The type of personal information that we will collect from you, and you voluntarily provide to us on this website or as part of a service or product we provide to you may include some or all of the following:
Identity Data includes first name, maiden name, last name or similar identifier, title, date of birth and gender. (Business owners/ sole traders/ partnerships)
Contact Data includes billing address, delivery address, email address and telephone numbers.
Financial Data includes bank name, sort code and account number, payment card details, VAT number.
Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this site.
Profile Data includes any purchases or orders made by you, your interests, preferences, feedback, and survey responses.
Usage Data includes information about how you use our site, products, and services.
Marketing Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Communications data including emails, telephone calls and post which you receive from us or send to us, and your preferences in receiving information and being contacted by us.
We use your personal data to provide the features of the website and the services you request
When you use our website or platform, we will use your personal data to provide the requested product or service. For example, if you make an enquiry on our website, or participate in an event or promotion, we will use the contact information you give us to communicate with you about the enquiry, event, or promotion. If you contact our customer services, we will use information about you, such as enquiry or payment information, or the service you have purchased to help you resolve a problem or question.
We use your personal data to establish you as a Rvvup customer
If you sign an agreement to become a Rvvup customer, we will need to collect and verify information about you and other relevant individuals to set up our products and services for you, including to provide you with support, onboarding, and integration to our platform.
To conduct KYC and Fraud Prevention checks
The personal data we’ve collected from you at agreement or at contract stage will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your or any of your related persons’ identity. If fraud is detected, you could be refused certain services.
When we and/or the fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in verifying your identity and preventing fraud and money laundering, to protect our business and to comply with legal obligations. Such processing is also a contractual requirement of the services requested. We and/or the fraud prevention agencies may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.
To Operate, Improve and Maintain our Business, Products and Services
We use the personal data you provide to us to operate our business. For example, when you make a purchase, we use that information for accounting, audits, and other internal functions. We may use personal data about how you use our products and services to enhance your user experience and to help us diagnose technical and service problems and administer our platform.
To Protect Our or Others' Rights, Property or Safety
We may also use personal data about how you use our website to prevent, detect, or investigate fraud, abuse, illegal use, violations of our Terms of Use, and to comply with court orders, governmental requests, or applicable law.
To Communicate Information about our Products, Services, Events and for Other Promotional Purposes
When you consent, we will send you marketing communications and news concerning Rvvup products, services, events, and other promotions. You can opt-out at any time after you have given your consent. If you are an existing customer of Rvvup (for example, if you are a service user), we may use the contact details you provided to send you marketing communications about similar Rvvup products or services, where permitted by applicable law (unless you have opted out).
To process transactions / provide our services
In basic terms Rvvup securely manages the payment process for you which includes handling your customers payment information, gaining authorisation for the payment, contacting the card providers and banks involved.
To process your personal data, we rely on certain lawful basis, depending on how you interact with our website, platform, or services. If we do process your personal data, we may use one or more of the following lawful basis for processing:
As necessary to perform our contract with you for the relevant product, or service, including:
As necessary for our own legitimate interests or those of other persons and organisations, including:
As necessary to comply with a legal obligation, including:
Based on your consent, including:
We do not sell your personal data.
We may share your personal data with other organisations in the following circumstances:
We use plugins on our website from social media networks such as Facebook, LinkedIn, and Twitter. You can recognise these plugins by their logos. Our plugins will not collect personal data about you unless you click on these logos. If you click on them, these plugins are activated and automatically transmit data to the plugin provider.
We do not have any influence over which data these providers collect from you. If you would like more information about their data processing, this can be found in the respective privacy policies on the websites of these providers.
We use cookies and similar techniques, such as tags/beacons and JavaScript’s, which are small text files stored on your device. Using cookies is a way for us to make sure that our website is continuously improved, meets your needs and can be used as a tool to optimise our marketing strategy. For us to do this, we place functional cookies to make the website function as well as marketing cookies which help us target the right people and show them advertisements. Some of these cookies track your use of our website and visits to other websites and allow us to show you advertisements when you browse other websites.
Please view our Cookie Policy for more information on our use of cookies.
The Right to be Informed about our collection and use of personal data
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website privacy notice. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.
Right to Access Your Personal Information
You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.
We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.
If you would like to exercise this right, please contact us as set out below.
Right to Correction Your Personal Information
If any of the personal information we hold about you is inaccurate, incomplete, or out of date, you may ask us to correct it.
If you would like to exercise this right, please contact us as set out below.
Right to Stop or Limit Our Processing of Your Data
You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.
You can ask us to restrict processing your data, for example where:
If you would like to exercise this right, please contact us as set out below.
Right to Erasure
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances. Where the right doesn’t apply, we’ll let you know why we can’t action your request.
This right may be applied where:
If you would like to exercise this right, please contact us as set out below.
Right to Portability
The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used, and machine-readable format. It also gives them you the right to request that a controller transmits this data directly to another controller.
If you would like to exercise this right, please contact us as set out below.
For more information about your privacy rights
The Information Commissioner's Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as Rvvup are available publicly.
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we must keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for seven years after they cease being customers for tax purposes.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further policy to you.
Our carefully selected partners and service providers may process personal information about you on our behalf as described below:
Digital Marketing Service Providers
We periodically appoint digital marketing agents to conduct marketing activity on our behalf, suchactivity may result in the compliant processing of personal information. Our appointed dataprocessors include:
(i) Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io. Sopro are registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at: dpo@sopro.io.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. Platforms, systems, and facilities in which personal data are processed are protected by secure network architectures that contain firewalls and intrusion detection devices.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted, using SSL technology and by using vendors compliant with PCI DSS requirements. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
The personal data that we hold about you will be stored in the UK and the European Economic Area (EEA). In limited circumstances may also be transferred to or stored at a destination outside the UK or EEA.
If we transfer your data to third party service providers based outside the EEA, we ensure a similar degree of protection is provided to the transfer by ensuring at least one of the following safeguards is implemented:
We will make sure we meet any future requirements the UK or the EU provide following the UK’s exit of the EU, including (but not limited to) the legal safeguards discussed above.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this policy, the way your personal information is processed, please contact us by one of the following means:
Rvvup Ltd, FAO Data Protection Officer (DPO)
7, Savoy Court, London, WC2R 0EX
dataprotection@rvvup.com
Contact: +44 20 8164 2736