- Our website is not intended for children. We do not knowingly collect or maintain the personal information of children under the age of 13. If you are under the age of 13, please do not access our website at any time or in any manner. We will take appropriate steps to delete the personal information of persons under the age of 13.
- We are a company registered in England.
- You can contact us as follows:
Address: 4th Floor, Sutton Yard, 65 Goswell Rd, London EC1V 7EN, UK
INFORMATION WE MAY COLLECT ABOUT YOU
We may collect information, including your name, address, email address, job title or position, the company you work for, billing addresses, bank account and payment details, recordings of telephone calls, technical data (IP address, login details, browser type and version, time zone setting and location, how you our website) as well as other details related to the services provided. We maintain all the collected information in a secure database. We also gather information about how visitors navigate our website by using data gathered with cookies.
HOW WE USE INFORMATION ABOUT YOU
LegUP is dedicated to providing you with the best possible service. We collect this information in order to:
- Provide services you request;
- Contact you about your order status;
- Identify your product preferences;
- Customise our communications to you;
- Send you promotional offers we think will be of interest to you;
- Carry out our internal analysis (e.g. market, customer and product analysis);
- Generally improve our customer service;
- Invite you to attend an event;
- Train our staff;
- Prevent and detect crime, including fraud.
WHO WE MIGHT SHARE YOUR INFORMATION WITH
- In connection with the purposes and on the lawful grounds described above and in addition to the recipients of your information as described above, we will share your personal information when relevant with third parties (who may be based both inside and outside the EEA) depending upon the circumstances such as:
- Our clients as part of the provision of our services to them;
- Our group of companies (i.e. our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006);
- Our service providers, suppliers, and business partners who we work with to deliver our business, such as providers of website development and hosting services; IT, system administration and security services; payment and banking services; identity verification, fraud prevention and detection services; recruitment services; and legal, accountancy, auditing, insurance and other professional advice services;
- Regulators and governmental bodies: HM Revenue & Customs, regulators, governmental bodies and other authorities who require reporting of processing activities in certain circumstances;
- Other third parties: any other third parties (including courts, law enforcement agencies and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law.
- We require third parties to maintain appropriate security to protect your information from unauthorised access or processing.
- If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.
- The names of the cookies used on our website and the purposes for which these cookies are used are set out in the table below:
HOW WE LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
- We operate a policy of “privacy by design” by looking for opportunities to minimise the amount of personal information we hold about you. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
- ensuring the physical security of our offices and other sites;
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption;
- maintaining a data protection policy for, and delivering data protection training to, our employees; and
- limiting access to your personal information to those in our company who need to use it in the course of their work.
- Whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can ever be guaranteed to be secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer over the Internet to us.
- We will retain your information for as long as is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, such as for the purposes of exercising our legal rights or where we are permitted to do. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION
- Our company is located in the UK.
- Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
- Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following transfer solutions are implemented:
- we will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, European Commission: Model contracts for the transfer of personal data to third countries; and
- where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
YOUR RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
- You have certain rights in respect of the information that we hold about you, including:
- the right to ask us not to process your personal data for marketing purposes;
- the right to request access to the information that we hold about you;
- the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
- the right to object to our using your information on the basis of our legitimate interests or those of a third party, and there is something about your particular situation which makes you want to object to processing on this ground;
- the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances;
- in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you; and
- the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence. If you have any concerns about the way we have processed your personal information, we request that you initially contact us (using the contact details above) so that we can investigate, and hopefully resolve, your concerns.
- Please note that we may need to retain certain information for our own record-keeping and research purposes.
- How to exercise your rights
- What we need from you to process your requests
- We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
- You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
- As a convenience to you, we may provide links to third-party websites from within our website (e.g. YouTube, BBC, Reuters). We are not responsible for the privacy practices or content of these third-party sites, and by providing a link we are not endorsing or promoting such third-party sites. When you link away from our website, you do so at your own risk. We encourage you to read the policies and terms of every website you visit.
- You should be aware that personal information which you voluntarily include and transmit online in a publicly accessible blog, social network or otherwise online may be viewed and used by others. We are unable to control such uses of your personal information, and by using such services you assume the risk that the personal information provided by you may be viewed and used by third parties.
CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES