This policy is deemed to form part of the agreement and should be read in conjunction with the terms and conditions which can be found at either of the following links www.faretext.co.uk/terms or www.oello.co.uk/agreement
Last updated February 2019
Introduction
The provisions included in these terms and conditions and associated documents, apply to the Faretext Services and the Oello Services. For the purpose of the General Data Protection Regulations (“GDPR”), the company in charge of your information (as known as the Data Controller) is Faretext Limited (“Faretext”, ”us”, “we”, or “our”) of 9 Main Road, Bilton, Hull, East Yorkshire, HU11 4AP (no. 08379209). Our registration number with the Information Commissioner’s Office UK (“ICO”) is ZA054854.
We developed this Privacy Policy to inform you of our practices regarding the collection, use, and disclosure of Personal Data when you use our services, create an online Faretext or Oello account, interact with our customer support or visit the Faretext websites, which include the following urls www.faretext.co.uk and www.oello.co.ukor associated sub-domains thereof and any additional domains registered to Faretext. (the “Service”). And to detail the choices you have associated with that data.
Your privacy is important to Faretext, we will only use your personal information to administer your account and improve our Service. We will never sell, share, or use your Personal Data other than as is described on this page. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from www.faretext.co.uk/terms or www.oello.co.uk/agreement
1. Definitions
Account Data means the data associated with the activity of an account (for example, campaign history, number data or transaction history).
Cookies are small pieces of data stored on a User’s device.
Customer Data means any Personal Data that is submitted and uploaded to our Service by you in the capacity as the Data Controller.
Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.
For the purpose of this Privacy Policy, we are a Data Controller of your data. For the purpose of you uploading Customer Data to the Service, you act as the Data Controller.
Data Processor (or Service Providers) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller.
For the purpose of you uploading Customer Personal Data to the Service, we are the Data Processor.
Lawful Basis means the legal reason for processing Personal Data.
Personal Data means any information relating to Data Subject.
Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Data Subject is any individual person who can be identified, directly or indirectly, via an identifier such as a name, an ID number, location data, or via factors specific to the person’s physical, physiological, genetic, mental, economic, cultural or social identity.
User is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
2. Information Collection
We collect several different types of information for various purposes to provide and improve our Service to you.
Types of Data Collected
Personal Data
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personally identifiable information may include, but is not limited to:
- Email address
- First name and last name
- Telephone number
- Mobile number
- Address
- IP address
- Cookies and Usage Data
Usage Data
We may also collect information how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Account Data
As you are assigned a dedicated account to use our Service, we collect information regarding the account’s activity (“Account Data”). This Account Data may include information about your previous campaigns, number data and transactional history.
Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyse our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may limit some of the functions of our Service. Please read our Cookie Policy, or to learn more about cookies, in general, please visit www.aboutcookies.org
Examples of Cookies we use:
Security Cookies. We use Security Cookies for security purposes.
Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
3. Use of Data
Suggested text: If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Embedded content from other websites
You have a choice on whether to submit your Personal Data to us:
You may choose to disclose your Personal Data by seeking further information via our websites, registering a new account via email or over the phone, signing up and accessing an online account, by entering into a contract or interacting with our customer services.
Lawful Basis
Provision of this personal information is entirely voluntary but by submitting it to us, you are you affirming your consent for such information to be processed only for the purposes for which you have submitted it to us.
Your Personal Data
Faretext may access and use your personal data only for the purposes for which you have disclosed it to us: (a) to make contact with you in relation to an online, email, SMS or telephone enquiry (b) to provide services to you (c) to process a payment that you have made (d) to process an order that you have submitted (e) to carry out our obligations arising from any contracts entered into by you and us (f) to maintain the operations and security of the website and services we provide to you (g) to seek your views or comments on the services we provide.
Unless we have obtained your specific consent regarding marketing communication, we will not use your Personal Data for any other purpose.
Your Customers Data
Through our services and websites, we provide you with the facility to upload, store and process Personal Data of your customers (“Customer Data”), in that situation we act as a ‘Data Processor’ and yourself as a ‘Data Controller’. You must ensure that you also comply with the GDPR as you are responsible for your own data as well as the Personal Data you possess, upload and process through the Service offered to you by Faretext. We will not use any Personal Data obtained this way for any other purpose and will not release it to anyone other than yourself, in your capacity as the Data Controller, unless we are required to do so by law.
4. Retention of Data
We will hold your Personal Data on our systems for as long as is necessary for the relevant service, as long as is set out in any relevant contract you hold with us or for as long as an account is active. If you wish to terminate your account or request that we no longer use your Personal Data, please contact us.
In the case that you wish to cancel your registration as a Faretext account User or in event your account remains inactive for 12-month period we will delete the User information but will retain the account data, such as the message history for a period of 24-months, whereupon the information will be permanently deleted from our Service.
We will only ever keep data as is necessary to comply with our legal obligations, resolve disputes and enforce our agreements, contractual or otherwise.
5. Transfer of Data
The Personal Data that we collect from you as a Data Controller is stored inside the European Economic Area (“EEA”) on ISO27001 accredited hosting services.
As a Data Processor, all of the Customer Data uploaded to Faretext by you is stored inside the European Economic Area on secure password encrypted servers.
If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to inside the EEA and process it there.
Should your Personal Data be processed by any of our GDPR-compliant Service Providers, in order to fulfil our services to you, that are based outside of the EEA – your data and the transfer is protected under the EU-US Privacy Shield framework.
Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.
6. Disclosure of Data
Business Transaction
If Faretext is involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy. However, in any event we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Lawful Disclosure
Under certain circumstances, Faretext may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
Legal Requirements
Faretext may disclose your Personal Data in the good faith belief that such action is necessary to:
To protect against legal liability
To comply with a legal obligation
To protect and defend the rights or property of Faretext Limited
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
7. Security of Data
The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. However once we receive your information, we make our best effort to ensure its security on our systems.
Where we have given (or where you have chosen) a password which enables you to access certain parts of our Service, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
8. Your Rights
You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us about our exciting products and services, then you can select your preferences by ticking the relevant boxes situated on the form on which we collect your information or if you have an online account, you can update your personal data preferences directly within your user settings section. If you are unable to change your preferences or do not have access to your online account, please contact us to make the required changes.
We will not contact you for marketing purposes by post, email, phone or text message unless you have given your prior consent.
Faretext aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
If you wish to be informed what Personal Data, we hold about you and if you want it to be removed from our systems, please contact us.
In certain circumstances, you have the right:
- To access and receive a copy of the Personal Data we hold about you
- To rectify any Personal Data held about you that is inaccurate
- Stop the processing of your personal data, whilst an objection from you is being resolved
- To request the deletion of Personal Data held about you (there may be reasons why we may be
unable to do this)
You have the right to data portability for the information you provide to Faretext. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
Please note that we may ask you to verify your identity before responding to such requests.
We are committed to working with you, if Faretext does not address your request in a reasonable period of time, usually within 30 days or we fail to provide a valid reason why we are unable to deliver on your request, you have the right to contact the ICO to make a complaint. They can be contacted via their website www.ico.org.uk or alternatively by telephone 0303 1231113.
9. Service Providers
Faretext does not and will not sell Personal Data about our customers.
We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used.
We may share your information with third-parties for marketing purposes but only on behalf of Faretext and only if we have your consent to receive these marketing communications. These third-parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Analytics
We may use third-party Service Providers to monitor and analyse the use of our Service.
Google Analytics
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents the Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: www.google.com/intl/en/policies/privacy/
Payments
We may provide paid products and/or services within the Service. In that case, we use third-party services for online payment and Direct Debit processing (e.g. payment processors).
We will not store or collect your payment card or bank account details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy.
These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information. The payment processors we work with are:
Stripe
Their Privacy Policy can be viewed at www.stripe.com/us/privacy
GoCardless
Their Privacy Policy can be viewed at www.gocardless.com/legal/privacy
Other Third Parties
In addition to those detailed above, we may, from time to time utilise the following third parties,
- Microsoft – for business data storage via cloud one drive.
- Google – for email and business data storage.
- OVH and OVH UK – for system storage and back-up facilities
- PayPal – for online payments for Faretext.
- One Signal – for internal Oello notifications.
- MailChimp – for email marketing and customer notification emails.
- Mailjet – for Oello and Faretext based notification emails.
- ZoHo – for CRM of customers
- Sage – for financial accounting and digital tax purposes.
Legitimate Interests
We are also permitted to share some information with third parties who use such data for non-marketing purposes (including credit and risk assessment and management, identification and fraud prevention, debt collection and returning assets to you).
This would include the data you provide to us today, at any time in the past and in the future.
10. Links to Other Sites
Our websites may contain links to other websites run by other organisations. This Privacy Policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.
In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.
11. Children’s Privacy
We are concerned to protect the privacy of children aged 16 or under. Faretext services and websites are not directed at children and we do not knowingly collect personally identifiable information from anyone under this age.
If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers and systems.
12. Sensitive Personal Data
GDPR also specifies a set of Personal Data categories which are deemed ‘sensitive’ and which require special consideration by Data Controllers. Faretext’s websites and available services, do not knowingly collect or process any sensitive Personal Data.
13. Changes to this Privacy Policy
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We may let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
14. Contact Us
If you have any questions regarding the use of your Personal Data or this Privacy Policy, please contact us:
- By email: dataprotection@faretext.co.uk
- By phone: 01142 945 993
- By mail: The Data Protection Officer, Faretext Limited, 9 Main Road, Bilton, Hull, East Yorkshire, HU11 4AP