Website and App Privacy Policy
Information which we may collect about You
We collect personal information about you when you register with us, contact us or when you submit a response to an online questionnaire on our website.
We may collect the following personal information.
a) full name;
b) company name;
c) postal address;
d) email address;
e) telephone numbers; and
f) IP address when you visit our website.
Please note that we do not collect any information in relation to your payment information, such as credit/debit card details. We may also collect personal information about you from other sources (such as credit reference agencies), which we will add to the information we already hold about you in order to help us improve our products and services, and usage data to improve and personalise the products / services which we are providing to you.
We use third parties to provide information about visitors to our websites. When you visit our website we will record your IP address. This address will be matched against public and proprietary IP address databases to provide us with information about your visit. This information may identify the organisation to whom the IP address is registered but not individuals. In some limited cases i.e. single person companies, it may be possible to identify personal data from publicly available ICANN data
How we use your information
We use personal data held about you:
a) to identify you and manage any accounts you hold with us;
b) to process your order and provide you services;
c) to conduct research, statistical analysis and behavioural analysis;
d) in certain circumstances, to let you know about other products or services that may be of interest to you—see 'Marketing’ section below;
e) to detect and prevent fraud;
f) customise our website and its content to your particular preferences;
g) to allow you to participate in the interactive features of our website;
h) notify you of any changes to our website or to our services that may affect you;
i) carry out security vetting; and
j) improve our product and services.
These uses are in line with
(i) our legitimate interests to: administer the website and app, prevent or detect crime, improve our products and services, direct market to you and to interact with you when you request/offer products and services; and
(ii) to carry out our contractual obligations to you (or to take steps to enter into a contract with you at your request). If you fail to provide information which we need to contract with you, we may not be able to perform that contract.
Marketing
We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided. From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, SMS, fax or mail. We may use the information to customise the website according to your interests.
For the app users, we may periodically send promotional messages using push notifications.
From time to time, we may also use your information to contact you via SMS regarding product and services we think you may find useful and of interest.
When we require your consent to send you marketing messages, we will only send you such marketing messages when you tick the relevant boxes when you provide us with your personal information, and you can opt out at any time, www.afi-group.co.uk/optout. Please see 'The right to ask us to stop contacting you with direct marketing' below for further information.
How long we will keep your personal information
We will keep your personal information while you have an account with us or we are providing products and/or services to you. Thereafter, we will keep your personal information for as long as is necessary:
· to respond to any questions, complaints or claims made by you or on your behalf;
· to show that we treated you fairly;
· to keep records required by law.
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information.
When it is no longer necessary to retain your personal information, we will delete or anonymise it.
Our approach to information security
To protect your information, AFI-Uplift Limited has policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner and all systems that can access the information have the necessary security measures in place. To accomplish this, all employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.
To make sure all employees, contractors and subcontractors understand these responsibilities they are provided with the necessary training and resources they need.
In addition to these operational measures, we also use a range of technologies and security systems to reinforce the policies. To make sure that these measures are suitable, vulnerability tests are run regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled. Additionally, all areas of the organisation are constantly monitored and measured to identify problems and issues before they arise.
Transfers of your data outside the EEA
We may need to transfer your personal data to UAE, Qatar, Saudi Arabia or Bahrain which are located outside the European Economic Area, for the purpose of marketing and financial analysis. Any transfer of your data will be subject to a European Commission approved contract that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach. Please contact our Data Protection Officer (details set out below) if you have any queries in relation to this safeguarding arrangement.
Your rights
In order to process any of the requests listed below, we may need to verify your identity for your security. In such cases your response will be necessary for you to exercise this right.
The right to access information we hold about you
At any point you can contact us to request that the information we hold about you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request we will respond within one month.
The right to correct and update the information we hold about you
If the data we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated.
The right to have your information erased or restricted
If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold or restrict our processing of your data.
When we receive your request to erase the data, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted.
The right to object to processing of your data
You have the right to request that AFI-Uplift Limited stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your data to comply with your other rights.
The right to ask us to stop contacting you with direct marketing
You have the right to request that we stop contacting you with direct marketing. In order to process your request we may need to verify your identity for your security. If for any reason you would like to be removed from our marketing lists at any stage, you can easily and quickly opt-out here, or by calling 01332 855377. In addition you can change your preferences or update your details by clicking on the links at the bottom of any promotional email you receive.
The right to data portability
You have the right to request that we transfer your data to another controller. Once we have received your request, we will comply where it is feasible to do so.
If you want to make a request in respect of the above rights, please contact us either email gdpr@afi-group.co.uk or telephone 03301 340 209.
Consent
In those cases where we need your consent to hold or process your information, we will ask you to check a box on a form requiring consent. By checking these boxes you are stating that you have been informed as to why AFI-Uplift Limited is collecting the information, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject. Should you wish to withdraw your consent you may do this at any time. If you do so, it will not affect lawfulness of the processing based on your consent prior to its withdrawal.
Sharing your information
We may disclose your personal data to any member of our group of companies, which means our subsidiaries, any ultimate holding company and its subsidiaries as defined in section 1159 of the Companies Act 2006 where necessary for administrative purposes. In particular, if you request services from another member of our group, we may need to pass your contact details on to that group member. In this case, the basis of our data processing is the pursuit of our legitimate interests for our business administrative purposes or to perform a contract with you.
AFI-Uplift Limited may also pass your details to third parties where this is necessary to pursue the legitimate interest of ensuring or improving the functioning of our product. We recommend that you check the privacy policies of these third parties, as they may differ from our Policy. These third parties include:
(a) Google We work with third party company Google to automatically collect information including: IP address; MAC (Media Access Control) address; unique identifier or other persistent or non persistent device identifier; device software platform and firmware, mobile phone carrier and geo location data in line with our legitimate interests in wanting to understand your use of our app such as how often you return, what parts of the app you visit, how you use the app, how long you spend on the app. This third party provider is prohibited from using our data for any other purposes; and
(b) Live Chat: GoSquared is our Live Chat service. We may send personal information to this service in order to be able to have ‘live’ online chat with customers. This third party provider is prohibited from using our data for any other purposes.
(c) Call Tracking: We use WhatConverts which uses Dynamic Number Insertion to help us quickly integrate call tracking on our website. The tracking numbers are used for analytical purposes for marketing only to measure call conversions from the website.
(d) HotJar is used to understand website visitor’s behavior whiles visiting our website.
(e) Lead Generation: We work with a third party Spolter (CommuniGator) that provides GatorLeads, which is a tool that identifies the business or organisation that website visitors belong to, based on a reverse IP lookup. GatorLeads does not use any cookies to process this identification, and no personal information about individual users is stored. Cookies used by GatorLeads store information about your current web browsing session (pages viewed, time on site etc) and the dates and times of previous website visits. This information is used by AFI to profile website visitors, in order to better understand the way in which our website content is viewed by different segments. It is also used to identify the types of organisations that might be interested in purchasing our products/services and attending our events.
(f) Email Marketing Post-Click Tracking Cookies. We work with a third party Spolter (CommuniGator). These cookies are used to report on the pages that have been viewed by visitors to the site who have followed links from our email marketing campaigns or social media campaigns (see (g)). This analysis helps us to understand additional content that is viewed by the contacts in our database and therefore allows us to improve and tailor future campaigns to those contact’s specific areas of interest.
(g)Social Media Management Platform: We use Gator Social which is part of the Spolter (CommuniGator) platform. The Spotler platform is using the Oktopost dashboard from where all posts and data is collected from. The platform is used to manage and post to various special media channels, monitor, and measure social media activities for the purpose of improving our social media.
(h) SMS for Marketing: We use Esendex SMS, a platform used to send targeted marketing SMS to customer and prospect customers. Only mobile numbers are stored and opt outs collected on this system, no other personal data is stored.
Occasionally, we may need to disclose your personal data to third parties where necessary for
(i) the legitimate interests of our business to restructure or sell/acquire shares or assets; and/or
(ii) in order to comply with our legal obligations:
(a) in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
(b) if AFI-Uplift Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; or
(c) if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, enforce or apply our Website terms of use or other agreements, or to protect the rights, property or safety of the Group, our customers or others.
Google AdWords call recordings
This section explains how we use recordings of phone calls that comes from our Google Adwords paid ads, PPC, within the AFI group of companies.
·
We are recording any calls that are generated from our PPC ad campaigns to improve our product and service offering.
·
The following message will be played to callers on eligible ad formats: 'Google and its partners may record the call and retain this call for quality and research purposes'.
·
The recorded calls are kept for 30 days after the date of the call.
·
These recordings are stored in AFI’s Google AdWord account only and aren't available for download.
·
Google takes user privacy very seriously and call recording practices are consistent with Google's Privacy Policy.
Beacons/Pixels
On our website and in our emails we use web beacons. When we send emails to Customers and Prospects, we may track behaviour such as who opened the emails, who clicked the links and which pages of our website they have visited.
This allows us to measure the performance of our email campaigns and to improve our Service and website. To do this, we include single pixel, also called web beacons, in emails we send. Web beacons allow us to collect information about when you open the email, your IP address, your browser or email client type, and other similar details. We also include Web Beacons in the emails we deliver for you. We use the data from those Web Beacons to create reports about how your email campaign performed and what actions your Contacts took. Reports are also available to us when we send email to you, so we may collect and review that information.
On our website we use Facebook pixel which collects data that helps us track conversions from Facebook ads, optimize ads, build targeted audiences for future ads, and remarket to people who have already taken some kind of action on your website. Facebook Remarketing: Third parties, including Facebook, may use cookies, web beacons, and other storage technologies to collect or receive information from our website and elsewhere on the internet, and use that information to provide measurement services and target ads. With Facebook remarketing you may see our ads on Facebook after you have visited our site. For this to happen, Facebook uses a Custom Audience Pixel that is activated when a visitor lands on a webpage and a unique “cookie” is placed in their browser. Facebook lookalike audience targeting allows us to show ads on Facebook to people who are similar to those who have already visited or made a purchase from our website. To opt out of Facebook’s collection and use of information for ad targeting visit: https://www.facebook.com/help/568137493302217.
Bing
Bing Universal Event Tracking: We use Bing Universal Event Tracking (“UET”), a service of Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”). When you access our web pages through advertisements on Bing Ads, a cookie will be placed on your computer. In addition, a UET tag is integrated on our websites. This is a code used to store pseudonymised data about the use of the website in connection with the cookie. The tag, in combination with the cookie, pseudonymizes data to track what you are doing on our web pages after you click on an ad on Bing Ads. Among other things, the amount of time that has been spent on the website, which areas of the website were accessed and which advertisement you came to the website are recorded. In addition, Microsoft can track your usage behaviour across multiple of your electronic devices through cross-device tracking. The information collected is transmitted to a Microsoft server in the United States. Microsoft is certified under the EU-US Privacy Shield.
Bing Universal Event Tracking: UET allows us to track your activity on our web pages when you visit our web pages through ads from Bing Ads and enable us to improve our offering. Cross-device tracking allows Microsoft to show personalized ads.
Bing Webmaster Tools: With this tool, Microsoft can deploy its Bing services and optimize search results.
Cookies and Tracking
Cookies are small text files that are placed on to your computer by websites that you visit. They are used to make websites work, to improve efficiency of websites, to improve the user’s experience and to provide usage information on websites. This information should make your website visits more productive by storing and using information on your website preferences and habits.
Your web browser can choose whether or not to accept cookies. Most web browser software is initially set up to accept them.
We may offer cookies to you and you should ensure that your web browser is set up to not accept cookies if you do not wish to receive them. Please note that if you disable cookies, some services or website functionality may not be available. For further information about cookies and how to disable them please go to https://ico.org.uk/for-the-public/online/cookies/. We use the following cookies:
·
Essential cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, and to use online forms.
·
Analytical cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
·
Marketing cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences. These cookies also record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website, the advertising displayed on it and communications sent more relevant to your interests.
By continuing to use this site, you are accepting our use of these cookies that make advertising and communications more relevant to you and your interests and further help us to improve the site.
Description of cookies
The table below provides some information on the cookies which we use on our website:
Third Party Cookies
Enquiries
When contacted with an enquiry, AFI-Uplift Limited will hold the entity name and contact details only for the purposes of handling the enquiry. The online forms are subject to the same cookies and tracking as the rest of the website (see the above section “Cookies and Tracking” for more information). Calls made to us may be recorded to protect the interests of all parties. Call records are deleted after 28 days unless needed for ongoing actions.
Contact detailsIf you have any queries about this Policy, need further information or wish to lodge a complaint you can use the details below to contact the relevant party.
Geoff Gibson
Data Protection Officer
AFI-Uplift Limited, Unit 1 Bradley Court, Maple Road, Trent Lane, Castle Donington DE74 2UT
You also have the right to lodge complaints with a supervisory authority. The UK supervisory authority is the UK Information Commissioner's Office (UK ICO). The UK ICO's contact details are set out at: https://ico.org.uk/global/contact-us/.
Changes to this Privacy Policy
We may change this Policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website. In the case of significant changes, we will inform you by any appropriate means.
Find out More
