This is where we explain how we process your personal data.
Firstly, as ever, thanks for using our website and apps: We really appreciate it. Like our customers, we place the ultimate importance in the integrity of your data, and how it is handled. More details are below, but our overriding prerogative is that we only use your data in ways where it can provide you with a better service. If we don’t need it for that, we don’t use or store it.
It is relevant to anyone visiting our websites or using our services and apps, or even (as it’ll sometimes include an email being sent and record make in our CRM system) anyone just interacting with us in some way.
This policy covers the activities where we are the ‘data controller’; in other words, where we decide the purposes of why the data is used and also the details of the processing (how long the data is stored; what data is collected, etc).
3.1 If you use our website and apps
If you use our website and apps, we collect and store the following information about you:
- Email address
- Time / date / IP address of any logins
- Files you upload
- Activity within the app (e.g. what you click on and when)
This information is rarely - if ever - viewed by the human eye, but is used by the platform to make your experience better, for example knowing that you’ve viewed a piece of content and therefore being able to award points as part of the gamification aspects of Unchained House.
This data is generally all processed programmatically, so within the code of the applications along the lines of ‘if the user does X, then the app should show Y’. Information such as email addresses and names are used (again, mainly programmatically) for the purposes of sending system emails and the like. All data is processed inside and sometimes outside of the EU. We use Amazon Web Services hosting infrastructure in Ireland and Oregon for data storage purposes, although some of our services also use Google Cloud for service delivery (but not data processing).
3.2 If you contact us by phone or email
Where you interact with us via phone or email we will sometimes store your data in our CRM system. This is Pipedrive, and you can find details of how they handle data here: https://www.pipedrive.com/en/privacy We will occasionally write notes of conversations in notebooks (pen and paper!) and these notes are stored in a secure location, and in an unsearchable format.
Generally, we believe you have the right to have your data processed only in ways that you (and any other reasonable person) would consider ‘right’. More explicitly, you also have rights by the applicable laws. In summary, these are below:
5.1 General Rights
5.2 Rights of Erasure
We show you more than a Little Respect in this section.
You have the right to erasure if:
- the personal data is no longer necessary for the purposes it was collected for;
- your particular situation gives you the right to object to processing on grounds of legitimate interest (see more below);
- Time / date / IP address of any logins
- processing the personal data has been unlawful; or
- there is a legal obligation under EU or Swedish law for us to erase the data.
5.3 Restrict Data Processing
You have the right to request us to restrict the processing of your data if:
the personal data we have about you is inaccurate;
The processing is unlawful and you ask us to restrict the use of the personal data instead of erasing it;
we no longer need the personal data for the purposes of the processing, but if we still need it for the establishment, exercise or defence of legal claims; or
you have objected to the processing claiming that the legal basis of legitimate interest is invalid and are waiting for the verification of this claim.
You have the right to object to the processing of your data if:
you can show that your interests, rights and freedoms regarding the personal data outweigh our interest to process your personal data; or
we process your personal data for direct marketing purposes.
We only send useful information