Privacy Policy

Emailage Privacy Statement

Emailage Corp Privacy Policy

Information Collected

Your privacy is important, so Emailage Corp (Emailage) has created the following Privacy Policy to let you know what information we collect when you visit our website, why we collect it and how it is used. The terms “you,” “your,” and “yours” refer to you, as the customer using our website. The terms “Company,” “we,” “us,” and “our” refer to Emailage. This Privacy Policy is governed by our Terms of Service. By using this website, you hereby provide us your consent to the data practices described in this statement. We may periodically make changes to this Privacy Policy that we will include on this page. It is your responsibility to review this Privacy Policy frequently and remain informed about any changes to it, so we encourage you to visit this page often.

What Information Is Collected?

“Personally identifiable information” means any information that may be used to identify an individual, including, but not limited to, a first and last name, home or other physical address, an email address, phone number or other contact information, whether at work or at home. When you use our website or services Emailage may collect from you the following personally identifiable information: first and last name, city, state and zip code, email address, birthday and phone number. Emailage also automatically receives and records information on our server logs from your browser, including your IP address, cookie information and the page you requested. You can choose not to provide us with certain information, but then you might not be able to take advantage of many of our features. Emailage may keep a cached copy of the content you serve us as a part of your use of the service for an indeterminate amount of time, including media files and XML files. To assist in our development, we may keep copies of HTTP requests and responses in your notification log, available only to you. We may keep access log, notification log, billing/ payment, and other log data for at least six months from the date of entry.

How Is Such Information Used?

Emailage uses the personally identifiable and other collected information in a manner that is consistent with this Privacy Policy. If you provide us your personally identifiable information for a certain reason, we may use the personally identifiable information in connection with the reason for which it was provided. For instance, if you contact us by e-mail, we will use the personally identifiable information you provide to answer your question or resolve your problem. Also, if you provide personally identifiable information to obtain access to the Emailage website or services, we will use such information to provide you with access to such services and to monitor your use of such services. Your personally identifiable information may be used to provide you with new product information and support services offered on the website, to notify you of technical updates or changes in policy, to improve the content and functionality of the Emailage website and services, to help us better understand our users, or to deliver other services.

Is The Information Shared or Disclosed?

Emailage is not in the business of selling your information. We consider this information to be a vital part of our relationship with you. There are, however, certain circumstances in which we may share your personally identifiable information with certain third parties without further notice to you, as set forth below:

  • Third Party Applications and Services: If you elect to use one or more third party applications that interoperate with Emailage’s service via Emailage API, those applications may, upon your election, be given access to data (which may include personally identifiable information) on Emailage’s systems generated relating to your use of Emailage’s service. Please remember that Emailage is not responsible for the policies and practices of third party application providers, and Emailage shall have no liability arising from any action of any such provider as it concerns your data or information or otherwise. Regarding your use of any such third-party applications, please review carefully the applicable privacy policies of each such third-party application provider to become familiar with their policies and practices as it concerns your data and information.
  • Business Transfers: As we develop our business, we might sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, your personally identifiable information may be part of the transferred assets. You acknowledge that such transfers may occur, and that any acquirer or successor of Emailage may continue to use your information as set forth in this policy.
  • Related Companies: We may also share your personally identifiable information with any entity that is affiliated with us for purposes consistent with this Privacy Policy.
  • Agents, Consultants and Related Third Parties: Emailage like many businesses, sometimes use other companies to perform certain business-related functions. Examples of such functions include mailing information, maintaining databases and processing payments. When we employ another company to perform a function of this nature, we only provide them with the information that they need to perform their specific function.
  • Legal Requirements and Other Circumstances: Emailage may disclose your personally identifiable information, if required to do so by law or in the good faith belief that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Emailage, (iii) act in urgent circumstances to protect the personal safety of users of the Emailage website or services or the public, or (iv) protect against legal liability.

The Security of Your Information

We will take reasonable precautions to protect personally identifiable information in our possession from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We follow generally accepted industry standards to protect the personally identifiable information submitted to us, both during transmission and storage. No method of transmission over the Internet or method of electronic storage is, however, 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personally identifiable information, and have our security controls certified by an independent third party, we cannot guarantee its absolute security.

Children

Emailage is not intended for or directed to persons under the age of 13. Any person who provides their information to Emailage represents to us that they are 13 years of age or older.

Cookies

Cookies are small text files stored by your browser in your computer when you visit our website. Cookies permit us to recognize users and avoid repetitive requests for the same information. Most browsers will accept cookies until you change your browser settings to refuse them. This privacy statement covers the use of cookies by Emailage and does not cover the use of cookies by any other third party.

Forums and Comments

If you use the forum or post comments on this website, you should be aware that any personally identifiable information you submit there can be read, collected, or used by other users of these forums, and could be used to send you unsolicited messages. Emailage is not responsible for any personally identifiable information you choose to submit in that context or anything arising from such submissions.

Collection of Mobile Identifiable Information

You authorize your wireless operator (AT&T, Sprint, T-Mobile, US Cellular, Verizon, or any other branded wireless operator) to use your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber status details, if available, to allow verification of your identity and to compare information you have provided to Emailage with your wireless operator account profile information for the duration of the business relationship.

Links to Other Sites

This website may contain links to other sites that are not owned or controlled by us. Please be aware that Emailage is not responsible for the privacy policies of such other sites. We encourage you to be aware when you leave our site and to read the privacy statements of each website that collects personally identifiable information. This privacy policy applies only to information collected by this website.

Your Consent to This Privacy Policy

By using Emailage you agree to this Privacy Policy. This is our entire and exclusive Privacy Policy and it supersedes any earlier version. Our Terms of Service take precedence over any conflicting Privacy Policy provision. We may change this Privacy Policy by posting a new version of this Privacy Policy on this website which it is your responsibility to review. We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting the personally identifiable information we collect. Your continued use of this website or Emailage services constitutes your agreement to this Privacy Policy and any updates.

Privacy Shield Notice – EMAILAGE CORP.

Emailage Corp. operates as both as a data controller and a data processor and only collects email addresses from our customers for the purposes of reducing fraud incidents for banks, financial institutions, retailers, e-commerce, and online merchants. If you are an individual interested in accessing your personal data we may possess, please refer to the company that sent/originated this data for processing.

Emailage Corp. complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland transferred to the United States pursuant to Privacy Shield.  Emailage Corp. has certified that it adheres to the Privacy Shield Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit https://www.privacyshield.gov/

In compliance with the Privacy Shield Principles, Emailage Corp. commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to Privacy Shield. European Union and Swiss individuals with Privacy Shield inquiries or complaints should first contact Tony Valentine, Director Risk and Compliance at [email protected] and/or [email protected]

Emailage Corp. has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers for more information and to file a complaint. This service is provided free of charge to you.

If your Privacy Shield complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms.  See Privacy Shield Annex 1 at https://www.privacyshield.gov/article?id=ANNEX-I-introduction

The U. S. Federal Trade Commission is the enforcement authority with jurisdiction of compliance with the Privacy Shield

Notice: We acknowledge consumers have the right to access their personal data for the purposes pf correcting and/or deleting this data, however, you the individual must contact the original party that provided this information to us.

Choice: We recognize an individual has the right to opt in/opt out of the use of their personal data, but we ask that you the individual go back to the original company that provided us the data.

Accountability of Onward Transfer: If Emailage Corp. transfers personal information we will take appropriate measures to protect the privacy and personal information that we transfer. In cases of onward transfer to third parties of data of EU or Swiss individuals received pursuant to the EU-US and Swiss-US Privacy Shield, Emailage Corp. is potentially liable.

Security: Emailage Corp. data is encrypted at rest and in transit. Data securely resides in our data centers which are SSAE16, SOC II and PCI-DSS compliant.

Data Integrity and Purpose Limitation: Emailage Corp. provides data that is accurate and used only for the purpose it was intended to reducing fraud incidents.

Access: Emailage Corp. acknowledges that individuals have the right to access their personal information and should contact the originating company that provided this data to us.

Recourse, Enforcement and Liability: Emailage Corp. also may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including meeting national security or law enforcement requirements.

When Emailage Corp. becomes subject to an FTC or court order based on noncompliance, Emailage Corp. shall make public any relevant Privacy Shield related sections of any compliance or assessment report submitted to the FTC, to the extent consistent with confidentiality requirements.

Enforcement

We regularly review how we’re meeting these privacy promises, and we also provide an independent way to resolve complaints about our privacy practices. To access your personal information, ask questions about our privacy practices, or issue a complaint, contact us at [email protected] or:

Emailage Corp.
Attn: Director, Risk and Compliance
25 South Arizona Place, Suite 400
Chandler, AZ, 85225
866.936.2452

Emailage has further committed to refer unresolved privacy complaints under the EU-US and Swiss-US Privacy Shield Principles BBB EU PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint.

Legal Disclaimer

Emailage.com operates “AS-IS” and “AS-AVAILABLE,” without liability of any kind. Emailage.com is not responsible for events beyond our direct control.

Contacting Emailage

If you believe that Emailage has not adhered to this Privacy Policy, please contact us at [email protected], and we will use commercially reasonable efforts to remedy the problem.

Postal mail Address

Emailage Corp.
25 South Arizona Place, Suite 400
Chandler, AZ, 85225
866.936.2452

Changes to the Privacy Statement

May 2017
We updated the Privacy Statement to remove any language related to the US Swiss Safe Harbor Framework and Principles since those are no longer valid.

August 2017
We updated the Privacy Statement to add specific language regarding our self-certification and compliance with both the EU-US and Swiss-US Privacy Shield framework and principles.

October 2017

We updated the Privacy Statement to add specific language for Switzerland individuals and dispute resolution remedies.

May 2018

We updated the Privacy Statement to address GDPR elements and considerations for entities transacting business with our UK subsidiary, Emailage Limited; as well as to update specific language regarding our access to and use of data we use in the provision of our services.

 

 

Emailage Limited EU Privacy Policy

 

1. Introduction

This privacy policy applies to personal information we collect in relation to individuals in the European Union (“EU“). If you don’t live in the EU, different rights and obligations apply to your personal information and therefore we will comply with the privacy principles set out in, and use your personal information in accordance with, the Emailage US Privacy Policy www.emailage.com/privacy-policy.

This privacy policy explains what personal information we collect, why we collect it, how we use it, the control you have over your personal information and the procedures we have in place to protect it. Please read this privacy policy carefully – by accessing or browsing our website, using our service, or providing your personal information to third parties for the purpose of them using our services, you confirm that you have read, understood and agree to this privacy policy.

Please check back regularly to keep informed of updates to this privacy policy.

If you have any questions, comments or concerns about any aspect of this policy or how we handle your information, please email [email protected] or see our contact details below.

2. Who we are

Emailage Limited is a company registered in England and Wales (registration number 09282165), whose registered office is at 16 Great Queen Street, Covent Garden, London WC2B 5AH. In respect of services provided by the Emailage group of companies, we are the data controller of any personal information relating to individuals in the EU. In this privacy policy, when we refer to “us“, “we” or “our“, we are referring to Emailage Limited.

3. How we interact with you

When we provide our Services to our corporate clients we collect and process personal data on their individual customers in order to provide our Services. Our clients have the direct relationship with these individual customers, and share certain personal data with us. References to “you” in this privacy policy refer to you as an individual (i.e. as a customer or potential customer of one of our corporate client), and this privacy policy sets out an explanation of how we use this personal data, and any other data we might hold about you as further described below.

If you use our website, contact us or provide us with your personal information directly, this privacy policy also sets out what information we might collect and how we use it.

4. About our services

The Emailage group of companies provide identity validation and risk assessment services to corporate clients who interact and enter into transactions with individuals. Our services are designed to reduce fraud in the market, improve customer experiences and drive transaction approvals. Our services also benefit individual customers, prospective customers and the public generally, as the cost of fraud is one of the factors that can push up the costs of products and services.

Our services form part of our client’s compliance checks, which helps them to verifying the identity of their individual customers, and verifying the information which individuals provide when they engage with the client for products and services (e.g. when purchasing goods and/or services through the client’s website). Our service forms part of this verification process, by providing a fraud risk score in relation to the individual customer’s email address.

If you procure goods or services from one of our clients (or seek to enter into transactions with them) they may use our services to help them check you are who you say you are, and that the contact information you provided is correct. This is all done in “real time” behind the scenes, and our client chooses how they use our services and risk assessment (together with other checks they might perform) as part of their fraud prevention and due diligence checks.

If you have been provided with our details by one of our clients, or a link to this privacy policy, that is because our client has asked us to provide a risk assessment on the details you provided, and we have asked them to ensure that you are made aware of how we use your personal information to provide our services to them.

Further details on our services are set out on the Emailage website – Emailage Solutions.

5. Our privacy principles

Privacy policies can be complicated, so we have tried to make ours as clear and as accessible as possible. However, if you want to find out more information about our privacy practices, please email [email protected] or see our contact details below.

If your query relates to a third party who uses our services (i.e. one of our clients), please contact that third party to find out more about how they use your personal information and our services in their interactions with you.

6. The personal information we collect about you

Our main reason for collecting and using your personal information is to provide and improve our service, products and experiences, and to provide identity validation and risk assessment services to corporate clients.

If you make contact with us directly, or use our website

When you access and browse our website, or contact us by phone, email or other channels (including social media), such as when you try and contact us, register for a demo of our services, or participate in our blog, we collect any information that you choose to submit to us through the available data entry fields. We also collect information when you register or login to use our services. This might include your name, physical address, email address, phone number or other contact information, and any other information you provide as relevant to your interaction with us.

Typically the forgoing types of information are in the context of your employment (such as your work email, work address etc.) – for example if you contact us to enquire about our Services as a prospective client.

If your data is used for our Services

As part of our provision of our services to our clients, they will provide us with relevant details on individuals so that we can provide our identity validation and risk assessment services. This generally consists of an individual’s name, email address, IP address or phone number. If you are one of their customers, and they use our services in respect of a transaction you enter into with them (or seek to enter into), they will collect this information in accordance with the privacy policy (and/or other terms) they make you aware of at the time they collect the information. We have asked that they also make you aware of our use of your personal information and this privacy policy, as we will also be a controller over the personal information they share with us.

In order to provide our services, and so we can make sure our identity validation and risk assessment services are as accurate as possible, we collect information from third party data suppliers who have the right to share this information with us. This, again, generally consists of names, email addresses, IP addresses, location data, profile information and other information from social media platforms and public available sources, and information related to the foregoing. We collect these data sets periodically to maintain and keep our database up to date, and sometimes collect this information from third parties in “real time” when a client asks us to carry out a fraud check.

7. [Collection of mobile identifiable information]

[You authorize your wireless operator (AT&T, Sprint, T-Mobile, US Cellular, Verizon, or any other branded wireless operator) to use your mobile number, name, address, email, network status, customer type, customer role, billing type, mobile device identifiers (IMSI and IMEI) and other subscriber status details, if available, to allow verification of your identity and to compare information you have provided to us with your wireless operator account profile information for the duration of the business relationship.

8. How we use your personal information

Our main reason for collecting and using your personal information is to provide and improve our service. To do this and to manage our internal business operations we also carry out the following activities:

  • To respond to queries and requests, and to communicate with you if you contact us.
  • To provide our services and support for our services to our client, monitor use of our services and to improve the content and functionality of our website and services.
  • To make an assessment as to potential risk of fraud associated with information that is provided to one of our clients as part of our identity validation and risk assessment services (see section 3 above for more details on our services, and see below for a more detailed explanation of our legitimate interest in processing personal information for this purpose).
  • To provide updates to you about any changes to our policies, terms and conditions and any other matters which we may need to tell you.
  • To tell you about our products and services and send you relevant and interesting marketing communications.
  •  To comply with legal obligations, to assist in any disputes, claims or investigations

9. Our rights to use your personal information

In accordance with relevant data protection laws, we have a legitimate interest in processing the personal information we obtain from our clients and third parties relating to individuals in respect of whom we provide our identity validation and risk assessment services. In particular:

  • Our services are designed to reduce fraud in the market, which has a direct benefit to individual customers, prospective customers and the public generally, as the cost of fraud is one of the factors that can push up the costs of products and services, or limit or restrict their supply – you directly and indirectly benefit from our Services because fraud is a factor that increases the costs of goods and services to consumers. Our Services also improve customer services and user journeys when individuals seek to make purchases online.
  • Our services form part of our client’s compliance checks, which are necessary for the client to ensure it meets external and internal governance obligations (including necessary risk due diligence on individual customers and potential customers). In particular, our clients have a legitimate interest in verifying the identity of its individual customers, and verifying the information they provide when they engage with these customers. Our services forms part of this verification process, by providing a fraud risk score in relation to the individual client’s email address (and IP address if part of the agreed service).

In some relatively limited circumstances we may need to handle your personal information in a certain way to be able use to comply with our legal obligations, for example, if we are asked to disclose your personal information to regulatory bodies or law enforcement authorities.

10. Forums and comments

If you use our forum or post comments on our website or blog, you should be aware that any personal information you submit there can be read, collected, or used by other people, and could be used to send you unsolicited messages. We are not responsible for any personal information you choose to submit in that context or anything arising from such submissions.

11. Cookies

Technologies such as cookies, beacons, tags and scripts are used by us and our partners, affiliates, or analytics or service providers. These technologies are used in analysing trends, administering our website, tracking users’ movements around our website and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use cookies, for example, to remember users’ settings (e.g. language preference) and for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited.

12. Anonymous data

We sometimes collect anonymised details about visitors to our website and users of our services for the purposes of aggregate statistics or reporting purposes.  However, no individual will be identifiable from the anonymised details we collect for these purposes (and therefore it isn’t “personal information”).

13. Children

We do not and will not knowingly collect information from any unsupervised child under the age of 13.  If you are under the age of 13, you should not provide us with any of your personal information. If we learn that we have inadvertently obtained personal information in relation to a child under the age of 13, we will delete that information as soon as possible.

If you think we might have inadvertently obtained personal information of a child, please contact us at [email protected].

14. Marketing

We don’t use any of the personal information we collect from our clients or which we collect from third parties as part of our fraud prevention Services to market to individuals, and we won’t contact you about our services or send you marketing information, or sell this information for marketing purposes to third parties.

If you provide us with your details when you contact us (such as to enquire about our services, or if you are one of our clients) we may collect and use your personal information for undertaking marketing by email, social media, telephone and post – we may send you certain marketing communications (including electronic marketing communications to our existing customers) if it is in our legitimate interests to do so for marketing and business development purposes. However, we will always obtain your consent to direct marketing communications where we are required to do so by law and will provide any mandatory opt-out options.

If you wish to stop receiving marketing communications, you can contact us by email at [email protected] at any time or by using the contact details below.

15. How we share your personal information

When we provide our identity validation and risk assessment services to our clients, we will share restricted elements of the individual’s personal information with them together with our assessment of the fraud risk against the information they provided to us. Our clients will also be a data controller over this personal information and will use it in accordance with the privacy policy (and/or other terms) they notified the individual of at the time the individual entered into, or sought to enter into, a transaction with them. Our clients also choose how they use our assessment of the risk of fraud associated with the details provided (together with other information they might hold), and we make no determination and have no control over whether they accept to enter into a specific transaction.

If you have a query about how a third party might use our services and how they made a decision as to whether or not to enter into a transaction with you, please contact that third party.

We may also disclose the personal information we hold under the following circumstances:

  • Service and website usage information: When we share anonymous information generated by our services or use of our websites.
  • Third-party service providers: When we share information with third-party service companies to facilitate or to provide certain services on our behalf. This will include:
  • IT infrastructure companies that facilitate our provision of our website and the services
  • IT support service providers
  • payment providers (to the extent we take any payments from you)
  • other third-party service providers, for the purpose of tracking use of our website
  • carefully selected third party data suppliers (but only to the extent that we need to share information with them to verify the information we hold, or to obtain additional information), and on the basis that they have the right to share this information with us

These companies are authorised to use the personal information we share with them (if any) only as necessary to provide their services to us.

  • Group companies: We may provide your personal information to our subsidiaries or affiliated companies for the purpose of processing personal information on our behalf to provide our services. These parties are required to process such information based on our instructions and in accordance with this privacy policy.
  • Compliance with laws and legal proceedings: When we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. When we believe in our sole discretion it is necessary to share information in order to investigate, prevent or take actions against illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our terms of use, or as otherwise required by law.
  • Merger or acquisition: When we need to transfer information about you if we are acquired by or merged with another company.  If we are involved in a merger, acquisition, or sale of all or a portion of our assets, you will be notified afterwards via a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.

16. International transfers

We may transfer personal information that we process to third party data processors located in countries that are outside of the European Economic Area (including to the United States of America) or to members of our group of companies (including to those in the United States of America) in connection with the above purposes.

If we provide any personal information about you to any such non-EEA members of our group or suppliers, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this privacy policy.  These measures include entering into European Commission approved standard contractual arrangements with them or, in the case of US entities, ensuring they have signed up to the EU-US Privacy Shield (see further https://www.privacyshield.gov/welcome).

Emailage Corp., our parent company, complies with the EU-US and Swiss-US Privacy Shield framework as set forth by the US Department of Commerce regarding the collection, use, and retention of data from the EU.

In accordance with the Privacy Shield, Emailage Corp. adheres to the Privacy Shield principles of: (1) Notice; (2) Choice; (3) Accountability for Onward Transfer; (4) Security; (5) Data Integrity and Purpose Limitation; (6) Access; and (7) Recourse, Enforcement and Liability in respect of any personal information we share with them for the purposes set out above.

For more information on Emailage Corp.’s compliance with the Privacy Shield, please see the Emailage US Privacy Policy at www.emailage.com/privacy-policy. To learn more about the Privacy Shield program, and to view the certification page for us on the Privacy Shield List, please visit https://www.privacyshield.gov/.

Further details on the steps we take to protect your personal information when we make these transfers are available from us on request by contacting us by email at [email protected].

17. Security

We are committed to protecting your personal information and we use appropriate technical and organisational measures, including encryption, to protect your personal information and privacy, and review those regularly. We protect your personal information using a combination of physical and IT security controls, including access controls that restrict and manage the way in which your personal information and data is processed, managed and handled. We also ensure that our staff are adequately trained in protecting your personal information. However, whilst we take appropriate technical and organisational measures to safeguard the personal information that we process, if you provide us with any personal information over the Internet we cannot guarantee the security of the transfer (as no transmission over the Internet can ever be guaranteed as being secure).

In the unlikely event that we do suffer a security breach which compromises our protection of your personal information and we need to let you know about it, we will do so.

18. Data retention

We store the personal information we collect for as long as it continues to be relevant to our services and for as long as we need to use it for the reasons given in this privacy policy, and for as long as we are required to keep it to comply with our legal obligations, to resolve disputes, or to enforce our legal rights. The actual period for which we store your personal information will vary depending on the type of personal information and the nature of the legitimate interest we have in continuing to process it.

You may have the right to ask us to delete any personal information we hold about you (in accordance with your rights below), and if you want to seek to exercise this right please email [email protected].

19. Your rights

Under relevant EU data protection laws you have the right to access, update and amend the personal information that we hold about you. In certain circumstances, you can also:

  • object to our use of your personal information for certain purposes
  • ask us to limit or restrict our use of your personal information
  • ask us to correct, remove or delete personal information about you
  • ask us to provide certain personal information to a third-party provider of services

Please note that these rights do not always apply and there are certain exceptions to them, but if that is the case we’ll let you know and tell you why. We may also need to confirm your identity before acting on certain requests. If the law allows us to impose a fee for giving you access to your personal information, or to exercise any of your other rights in relation to your personal information, we will let you know.

If you would like to exercise any of your rights in relation to your personal information, please email [email protected].

20. Third parties

Our website may contain links to other websites operated by third parties.  Please note that this privacy policy applies only to the personal information that we process and we cannot be responsible for personal information that third parties may collect, store and use through their website or services.  You should always read the privacy policy of each website you visit carefully.

If we obtain information from third parties (including personal information relating to you), we obtain this on the basis that they confirm that they have the right to share this information with us, and we will only use this information in accordance with this privacy policy. When you use third party services you should always make sure you are happy with their privacy practices and, where available, you have updated you privacy settings to reflect your preferences.

21. Questions, complaints and suggestions

We have a Data Protection Officer to assist with all queries and complaints regarding our processing of personal information and who can be contacted at [email protected].

If you have any queries about our website or services, please contact us via our Contact Page, or call us on UK 0808 109 6007.

You may also make a complaint to our supervisory body for data protection matters (namely the UK’s Information Commissioner’s Office) or seek a remedy through local courts if you believe your rights have been breached.

If your query relates to a third party who uses our services (i.e. one of our clients), please contact that third party to find out more about how they use your personal information and our services in their interactions with you.

22. Changes to this privacy policy

We may update this privacy policy from time to time. Any changes we make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to this privacy policy, which (unless otherwise stated) will apply from the date on which this privacy policy is updated.

The current version of this privacy policy was updated on May 14, 2018.