iplicit Group Limited (iplicit) and its associated companies, including iplicit Limited (iplicit) understand that the privacy of your data is important to you and that you care about how your personal data is used.
Our privacy policy describes your privacy rights regarding our collection, use, storage, sharing, and protection of your personal data. It applies to any website, application or service which refers to this privacy policy and to all companies in the Iplicit group. Where we are provided with your personal data in any of the ways detailed in section 3 below you agree that we may use it as described in this privacy notice.
This policy has been prepared in accordance with currently applicable EU and UK data protection laws.
Personal data is defined by the UK and EU General Data Protection Regulations (the “GDPR”) as ‘any information relating to an identifiable individual who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, technical data relating to users of our website and details of usage and other online identifiers. The personal data that we use is set out in Part 3, below.
Our website is provided for business users and not intended for use by minors.
We do not normally collate sensitive personal data such as racial, political,, religious or health information about our users.
Under the GDPR, you have the following rights, which can be exercised in accordance with various conditions set out in the GDPR.
We will always work to uphold our obligations regarding the following:
a. The right to be informed about our collection and use of your personal data.
b. The right to access the personal data we hold about you.
c. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
d. The right to be forgotten, i.e. the right to request to ask us to delete or otherwise dispose of any of your personal data that we have.
e. The right to restrict (i.e. prevent) the processing of your personal data.
f. The right to object to us using your personal data for a particular purpose or purposes.
g. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data.
h. Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau. If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
We will collect and process information about you including the following:
a. Information that you provide by filling in forms on our websites. This includes information provided at the time of registering to use our websites and subscribing to or using our services. This may include your name, address, email address and telephone number.
We also obtain data if you:
b. Place an order using our websites, application or services; this may include your name (including business name), address, contact (including telephone number and email address) and payment details;
c. Complete online forms or participate in any other interactive areas that appear on our website or within our application or service
d. Interact with us using social media
e. Contact us offline, for example by telephone, SMS, email or post
We may also collect data which is available form public sources or registers or from third parties such as credit agencies.
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. This section describes the purposes for which iplicit processes your personal data and the corresponding lawful basis for that processing.
Using iplicit’s software, websites, services
Purpose |
Lawful Basis |
Establishing you as a user and/or customer on our systems, providing you with information you have requested or purchased. We may also need to send you updates regarding our services and software. |
Performance of our contract with you or our Legitimate Interest |
Managing and administering your account, billing, payments and our relationship with you through Customer Service, Customer Support and Finance. |
Performance of our contract with you or our Legitimate Interest |
Where we provide you with access to our Learning Management System (iplicit Academy) or our iplicit help to support your understanding of iplicit software and to help you learn and train on the software. |
Performance of our contract with you or our Legitimate Interest in order to deliver services. |
Communicating with you or providing marketing
Purpose |
Lawful Basis |
Where we conduct surveys for customer research or to understand how well we are delivering services. |
Legitimate Interest or Consent |
Providing you with any information we are required to provide, in order to comply with our legal or regulatory obligations |
Legal obligation |
Sending newsletters or other communications about iplicit. |
Legitimate Interest or Consent |
Where we might send you direct marketing communications including data about whether you open them and click through to access their contents. |
Legitimate Interest or Consent |
Organising and managing events or contacting you if you have attended an iplicit event or an event at which we met you. |
Legitimate Interest or Consent |
Where we process your data through marketing automation |
Legitimate Interest |
Where we deliver joint content with third parties with which you have a separate relationship for example social media providers such as LinkedIn or Instagram. |
Legitimate Interest or Consent |
Improving our services and their security
Purpose |
Lawful Basis |
Monitoring, measuring, improving and protecting our content, websites and to provide you with an improved user experience. |
Legitimate Interest or Consent |
Where we undertake internal reviews to improve our security and performance. |
Legitimate Interest or Consent |
Where we need to maintain, check and improve the security and integrity of the services we provide through our websites where we are looking to detect and prevent actual or potential threats. |
Legitimate Interest or our legal obligations |
In the course of operating our business
Purpose |
Lawful Basis |
Where we need to undertake any due diligence on you through the information you may have provided to us or we have discovered. |
Our Legitimate Interest or legal obligation |
Detecting, preventing, investigating, reporting, or remediating any criminal, illegal or prohibited activities (including fraud and money laundering), or to otherwise protect our legal rights (including liaison with official bodies, regulators, and law enforcement agencies for these purposes). |
Our Legitimate Interest or legal obligation
|
Where we need to utilise legal or other professional advice to enforce our legal rights and obligations |
Our Legitimate Interest |
Purchasing, maintaining and claiming against our insurance policies |
Our Legitimate Interest or legal obligation |
Training our staff, improving their performance to help deliver improved services for you or our own internal requirements to improve how we as a business operate. |
Our Legitimate Interest or legal obligation |
Managing any proposed sale, merger or acquisition including our ability to respond to queries from prospective buyers or merging organisations. All will be conducted under the requisite confidentiality and need to know basis. |
Our Legitimate Interest or legal obligation |
Complying with any legal or regulatory obligation and their instructions as we are mandated to follow |
Legal Obligation |
Where we record communications with you (ensuring you are aware we are recording before we commence) |
Consent |
Where we look to enhance the data we hold about you with data we obtain from third parties who are entitled to share that data, under appropriate law, with us so we may, for example undertake improved due diligence on you |
Legitimate Interest |
Where you would have opted-in but now wish to opt out you can either unsubscribe or opt out at any time by contacting us at datacompliance@iplicit.com
iplicit and its subsidiaries will retain personal data for as long as your account is active; as needed to provide you products or services; as needed for the purposes outlined in this Policy or at the time of collection and it may be retained for reasonable periods as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We may also use or retain data for archival or regulatory purposes or where we are required to use or retain it by law.
At the end of the appropriate retention period, iplicit and subsidiaries will delete your personal information in a manner designed to ensure that it cannot be reconstructed or read.
We will only store or transfer your personal data for processing within the UK or countries in the EU or European Economic Area or other states which apply rules relating to personal data which enable the lawful transfer of data by us to them. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.
The security of your personal data is very important to us. We use physical, electronic, and administrative safeguards that are designed to protect your personal data from loss, misuse and unauthorised access, disclosure, alteration and destruction.
Furthermore, iplicit will use standard security protocols and mechanisms to exchange the transmission of sensitive data. In addition, all our staff, contractors and agents accessing data on our behalf will do so on the basis that they understand the confidential nature of the data where it is confidential and are subject to appropriate confidentiality obligations in accordance with prevailing industry standards.
In the event that your personal data is acquired, or is reasonably believed to have been acquired, by an unauthorised person as a result of a data breach on our part, we, will notify you promptly by e-mail or mail where required in accordance with GDPR. We will determine the scope of the breach and investigate and implement all reasonable steps to remedy the situation and restore the integrity of the relevant data system.
We may share your information with:
a. Our service providers and agents (including their sub-contractors) or third parties which process information or data on our behalf (including internet service and platform providers, payment processing providers and those organisations we engage to help us send communications to you)
b. Third parties used to facilitate payment transactions, for clearing house, clearing system and transaction beneficiates
c. Third parties where you have a relationship with that third party and you have consented to use sending information (i.e. social media sites)
d. Law enforcement agencies so that they may detect or prevent crime or prosecute offenders or relevant regulatory bodies where required to comply with their recommendations or rules.
We may also share data between companies within the iplicit Group where that is needed for operational reasons and, under confidential conditions, where the information is required in preparation for, or in the performance of, any business contract or to professional service providers.
Where our policy contains links to third party sites which are provided by us in good faith to assist users, we can have no responsibility or liability for the contents or operation of the linked site or sites, which will be subject to the terms and conditions, if any, provided for the use of those sites.
If you want to know what personal data we have about you, you can, subject to the specific requirements of the data processing laws, ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal address below. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will endeavour to respond to your subject access request within 30 days. If a full response is not possible in that time, we will contact you within that period to inform you of the likely or possible timescale. We aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept informed of our progress on request.
Our carefully selected partners and service providers may process personal information about you on our behalf as described below:
a. Pursuant to a data processing agreement which complies with current data processing laws;With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email SMS or post with information, news, and offers on products and services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the applicable privacy and electronic communications regulations, and you will be given the opportunity to opt-out.
13. Contacting us about Privacy
If you have any questions, comments, or concerns about your privacy or this Privacy Policy, including a subject access request, please contact us at datacompliance@iplicit.com or you may write to us at the following address:
Data Compliance Officer
iplicit Ltd
Foundry
Brownsea House
Poole
BH15 1SZ
Or: datacompliance@iplicit.com
14. Changes to this Privacy Notice
This policy is subject to change. Any changes we may make to this policy in the future will be posted on this page and your continued use of our websites, applications and services following the posting of changes will mean you accept those changes.
15. Applicable Laws
This policy will be applied and interpreted in accordance with data protection laws including GDPR applicable in the EU and UK from time to time.