PRIVACY POLICY

BACKGROUND:

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, and uses our services we will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law, namely, The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA 2018).

Please read this privacy policy carefully and ensure that you understand it.

1. Definitions of terms
In this policy the following terms shall have the following meanings:

"The company, our, we and us" means "Numberjuice" operated by Numberjuice Limited (Company Number 08891674) of 5 Merchant, Evegate Business Park, Ashford, Kent, TN25 6SX. Where applicable, its officers, employees and authorised agents.
"Our site" or "Sites" means our websites www.Numberjuice.co.uk and www.numberjuice.co.uk
"You" means data subject using our sites and our services.
"Our services" means access to our cloud-based bookkeeping software, Numberjuice and bookkeeping service.
"Personal data" means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

2. What does this policy cover?

This privacy policy explains main data protection principles we abide by, what personal data is collected, how it is used and stored, what lawful basis we use for processing your personal data, under what circumstances your personal data may be shared with third parties, how long this information is retained for, what are your rights as data subject and how to exercise those rights.

This privacy policy applies only to your use of our sites and our services. Our sites may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

3. Data protection principles

We abide by the main data protection principles set by GDPR, which means that your data will be: a) used lawfully, fairly and in a transparent way, b) collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes, c) relevant to the purposes we have told you about and limited only to those purposes, d) accurate and kept up to date, e) kept only as long as necessary for the purposes we have told you about, f) kept securely.

4. What personal data do we collect and how we collect it?

Depending upon your use of our sites and services, we may collect some or all of the following personal data (please also see Part 12 on our use of cookies):

Information you provide when completing online contact form or registering for our free guides and seminars. We use links throughout our sites to provide you with the opportunity to contact us to ask questions, request information and materials, register or sign up for guides or seminars, or provide comments and suggestions. You may also be offered the opportunity to have one of our representatives contact you personally to provide additional information about our products or services. To do so, we may request contact information from you, such as your name, email address and telephone number, to help us satisfy your request.

Information you provide to us to sign up for our service(s) (including free trial). This information includes: your contact details (name, phone number, email address, correspondence address) and your company details (name of the company, company registration number, registered office address, VAT number, UTR number, etc.). This information is essential for creating and managing your account and subscription.

ID document and a proof of address. Once your account is created we will also ask you to provide a copy of your passport and a proof of your address needed to make ID checks under the Money Laundering Regulations 2017.

Using your Numberjuice account. In addition to your personal data and general company information, we will also hold financial data that you enter/upload into your account (or choose to send it to us by other means, such as post or email) such as your company’s sales and purchase invoices, details of company’s bank transactions, etc.

You own all of the financial data you enter or upload into your account and have ultimate control over who has access to it. In other words, only you and your dedicated bookkeeper(s) will have access to your account, unless you choose otherwise. Your account will be password protected. Upon registration we will send you a welcome email containing password, which we strongly recommend to change when you first log in to your account. Please keep your password safe and re-set it periodically for additional security.

When you provide us with personal data about someone else, for example personal details of your employee(s), subcontractor(s) or supplier(s), you must ensure that you are authorised to disclose that data to us and that, without us taking any further steps required by applicable data protection or privacy laws, we may collect, use and disclose such personal data for the purposes described in this policy. You must, therefore, take reasonable steps to ensure that the third party concerned is aware of and consents to the various matters detailed in this policy, including: the fact that their personal data is being collected, the purposes for which that data is being collected, the intended recipients of that data, and the third party's right to obtain access to the data (including details of how to request access). Where requested to do so, you must assist us with any requests by the third party to access or update the personal data you have collected from them and provided in connection with our services.

5. How do we use your personal data and what lawful basis do we use to process it?

Under the GDPR, we must always have a lawful basis for processing personal data. Your personal data may be used for one of the following purposes:

-As described in Part 4, most of the personal data we collect is necessary for us to provide our service (fulfil our contractual obligations) in which we have a legitimate interest. That includes service related communication with you (via email, phone, SMS, post, web chat facility or social media).

-With your prior consent and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and/or phone and/or text message with information, news, and offers on products and/or services that might be of interest to you. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out by clicking the ‘unsubscribe’ button in the next marketing email you receive or alternatively you may contact our data protection officer (see Part 13).

6. What are your rights?

Under the GDPR, you have the following rights, which we will always work to uphold:

  • a) The right to be informed about our collection and use of your personal data. This privacy policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.
  • b) The right to access the personal data we hold about you. Part 11 will tell you how to do this.
  • c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
  • d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have.
  • e) The right to restrict (i.e. prevent) the processing of your personal data.
  • f) The right to object to us using your personal data for a particular purpose or purposes.
  • g) The right to data portability. This means that, if you have provided personal data to us directly, you can ask us for a copy of that personal data to re-use with another service or business.
  • h) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about exercising your rights as outlined above, please contact us using the details provided in Part 13.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

7. How long will you keep my personal data?

We retain personal data for as long as necessary to provide our services or for other essential purposes such as complying with our legal obligations, resolving disputes and enforcing our agreements. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly.

For example, the default standard retention period for accounting records is 6 years from the end of the last company financial year they relate to, or longer in some cases.

8. Where do we store and transfer your personal data?

Electronic data is stored at data centres and web hosting facilities based in UK.

We also hold hard copies of customer files that contain personal information in our office.

We may use third party software that is based outside European Economic Area (the EEA). For example, Global Payments Inc (processing payments for our services) or Campaign Monitor Pty Ltd (email marketing software). In such cases we will always take additional steps to make sure that those providers are GDPR compliant and that your personal data will be treated in line with strict standards set by the GDPR.

9. Data storage security matters

We will keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage whether the information is held electronically or on paper. We will do our best to protect your personal information but we cannot guarantee the security of your information which is transmitted to our website(s), applications or services or to other website, applications and services via an internet or similar connection.

10. Do you share my personal data?

From time to time, we may need to share your personal information with others:

We may share your personal information, with third party service providers who perform various functions to enable us to provide our services and help us operate our business (such as Taxfiler, HQ, Brightpay, etc.). Our contracts with these third parties require them to maintain the confidentiality of the personal Information we provide to them, only act on our behalf and under our instructions, and not use personal Information for purposes other than the product or service they are providing to us or on our behalf.

In some limited circumstances, we may be legally required to share your personal data, if we need to comply with legal obligations, a court order, or the instructions of a government authority.

Upon receiving a written request from you, we will share personal data you provided to us with a third party such as a different bookkeeping/accounting service provider (please consult Part 4-g ‘the right to data portability’).

11. How can I access my personal data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a subject access request (SAR).

All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 13. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.

We will endeavour to respond to your subject access request within 30 days of receiving it.

12. Use of cookies

A cookie is a small text file that may be placed on your device when you visit our site(s). When you next visit our site(s) the cookie allows us to distinguish you from other users. Our site(s) use(s) a number of different cookies. Below we explain the cookies we use and why we use them.

There are two broad categories of cookies:

Session cookies - session cookies remain on your device until you close your browser when they are automatically deleted.

Persistent cookies - persistent cookies remain on your device until deleted manually or automatically.

Cookies we use and why we use them:

Essential cookies - essential cookies are technical cookies that are required for the operation of our sites. Without essential cookies our sites can’t operate properly.

Performance cookies - performance cookies allow us to recognise and count the number of visitors to our site(s) and to see how visitors move around it. This helps us to improve the way our site(s) works by enabling us to tailor our sites to the way visitors use them. The information we collect from performance cookies is aggregated which means that we cannot identify you from it.

Functional cookies - functional cookies allow our site(s) to remember the choices you make. Our sites use functional cookies to provide you with enhanced and personalised features. Information collected by functional cookies cannot track your browsing activity when you leave our site(s) to browse other sites.

Third party cookies - are those placed by websites and/or parties other than Numberjuice or Numberjuice. These cookies may be used on our sites to improve our products. These cookies are subject to the respective privacy policies for these external services.

Your right to refuse cookies and what happens if you refuse them

You can refuse cookies by activating the relevant setting on your browser. However, if you do so you may not be able to access all or parts of our site(s).

Further information

If you require any further information on cookies including how to see what cookies have been set and how to manage, delete and turn them off visit www.aboutcookies.org or www.allaboutcookies.org . Please note that these are external websites and we are not responsible for the accuracy of the information on these sites.

13. Who and how do I contact for any data protection matters?

We have appointed a Data Protection Officer (DPO) to oversee compliance with this privacy policy. To contact DPO about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Email address: team@numberjuice.com

Telephone number: 01233 226 520

Postal Address: 3 Merchant, Evegate Business Park, Ashford, Kent, TN25 6SX.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website www.ico.org.uk.

14. Changes to this policy

This privacy policy was last updated on 23rd of May 2018.

We may change this privacy policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

Any changes will be immediately posted on our site. We recommend that you check this page regularly to keep up-to-date.