Portify Privacy Policy

We at Portify care about your privacy. We collect and process personal information with your privacy in mind.

This policy describes how we collect and use your personal data when you contact us, use our services, and/or become a Portify user. It also outlines your rights and how to exercise them. Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it.

It is important that you read this policy before starting to use our services.

What is personal data

By personal data we mean identifiable information about you, such as your name, email address, gender, age, mobile and home telephone number, financial information, and your IP address.

Information we collect from you

We will collect and process the following data about you:

  • Information you give us: You may give us information about you by filling in forms on our website (the Site), our mobile application (the App), applying for a job with us, providing services to us , or otherwise by corresponding with us (for example, by e-mail or chat). It includes information you provide when you register to use the App, download or register the App, use the App, share data via an App's social media functions, or enter a competition, promotion or survey, report a problem with the App, or our Site. Certain personal data is mandatory to be provided to us in order that we can fulfil your request and we shall make this clear to you at the point of collection of the personal data. If you contact us, we will keep a record of that correspondence and we may also record any telephone call we have with you. All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we will record this and we may also report this. At our request, you shall promptly provide evidence of your identity.
  • Information we collect about you and your device automatically:Each time you visit one of our Sites or use one of our Apps we will automatically collect the following information:
    • technical information, including the type of mobile device you use, a unique device identifier (for example, your Device's IMEI number, the MAC address of the Device's wireless network interface, or the mobile phone number used by the Device), mobile network information, your mobile operating system, the type of mobile browser you use, time zone setting (Device Information);
    • details of your use of the App including, but not limited to traffic data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
  • Information we receive from other sources: We work with Salt Edge Inc and TrueLayer Limited who will, once you tick the appropriate boxes to allow them to do so, read your bank account transaction data using approved APIs. We will then copy that data onto our own secure databases. We never store any of your bank account login details on our databases. We may receive further personal information about you from Salt Edge Inc and TrueLayer Limited from time to time and in addition from our security service partners. We also work closely with our service delivery partners (which may include, for example, voucher providers, sub-contractors in technical and payment services and analytics providers) and accordingly, we may receive personal data about you from them. If you have downloaded the App as part of a business benefit, we might receive information about you from your employer(s) or the organisation(s) that engages you to provide services that offered you the App as a business benefit.

How we use your information

We will only use your personal data where we have a lawful basis to do so. The lawful purposes that we rely on under this Privacy Policy are:

  • consent (where you choose to provide it);
  • performance of our contract with you including our Terms and Conditions;
  • compliance with legal requirements; and
  • our legitimate business interests in the normal running of our business which do not materially impact your rights, freedom or interests.

We use the personal data held about you in the following ways:

  • to register you as a user of the App, for correspondence, participating in online surveys and competitions, to help us enhance the App for you and to provide the Service to you in accordance with our Terms and Conditions;
  • to allow us to ask security-related questions if you later ask us to reset your password;
  • for the purposes of analysing the data and suggesting products or services that may enable you to make savings or consider alternative or additional services to the ones you are currently using;
  • to allow us to customise your experience of the App and enable us to present your own information to you in a way that we believe is most useful for you (including identifying which transactions are, or are likely to be, work related);
  • to assist us in the preparation and filing of tax returns with HMRC, if you should request such a service (further terms are likely to apply);
  • to verify your identity and credit worthiness and to manage your repayments if you take our Flex Finance product;
  • in anonymised form to allow us to analyse our users’ behaviour as a whole and produce statistics accordingly for use at our discretion, which may include licensing to, or sharing with, third parties).

We do not disclose information about identifiable individuals to our advertisers or third parties but we may provide them with anonymous aggregate information about our users (for example, we may inform them that 100 women aged over 40 have clicked on their advertisement on any given day or the fact that a specific age group tends to have more direct debits on their account than another age group). We may use the personal data we have collected from you to enable us to comply with our advertisers' wishes by displaying their advertisement to that target audience.

Disclosure of your information

You agree that we have the right to disclose your personal information to any member of our group from time to time, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.

As well as disclosure as specified elsewhere within this Privacy Policy, we will disclose your personal information to third parties:

  • if we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets;
  • if Portify or substantially all of Portify's assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation or request;
  • in order to:
  • enforce or apply the T&Cs, our Terms of Use and other agreements or to investigate potential breaches; or
  • protect the rights, property or safety of Portify, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
  • if you have downloaded the App as part of a business benefit, we might share information about you with your employer(s) or the organisation(s) that engages you to provide services that offered you the App as a business benefit;
  • we shall provide our service delivery providers, sub-contractors and agents only with such of your personal data as they need to provide the service for us and if we stop using their services, we shall request that they delete your personal data or make it anonymous within their systems.

Where we store your personal data

We will store your data on servers based within the European Economic Area (EEA).

Please note however that Salt Edge and our other service delivery partners may transfer your data to, and store it at, a destination outside the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses, or by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties).

Security

We will take all steps reasonably necessary to ensure that we treat your personal data securely. In particular, we shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

All personal data we hold is stored on our secure servers. Data relating to your payment transactions will be securely encrypted using TLS (Transport Layer Security). Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Site or App, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the App or our Site. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We use the very latest framework releases. We use tried and tested modules, and apply fundamental security considerations to every aspect of software design and development. We also frequently review and externally test our software. We filter identifiable information from server logs, encrypt identifiable information in our secure databases, and we only communicate over encrypted protocols.

Your rights

You have a number of rights under applicable data protection legislation. Some of these rights are complex, and not all of the details have been included below. Further information can be found here.

  • Right of access: You have the right to obtain from us a copy of the personal data that we hold for you.
  • Right to rectification: You can require us to correct errors in the personal data that we process for you if it is inaccurate, incomplete or out of date.
  • Right to portability: You can request that we transfer your personal data to another service provider.
  • Right to restriction of processing: In certain circumstances, you have the right to require that we restrict the processing of your personal information.
  • Right to be forgotten: You also have the right at any time to require that we delete the personal data that we hold for you, where it is no longer necessary for us to hold it. However, whilst we respect your right to be forgotten, we may still retain your personal data in accordance with applicable laws including for example to enforce any debt you owe to us.
  • Right to stop receiving marketing information: You can ask us to stop sending you information about our services, but please note we shall continue to contact you in relation to any matters relating to the App if you remain a registered user.

Please note, that you can access much of your data on the App or on the Site itself where you can make corrections, updates or deletions.

We reserve the right to charge an administrative fee if your request in relation to your rights is manifestly unfounded or excessive.

Marketing

For our legitimate business interests, we may send you marketing communications from time to time.

You can choose to no longer receive marketing emails from us by contacting us at [email protected] or clicking unsubscribe from a marketing email. Please note that it may take us a few days to update our records to reflect your request If you ask us to remove you from our marketing list, we shall keep a record of your name and email address to ensure that we do not send to you marketing information.

Third Party Sites

Our Sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates (including, but not limited to, websites on which the App or the Service are advertised). If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these policies before you submit any personal data to these websites or use these services.

Keeping your data

We strive to retain your personal data for no longer than is necessary. Subject to the provisions of this Privacy Policy, we will retain personal data in accordance with applicable laws.In particular, we shall retain your personal data for as long as you access or use our online services. However, we may also be required to retain personal data for a particular period of time to comply with legal, auditory or statutory requirements, including requirements of HMRC in respect of financial documents.

Complaints

Please know if you have any complaints of any kind. We will do our absolute best to resolve them. If we are unable to do so, remember that you have a right to complain to the UK data protection regulator, the Information Commissioner’s Office.

Changes to our privacy policy

We will give you at least 30 days’ notice of any change by sending you an SMS or email with details of the change or notifying you of a change when you next start the App. If you do not use the App, you are responsible for regularly reviewing this Privacy Policy so that you are aware of any changes to it.

Our contact details

Portify Limited, trading as Portify, is a British company registered at Evolution House Iceni Court, Delft Way, Norwich, Norfolk, United Kingdom, NR6 6BB.

Portify is committed to protecting and respecting your data and privacy. We have a nominated Data Protection Officer in charge of this. Portify is the responsible entity for processing your personal data noted above, and is known as the “controller” under applicable laws. That means that we determine how and why we will use your personal data.

Questions, comments and requests regarding these terms are welcomed. You can reach us on [email protected].

Last updated: 31/01/2019