Tagadab Limited t/a SimplyCloud ('we and us") are committed to protecting and respecting your privacy.
This Policy (together with our terms and conditions and any other documents referred to on it) sets out how we process the Personal Data we collect from you or that you provide to us. Personal Data is a term used to describe data that allows you to be directly or indirectly identified.
Please read the following notice carefully to understand our views and practices regarding your Personal Data and how we will treat it.
Tagadab Limited is the data controller of your Personal Data provided or collected in connection with SimplyCloud's products and services (the "services"). Tagadab Limited is registered under company number 06164292, registered office address is Acton House, Perdiswell Park, Worcester, Worcestershire, WR3 7GD.
- Email address: firstname.lastname@example.org
- Postal address: SimplyCloud, Acton House, Perdiswell Park, Worcester, Worcestershire, WR3 7GD
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.
INFORMATION YOU PROVIDE US
We will collect and process the following data about you:
|Reason for Processing||Information Processed by SimplyCloud||The Legal Basis for Processing|
Making a purchase with SimplyCloud and to keep our business records up to date.
The information needed to provide you with a product or service including; name, address, email address, and phone number, as well as payment information.
To handle any enquiries you make with us and/or correspondence we receive from you.
Contact details including; name address, email address, and phone number.
Please note in limited circumstances it may be necessary to collect information from a third party, a cardholder or another member of your household. Please ensure that any third parties are made aware of this privacy notice and please ensure you obtain their permission before providing their information.
INFORMATION WE COLLECT ABOUT YOU
With regard to each of your visits to our site we will also collect the following information:
|Category of Information Collected||Type of Information||Lawful Reason for Processing|
The Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
Necessary for our legitimate business interests.
Full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
Necessary for our legitimate business interests.
INFORMATION WE COLLECT ABOUT YOU
We use information held about you in the following ways:
- To help us identify you and the accounts you hold with us;
- To provide customer care;
- To enable us to review, develop and improve our services and website;
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- To carry out marketing and statistical analysis;
- To provide you with information about other goods and services we offer that are similar to
- We will only contact you about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you would like to change your communication preferences to opt in or out of receiving specific communications, you can manage this in your Customer Portal;
- To display targeted, or interest based, offers to you based on those services already purchased;
- To notify you about changes to our service; and
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
OTHER PROCESSING ACTIVITIES
In addition to the specific purposes for which we may process your Personal Data set out above, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Please do not supply any other person's Personal Data to us, unless we ask you to do so.
INFORMATION WE RECEIVE FROM OTHER SOURCES
SimplyCloud works alongside third parties (including business partners, service providers and fraud protection services) and we may receive information from them about you. We will combine this information with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
DISCLOSURE OF YOUR INFORMATION
To administer and provide SimplyCloud services we may share your Personal Data with:
- Members of our wider group organisation, including our subsidiary companies, our ultimate holding company and its subsidiaries.
- Selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you on other websites. Our third party partners may use technologies such as cookies to gather information about your activities on this Site and other websites in order to provide you with advertising based upon your browsing activities and interests, and to measure advertising effectiveness;
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may disclose your Personal Data to third parties:
- In the event that we sell or buy any business or assets, in which case we will disclose your Personal Data to the prospective seller or buyer of such business or assets;
- If Tagadab Limited or substantially all of its assets are acquired by a third party, in which case Personal Data held by it about its customers will be one of the transferred assets;
- If we are under a duty to disclose or share your Personal Data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of SimplyCloud, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We engage with a range of trusted third party contractors and suppliers who will provide services to us in the context of any of the purposes described above or elsewhere in this policy. Whenever we engage with third party service providers, we undertake appropriate due diligence and we impose contractual obligations to ensure that any personal data shared with them is appropriately protected (including in the context of any international transfer of data), including that it can only ever be used by the third party service provider for the purposes of the provision of services to us.
WHERE WE STORE YOUR PERSONAL DATA
All information you provide to us is stored on our secure servers located within the UK and the EEA. It will also be processed by colleagues operating within the UK and EEA. This includes colleagues engaged in, among other things, the fulfilment of your order and the provision of support services.
As of 31 December 2020, the UK will cease to be a member of the EU. There may be circumstances, depending on your location, where your Personal Data is transferred from the UK to the EEA and vice versa. We will ensure a similar degree of protection is afforded to your Personal Data by ensuring at least one of the approved safeguards (as described below) are implemented (commonly this will include the use of specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe) and to ensure that your Personal Data is treated securely and protected against unauthorised loss or damage.
Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Data out of the EEA.
If we share your personal data with a third party service provider based outside of the EEA (or if an EEA-based service provider will itself transfer data outside of the EEA), we will ensure that measures are implemented to protect the relevant data in accordance with approved safeguards (see further below).
USERNAMES AND PASSWORDS
Where we have given you (or where you have chosen) a username and password which enables you to access certain parts of our site, you are responsible for keeping this username and password confidential. We ask you not to share this information with anyone.
TRANSMISSION OF DATA
Unfortunately, the transmission of information through the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised loss or damage.
Our websites and services are not directed at individuals under the age of thirteen (13). We will not intentionally collect or maintain information about these individuals. If you believe that we may have collected Personal Data from someone under the age of 13, please let us know by emailing email@example.com. We will then take appropriate measures to investigate and, if appropriate, delete that information.
HOW LONG WE STORE YOUR PERSONAL DATA
We will retain your Personal Data for as long as needed to provide you with the services or as long as needed to fulfil the purpose for which the Personal Data was originally collected. We may also be required to retain certain information by law and/or for legitimate business purposes (for example, VAT records).
Under certain circumstances, you have rights under data protection laws in relation to your Personal Data and more information is set out below.
Please note you may instruct us at any time not to process your personal information for marketing purposes.
Your rights under data protection law include:
The right to access;
You have the right to ask us to confirm whether or not we process your Personal Data and, to have access to the Personal Data, and any additional information. That additional information includes the purposes for which we process your Personal Data, the categories of Personal Data we hold and the recipients of that Personal Data. You may request a copy of your Personal Data.
The right to rectification;
If we hold any inaccurate Personal Data about you, you have the right to have these inaccuracies rectified. Where necessary for the purposes of the processing, you also have the right to have any incomplete Personal Data about you completed.
The right to erasure;
In certain circumstances you have the right to have Personal Data that we hold about you erased. This will be done without undue delay. These circumstances include the following: it is no longer necessary for us to hold those Personal Data in relation to the purposes for which they were originally collected or otherwise processed; you withdraw your consent to any processing which requires consent; the processing is for direct marketing purposes; and the Personal Data have been unlawfully processed. However, there are certain general exclusions of the right to erasure, including where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for establishing, exercising or defending legal claims.
The right to restrict processing;
In certain circumstances you have the right for the processing of your Personal Data to be restricted. This is the case where: you do not think that the Personal Data we hold about you is accurate; your Personal Data is being processed unlawfully, but you do not want your Personal Data to be erased; it is no longer necessary for us to hold your Personal Data for the purposes of our processing, but you still require that Personal Data in relation to a legal claim; and you have objected to processing, and are waiting for that objection to be verified. Where processing has been restricted for one of these reasons, we may continue to store your Personal Data. However, we will only process it for other reasons: with your consent; in relation to a legal claim; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
The right to object to processing;
You can object to us processing your Personal Data on grounds relating to your particular situation, but only as far as our legal basis for the processing is that it is necessary for: the performance of a task carried out in the public interest, or in the exercise of any official authority vested in us; or the purposes of our legitimate interests or those of a third party. If you make an objection, we will stop processing your Personal Data unless we are able to: demonstrate compelling legitimate grounds for the processing, and that these legitimate grounds override your interests, rights and freedoms; or the processing is in relation to a legal claim.
The right to data portability;
In relation to the information you have given us and that we hold electronically, you have the right to request that your Personal Data be moved, copied or transferred from one database, storage or IT environment to another. You can make a portability request at any time where we have relied on your consent to use your Personal Data, or we have processed your data as part of a contract you have with us.
The right to complain to a supervisory authority;
If you think that our processing of your Personal Data infringes data protection laws, you can lodge a complaint with a supervisory authority responsible for data protection. You may do this in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
The right to withdraw consent; and
To the extent that the legal basis we are relying on for processing your Personal Data is consent, you are entitled to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
The right to object to direct marketing;
You can choose whether we process your Personal Data for direct marketing purposes. If you do not want us to process your Personal Data for direct marketing purposes, we will not process your Personal Data for this purpose. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your Personal Data in your Customer Portal.
If you wish to:
- Request access to, deletion of or correction of, your Personal Data, please contact us to arrange this at firstname.lastname@example.org.
- Request that your Personal Data be transferred to another person. You can exercise this right by contacting us at email@example.com and requesting that your Personal Data be transferred.
Please note we reserve the right to charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances. We may additionally need to request specific information from you to help us confirm your identity.
LINKS TO OTHER WEBSITES
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any Personal Data to these websites.
PERSONAL DATA MANAGED BY OUR CLIENTS
We use the term "Client" to describe a customer of SimplyCloud and to whom we provide our services under the terms of our contractual relationship.
Our Clients use the services to host, transmit or process data to our hosting platform and this information may include Personal Data that allows their own customers to be identified. We refer to this type of data as "Client Customer Data".
We only have a business or contractual relationship with our Clients and have no direct relationship with the individuals categorised as Client Customer Data.
In line with the Service Agreement, our Clients retain responsibility for compliance with relevant data protection legislation, which includes setting standards and maintaining security standards to ensure the security of all data they upload to our platform which may include Client Customer Data. The security, including encryption of data prior to transmission to our network and confidentiality of their accounts and access to our platform, remains the responsibility at all times of our Clients.
THE APPROPRIATE SAFEGUARDS
Whenever we transfer your Personal Data out of the UK (including to one of our group companies), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission.
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe.
- Where we use providers based in the US, we may transfer data to them if the appropriate Standard Contract Clauses (SCCs) are in place which requires them to provide similar protection to Personal Data shared between Europe and the US.
- We will implement supplementary measures where appropriate, including additional security measures to ensure adequate protection for Personal Data in line with our obligations as a responsible data controller.
- SimplyCloud has appointed Register S.p.A of Viale della Giovine Italia, 17. I-50122 Firenze Italy, to act as its representative in the EU with regard to Data Protection matters.