Note that this Privacy Policy follows current ICO Guidelines

1. Introduction

1.1 From the 25 May 2018, the General Data Protection Regulation (GDPR) replaces the Data Protection Act 1998, giving you as an individual more rights in relation to the personal data we, as an organisation, may hold about you. This is our Privacy Policy (together with our Platform Terms of Use and any other documents referred to in it). It applies to both our website at www.phaeria.com (‘the Website’) and our platform and application (‘the App’). The Website and the App are collectively referred to as ‘the Platform’. This Privacy Policy describes the type of information that we collect from you (‘you/your’) through the use of our services (‘Services’), or the use of our Platform, how that information may be used or disclosed by us and the safeguards we use to protect it. We have drafted this Privacy Policy to be as clear and concise as possible. Please read it carefully to understand our policies regarding your information and how we will treat it. By using or accessing our Platform or the Services, you agree to the collection, use and disclosure of information in accordance with this Privacy Policy. This Privacy Policy was last updated on 22nd May 2018 to add new provisions to the policy applicable regarding GDPR. Please check back regularly to keep informed of updates to this Privacy Policy. Please read this Privacy Policy carefully. Your acceptance of our Privacy Policy is deemed to occur upon your first use of our Platform. If you do not accept and agree with this Privacy Policy, you must stop using our Platform immediately. If you have any comments on this privacy policy, please email them to [email protected].

2. Who we are

2.1 Here are the details that we as ‘data controller’ are required to give to you in accordance with Data Protection Legislation (please note this means the Data Protection Act up to and including 24th May 2018 and from 25 May 2018 and onwards the General Data Protection Regulation (GDPR) and any other applicable law which relates to the protection of individuals rights with regard to the processing of personal data):
2.1.1 Our Website address is: www.phaeria.com
2.1.2 Our company name is: Phaeria ltd
2.1.3 Our Trading address is: Phaeria ltd, Hoghton Towers, Hoghton Street, Southport, PR9 0TB;
2.1.4 Our Registered address is: Phaeria ltd, Hoghton Towers, Hoghton Street, Southport, PR9 0TB;

3. What we may collect

3.1 We may collect, use, transfer and process the following data about you including:
3.1.1 information you put into forms, when entering a competition, promotion or surveys on our Platform at any time. This includes information provided at the time of registering to use our Platform, subscribing to our service, creating an account on our Platform, posting material or requesting further services.
3.1.2 requests that marketing material be sent to you;
3.1.3 information you may provide via our social media platforms; and
3.1.4 information you may provide to us when you contact us by email, phone or otherwise.
3.2 We may also ask for your information when you report a problem with our Platform or provide other feedback and we will collect the following data to enable us to provide our Services to you;
3.2.1 a record of any correspondence between us;
3.2.2 details of transactions you carry out through our Platform
3.2.3 details of your visits to our Platform and the resources you use
3.2.4 any information that you upload to our Platform and any other form of interaction data you may provide; and
3.2.5 information about your computer (e.g. your IP address, browser, operating system etc) for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
3.3 Please note that we do not store credit card details and we do not share customer details with any third parties without the customer’s consent.
3.4 Depending on your circumstances and the products and services selected the personal information we gather about you may include: your name; address; email address; phone number; financial information; personal identification information and any further personal information as may be required as part of the service or product provided or which you share through our Platform.

4. Cookies

4.1 We use cookies to distinguish users and improve our Website. Please look at our Cookie Policy for more cookie information.

5. How we use what we collect

5.1 We use information about you to:
5.1.1 present Platform content effectively to you;
5.1.2 provide information on and allow you to use, products and services that you request, or (with your consent) those services which we think may interest you to personalise your experience;
5.1.3 allow us to better our service to you by responding to your customer service requests;
5.1.4 take steps at the request of you prior to entering into a contract or to carry out our contractual obligations and provide you with the products and services under the terms of our contractual arrangement with you;
5.1.5 allow you to use our interactive services if you want to;
5.1.6 to administer a contest, promotion, survey or other Platform feature;
5.1.7 tell you about changes to our service;
5.1.8 we will contact you electronically about similar products and services to those previously sold to you;
5.1.9 with your prior consent, tell you about other goods and services that might interest you; and
5.1.10 we may want to allow selected third parties to contact you directly. We will ask for your consent each time, before passing on your details, and will not do so unless your consent is given.
5.2 in some instances, it may be appropriate for us to combine your information with other information that we may be holding about you, such as combining your name with your geographic location or your browsing or purchasing history.
5.3 if you do want to be contacted for marketing purposes, please tick the relevant box that you will find on screen when we collect your data.
5.4 you can update your preferences at any time by contacting us.
5.5 please note: we don’t identify individuals to our advertisers (if any), but we may give them aggregate information to help them reach their target audience, and we may use information we have collected to display advertisements to that audience.
5.6 Please note, that if you no longer wish for us to process your personal data for marketing purposes, you can contact us at [email protected] and we will update our systems. However, in doing so you acknowledge that this may limit the products and services we can provide to you. In some cases, the collection and retention of personal data may be a statutory or contractual requirement.
5.7 In addition to 5.1 we will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
5.7.1 Where we need to perform the contract we are about to enter into or have entered into with you.
5.7.2 Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
5.7.3 Where we need to comply with a legal or regulatory obligation
5.8 Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to our marketing communications or sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by updating your contact preferences, and we will move your data to our “unsubscribe list”. However, you acknowledge this will limit our ability to provide the best possible services to you.
5.9 As already indicated above, with your permission and/or where permitted by law, we may also use your data for marketing purposes which may lead to us contacting you by email and/or telephone with information, news and offers on our Services. We agree that we will not do anything that we have not agreed to under this Privacy Policy, and we will not send you any unsolicited marketing or spam. We will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, as amended in 2004, 2011 and 2015.

6. Where we store your data

6.1 We currently store data inside European Economic Area (EEA). We may transfer your collected data to third parties for storage outside the European Economic Area (EEA) in connection with the above purposes. For example, your personal data may be processed outside the EEA to fulfil your service and/or it may be processed to administer payment.
6.2 By giving us your personal data, you agree to this arrangement. Where such processing takes place, appropriate controls, such as the adoption of agreements containing appropriate standard clauses are in place to ensure that your information is protected to the same standard as if it were in the UK. We will do what we reasonably can to keep your data secure, and up to date and in accordance with this privacy policy.
6.3 Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see the European Commission: EU-US Privacy Shield.
6.4 Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through our Platform. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
6.5 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
6.6 We have implemented security measures such as a firewall to protect any data and maintain a high level of security.
6.7 Notwithstanding the security measures that we take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting to us data via the internet and you take the risk that any sending of that data turns out to be not secure despite our efforts.

7. Retention of Data

7.1 We will not collect more personal data than we need for the purposes set out in Paragraph 5. We will retain such personal data for the life of your contractual arrangement with us and for a period of up to seven years after your relationship with us has ended. We may however be required to retain personal data for a longer period of time to ensure we comply with our regulatory and legislative requirements. We regularly review our data retention obligations to ensure we do not keep personal data for longer that we are legally obliged to.
7.2 We do not store credit card details, other than storing them momentarily on the Platform until they have been dispatched to our payments provider.

8. Disclosing your information

8.1 We are allowed to disclose your information in the following cases:
8.1.1 if we want to sell our business, or our company, we can disclose it to the potential buyer;
8.1.2 if we want to sell or buy any business, or assets, we can disclose your personal data to the potential buyer or seller of such business or assets;
8.1.3 we can disclose it to other businesses in our group, which means our subsidiaries, our ultimate holding company and its subsidiary as defined in Section 1159 of the UK Companies Act 2006;
8.1.4 we can disclose it if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights;
8.1.5 in connection with legal proceedings (including prospective proceedings);
8.1.6 in order to establish or defend our legal rights; and
8.1.7 we can exchange information with others to protect against fraud or credit risks.
8.2 We may engage third parties to assist us in carrying out certain functions on our behalf. These include companies to assist with payment processing, search engine facilities, advertising and technology services. We only share the appropriate level of personal data to enable the supplier to provide their services. Where your data is required to be shared we will take all reasonable steps to ensure your data is handled safely and securely and in accordance with our and the suppliers’ obligations under Data Protection Legislation.
8.3 Companies who have access to personal data include:
Our subprocessors listed on our subprocessors page.
Other providers include: SMS alerts, IT and software development, Online advertising management, Accountants

9. Your rights

9.1 You have a number of rights under the Data Protection Legislation;
9.1.1 The right to request a copy of the information we hold on you. When you request this information, this is known as a Subject Access request (SAR).
9.1.2 The right to have personal data we hold about you transferred securely to another service provider in an electronic form;
9.1.3 The right to have inaccurate personal data corrected;
9.1.4 The right to have any out of date personal data deleted once there’s no business need or legal requirement for us to hold it;
9.1.5 The right to object or restrict some processing, in limited circumstances and only when we don’t have legitimate grounds for processing your personal data;
9.1.6 The right to object to personal data being used to send you marketing material. As mentioned above, we will only send you marketing material where you have given your consent to do so. You can remove your consent at any time.
9.1.7 You can ask us not to use your data for marketing. You can do this by not ticking the relevant boxes on our forms, or by contacting us at any time at [email protected]
9.1.8 The right to ask for a decision to be made manually, where a decision is made using automated means and this adversely impacts you.
9.1.9 The Data Protection Legislation gives you the right to see information we hold about you. To exercise any of these rights please contact [email protected].

10. Security

10.1 We are committed to ensuring your personal data is protected and held securely. However, the internet is not a secure medium and we cannot accept responsibility for the security of an email during transmission or non-delivery of that email.

11. Making a complaint

11.1 If you believe we have not processed any of your personal data in accordance with Data Protection Legislation or you have been affected by non-compliance you can make a complaint to [email protected].
11.2 If you are not satisfied with our response you can raise a complaint with the UK’s Information Commissioner’s Office, the UK’s independent authority set up to enforce Data Protection Legislation.

12. Links to other websites

12.1 Please note that our Platform Terms of Use and our policies will not apply to other websites that you get to via a link from our Platform.
12.2 Our Platform may, from time to time, contain links to and from the website of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. We have no control over how your data is collected, stored or used by other websites and we advise you to check their privacy policy before providing any data to them.

13. Variation

13.1 If we change our Privacy Policy, we will post the changes on this page. If we decide to, we may also email you

14. Automated decision making-tools

14.1 In the event that we use personal data for the purposes of automated decisionmaking and those decisions have a legal (or similarly significant effect) on you, you have the right to challenge to such decisions under GDPR, requesting human intervention, expressing their own point of view, and obtaining an explanation of the decision from us.
14.2 The right described in section 14.1 does not apply in the following circumstances:
14.2.1 the decision is necessary for the entry into, or performance of, a contract between the you and us;
14.2.2 the decision is authorised by law; or
14.2.3 you have given you explicit consent.
14.3 Where we use your personal data for profiling purposes, the following shall apply:
14.3.1 Clear information explaining the profiling will be provided, including its significance and the likely consequences;
14.3.2 Appropriate mathematical or statistical procedures will be used;
14.3.3 Technical and organisational measures necessary to minimise the risk of errors and to enable such errors to be easily corrected shall be implemented; and
14.3.4 All personal data processed for profiling purposes shall be secured in order to prevent discriminatory effects arising out of profiling.

15. Terms and Conditions

15.1 Please also visit our Platform Terms of Use section establishing the use, disclaimers, and limitations of liability governing the use of our Platform

16. Your Consent

16.1 By using our Platform and by way of acknowledgment, you consent to our Privacy Policy.

17. Dispute Resolution

17.1 The Parties will use their best efforts to negotiate in good faith and settle any dispute that may arise out of or relate to this Privacy Policy or any breach of it.
17.2 If any such dispute cannot be settled amicably through ordinary negotiations between the parties, or either or both is or are unwilling to engage in this process, either party may propose to the other in writing that structured negotiations be entered into with the assistance of a fully accredited mediator before resorting to litigation.
17.3 All negotiations connected with the relevant dispute(s) will be conducted in confidence and without prejudice to the rights of the parties in any further proceedings.
17.4 If the parties agree on a resolution of the dispute at mediation, the agreement shall be reduced to writing and, once signed by the duly authorised representatives of both parties, shall be final and binding on them.
17.5 Any dispute shall not affect the parties’ ongoing obligations under this Privacy Policy.