Dated: 7th of November 2017
PLEASE READ THIS POLICY CAREFULLY
Protecting your data, privacy and personal information is very important to HulloMail Limited (“our”, “us” or “we”).
When using the Another Number mobile application software and any updates or supplements to it (“App”) and/or any of the services offered via the App (the “Services”), you will be asked to indicate your acceptance of and consent to the practices described in this policy.
Information we may collect
We may collect and process the following data about you:
- Information that you provide to us. When using the Services, you will be asked to provide us with your information when you:
- register to use our Services;
- fill in forms on the App, or correspond with us by phone, email or otherwise;
- report a problem with our App or the Services; or
- complete any surveys we ask you to fill in that we use for research purposes (although you do not have to respond to these if you do not want to).
The information you will be asked to provide to us for these purposes may include your name, email address and mobile phone number.
- Information we collect about you. We may automatically collect the following information:
- device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information when you download or use the App; and
- details of your visits to the App and uses made of the Services.
- Information we receive from other sources. When using our Services, we will be in contact with third parties who may provide us with certain information about you in order to enable your use of the Services. This includes information provided by communications providers when you make and receive voice calls or text messages. If you are a user of the ‘Another Number Team’ Service, we may have received information about you (including your name and mobile telephone number) from the “Team Administrator”.
- Information we may collect about others. We may collect and process data about others that you provide us with, including (but not limited to) information that you provide to us by email or provide when using the Services. This information might include, but is not limited to, the telephone numbers of other individuals. If you are a “Team Administrator”, you will be asked to provide information about Team users to enable them to use the Service.
You must have obtained clear permission from the individuals whose data you provide us with before sharing that data with us.
- Information we receive from your use of the Services. When you use the Service, we may collect and process data about you and others that is contained in text messages, instant messages, voicemails and other electronic communications.
How we use your information.
We use information held about you (and information about others that you have provided us with) in the following ways:
- to provide you with access to our App and any other information which you request from us;
- to provide you with the Services;
- to ensure you receive information relevant to you;
- for marketing, provided always that we: (i) only use aggregated and anonymised data; or (ii) only engage in direct marketing for products and/or services provided by us that we believe will be of interest to you and only where you have explicitly consented to this;
- to ensure the content on our App is presented in the most effective manner for you and your computer or mobile device;
- to administer our App and for internal operations, including research, data analysis and data statistics; and
- to notify you about changes to our Services.
Except as expressly stated in this Policy, we will not sell your personal data (or any other data you provide us with) to third-parties, unless such data has been anonymised and/or aggregated.
Where we store your personal information
The personal data that we collect from you (including email addresses that form part of our prospective marketing database) may be transferred to and stored at a destination outside of the European Economic Area (“EEA”), including the USA. This data may also be processed by staff operating outside of the EEA who work for us or for one of our business partners or service providers.
Your passwords are stored on our servers in encrypted form. We do not disclose your account details, postal or email addresses to anyone except when legally required to do so.
It is your responsibility to keep your password secure. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent any unauthorised access.
Disclosure of your information
We may disclose your personal information to our service providers and business partners, including to:
- other communications providers (to enable calls or text messages to be sent);
- transcription providers (to enable the transcription of voicemails from audio to text); and/or
- a member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may also disclose your personal information to third parties in the following circumstances:
- if we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets;
- if HulloMail Limited or substantially all of its assets are acquired by a third party, personal information about our customers will be one of the transferred assets; or
- if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of our customers, us or other third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
How long we retain your personal data
We will hold the above information for as long as is necessary in order to provide you with the Services, deal with any specific issues that may raise, or otherwise as is required by law or any relevant regulatory body. Once your account is terminated or deactivated, we shall delete the personal data relating to your account within 90 days. Some personal data may need to be retained for longer than this to ensure we can comply with applicable laws and internal compliance procedures, including retaining your email address for marketing communication suppression if you have opted not to receive any further marketing.
Under relevant data protection law, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at firstname.lastname@example.org.
You have the following rights in relation to your personal data:
- to request that we rectify your personal data where you believe the personal data we have is inaccurate or incomplete;
- to ask us to delete all of your personal data. Doing so will result in us deleting your personal data without undue delay (unless there is a legitimate and legal reason why we are unable to delete certain of your personal data, in which case we will inform you of this in writing);
- to ask us to stop processing your personal data at any time;
- to request that we provide you with a copy of all of your personal data and to transmit your personal data to another company in a commonly used and machine-readable format, where it is technically feasible for us to do so. We provide certain tools and reports for you to easily collate information which you submit whilst using our Services; and
- to lodge a complaint to a supervisory authority such as the Information Commissioner’s Office in the United Kingdom (see ico.org.uk).
We will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above; however, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests. Where we are required to provide a copy of the personal data undergoing processing this will be free of charge; however, any further copies requested may be subject to reasonable fees based on administrative costs.
Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use the Services, or at least those aspects of the Services which require the processing of the types of personal data you have asked us to delete, which may result in your university applications not being processed.
Where you request us to rectify or erase your personal data or restrict any processing of such personal data, we may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right.
Changes to this policy
For the purpose of the relevant data protection legislation, the data controller is HulloMail Limited (company no. 06504172), with registered address at 14 East Bay Lane, Here East, Queen Elizabeth Olympic Park, London, E15 2GW, United Kingdom.
Our data protection officer is Chris Davis.