Last updated 07/06/2021
This policy applies to Clooper Ltd and its website www.clooper.com
Here are the details that the retained version of the General Data Protection Regulation (UK GDPR) says we have to give you as a 'data controller':
We collect and process the following data about you:
We also collect, use and share Aggregated data such as statistical or demographic data. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage data to calculate the percentage of users accessing a specific website feature.
We will not specifically collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Your optional profile photo and other photos you decide to share may contain certain special category data.
We do not collect any information about criminal convictions and offences.
Under UK GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:
We use information about you to:
If you are already our user, we will only contact you electronically about things similar to what was previously sold to you and you will be given an opportunity to opt-out and unsubscribe from further communications.
Please note: We don't identify individuals to our advertisers, but we do give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience.
If you don’t want us to use your personal data for any of the reasons set out in this section 5, you can let us know at any time by contacting us at firstname.lastname@example.org, and we will delete your data from our systems. However, you acknowledge this may limit our ability to provide our services to you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the products and services we can provide you if you don’t provide your personal data in these cases.
|Types of data subject||Categories of personal data||Purpose of processing||Lawful basis|
|Users|| Contact information, including: |
Name, address, telephone number and e-mail address
Communication data including e-mail communication, text and other messaging services
Financial data including some limited bank account and payment card details
Transaction data including details about payments to and from users
|Provision of services |
Transactional and security purposes
|Necessary for the performance of a contract|
|Users||Contact information, including name, address, telephone number and e-mail address||Marketing communications, including competitions||Consent OR Soft opt-in in case of existing or previous users and those enquiring about our services|
|Suppliers, partners, subcontractors and their employees||Contact information, including name, address, telephone number and e-mail address; bank details||To enable compliance with obligations under relevant contracts, including processing order, refunds, logging and payment of invoices||Necessary for the performance of a contract|
|Business contacts||Contact information, including name, company name, job position, address, telephone number and e-mail address, including those available via business networking websites, such as LinkedIn||Business networking||Legitimate interests of all parties |
1. Our and our business contacts’ legitimate interests in order to network in the context of business.
2. It is necessary to exchange, keep and otherwise process contact information in order to network in the context of business.
3. There is normally a positive action taken by all parties to provide their contact details during networking with the expectation that such contact details, including personal data, may be used by the recipient for business networking.
We will generally store your personal data within the UK or the European Economic Area (EEA) and we may transfer your collected data to storage or companies based outside of the UK and EEA. It may be processed outside the UK and EEA as may be necessary to provide our products and/or services to you, to deal with payment, or if we have your consent.
We will only transfer your data to countries that are deemed to have an adequate level of protection of personal data by the European commission; or we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe, such as the relevant version of the Standard Contractual Clauses.
By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.
If we give you a password, you must keep it confidential. Please don't share it. We make sure that passwords are securely encrypted we use various other measures including passwords and encryption. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.
We only keep your personal data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it. Our general retention period for accounting and legal reasons is 7 years but your data may be kept for shorter or longer periods of time, in accordance with our data retention procedures. In any event, we will conduct regular reviews to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.
We are allowed to disclose your information in the following cases:
We may contract with third parties to supply our services to you on our behalf. These may include payment processing, search engine facilities, web hosting, advertising and marketing. In some cases, the third parties may require access to some or all of your data. These are the third parties that have access to your information:
Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under UK GDPR and the law.
You can ask us not to use your data for marketing. You can do this by ticking the relevant boxes on our forms, clicking the unsubscribe link contained in our marketing communications or by contacting us at any time at email@example.com
Under the UK GDPR, you also have the right to:
You also have rights with respect to automated decision-making and profiling.
Please note that our terms and conditions and our policies will not apply to other websites that you get to via a link from our site. We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.
We do not undertake any automated decision-making, including profiling.