their sub-contractors) or third parties which process information or data on our behalf (including internet service and platform providers, payment processing providers and those organisations we engage to help us send communications to you)
b. Third parties used to facilitate payment transactions, for clearing house, clearing system and transaction beneficiates
c. Third parties where you have a relationship with that third party and you have consented to use sending information (i.e. social media sites)
d. Law enforcement agencies so that they may detect or prevent crime or prosecute offenders or relevant regulatory bodies where required to comply with their recommendations or rules.
We may also share data between companies within the iplicit Group where that is needed for operational reasons and, under confidential conditions, where the information is required in preparation for, or in the performance of, any business contract or to professional service providers.
Where our policy contains links to third party sites which are provided by us in good faith to assist users, we can have no responsibility or liability for the contents or operation of the linked site or sites, which will be subject to the terms and conditions, if any, provided for the use of those sites.
If you want to know what personal data we have about you, you can, subject to the specific requirements of the data processing laws, ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal address below. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will endeavour to respond to your subject access request within 30 days. If a full response is not possible in that time, we will contact you within that period to inform you of the likely or possible timescale. We aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept informed of our progress on request.
Our carefully selected partners and service providers may process personal information about you on our behalf as described below:
a. Pursuant to a data processing agreement which complies with current data processing laws;
b. On the basis that all personal data will be kept in confidential conditions and will be used only for the agreed purpose; and
c. By processors or agents selected by us who offer a high standard of professional and customer service.
Our website, applications (including mobile applications), and services may contain technology ( including cookies) that enables us to:
a. Check specific information from your device or systems directly relevant to your use of the websites, applications, or services against our records to make sure the websites, applications, or services are being used in accordance with our end-user agreements and to troubleshoot any problems;
b. Obtain information relating to any technical errors or other issues with our website, applications, and services;
c. collect information about how you and users use the functions of the features of our website, applications, and services; and
d. gather statistical information about the operating system and environment from which you access our applications or services
The purpose of cookies is to make the operation of the website more effective and improve its efficiency for the benefit of users. You will be given the option to opt-out of the use of these items, where that is possible, when you enter the website.
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email SMS or post with information, news, and offers on products and services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the applicable privacy and electronic communications regulations, and you will be given the opportunity to opt-out.
Data Compliance Officer
County Gates House
300 Poole Road
This policy is subject to change. Any changes we may make to this policy in the future will be posted on this page and your continued use of our websites, applications and services following the posting of changes will mean you accept those changes.
This policy will be applied and interpreted in accordance with data protection laws including GDPR applicable in the EU and UK from time to time.