The Wow Company (UK) Limited (“We”) are committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
You can contact us at The Wow Company (UK) Limited of Hickenield House, East Anton Court, Icknield Way, Andover, Hampshire, SP10 5RG.
The General Data Protection Regulations, (GDPR), apply from 25 May 2018, creating consistent data protection rules across Europe. It applies to companies that are based in the EU and global companies that process personal data about individuals who are based in the EU. At The Wow Company, we shall ensure that we do not just observe the requirements of the GDPR for those Users based in the EU, but that we adopt the GDPR principles of transparency, control and accountability for all our Users across the globe.
The GDPR gives our Users certain rights when using our Services, which include the right to:
- be informed;
- withdraw consent;
- restrict processing;
- data portability;
Our commitment to you is:
We promise we will:
- Process data lawfully, fairly and in a transparent manner
- Collect data for specified, explicit and legitimate purposes (mostly to provide services to you)
- Never sell or pass your data onto anyone else
- Ensure your data is processed and stored securely and is kept up-to-date
You will always:
- Have access to the data stored on you
- Be able to correct any inaccuracies in the data
- Be able to erase your data and restrict its processing where it doesn’t conflict with obligations to regulatory bodies, e.g. HMRC
- Know we will erase any data no longer required, even if you haven’t asked
- Know that as technology changes we will constantly review and update our processes to ensure we’re always protecting your data
Processing your personal data: Necessary for the Performance of a Contract
The processing of your personal data by The Wow Company or a third party will be undertaken to fulfil the services agreed to complete our contractual obligations to you and any obligations to any regulatory bodies.
Processing your personal data: Legitimate Interest
The processing of your personal data by The Wow Company or a third party may be undertaken if we have a legitimate interest to do so. In our case this includes:
- For the purposes of providing our clients with information about our services and to monitor usage in order to improve those services from time to time.
- Ensuring that any data is stored and transferred securely and in a way that protects against the unlawful use, destruction or loss of your personal data.
- Sharing your personal information as part of a business sale, reorganisation or similar transaction.
Processing your personal data: By Consent
Where we process your personal data by relying on your consent to do so, we shall ensure that such consent is:
- freely given by you;
- specific with regards to what processing we wish to undertake so that you are fully informed;
- unambiguous and given by a clear affirmative action.
Information we collect from you
We will collect and process the following data about you:
- The information you give us. This is information about you that you give us. This could be by filling in any forms on the Website or by corresponding with us by phone, e-mail, or any other forms.
- Information we collect about you. Regarding each of your visits to our Website we will automatically collect the following information:
- technical information which may include: the Internet protocol (IP) address used to connect your computer to the Internet; browser type and version; time zone setting; browser plug-in types and versions and the operating system and platform.
- information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any name, email address or phone number used to contact us.
The legal basis for this processing is our legitimate interests, namely monitoring and improving our Website and enabling you to communicate with us and for us to send you reports and other material by request.
Uses made of the information
The information you give to us, we will use in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- for internal use and operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to communicate with you including to notify you about our services and any changes to our service;
to communicate with you including to notify you about legal and regulatory body obligations and any changes that may be applicable to you;
- to ensure that content from our Website is presented in the most effective manner for you and for your computer.
Disclosure of your information
You agree that we have the right to share your personal information with:
- Selected third parties including:
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- analytics and search engine providers that assist us in the improvement and optimisation of the Website;
- credit reference agencies for assessing your credit score where this is a condition of us entering into a contract with you
- any financial reference agencies for assessing suitability where this is a condition of us entering into a contract with you
- We will disclose your personal information to third parties:
- If we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
Where we store your personal data
The majority of our data processing is conducted by Xero that has the highest security standards. Xero encrypts all data that goes between you, us and Xero using industry-standard TLS (Transport Layer Security), protecting your personal and financial data. Your data is also encrypted at rest when it is stored on Xero’s servers, and encrypted when transferred between data centres for backup and replication.
All other cloud services we use internally also use industry-standard TLS (Transport Layer Security) and have up-to-date security measures and protocols.
Internally, anyone processing your data only has access to the data of the particular clients they are working on.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website or via email; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Retaining and deleting your personal data
Anyone also has the right to request deletion of all their personal data a business holds, or modification of their data if it’s inaccurate or incomplete. GDPR requires the permanent removal or modification of any personal data. If you’d like your data permanently deleted or modified you can request to do so by emailing email@example.com, we will respond to your request within 30 days.
Your personal data shall not be kept for longer than is necessary, although it is not possible for us to always specify in advance how long this may be for. We may have to continue to store and process your data and also contact you directly relating to the completion of that service if it is necessary for our compliance with certain legal obligations.
If you request your data to be deleted and you fall into this category, we will let you know:
- what data we’ll need to continue to hold
- how we will process it
- the instances we will need to contact you
- why we need to do so, e.g. to complete your tax return, comply with a request or law from HMRC
- when we can delete your data
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes. We will never disclose your information to any third party for such purposes. Occasionally, we may share your data with businesses that are part of the Wow group of companies – businesses that are wholly or part-owned by Wow Holdings Limited (09646592). You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
Our Website may, from time to time, contain links to and from the Website of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act and you can request access to the personal data we hold on you and verify the lawfulness of processing.
You can request access to your personal data we hold by emailing email@example.com. We will respond to your request within 30 days and any data will be provided in a machine-readable format.
The Wow Company, April 2018