Privacy Statement
Your privacy and trust are important to us.
This Privacy Statement explains how ReFindData (referred to as “we”, “us”, or “our”) collect, use, and share your personal information in connection with the website, application (including a mobile application), product, software, or service that links to this Privacy Statement (we call these our “Services”).
This Privacy Statement, however, does not apply to:
- Our customers’ “content” that is input/uploaded and processed, stored, or hosted by our customers using our Services in connection with their account with us, in which this personal information is governed by our customers’ respective privacy policies;
- The “content” that is distributed within our Services (including with respect to personal information included in such content); or
- Any website, application, product, software, service, or content that are offered by third parties or that link to their own privacy statement, privacy policy, or privacy notice.
Importantly, some laws (like GDPR) distinguish between a “controller” and a “processor” (or similar terms). We note that we are a “controller” for those Services where we make decisions on how personal information is used in connection with our Services, and we are a “processor” for those Services where we only use personal information as allowed by our customers.
Where we make decisions on how personal information is used in connection with our Services (where we are acting as a controller), we are responsible for the obligations of a “controller” under applicable laws in connection with the processing of personal information – for example, we use this Privacy Statement and other notices to provide you with information about our use of personal information, as required by law. Where we only use personal information as allowed by our customers (where we are acting as a processor), our customers are similarly responsible for the obligations of a “controller” under applicable laws in connection with the processing of personal information, and, if you are using our Services through one of our customers, you should contact them if you have questions or concerns about the processing of your personal information or compliance with applicable laws.
Who we are & how to contact us
ReFindData is a UK entity. Any comments, concerns, complaints, or questions regarding our Privacy Statement may be addressed to info@refinddata.co.uk
As mentioned above, if you are using our Services through one of our customers, then you should contact them with any privacy-related issues or questions.
Information we collect
The type of personal information we collect depends on how you are specifically interacting with us and which Services you are using. Generally, we collect the following categories of personal information:
- Contact Information, such as name, address, phone number,email address and similar contact data.
- Organization and Contacts Information, such as your employer or organisation that you are a member of.
- Account Information, such as security-related information (including user names), service-related information (including purchase history and account profiles), billing-related information (including payment, shipping, and billing information), and similar data.
- User Content, such as content of communications, suggestions, questions, comments, feedback, and other information you send to us, that you provide to us when you contact us, and similar data.
- Device & Browser Information, such as network and connection information (including Internet Service Provider (ISP) and Internet Protocol (IP) addresses), device and browser identifiers and information (including device, application, or browser type, version, plug-in type and version, operating system, user agent, language and time zone settings, and other technical information), advertising identifiers, cookie identifiers and information, and similar data.
- Usage Information and Browsing History, such as usage metrics (including usage rates, occurrences of technical errors, diagnostic reports, settings preferences, backup information, API calls, and other logs), content interactions (including searches, views, downloads, prints, shares, streams, and display or playback details), and user journey history (including clickstreams and page navigation, URLs, timestamps, content viewed or searched for, page response times, page interaction information (such as scrolling, clicks, and mouse-overs), and download errors), advertising interactions (including when and how you interact with marketing and advertising materials, click rates, purchases or next steps you may make after seeing an advertisement, and marketing preferences), and similar data.
- Location Data, such as the location of your device.
- Demographic Information, such as country and preferred language.
- Financial Information, such as billing address, billing contact details, and similar data.
Sources of information
We collect personal information about you either directly from you, from certain third parties (such as the payment provider administering your subscription access to our Services), or from other sources (such as publicly available sources) as follows:
You provide personal information to us when you:
- Subscribe to, or purchase our Services.
- Use our Services or otherwise interact with us.
- Create or maintain a profile or account with us.
- Purchase, use, or otherwise interact with content, produts, or services from third party providers who have a relationship with us.
- Create, post, or submit user content on our Services.
- Request or sign up for information.
- Communicate with us by phone, email, chat, in person, or otherwise.
- Complete a questionnaire, survey, support ticket, or other information request form.
We collect personal information automatically when you:
- Interact with, or use our Services (including through a device).
- Access, use, or download content from us
- Otherwise interact or communicate with us (such as when you attend one of our events or locations, when you request support or send us information, or
when you mention or post to our social media accounts).
We also collect personal information about you from third parties, such as:
Service providers and business partners who work with us in relation to our Services and that we may utilize to deliver certain content, products, or services or to enhance your experience.
How we use information
This section includes details of the purposes for which we use personal information and the different legal reasons for processing that personal information.
Lawful Basis
First, some laws require us to explain the lawful basis upon which we process your personal information. With respect to these laws, we process personal information about you for one or more of the following basis:
- To Perform a Contract. Where the processing is necessary for the performance of the contract.
- Legitimate Interests. Where the processing is necessary for legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal information.
- Your Consent. Where you have given us consent to process your personal information for specified purposes, such as to provide our Service and other items requested by you.
- Comply with the Law. Where the processing is necessary for compliance with a legal obligation.
Processing of Personal Information
We process your personal information in connection with our Services and for other business purposes, including to:
- Provide, deliver, analyze, and administer our Services (including in connection with the performance of a contract).
- For internal research and development purposes for new content, products, and services, and to improve, test, and enhance the features and functions of our current Services.
- Process transactions related to our Services and administer accounts or profiles related to you or your organization (including registrations, subscriptions, purchases, billing events, royalty calculations, and payments).
- Personalize and make recommendations related to our Services and other offerings.
- Contact and communicate with you in connection with our Services or other notifications, programs, events, or updates that you may have registered for.
- Send you offers, advertising, and marketing materials, including to provide personalized advertising to you.
- Comply with your instructions or to fulfill other, specified purposes for which you have given your consent.
- Detect and prevent fraud and abuse to ensure the security and protection of all customers and others, as well as to identify and authenticate your access to our Service or to identify and authenticate you before we provide you with certain information.
- Exercise our rights and to protect our and others’ rights and/or property, including to take action against those that seek to violate or abuse our Services.
- Comply with the law and our legal obligations, including to respond to a request or order from a court, regulator, or authority, as well as to fulfill our contractual obligations with our customers when they arrange access to our Services for you.
- Effectuate the sale, merger, acquisition, or other disposition of our business (including in connection with any bankruptcy or similar proceedings).
How we share information
We share personal information for the purposes set out in this Privacy Statement and with the following categories of recipients:
In the Event of Merger, Sale, or Change of Control. We may transfer this Privacy Statement and your personal information to a third party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of control (such as the result of a bankruptcy proceeding).
Other Disclosures. We may disclose your personal information to third parties if we reasonably believe that disclosure of such information is helpful or reasonably necessary to comply with any applicable law or regulation, to comply with or respond to a legal process or law enforcement or governmental request, to enforce our terms and conditions or other rights (including investigations of potential violations of our rights), to detect, prevent, or address fraud or security issues, or to protect against harm to the rights, property, or safety of ReFindData, our users, or the public.
Location of information
ReFindData is located in the United Kingdom. During your use of our Services and your interactions with us, your personal information may be transferred outside of your home country and will be stored in and accessed from the United Kingdom.
Security of information
The security of your personal information is important to us. Taking into account the nature, scope, context, and purposes of processing personal information, as well as the risks to individuals of varying likelihood and severity, we have implemented technical and organizational measures designed to protect the security of personal information.
However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable measures designed to protect personal information, we cannot guarantee its absolute security.
Our security procedures also means that we may request proof of identity before we disclose personal information to you or before we process your other requests.
Retention of information
We retain personal information in accordance with our enterprise records retention schedule, which varies by Service, business function, record classes, and record types.
We calculate retention periods based upon and reserve the right to retain personal information for the periods that the personal information is needed to:
(a) fulfill the purposes described in this Privacy Statement,
(b) meet the timelines determined or recommended by regulators, professional bodies, or associations,
(c) comply with applicable laws, legal holds, and other legal obligations (including contractual obligations), and
(d) comply with your requests
Time Limit to respond
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
No Fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
Marketing choices
We deliver advertising and marketing across various platforms, such as on our Services or via email, telephone, text messaging, direct mail, and various online channels. Our Services and marketing materials may also include third party advertising and links to other websites and applications. Third party advertising partners may collect information about you when you interact with their content, advertising, or services.
You can control cookies and tracking tools via your web browser.
Your rights
In certain circumstances, local data protection laws (such as the GDPR) may give you rights with respect to personal information if you are located in or are a resident of that country, state, or territory (including if you are located in the EU/EEA).
IMPORTANT: WE ARE ONLY REQUIRED TO HONOR RIGHTS TO THE EXTENT THAT THESE RIGHTS HAVE BEEN GRANTED TO YOU AND APPLY TO YOU UNDER APPLICABLE DATA PROTECTION LAWS. PLEASE CONSULT YOUR LOCAL DATA PROTECTION LAWS TO DETERMINE WHAT RIGHTS MAY BE AVAILABLE TO YOU AND WHEN ACCESS TO THESE RIGHTS ARE LIMITED
.
What rights may be available to me?
These rights differ based upon local data protection laws in your country, state, or territory, but these rights may include one or more of the following:
- Access to Personal Information. You may have the right to obtain confirmation from us that we process your personal information and, if so, you may have the right to request access to your personal information. Please note that, to the extent permitted by law, we may charge a reasonable fee based on administrative costs for the first or further copies of your personal information requested by you.
- Rectification. You may have the right to request that we rectify inaccurate personal information concerning you and, depending on the purposes of the processing, you may have the right to have incomplete personal information completed.
- Erasure/Deletion. You may have the right to require us to erase some or all of the personal information concerning you.
- Restriction of Processing. You may have the right to require us to restrict the further processing your personal information. In such cases, the respective information will be marked as restricted, and may only be processed by us for certain purposes.
- Object. You may have the right to object, on grounds relating to your particular situation, to the processing of your personal information by us, and we may be required to no longer process some or all of your personal information.
- Data Portability. You may have the right to receive a copy of your personal information which you have provided to us, in a structured, commonly used, and machine-readable format, and you may have the right to transmit that personal information to another entity without hindrance from us.
- Withdraw Consent. You may have the right to withdraw consent you have provided to us where we rely solely on your consent to process your personal information. You can always provide your consent to us again at a later time.
- Right to Complain. You may have the right to lodge a complaint to an applicable supervisory authority or other regulator if you are not satisfied with our responses to your requests or how we manage your personal information. For example, if you are located in the EU/EEA, a list of and more information about the EU/EEA Data Protection Authorities can be found here. We encourage you to first or also reach out to us at info@refinddata.co.uk, so we have an opportunity to address your concerns directly.
Importantly, these rights are not absolutely guaranteed and there are several exceptions where we may not have an obligation to fulfill your request. PLEASE CONSULT YOUR LOCAL DATA PROTECTION LAWS TO DETERMINE WHAT RIGHTS MAY BE AVAILABLE TO YOU AND WHICH EXCEPTIONS MAY APPLY.How do I submit a request?
To make a request or exercise your rights, please write us at info@refinddata.co.uk.
When you make a request, we ask that you help us with the following:
- Tell Us Which Right You Are Exercising: Please specify which right you want to exercise and the personal information to which your request relates (if not to you). If you are acting on behalf of another individual, please clearly indicate this fact and your authority to act on such person’s behalf.
Tell Us More about Your Relationship with Us: Please let us know how you are associated with us, such as that you use certain Services of ours or that you were a former employee.
- Help Us Verify Your Identity: As mentioned above, our security procedures mean that we may request proof of identity before we disclose personal information to you or before we process your other requests. Provide us enough information to verify your identify. If we cannot initially verify your identity, we may request additional information to complete the verification process (such information may include your picture, a copy of your driver’s license or other government-issued ID and/or a recent utility or credit card bill). Please note that if we cannot verify your identity, we may not be able to fulfill your request. Any personal information you disclose to us for purposes of verifying your identity may be shared with our third party service providers and/or third parties (like your phone carrier) or government agencies for the purpose of verification.
- Direct Our Response Delivery: Depending on your request, we will provide a response to you via email or through a link to access certain information. If you prefer to receive our response in another way, then please let us know your preferred delivery mechanism to receive our response. You may specify, for example, email, mail, or through your account (if you have one with us).
Changes to this Privacy Statement
As our organization changes over time, this Privacy Statement is expected to change as well. We reserve the right to amend the Privacy Statement at any time, for any reason, and without notice to you other than the posting of the updated Privacy Statement on our Services. We may email periodic reminders of our notices and terms and conditions, but you should check our Services frequently to see the current Privacy Statement that is in effect and any changes that may have been made to it.