Privacy Policy

Privacy Policy

This Privacy Policy applies between you, the User of this App, and Shoalter Automation (UK) Limited, the owner and provider of this App. Shoalter Automation (UK) Limited takes the privacy of your information very seriously. This Privacy Policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the App.

This Privacy Policy should be read alongside, and in addition to, our Terms and Conditions, which can be found at: www.in-five.co.uk/terms-and-conditions.

Please read this Privacy Policy carefully.

Topics:

1. Definitions and interpretation
2. Scope of this Privacy Policy
3. What data do we collect?
4. How do we collect your data?
5. How will we use your data?
6. What happens if you do not provide your Data?
7. How long do we store your data?
8. Keeping Data secure
9. Marketing
10. What are your data protection rights?
11. Transfers outside the UK
12. Links to other websites
13. Changes of business ownership and control
14. General

Definitions and interpretation
In this Privacy Policy, the following definitions are used:

App	the application that you are currently using, www.in-five.co.uk, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Cookie	a small text file placed on your computer by this App when you visit certain parts of the App and/or when you use certain features of the App. Details of the cookies used by this App are set out in the clause below (Cookies).
Data	collectively all information that you submit to Shoalter Automation (UK) Limited via the App or which we collect through your use of the App. This definition incorporates, where applicable, the definitions provided in the Data Protection Laws;
Data Protection Laws	any applicable law relating to the processing of Personal Data, including but not limited to: (i) the UK GDPR and the UK Data Protection Act, and (ii) the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 & the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2018, and any national implementing and supplementary laws, regulations and secondary legislation;
Personal Data	any information about an individual from which that individual may be identified. It does not include data where the identity has been removed (anonymous data).
Shoalter Automation (UK) Limited, we or us	Shoalter Automation (UK) Limited, a company incorporated in England and Wales with registered number 13637578 whose registered office is at 320, Broadway, Salford M50 2UE;
UK GDPR	the UK General Data Protection Regulation; and
User or you	any person that accesses the App and is not either (i) employed by Shoalter Automation (UK) Limited and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Shoalter Automation (UK) Limited and accessing the App in connection with the provision of such services.

In this Privacy Policy, unless the context requires a different interpretation:

1. the singular includes the plural and vice versa;
2. references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this Privacy Policy;
3. a reference to a person includes firms, companies, government entities, trusts and partnerships;
4. “including” is understood to mean “including without limitation”;
5. reference to any statutory provision includes any modification or amendment of it; and
6. the headings and sub-headings do not form part of this Privacy Policy.

Scope of this Privacy Policy
This Privacy Policy applies only to the actions of Shoalter Automation (UK) Limited and Users with respect to this App. It does not extend to any applications that can be accessed from this App including any links we may provide to social media websites. For purposes of the applicable Data Protection Laws, Shoalter Automation (UK) Limited is the “data controller”. This means that Shoalter Automation (UK) Limited determines the purposes for which, and the manner in which, your Data is processed.

What data do we collect?
We may collect Data, which includes Personal Data, from you:

• contact Information such as email addresses
• name (only when dealing with customer service cases, not when making payment)
• transaction data, including details of products and services you have purchased from us, the amounts you have agreed to pay and the dates of your order and delivery
• technical data, such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, Device ID, advertising ID, the date, times and frequency with which you access the App and the way you use and interact with its content
• geographic location
• user token,

in each case, in accordance with this Privacy Policy.

We may also use your Data for the purpose of our legitimate interests as follows:

1. personalising and tailoring your experience on this App;
2. personalising and tailoring our products and services for you;
3. to assess your creditworthiness;
4. to screen our orders for compliance with our terms and conditions and to detect fraud;
5. to collect and recover money owed to us;
6. internal record-keeping in relation to matters such as your consent and preferences, and for customer service cases handling;
7. analysing your use of our site and developing improvements to our products / services and the App;
8. market research purposes, which may be done using email, telephone or mail; and
9. preventing abuse of onboarding discounts.

How do we collect your data?

We collect Data in the following ways:

Data provided to us by you:

• when you contact us through the App, by post or by e-mail;
• when you elect to receive marketing communications from us;
• when you use our services;
• when you contact our customer service support;
• when you enter a competition, promotion or survey;
• when you decide to send an invoice to yourself;

Data to be provided to other sources in order to use our services:

• checkout.com (payment gateway)
• Gnatta (Customer Service Support)
• GooglePay
• ApplePay
• Google Analytics
• Yoti (age verification for age-restricted products)

Data collected automatically:

• we automatically collect some information about your visit to the App. This information helps us to make improvements to App content and navigation, and may include your IP address, the date, times and frequency with which you access the App and the way you use and interact with its content.
• we will collect your Data automatically via cookies, in line with the cookie settings on your device. For more information about cookies, and how we use them on the App, see the section below, headed “Cookies Policy”.

How will we use your data?

We will only use your Data when the law allows us to. Most commonly, we will use your Data in the following circumstances:

• where we need to perform the contract we are about to enter into or have entered into with you
• where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
• where we need to comply with a legal obligation

Generally, we do not rely on consent as a legal basis for processing your Data, although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

We may use your Data from time to time for the following purposes on the basis that each is necessary for the purposes of performing a contract with you:

1. providing and managing your account;
2. providing and managing your access to this App;
3. supplying our products and services to you and providing you with customer support; and
4. to communicate with you concerning the performance of our contract with you.

We may also use your Data for the purpose of our legitimate interests as follows:

1. personalising and tailoring your experience on this App;
2. personalising and tailoring our products and services for you;
3. to assess your creditworthiness;
4. to screen our orders for compliance with our terms and conditions and to detect fraud;
5. to collect and recover money owed to us;
6. internal record-keeping in relation to matters such as your consent and preferences, and for customer service cases handling;
7. analysing your use of our site and developing improvements to our products / services and the App; and
8. market research purposes, which may be done using email, telephone or mail.

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best products and services you and the best and most secure experience and to manage risks in respect of our business. We will consider and balance any potential impact on you (both positive and negative) and your rights before we process your Data for our legitimate interests. We do not use your Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

We may also use your Data to comply with our legal and regulatory obligations.

We might also share your Data:

• with any regulatory authority or law enforcement agency that requests or demands it;
• to comply with laws or regulations, or for the purpose of legal proceedings.
• if you give us Data that’s wrong or we find out (or think) you’re responsible for fraud. In these circumstances we might share your information with third parties such as law enforcement agencies, credit reference agencies and other affected third parties;
• if one of our partners who are processing information for us are compelled to do so by law; or
• if there’s an emergency and we think you or other people are at risk.

If you are not satisfied with our processing of your Data, you have the right to object in certain circumstances (see the section headed “What are your data protection rights” below).

What happens if you do not provide your Data?

Where we need to collect Data by law, or under the terms of a contract we have with you, and you fail to provide that Data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with products or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

How long do we store your Data?

Unless a longer retention period is required or permitted by law, we will only hold your Data on our systems for the period reasonably necessary to fulfill the purposes outlined in this Privacy Policy or until you request that the Data be deleted. Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes. We may retain your Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for Data, we consider the amount, nature and sensitivity of the Data, the potential risk of harm from unauthorised use or disclosure of your Data, the purposes for which we process your Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Keeping Data secure

We will use technical and organisational measures to safeguard your Data, for example:

1. the access of your account is controlled by a password and a user name that is unique to you; and
2. the storage of your Data on secured servers.

Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us via this e-mail address: privacy@in-five.co.uk.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

Marketing

We may use your Data to form a view on the products and services that might be of interest to you. This is how we decide which products, services and offers may be relevant for marketing to you.

You will receive marketing communications from us if you have requested information from us or purchased products or services from us and you have not opted out of receiving that marketing.

We will obtain your express opt-in consent before we share your Data with other members of our corporate group and our partner companies for marketing purposes.

We may contact you by email, telephone, text message or post for these purposes.

If you have agreed to receive marketing, you may always opt out at a later date.

You have the right at any time to stop us from contacting you for marketing purposes or giving your Data to other members of our corporate group and partner companies.

If you no longer wish to be contacted for marketing purposes, please contact us via this e-mail address: privacy@in-five.co.uk.

What are your data protection rights?

Our Company would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – the right to request (i) copies of the Data we hold about you at any time, or (ii) that we modify, update or delete such Data. If we provide you with access to the Data we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive.” Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.

The right to rectification – You have the right to request us to correct any Data we hold which you believe is inaccurate or incomplete.

The right to erasure – You have the right to request us to erase your Data, under certain conditions.

The right to restrict processing – You have the right to request us to restrict the processing of your Data, under certain conditions.

The right to object to processing – You have the right to object to processing of your Data, under certain conditions.

The right to data portability – You have the right to request that we transfer the Data that we hold to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you.

To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: privacy@in-five.co.uk.  Please note that we will need to receive satisfactory proof of your identity should you exercise your rights.

It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.

Transfers outside the United Kingdom

Data which we collect from you may be stored and processed in and transferred to countries outside of the UK. For example, this could occur if our servers are located in a country outside the UK or one of our service providers is situated in a country outside the UK.  We also share information with our group companies, some of which are located outside the UK.

We will only transfer Data outside the UK where it is compliant with Data Protection Laws and the means of transfer provides adequate safeguards in relation to your data, e.g. by way of data transfer agreement, incorporating the current standard contractual clauses adopted by the relevant data protection authorities.

To ensure that your Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties we share your Data with. This ensures your Data is treated by those third parties in a way that is consistent with the Data Protection Laws.

Links to other websites

This App may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This Privacy Policy does not extend to your use of such websites. You are advised to read the Privacy Policy or statement of other websites prior to using them.

Changes of business ownership and control

Shoalter Automation (UK) Limited may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Shoalter Automation (UK) Limited. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy and in accordance with the Data Protection Laws, be permitted to use the Data for the purposes for which it was originally supplied to us.

In the above instances, we will take steps to ensure your privacy is protected.

General

You may not transfer any of your rights under this Privacy Policy to any other person. We may transfer our rights under this Privacy Policy where we reasonably believe your rights will not be affected.

If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Policy will not be affected.

Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.

This Privacy Policy will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Privacy Policy will be subject to the exclusive jurisdiction of the English and Welsh courts.