The most important fact is that it’s your personal data. We have complete respect for your rights and we will only use it where necessary to deliver, protect and improve our services, to keep you up to date about developments in our products, and to fulfil any legal or regulatory obligations we may have.
We review this policy regularly and may update it from time to time. The latest version will always be available here.
About The Data Controller
The data controller for the purpose of this policy is 3X Cloud Ltd (t/a WigWag), Martindale House, The Green, Ruddington, Nottinghamshire, NG11 6HH. Our company number is 12342271.
If you want to contact us about any of the points on this policy, or just generally about how we protect your privacy, please email us at firstname.lastname@example.org.
If you’re someone who doesn’t have a direct relationship with us, but believe that a WigWag customer or partner has entered your personal data into our websites or services, you’ll need to contact that customer or partner regarding any questions you have about your personal data (including where you want to access, correct, amend, or request that your personal data be deleted). See “Information for End Users” below for more information.
Whose Information We Collect
We collect information from three types of individuals:
You are not required to provide any data to us. However, if you do not do so, you may not be able to make full use of our services.
Purpose And Lawful Basis For Processing Your Personal Data
The personal data we process depends on how you interact with WigWag and your relationship with us (see above).
To provide you with services. We need to use your personal data in order to perform our obligations under contract to provide the services to you. We will:
To comply with regulatory obligations. Where we have a legal duty, we may:
To market relevant products to you. We may use your personal data to send you marketing information that may be of interest to you, but only if you have consented. If this is the case, we will:
To prevent fraud. We will use personal data for the legitimate interest of detection and prevention of fraud. We will:
Where we have a legitimate interest. We will process personal data if it is in our legitimate interests to do so. We will:
To comply with regulatory obligations. Where we have a legal duty, we may:
We do not use End User information for marketing purposes.
Who We Share Your Personal Data With
We use a number of different service providers (acting as “data processors”) to enable us to operate our business and the services we provide. For example, your personal data may be transferred to (and stored by) a third party data processor in order for us to:
Other circumstances in which we may share personal data with third parties
We may also share your personal data with the following third parties in certain circumstances:
We will not sell or rent your information to third parties and we will never share your information with third parties for marketing purposes other than our own marketing activity.
International transfers of personal data, and the measures in place to protect it.
Many of our data processors operate “cloud-based systems”, which means the information is held in information data centres in different locations. Some of the cloud-based systems we use reserve the right to hold copies of your personal information outside the EEA.
Certain processors may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
Please contact us at email@example.com if you want further information on the specific mechanisms used by our data processors when transferring your personal data out of the EEA.
Your Personal Data Rights
The personal data we hold about you is your data, so you have certain rights over them. This section summarises your rights. You can exercise any or all these rights when you choose, and the easiest way is by dropping us an email at firstname.lastname@example.org.
Where we are processing your data based on your consent (e.g. for marketing purposes) you can withdraw that consent and we must immediately stop processing your data. Please note that up to that point, we’re acting lawfully with your consent, withdrawal of consent cannot be backdated. You have the right to request a copy of all personal data we hold relating to you and we must provide this within 30 days. You also have the right to require us to correct any records that are wrong. You have the right to require us to erase personal data and we must comply unless we need it for one of the purposes described above. We also retain the right to keep data that is needed to establish, exercise or defend a legal claim. Where we process your data based on a “legitimate interest” you still have the right to object to our processing of that data. From that point, we must stop processing your data until we have determined whether your rights override our interests. Finally, you may have the right to have your personal data transferred to another organisation, and we’re obliged to provide it to you in a clear and reasonable format.
Your Right To Lodge A Complaint With The Regulator
At all times, you have the right to report a concern or lodge a complaint with the Information Commissioner’s Office. Please refer to the ICO at https://ico.org.uk/concerns/ or by calling them on 0303 123 1113.
Of course, we hope that we can resolve your issue quickly and fairly – you can contact us at email@example.com.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Information For End Users
Where our services are used by companies or organisations, the company or organisation (“the administrator”) is responsible for your use of the services and any questions with regard to your own data privacy should be addressed to that administrator, which will have its own data security and privacy policies. We have no control over any decision by any such administrator to, for example, access your account, change the nature of your account access (including termination, suspension or restriction) and/or amend your information (such as your profile or e-mail address). For the purposes of this section, an administrator may mean a company or organisation who provides you with your email address and owns the associated domain (such as an employer) who asserts control over your account or (in which case you will be advised) at some later date.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it – for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements.
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s securely deleted or anonymised.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. All of our methods meet the GDPR compliance requirement.
Where we have your consent – which we will ask for on your first visit – we use Google Analytics as a third party tracking service, but we don’t use it to track you individually or collect personal information. We use Google Analytics to collect information about how our website performs and how our users, in general, navigate through and use our services. This helps us to compile statistical reports on activity; and improve our content and website performance. Google Analytics gathers certain simple, non-personally identifying information over time, such as your browser type, which site you were referred by, entry and exit pages, timestamp, and similar data about your use of our site. We do not link this information to any of your personal information such as your username.
Certain pages on our site may set other third-party cookies. For example, we may embed content, such as videos, from another site that sets a cookie. While we try to minimise these third party cookies, we can’t always control what cookies this third-party content sets.
We process some personal data on the basis of consent. We obtain this consent by opt-in means only at the time of creating your account, subscribing to one or more of our mailing lists, or by specific request. You may withdraw this consent at any time.
How To Contact Us
If you have any questions, concerns or just want some more information about our privacy management, drop us a line at firstname.lastname@example.org