Customer privacy policy

BOON

CUSTOMER PRIVACY POLICY

Current as of June 16 2020

BOON ONLINE LIMITED (“we”, “us”, “our”) are committed to protecting and respecting your privacy.

This policy applies to the customers (“Customers”) of our personalisation services (“Services”), such as BOON Spotlight, who enter into a subscription agreement with us.

This privacy policy (“Privacy Policy”) and any other documents referred to herein, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By entering into a contract with us, you are accepting and consenting to the practices described in this Privacy Policy.

DATA CONTROLLER

For the purposes of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, (“GDPR”), the Data Protection Act 2018 and any applicable national implementing laws, regulations and secondary legislation relating to the processing of personal data (together “Data Protection Law”), the data controller is BOON ONLINE LIMITED of Office 7 35-37 Ludgate Hill, London, EC4M 7JN, United Kingdom and we confirm that we have a data protection officer (“DPO”) who can be contacted as set out at the end of this Privacy Policy.

We collect and use the personal data described below in order to fulfil our contractual obligations with you, and to facilitate the provision of our Services. We also collect and use personal data:

To the extent we process your personal data for any other purposes, we ask for your consent in advance or require that our partners obtain such consent.

INFORMATION WE MAY COLLECT FROM YOU

We may collect and process the following information about you:

Information you give us. You may give us the following information when you by fill in forms on our websites (“Sites”) or correspond with us by phone, email or otherwise. This includes information you provide when you use our Sites, apps, subscribe to our services (“Services”) or newsletter, search for a product, place an order on our Sites, participate in discussion boards or other social media functions on our Sites, enter a competition, promotion or survey, and when you report a problem with our Sites or Services.

Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected from you as our Customer.

Information we collect from other sources: We also collect information about you from publicly available sources. We may combine this information with personal data provided by you. This helps us update, expand, and analyse our records, identify new customers, and create more tailored advertising to provide services that may be of interest to you. We also use this for the purposes of targeted advertising, delivering relevant email content, event promotion and profiling, determining eligibility and verifying contact information.

The Personal Data we collect includes:

Information collected by third parties. We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

USES MADE OF THE INFORMATION

We use information held about you in the following ways.

Information you give to us. We will use this information:

Information we collect about you. We will use this information:

Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

We will not sell or rent your personal data to anyone.

DISCLOSURE OF YOUR INFORMATION

Information we share with third parties. We may share your information with selected third parties including:

Information we disclose to third parties. We may disclose your personal data to third parties:

WHERE WE STORE YOUR PERSONAL DATA

Our infrastructure is global and your information (including personal data) may be stored and processed in any country where we have operations or where we engage service providers, and we may transfer your information to countries outside of your country of residence, which may have data protection rules that are different from those of your country of residence.

The personal data that we collect from you may therefore be transferred to, and stored at, a destination outside the European Economic Area (“EEA”) or the UK. It may also be processed by staff operating outside the EEA or UK who work for us or for one of our suppliers or partners. Such staff or subcontractors may be engaged in, among other things, the fulfilment of your order, the processing of your payment details or the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing outside of the EEA or the UK.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy. In particular, this means that your personal data will only be transferred to a country that provides an adequate level of protection (for example, where the European Commission has determined that a country provides an adequate level of protection) or where the recipient is bound by standard contractual clauses according to conditions provided by the European Commission (“Standard Contractual Clauses”).

Our Sites and Services are accessible via the internet and may potentially be accessed by anyone around the world. Other users may access the Sites or Services from outside the EEA or the UK. This means that where you chose to post your data on our Sites or within the Services, it could be accessed from anywhere around the world and therefore a transfer of your data outside of the EEA or the UK may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.

PROTECTION OF YOUR INFORMATION

All information you provide to us is stored on our secure servers. Any credit card information or payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of the Sites or Services, you are responsible for keeping this password confidential. We ask you not to share any password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will endeavour to protect your personal data, we cannot guarantee the security of your data transmitted to our Sites or the Services. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Our Sites, Services and correspondence may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

YOUR RIGHTS

You have the right under Data Protection Law, free of charge, to request:

You can make a request in relation to any of the above rights by contacting us as set out at the end of this Privacy Policy. We will respond to such queries within 30 days and deal with requests we receive from you, in accordance with the provisions of Data Protection Law.

MARKETING COMMUNICATIONS

We will send you marketing emails if you “opt in” to receive marketing emails when registering on our Sites, or if you have enquired about, or purchased any of our goods or services.

Please note that, if you change your mind about being sent marketing emails you can “opt out” at any time by clicking the “unsubscribe” link at the bottom of any marketing email, or by replying to a message with the subject “UNSUBSCRIBE” if no such link exists. Once you “opt out”, you will no longer receive any marketing emails from us. We will continue to communicate with you regarding your service billing and support via email.

We send push notifications from time to time in order to update you about any service updates, events and promotions we may be running. If you no longer wish to receive these communications, please disable these in the settings on your device.

DATA RETENTION

We retain personal data for as long as necessary for the relevant activity for which it was provided or collected. This will be for as long as we provide access to the Sites or Services to you, your account with us remains open or any period set out in any relevant contract you have with us. However, we may keep some data after your account is closed or you cease using the Sites or Services for the purposes set out below.

After you have closed your account or ceased using the Sites, we usually delete personal data, however we may retain personal data where reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, maintain security, prevent fraud and abuse, resolve disputes, enforce our Terms and Conditions, or fulfil your request to “unsubscribe” from further messages from us.

We will retain de-personalised information after your account has been closed.

Please note: After you have closed your account or deleted information from your account, any information you have shared with others will remain visible. We do not control data that other users may have copied from the Sites or Services. Your profile may continue to be displayed in the services of others (e.g. search engine results) until they refresh their cache.

COMPLAINTS

If you have any complaints about our use of your personal data please contact us as set out at the end of this Privacy Policy or contact your data local protection supervisory authority:

*From the 01/01/2021: For all individuals located in the EU, your local data protection supervisory authority in the country in which you are located.

AGE OF USERS

Our Customers must not be under the age where parental consent is required in the jurisdiction in which you are located.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.

This Privacy Policy was last updated on June 16 2020 and this version replaces any other Privacy Policy previously applicable from this date.

CONTACT

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to us by email at: [email protected]