Data Privacy Notice
Your data and privacy are important and we will handle them securely, fairly and in accordance with applicable laws at all times.
We comply fully with the General Data Protection Regulation (GDPR) and this Privacy Notice tells you about the data we collect and how we store and use it.
This is a general privacy policy for individuals using the website and applies to private individuals with whom we do not have a contract or other legal agreement. If you are an employee or acting as a representative of another company or institution with whom we have a contract or legal agreement, then your employee policy may supercede specific parts of this policy.
We do not use your data for marketing purposes and will never sell, lease, loan or otherwise share your personal information with any third party unless otherwise stated in this document.
This document is intended to help you understand what personal information we collect, how we process it, where it is stored and how you can access or request deletion of your personal data.
By accessing, registering for, logging into, or performing any other action on this website (or any of its sub-domains), also known as 'the system', you agree that it is okay for us to process your information and personal data in accordance with the terms of this Privacy Policy.
If you disagree with any of the terms in this policy then you must cease use of the website.
Data Controller
Flint Innovation Ltd is a Data Controller with a registered address of: 3rd Floor Office, 207 Regent Street, London, England, W1B 3HH
Flint Innovation Ltd is registered with the Information Commission Office, registration number: ZB692197
Your Data
In this policy, Personal Data means any data held on our systems that directly or indirectly identifies an individual. This includes information that you have entered onto the system or have granted access to via a third-party.
We may also collect Personal Data about you in relation to how you use your account, i.e. where you are logging in from, how often you log in and what specific features you routinely use. This helps us to tailor your user experience and enhance security.
We comply with all relevant legislation including the current UK GDPR.
We do not collect or process special categories of Personal Data, as defined under GDPR.
This service is intended for persons over the age of sixteen and we do not knowingly collect or solicit Personal Data pertaining to children. If it is found that we have collected data for anyone under the age of sixteen, that data will be deleted as quickly as possible.
Information You Provide
This includes the Personal Data you provide, or somebody else provides on your behalf when completing any of the following activities:
-
Registering a new account.
-
Submitting information or uploading data via any form within the system.
-
Initiating a support request.
-
Contacting us via any means from within the system.
Information We Collect
We also collect some information about how you use the system to help us deliver a more customised user experience, identify trends and improve security. Some of this data may be 'Personal Data', in cases where it can be used to identify a person. Here is the information we collect and how it is used:
-
Login dates and IP addresses - This allows us to understand how the system is used and identify unusual behaviours.
-
Account usages statistics - This includes; how much time spent on the system and the features used. This allows us to understand how the system is used and guides future improvements.
-
User agent - This includes the device or browser you are using. This helps us to improve our system for use on different devices.
Information Provided by Third-Parties
In some cases we may receive Personal Data that has been passed to us by a third-party such as your employer, an agent or other representative.
Other Data
In addition to Personal Data you may also enter Financial Data into the system. This can include invoices, estimates, and related information.
-
This information is required for the system to provide the functionality expected of it.
-
This information will be treated similarly to Personal Data, and never shared with any third party.
-
In order to safeguard your information we ask that you take care to ensure your password remains private and take all reasonable steps to protect your account from unauthorised access. This includes enabling multi-factor authentication on your account.
What We Do Not Collect
We never directly collect or store payment card information on our servers.
How We Use Your Data
To Provide A Service
-
Your data will be used to provide the service in a secure and reliable manner.
-
Your data will be used for facilitating access to the system.
-
Your data will be used to help administer your account and deal with support requests.
-
We may send you non-promotional notifications to update you on specific activity or events in your account.
Cookies
We rely on the use of internet cookies to track user sessions and to store data that is required to use the system. By accessing the website and its sub-domains, you consent to the use of cookies for the aforementioned purposes. If you do not agree to this then we must advise you to cease using any of the services provided.
Sharing Your Data
We have a legal obligation to share data in response to properly made requests from:
-
Law enforcement agencies - for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires us to, such as in response to a court order or other lawful demand or powers contained in legislation.
-
Regulatory bodies such as the Information Commissioner's Office (ICO) and Ofcom.
Keeping Your Data Secure
-
All communication with our servers is performed over an encrypted connection.
-
All accounts are provided with a multi-factor authentication facility.
Data Ownership
You own all of the data you enter into the system.
Your Rights
-
Right to Erasure - You have the right to request that your Personal Data is deleted (notwithstanding those exemptions allowed under GDPR and the current UK DPA).
-
Right to Rectification - You have the right to request that any incorrect Personal Data we hold about you is corrected, if that information is inaccurate or incomplete.
-
Right to Data Portability - You have the right to request a machine readable export of all Personal Data we hold about you.
-
Right to Object - In certain circumstances you may object to our processing of your personal data.
-
Right to restrict processing - You can request that we restrict the processing of personal data we hold about you in certain circumstances.
-
Right to lodge a complaint - You have the right to make a complaint about our data processing activities to a supervisory authority. In the UK this is the Information Commissioner's Office (ICO). Further details can be found on their website at https://ico.org.uk.