Last Updated: 30/07/2019
Reitly takes the privacy and security of your personal information very seriously, and we’re committed to protecting and respecting your privacy.
We explain in this Policy:
- Who we are
- Collecting your information
- How we use your information
- Information security
- Our legal basis for using your information
- How and when we share your information
- Transfers outside of Europe
- How long we store your personal information
- Your rights
- Using our websites
- Contacting us
Your rights to object: You have various rights in respect of our use of your personal information as set out in sections 9 and 10. Two of the fundamental rights to be aware of are that you may:
a) ask us to stop using your personal information for direct-marketing purposes. If you exercise this right, we will stop using your personal information for this purpose.
b) ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our, or another person's, legitimate interest.
You can find out more information in sections 9 and 10.
You can check and update your personal information in your account section of the website.
1.Who we are
Reitly.io is operated by Reitly limited, a company registered in England under company number 11655131. We can be contacted at firstname.lastname@example.org for all questions, complaints and queries.
2. Collecting your information
We collect and process your information in these circumstances:
a) When you give us your personal information by email and via our website, or otherwise. This includes but isn’t limited to information you give us when you open an account, register for email alerts, signup for newsletters. The information you give us can include your name, address, email address and other contact information.
b) When you visit our website: When you visit our websites we automatically collect information which includes: the Internet Protocol (IP) address used to connect your computer to the internet, your login information, your geographic location, your browser and browser plug-in type and version, and your operating system and platform. We also collect information about your visit, including the source of your visit, and the full click path and mouse movement through our sites (including date and time). This includes the services you viewed, searches you made on our sites, page response times, download errors, length of visits to certain pages, page interaction information (such as page scrolling, mouse clicks, mouse movements and keyed text), and how you navigated away from any page.
c) When we email you: From time to time when you open an email we’ve sent you, we automatically collect information including your geographic location, browser type and version, the device, and the operating system and platform you’re using. We also collect information about your email consumption.
If we don’t receive all of the personal information we’ve requested from you, then we won’t be able to provide all of our products and services to you
3. How we use your information
We use your personal information in the following ways:
- To provide you with any services and/or information you request from us.
- To comply with our legal and regulatory obligations, co-operate with the court service, our regulators and law enforcement agencies and to prevent and detect crime.
- To let you know about any changes we make to our service.
- To tell you (by mail, email, telephone or otherwise) about products and services we think you could be interested in, based on our products you already have or have shown an interest in. You can opt out of this communication at any time.
- Gathering data for analysis and research, and to provide management information or other services internally and to third parties.
4. Information security
We take the security of your personal data very seriously, and we use appropriate technologies and procedures to protect your personal information.
We keep our data security policies and procedures up to widely accepted international standards. In addition, we review our policies regularly and update them whenever needed to protect you, and to meet our business needs, changes in technology, and regulatory requirements.
Here are examples of the ways we protect your data:
a) We have appropriate technical and organisational measures in place to protect you against accidental loss and unauthorised access, use, destruction or disclosure of your data.
b) We implement measures and controls, including monitoring and physical measures, to store and transfer data securely.
c) We provide data security training for our employees and place appropriate restrictions on access to personal information.
The internet is an open medium and we can’t guarantee that any information you send to us by email or via our sites won’t be intercepted or tampered with. Any transmission is at your own risk. To help protect your personal information and minimise the risk of it being intercepted by unauthorised third parties, our secure servers use Secure Socket Layer v3 (SSL) or Transport Layer Security v1 (TLS) encryption when you submit information to us through our sites. You can see this security is in place when you see "https" and the padlock on your URL bar.
5. Our legal basis for using your information
Our legal basis for collecting and using your personal information depends on the exact type of information and how and when we collect it. However, we’ll normally only collect personal information from you, where one of the following applies:
a) we need your personal information to provide you with specific information
b) it’s in our legitimate interests or the legitimate interests of others (for example, to ensure the security of our website) such as:
If we rely on our (or another person's) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person's) legitimate interests are not outweighed by your personal interests or fundamental rights and freedoms which require protection.
c) we have your consent (for example you have ticked a box on a form):
We may also process your personal information in some cases for marketing purposes on the basis of your consent (which you may withdraw at any time after giving it, as described below).
If we rely on your consent for us to use your personal information in a particular way, but you later change your mind, you may withdraw your consent by contacting us and we will stop doing so.
d) we have a legal obligation to collect your personal information (such as for H.M.R.C. reporting).
6. How and when we share your information
We will disclose your information to third parties:
a) if we are under a duty to disclose or share your personal information: in order to comply with any legal obligation, any lawful request from government, judicial bodies or agencies;
b) in order to enforce or apply our rights or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
c) to protect our rights, property, or safety and that of our staff, our customers or other persons.
When we share your information with third parties, we make sure the appropriate safeguards are in place to protect your personal information.
We will not sell, trade, or rent your personal information to anyone.
We may also disclose and use anonymised, aggregated reporting and statistics about users of our website or our services for the purpose of internal reporting or reporting to our group or other third parties, and for our marketing and promotion purposes. None of these anonymised, aggregated reports or statistics will enable our users to be personally identified.
7. Transfers outside of Europe
We usually store your information on our secure servers in the United Kingdom.
However, where we use third parties to process your information for us, for any reason, we may transfer your information to, and store it and process it inside or outside the European Economic Area. Our partners and service providers may also transfer your personal information outside of the European Economic Area. We’ll take all steps reasonably necessary to make sure that your personal information is treated securely.
8. How long we store your personal information
We keep the personal information we collect from you and other third parties, where we have an ongoing legitimate business need to do so.
We keep all records for a minimum of ten years from when you stop being a client with us, or from when your records were provided to us (whichever is longer). We can use it to respond to any questions or complaints, to maintain records according to rules that apply to us, or for fighting financial crime, including fraud.
In certain circumstances, we will keep your information for longer than ten years - for example if we can't delete it for technical reasons or for compliance with our legal and regulatory obligations. If your personal information is kept for longer than ten years for research and statistical purposes it will be anonymised.
When we have no ongoing legitimate business need to hold your personal information, we will either delete or anonymise it. If we can’t do this (for example, because your personal information is stored in backup archives), we’ll securely store your personal information, only use it for a purpose we’ve already communicated to you, and isolate it from any further processing until archives are deleted.
We may collect and use your personal information for undertaking marketing by email, telephone and post.
However, we will always obtain your consent to direct marketing communications where we are required to do so by law.
You have the right to ask us not to process your personal information for marketing purposes. You can do this by contacting us by post or email using the details in the “Contact” section below. You can also unsubscribe from emails by following the unsubscribe instructions included in every email.
10. Your rights
a) Right of access and update your information: You can ask us for a copy of your personal information; details about how and why it is being used; and details of what safeguards are in place. If any of the information we hold is inaccurate, you can ask us to make any necessary amendments.
b) Complaints: If you have any complaints or concerns about our handling of your personal information please do get in touch with us and we will do our best to resolve these.
In accordance with Article 77 of the General Data Protection Regulation, you have the right to complain about our collection and use of your personal information to the Information Commissioner's Office or the data protection authority in the country where you usually live or work, or where the alleged infringement of the General Data Protection Regulation has taken place. For more information, please contact the local data protection authority at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by phone on 0303 123 1113.
You may also seek a remedy through local courts if you believe your rights have been breached.
In certain specific circumstances you also have following further rights:
a) Right of deletion: You have a right to ask us to delete any personal information which we are holding about you.
b) Right to restrict use of your information: You have a right to ask us to restrict the way that we process your personal information.
c) Right to data portability: You have a right to ask us to provide your personal information to a third party provider of services.
d) Right to object. You have a right to ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person's legitimate interest.
e) Right to withdraw consent: You also have the right to withdraw your consent at any time where we rely on your consent to process your personal information.
Please note, that certain personal information may be exempt from such requests, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims. If an exception applies, we will tell you this. We may need to confirm your identity before responding to any request you make.
11. Using our website
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
We do not and will not knowingly collect information from any unsupervised child under the age of 13. If you are under the age of 13, you may not use our sites unless your parent or guardian has provided us with their consent for your use of our site.
Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyze our website.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
a) Session Cookies: We use Session Cookies to operate our Service.
b) Preference Cookies: We use Preference Cookies to remember your preferences and various settings.
c) Security Cookies: We use Security Cookies for security purposes.
d) Advertising Cookies: Advertising Cookies are used to serve you with advertisements that may be relevant to you and your interests.
We also use Google Analytics to better understand use of the site. Information regarding how Google uses your data can be found here www.google.com/policies/privacy/partners/.
15. Contacting us
If you have any questions about your privacy with us or this Policy, you can email us at email@example.com.