We may amend this policy from time to time by updating this page. Therefore, we suggest you check this page occasionally to ensure you are aware of and are happy with any amendments.
Changes to the privacy notice and your duty to inform us of changes
This version was last updated on 24 May 2018.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.
Neotas Limited is the controller and are responsible for your personal data (collectively referred to as Neotas, “we”, “us” or “our” in this privacy notice).
What information do we collect?
Personal information may be collected from you in various ways, for example: –
- Via direct interactions, including but not limited to face to face meetings, telephone, and email or other digital means of contact.
- When you register and voluntarily provide information in response to questionnaires or download forms, or to register for newsletters or start or contribute to petitions. (this includes your name, email address, and any other details asked for and which you provide)
- When you conduct activities on our site (for example, when you purchase a product or service we record what you purchased etc.) we may collect your name and contact details, details of your subscription to our services, and other information gathered by Facebook and transferred to us, including your address.
- We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
- We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
How is the information used?
We use this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- To supply to you services purchased via the website, and to process your payments.
- For statistical purposes and analysis for management purposes in order to administer the website or improve our products and services.
- Internal record keeping, and administrative purposes, and to inform you about our events, services or products, or other related information that we think would be of interest to you, as explained above.
- To communicate marketing messages, newsletters and details of our business or the businesses of carefully-selected third parties which we think may be of interest to you by post or email or similar technology (you can inform us at any time if you no longer require marketing communications).
- From time to time, we may also use your information to contact you for market research purposes or to customise the website according to your interests.
How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Further information about the types of lawful basis that we will rely on to process your personal data is provided below:
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Your information will not be disclosed to any third party unless you have given your consent to such disclosure. You may at any time ask us to refrain from sending you marketing messages by sending us an email with the words UNSUBSCRIBE in the subject box or by telephoning us. If we contact you by email each time you receive a message you will also have the option to decline to receive further information of that type from us.
If you would like us to destroy information we hold about you, please let us know. However, please note that if you use any of our services which require you to provide personal information, deleting our records may mean that you will need to resubmit it to continue using such services.
We may disclose aggregate statistics about our site visitors, clients and sales in order to describe our services to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.
Sale of business
If this business is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.
Cookies and Log Files
Cookies are text files stored on your computer, and accessible only to the websites which create them.
If you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter, or giving us a ‘+1’ via Google Plus, those social networks will record that you have done so and may set a cookie for this purpose.
In some cases, where a page on our website includes content from a social network, such as a Twitter feed, or Facebook comments box, those services may set a cookie even where you do not click a button. As is the case for all cookies, we cannot access those set by social networks, just as those social networks cannot access cookies we set ourselves.
Our systems automatically gather some anonymous information about visitors, including IP addresses, browser type, language, and the times and dates of webpage visits. The data collected does not include personally identifiable information and is used, as described above, for statistical analysis, to understand user behaviour, and to administer the site.
The internet is not a secure medium. However we take reasonable technical and organizational precautions to prevent the loss, misuse or alteration of your personal information.
We have put in place various security procedures as set out in this policy. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to user information. We use secure server software (SSL) to encrypt financial information you input before it is sent to us, and our database is hosted in a secure data centre. Whilst we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this.
use our best endeavours to contact you by email to seek your consent to the use. Continued use of the service will signify that you agree to any such changes
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see Request erasure below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data.
You have the right to:
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this
right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you. No fee usually required
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
By using our site, you consent to the collection and use of information by us. Owing to the global nature of the internet infrastructure, the information you provide may be transferred in transit to countries outside the European Economic Area that do not have similar protections in place regarding your data and its use as set out in this policy. However, we have taken the steps outlined above to try to improve the security of your information. By submitting your information you consent to these transfers.
How to contact us
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
To find out more about your rights under the GDPR, visit the Information Commissioner’s website (www.ico.org.uk)