This policy will advise you on how Reboot collects and processes your personal data via this website including purchasing a product/service or when you sign into the client area. Please note this website is not intended for children and we do not knowingly collect data related to children.
Please ensure you read this Policy so that you are fully aware of how and why we use your data.
Controller: Reboot Online Marketing Ltd is the data controller and responsible for your personal data. For EU data protection purposes our ICO registration is A8292890. If you need any further information about this Privacy & Security Policy including any requests to exercise your legal rights please contact the Data Privacy Manager using the details below:
Old Barn House
Tel: 0203 397 1948
In the first instance we would appreciate you contact us with any initial concerns or complaints. However you have the right to make a complaint to the Information Commissioners Office (ICO) which is the UK supervisory body for data protection issues. Full details can be found here: https://ico.org.uk/.
Changes to the privacy notice
This data protection law in the UK will change on 25th May 2018 and this Policy is updated in line with the new law.
Third Party Links
Our website may have links to 3rd party websites, plug-ins and applications. Clicking on these links may allow 3rd parties to collect or share data about you. We do not control these 3rd party websites and Reboot are not responsible for their Privacy Policies.
2. Data we collect about you
Personal data covers any information about an individual from which that person can be identified. It does not include anonymous data where the identity has been removed.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together including:
- Identity Data including first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect and use Aggregated Data such as statistical or demographic data for any purpose.
Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
We do not collect Special Categories of personal data including race, sexual orientation, health, genetic, religious beliefs or information about criminal convictions/offences.
3. How is your personal data collected?
Different methods of data collection we use include:
Direct correspondence/interaction – filling in forms, post, phone, email or otherwise. This includes personal data you provide when you apply for our services/products, create an account on our website, subscribe to services, request marketing to be sent to you, enter a survey/competition or give us feedback.
Information collected automatically – as you browse our website we may automatically collect data about your equipment, browsing patterns, IP address, device type and browsing actions. This data is collected via cookies, server logs and other methods. We may also receive technical data about you if you visit other websites using our cookies.
Information from 3rd parties - We may also receive personal data about from other sources including analytics providers, affiliate/advertising network providers. This information will be used to supplement the personal data we already hold about you to better improve our services.
4. How we use your personal data
Your personal data will only be used where the law allows. The main purposes we will use your personal data for is:
- Where we need to perform a contract we are about to or have entered into with you.
- Where it is needed for our legitimate interests (or those of a 3rd party) and your interests/rights do not override those interests.
- Where we need to comply with legal or regulatory obligation
Please note that you have the right to withdraw consent to marketing any time by contacting the data controller. If we don’t collect your personal data we may be unable to provide all our services and functions on our website may not be available to you.
Listed are the ways we may use your personal data and the lawful bases for doing so
Communication – Providing you with info you’ve requested from us or information we are required to send to you. Operational communications such as changes to our website or services, security updates, assistance with our website and/or services
Marketing – in accordance with your marketing preferences
Feedback – research or feedback from you
Support –This may include assisting with the resolution of technical issues relating to the website or services
To enhance our website and services – such as monitoring your use of websites and services so that we can enhance user experience.
Protection – To allow us to detect any fraudulent or malicious activity and to ensure everyone is using our website or services fairly.
Report – We may use personal data we collect to produce anonymised analytics and reports, which we may share publicly with 3rd parties.
We may need to share your personal data with the parties below:
Internal 3rd parties
External 3rd parties – listed below
3rd parties to whom we may sell, transfer, merge with may use your personal data in the same way as noted in this policy
We do not allow 3rd parties to use your personal data for their own purposes.
|NAME||SERVICE TYPE||DATA PROCESSED|
|Rocket Chat||Live Chat||Internal messaging which may include customer name/email|
|Xero Ltd||Accounts||Customer details such as name/address|
|Cloud software||Instances of customer name/email|
|Nominet||Domain Software||Customer name/address/email|
|DropBox||Cloud Storage||Instances of customer name/email|
|RoboForm||Software||Instances of customer name/email|
6. International Transfers
When we share data it may be transferred and processed in countries other than where you reside and outside the European Economic Area (EEA). These countries may have differing laws and we will endeavour to put safeguards in place to ensure your personal data remains protected under binding corporate rules.
7. Data Security
Reboot are committed to protecting your personal data and have the necessary technical measures in place to ensure this happens. Procedures have been put in place to deal with any breaches of data.
8. Data Retention
We will only keep your personal data for the duration necessary to fulfil the purposes we collected this for such as legal or accounting. Legally we are required to keep basic information about our customers past or present, for 6 years for HMRC. Following this period we will make sure it is deleted or anonymised.
9. Your Rights
You have certain rights to your personal data. If you do not wish to receive marketing communications from us you can follow the unsubscribe instructions contained in the communication.
You have rights to:
Know what personal data we hold about you and request a correction of data
Request a copy of your personal data
Restrict processing your personal data or delete it
Object to us processing your personal data
Please let us know via email if you wish to exercise any of your rights above to firstname.lastname@example.org
Please note that as a security measure we may need to request specific information from you to confirm your identity prior to you exercising your rights.
We will do our best to respond to legitimate requests within 28 days, however for more complex enquiries this may take longer.