This privacy policy, together with our Privacy Notice, sets out the basis on which any personal information we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Who are we?

Bespoke Technology Labs Limited is a company incorporated in England and Wales (number 12526945). We have our registered office at C/O Rose Mount, Bleadon Hill, Weston-Super-Mare, England, BS24 9JT.

For the purposes of data protection, we are the data controller and responsible for your personal data (collectively referred to as “we”, “us” or “our” in this privacy policy).

Our chief technical officer is responsible for our data protection compliance.

Collection and Use of your personal data

Where you use our website, apps, products, and services as a personal or business entity, we will collect the following data about you:

  • Information that you provide in connection with your account. We use this information to control access to our products/services and your materials, provide you with support, administer your account, collect any payments which may be due and address any complaints you may submit. We do this on the basis of our legitimate interests in order to perform the contract we have with you, your employer, or educational institution. If you don’t provide this information, we may not be able to provide our services to you and/or handle any complaints.
  • Information we collect through our products and services. The time you open your account; when and how you use our products and services; information about the device you use (including its type, its software, location/traffic data, the network you use, and the unique IP address associated with your connection to the internet).

    We use this information:

    1. To control access to our products/services and your materials, make our products and services work the way they should, provide you with support, identify and fix problems, administer your account and collect any payments which may be due. We do this on the basis of legitimate interests in order to perform the contact we have with you, your employer, or educational institution. If you don’t provide this information, we may not be able to provide our services to you.
    2. To help us understand how you use our apps and website, test and improve our apps and website, and develop new features and new apps - we have a legitimate interest in ensuring the proper running and operation of our apps and website and in developing new products and services.

    3. To prompt you to use our products and services - we have a legitimate interest in promoting our business this way.
    4. To monitor your compliance with our licence and user terms - we have a legitimate interest in ensuring that our products and services are used properly and are paid for when they should be.
    5. Where you are when you use our products and services. We sometimes store this information to tag your user content as part of the functionality of our products - this is necessary for the performance of the contract we have with you. If you don’t provide this information, we may not be able to provide our services to you. We also record the search terms you use within our products/services and your response to the search results, but this information is not stored in a form that associates it with you: it is combined with similar information collected from other users and we use the combined information to provide a richer user experience to all users.
    6. When you upload material to our products and services, it may contain personal data of those featured in the content, and we will process this to the extent necessary to provide you with our services. We will also share the data with various third parties as outlined below. We do this on the basis of our legitimate interests in order to perform contract we have with you, your employer, or educational institution.

      In relation to the processing of uploaded material, we will do this on the basis of a data processor, processing on behalf of you, your employer, or educational institution. If you do not have permission to share this data, please contact your employer, or educational institution in the first instance to enforce your rights in relation to this data.

Where we store your personal data

We use global cloud services in order to provide our services to you.

Where personal data is transferred outside of the European Economic Area (“EEA”) to the USA, we ensure a similar degree of protection is afforded to it by ensuring the transfer is subject to one of the following safeguards:

  1. The company the personal data is transferred to is part of the EU-US Privacy Shield; or
  2. We will have an enforceable agreement with the service provider containing data protection clauses approved by the EU Commission. The relevant terms are available on request.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our products/services; any transmission is at your own risk. Once we have received your information, we use strict procedures and security features to mitigate and prevent unauthorised access.

Data Security

We have appropriate security measures in place to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

Disclosure of your information

Our staff will have access to your personal information. We have a legitimate interest in having our IT services provided and supported by third parties and all these people will have signed confidentiality agreements which only permit them to use your personal information for the purpose of performing their duties for us or as required by law.

We will share personal information with law enforcement or other authorities if required by applicable law.

We may disclose your personal information to other parties such as prospective buyers of our business. The recipient of the information will be bound by confidentiality obligations.

Your rights

You can change your privacy settings and preferences in relation to direct marketing within your account.

You have a right to:

  1. Ask us for a copy of your personal information;
  2. Ask us to provide some of it in a structured, commonly used and machine-readable form;
  3. Ask us to correct it if it is wrong and to complete it if it is incomplete;
  4. Ask us for details of how and why we process it, the legal basis for that processing, and who we have shared it with or will share it with;
  5. Object to how we process it;
  6. Ask us to restrict our processing - while we consider your request to have it corrected, for example.

We will deal with requests and objections in accordance with the General Data Protection Regulation as it applies in the UK, which means that we are required to respond within one month. Our contact details are set out below.

You have the right to complain to the Information Commissioner’s Office about our processing of your personal information or our response to your requests and objections. The Information Commissioner’s Office may be contacted at https://ico.org.uk/concerns.

We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Cookies

Our products and services store very small amounts of information - known as ‘cookies’ - on your device.

We use two types of cookies:

  1. First-party cookies; only we can read these. We use them to recognise you when you return to our products and services and to record your actions and preferences in them, so that you see text in your preferred language and generally have a more personalised experience. We also share this information with Google: they use it to provide us with a statistical view of user behaviour on our products and services, which we use to improve our products and services.
  2. Third-party cookies; by using our products and services, you may also receive certain third party cookies on your computer or device. Third party Cookies are those placed by websites, services, and/or parties other than us.

Further information regarding this can be found in our Cookie Policy.

You can prevent cookies from being stored on your device by changing your device settings, although blocking first-party cookies may prevent our products and services from working properly. We suggest you open the ‘help’ function on your device and search for “cookie settings” to see how to do this. You can use the same procedure to allow cookies to be stored again if you change your mind.

Marketing

We would like to send you information about our products which may be of interest to you.

We will send email marketing to you where:

  1. we have your consent to do so; or
  2. it is in our legitimate interest to do so - which is when you have bought a product from us already and we offered you the opportunity to unsubscribe at the time.

In all circumstances you will have the option to unsubscribe from direct marketing and can do this by clicking the “unsubscribe” link in our emails.

Payment Gateway

When you pay for a subscription to our products and/or services, or for a purchase you make through our products and/or services, you will be taken to a secure website operated by a reputable and regulated payment processor. Your payment card details will be collected and processed by that company. The only payment card information we will receive is the last four digits of your 16-digit card number.

Data Retention

We will keep your personal information while you have an account with us or we are providing services to you. Thereafter, we will keep your personal information for as long as is necessary:

  1. to respond to any questions, complaints, or claims made by you or on your behalf;
  2. to show that we treated you fairly;
  3. to keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this policy and will retain data in accordance with our retention policy. Different retention periods apply for different types of personal information. Please get in touch for further information. When it is no longer necessary to retain your personal information, we will delete or anonymise it.

Changes to this policy

This privacy policy was published on 19th May 2018 and last updated on the date stated at the bottom of the page.

We keep our polices under regular review to make sure they are kept accurate and up to date.

If we change our policies from time to time, we will post the details of any changes here. We may also take reasonable steps to notify you if such changes affects how your personal data is processed.

Contact

If you wish to exercise your rights under the EU General Data Protection Regulation (EU GDPR), or have any queries in relation to your rights or general privacy matters, please email us at legal@bespoke.dev.

For questions from non-EU countries please contact us by post or email if you have any questions about this privacy policy or the information we hold about you.

Our contact details are shown below:

legal@bespoke.dev
+44 (0) 330 043 2085

Bespoke Technology Labs Ltd
C/O Rose Mount
Bleadon Hill
Weston-Super-Mare
England
BS24 9JT

Last Updated on 7th February 2023.