Last Updated: September 2018
- Only those who require access from our end, at the appropriate levels, will have access to your information
- If you would like to access, amend or delete any information we hold on you please contact us at [email protected]
If at any time you are concerned or have any questions about how we might be handling your data, please contact us at [email protected]
We Do Your Group Limited remain fully committed to the protection of your privacy at all times. The information contained in this policy has been published to inform you of the way in which any Personal Data (as defined below) you provide us with or we collect will be used.
When we refer to “We Do Your Group”, “we”, “our”, or “us” in this policy, we are referring to We Do Your Group Limited and its subsidiaries and affiliates, which provide the Services to you. The “Services” refers to the applications, services and websites provided by We Do Your Group. We Do Your Groupmay, from time to time, introduce new products or services. To the extent that these new products and services affect this policy, we will notify you as described below.
Please read this information carefully in order to fully understand how we treat such Personal Data.
We will collect, store, use and disclose Personal Data in accordance with all applicable laws relating to the protection of Personal Data, including the EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at [email protected]
INFORMATION WE COLLECT AND RECEIVE
“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We may obtain and use the following Personal Data about you:
- Customer Account and Registration Data– this includes data you provide to create your account with us or register for events, webinars, surveys etc. as well as date relating to any purchases of good and/or services. This may include first and last name, billing information including address, delivery address, phone number and a valid email address. We process this data to supply the good and/or services you have purchased and to keep records of such transactions. Our lawful ground for processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
- Service Data (including Session and Usage data)– when you use our Services, we receive information gathered through the use of the Service, either entered by you or from the Service infrastructure itself (for example, duration of session, connections information etc.). We may also collect usage and log data about how the services are accessed and used, including information about the device you are using the Services on, IP addresses, location information, language settings, what operating system you are using, unique device identifiers and other diagnostic data to help us support the services. This also includes information on how you use our website. We process this data to operate our website and services and ensure relevant contact is provided to you, to ensure the security of our website, to maintain back-ups of our website, other online services and business. Our lawful ground for processing this information is out legitimate interests which in this case are to enable us to properly administer our website and our business and for performance of a contract between you and us to ensure that the services provided are suitable and work correctly.
- Third Party Data– we may receive information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. We may also receive information from other affiliated companies that are a part of our corporate group. This helps us to update, expand and analyse our records, identify new prospects for marketing, and provide products and services that may be of interest to you. We also process this data to enable you to partake in our promotions, to deliver relevant website content and (where applicable) to deliver relevant advertisements to you and to measure or understand the effectiveness of this advertising. Our lawful ground for this processing is out legitimate interests which in this case are to study how customers user our products and services, to develop them, to grow our business and to decide our marketing strategy.
- Location Information –we collect your location-based information from your device. We process this data to provide and support the services we provide and for fraud prevention and security monitoring. Our lawful ground for this processing is out legitimate interests which in this case are to study how customers use our products/services, to develop them, to ensure the security of our services and to protect our business and website. If you wish to opt-out of the collection and use of your collection information, you may do so by turning it off on your device settings.
- Device Information– When you use our Services, we automatically collect information on the type of device you use, operating system version, and the device identifier (or “UDID”). We process this data to provide analyse which systems and devices are used in order to provide full support for the services we provide and to monitor use of our website. Our lawful ground for processing is the performance of a contract between you and us and legitimate interests which in this case are to study how our customers use our products / services, to develop them, to provide a better service and grow our business.
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you do not provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.
We will only use your personal data for a purpose it was collected for or a reasonably compatible purpose if necessary. For more information on this please email us at [email protected] In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
We do not carry out automated decision making or any type of automated profiling.
HOW WE COLLECT YOUR PERSONAL DATA
We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending us emails). We may automatically collect certain data from you as you use our website by using cookies and similar technologies as detailed below.
We may receive data from third parties such as analytics providers such as Google based outside the EU, advertising networks such as Facebook based outside the EU, such as search information providers such as Google based outside the EU, providers of technical, payment and delivery services, such as data brokers or aggregators.
We may also receive data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
We may also receive data from purchased lists or subscription-based sites in order to verify your information.
Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).
Under the Privacy and Electronic Communications Regulations,we may send you marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications, and, in each case, you have not opted out of receiving such communications since. Under these regulations, if you are a limited company, we may send you marketing emails without your consent. However, you can still opt out of receiving marketing emails from us at any time.
Before we share your personal data with any third party for their own marketing purposes we will get your express consent.
You can ask us or third parties to stop sending you marketing messages at any time by clicking on the opt out button on each email or by emailing us at [email protected] at any time.
If you opt out of receiving marketing communications this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations etc.
COOKIES, ANALYTICS AND OTHER WEB SITE TECHNOLOGIES
We may obtain information about your computer, which includes your IP address, browser type and operating system where available. This accumulation of data is used to assist system administration.
We may also collect information regarding your browsing activity and interests through use of a cookie file. This cookie file is stored on the hard drive of your computer and contains information that is transferred to your computer’s hard drive. We use the collection of this data to help us improve the experience of users on our Website and Service, and to deliver a more personalised service with more relevant content. The collection of this data allows us to:
- store data indicative of your preferences, allowing us to adjust our Website to appeal to your individual interests; estimate the size and usage patterns of our audience;
- record the details of any transactions carried out by you through our Website; and/or
- identify you upon your return to our Website.
We Do Your Group are continuously improving our websites and products through the use of various third party web analytics tools, which help us understand how visitors use our websites, desktop tools, and mobile applications, what they like and dislike, and where they may have problems. While we maintain ownership of this data, we do not share this type of data about individual users with third parties.
Geolocation and Other Data:
We may utilize precise Geolocation data but only if you specifically opt-in to collection of that data in connection with a particular service. We also use information such as IP addresses to determine the general geographic locations areas of our visitors. The web beacons used in conjunction with these web analytics tools may gather data such as what browser or operating system a person uses, as well as, domain names, MIME types, and what content, products and services are reviewed or downloaded when visiting or registering for services at one of our websites.
We use Google Analytics as described in “How Google uses data when you use our partners’ sites or apps.” You can prevent your data from being used by Google Analytics on websites by installing the Google Analytics opt-out browser add-on here. We also employ IP address masking, a technique used to truncate IP addresses collected by Google Analytics and store them in an abbreviated form to prevent them from being traced back to individual users.
Examples of Cookies We Use:
|Session Cookies||We use these cookies to operate Our Website.||Some cookies are essential for the operation of the We Do Your Group Website. If a user chooses to disable these cookies, the user will not be able to access all the content and features.|
|Security Cookies||These cookies are used for general security purposes and user authentication.||We use security cookies to authenticate users, prevent fraudulent use of login credentials, and protect user data from access by unauthorised parties.|
Third Party Cookies:
HOW WE USE THE INFORMATION WE COLLECT AND RECEIVE
We Do Your Group may access and use the data we collect as necessary (a) to provide and maintain the Services; (b) to address and respond to service, security, and customer support issues; (c) to detect, prevent, or otherwise address fraud, security, unlawful, or technical issues; (d) as required by law; (e) to fulfil our contracts; (f) to improve and enhance the Services; (g) to provide analysis or valuable information back to our Customers and users.
Some specific examples of how we use the information:
- Create and administer your account
- Send you an order confirmation
- Facilitate and improve the usage of the services you have ordered
- Assess the needs of your business to determine suitable products
- Send you product updates, marketing communication, and service information
- Respond to customer enquiries and support requests
- Conduct research and analysis
- Display content based upon your interests
- Analyse data, including through automated systems and machine learning to improve our services and/or your experience
- Provide you information about your use of the services and benchmarks, insights and suggestions for improvements
- Market services of our third-party business partners
We Do Your Group will retain your information as long as your account with us is active, and then for up to 6 months thereafter for our own internal administrative purposes, to comply with our legal obligations, to resolve disputes, and enforce our agreements.
If you wish to cancel your account or for us to stop providing you services, or if we hold personal information about you and you want it to be removed from our database or inactivated, please contact us by emailing on [email protected]
WHERE WE STORE PERSONAL DATA
The Personal Data we obtain from you may be moved to and stored at a destination within the European Economic Area (“EEA”). You agree that Personal Data we obtain from you may be processed by our service providers based in, countries outside of the EEA for the purposes of providing you with the Service. Such countries may not have laws offering the same level of protection for Personal Data as those inside the EEA; however, where such transfers of data occur, we will take steps to prevent the transfer of Personal Data without adequate safeguards being put in place and will ensure that your Personal Data collected in the EEA and transferred internationally is afforded the same level of protection as it would be inside the EEA. For further information on, or a copy of, the adequate safeguards adopted by us for the international transfer of Personal Data, please email [email protected]
We store the Personal Data you provide us with on our secure servers. In the event of us giving you passwords which grants you access to specific areas within our Website or Service, it remains your responsibility to maintain the confidentiality of these passwords. This includes the responsibility to refrain from sharing your password with other parties. Remember that if you lose control of your passwords, you may lose control over your personal information.
As the transmission of data via the Internet cannot be assumed completely secure, we cannot guarantee the security of any of your data transmitted to our Website or Service; you are therefore responsible for any risk associated with such transmission. We will however at all times take all reasonable steps to ensure the transmission of your data is executed as securely as possible, and upon receipt of your we will continue at all times to enforce strict security procedures and features in an attempt to prevent any unauthorised access.
HOW WE PROTECT YOUR PERSONAL DATA
We Do Your Group follows generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received, however, no security measure is perfect. We recommend safeguarding your passwords, as it is one of the easiest ways you can manage the security of your own account – remember that if you lose control over your password, you may lose control over your personal information.
We will take all reasonable steps to maintain appropriate technical and organizational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.
For tax purposes the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers.
In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
DISCLOSURES OF YOUR PERSONAL DATA
Examples of how we may share information with service providers include:
- Fulfilling orders, providing and delivering the services
- Payment processing and fraud prevention
- Providing customer support
- Sending marketing communications
- Conducting research and analysis
- Service providers who provide IT and system administration services
- Professional Advisers including accountants, lawyers, bankers, auditors and insurers
- Government bodies that require us to report processing activities
- As part of a merger, sale of company assets, financing or acquisition of all or a portion of our business by another company where customer information will be one of the transferred assets.
- As required by law, for example, to comply with a valid legal process; when we believe in good faith that disclosure is necessary to protect our rights, or to protect your safety (or the safety of others); to investigate fraud; or to respond to a government request.
Our service providers have to follow our express instructions when processing the Personal Data you provide and must have in place appropriate technical and organisational security measures to safeguard such Personal Data, and we do not allow them to use this information for their own commercial purposes. We require all third party processors to respect the security of your data and to treat it in accordance with the law.
We may also disclose your personal information to any third party with your prior consent.
We are subject to the provisions of the General Data Protection Regulations that protect your personal data. Where we transfer your data to third parties outside of the EEA, we will ensure that certain safeguards are in place to ensure a similar degree of security for your personal data. As such:
- We may transfer your personal data to countries thatthe European Commissionhave approved as providing an adequate level of protection for personal data by; or
- If we use US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place; or
- Where we use certain service providers who are established outside of the EEA, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe.
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
We Do Your Group may need to communicate with you for a variety of different reasons, including:
- Responding to your questions and requests. If you contact us with a problem or question, we will use your information to respond.
- Sending you Service and administrative emails and messages. We may contact you to inform you about changes in our Services, our Service offerings, and important Service related notices, such as billing, security and fraud notices. These emails and messages are considered a necessary part of the Services and you may not opt-out of them.
- Sending emails about new products or other news about We Do Your Group, its affiliates or subsidiaries that we think you’d like to hear about either from us or from our business partners. You can always opt out of these types of messages at any time by clicking the unsubscribe link at the bottom of each communication.
- Conducting surveys. We may use the information gathered in the surveys to enhance and personalize our products, services, and websites.
- Offering referral programs and incentives, which allow you to utilize email, text, or URL links that you can share with friends or colleagues.
YOUR LEGAL RIGHTS
Under data protection laws you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights on the ICO website here
If you wish to exercise any of the rights set out above, please email us at [email protected]
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
QUESTIONS, COMMENTS AND GETTING IN TOUCH
Should you have any queries about this policy please contact us by email on [email protected], call us on 0117 9118 808 or write to us at We Do Your Group Limited, 20 Apex Court, Woodlands, Bradley Stoke, Bristol BS32 4JT. For all other support requests please contact us on [email protected]