Buddi Limited is committed to protecting your personal data (personally identifiable information) and upholding your right to privacy. This privacy notice describes the collection and processing of personal data by Buddi as well as an overview of the rights which you have in relation to your personal data. It applies to information which you may provide directly to us or via third parties.
Our policy is to be as transparent as possible about how and why we process
your personal data. However, should you have any queries please contact us
at either firstname.lastname@example.org or write to
Data Protection Officer, Buddi Limited, Talbot House, 17 Church St, Rickmansworth WD3 1DE, UK.
Buddi is registered with the UK Information Commissioner’s Office as a Data Controller (Reg No. Z9274127) and has in place a comprehensive Data Protection Policy.
We use different methods for collecting your personal data, including:
We shall only use your personal data when the law allows us to do so.
When you set up your Buddi product we may ask for personal information to personalise your profile and to identify you. We process information gathered from your Buddi products to provide the service which you, or someone on your behalf, have contracted us to supply.
We may also analyse information to see what is most effective about our solution to help us identify whether it is functioning correctly, ways to improve it and to make it more effective.
We may also collect information for other purposes, which we would describe to you at the point when we collect the information. This applies to all personal data collected, which might include some of the following:
· The performance of a contract we are about to enter, or have entered into, with you
· Enabling suppliers or service providers to carry out certain functions
· Where you have consented to our collection and use
Please note that in instances where we refer to ‘performance of a contract’ this may include performance of a contract which been entered into via a third-party. In such circumstances we are either relying upon our legitimate interests or expect the third-party has suitable authority for us to carry out such activity.
As per the Information Commissioner’s Office guidelines, we retain personal data no longer than is necessary for the purpose we obtained it for. With that in mind, Buddi will retain any information held on an individual for a maximum of 10 years after that individual has ceased use of a Buddi product unless any contract entered into states otherwise. At that point, the information will be destroyed according to the then-current data destruction policy.
We will not share personally identifiable information (information that contains a personal identifier like your name, address or email address).
Buddi is dedicated to maintaining the privacy and integrity of your personal data. As such, we have policies and procedures and other safeguards to help protect your personal data from improper use and disclosure.
We follow a Minimum Necessary Access Policy so any required disclosure of your identifiable information is minimised.
How much personal data is used or disclosed without your written permission will vary depending, for example, on the intended purpose of the use or disclosure.
The following categories describe different ways that we use your personal data within Buddi and disclose your personal data to persons and entities outside of Buddi. We have not listed every use or disclosure within the categories below, but all permitted uses and disclosures will fall within one of the following categories. In addition, there are some uses and disclosures that may require your specific authorisation.
All information and data you provide to us is stored on secure servers with trusted third-party suppliers located within the European Economic Area. Our suppliers also comply with the European Union Data Protection Directive which sets out a number of data protection requirements that apply when personal data is being processed.
All passwords are stored in encrypted form and all sensitive traffic is transmitted securely via secure methods. However, it may be possible that your data is transferred to, and stored at, a destination outside the EEA by or to staff who work for one of our suppliers. Such staff may be engaged in, among other things the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
Unfortunately, despite these measures, the transmission of information via the internet is never completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted and any transmission is at your own risk. Once we have received your information, we will use strict procedures to try to prevent unauthorised access in accordance with our Data Protection Policy and responsibilities as a registered Data Controller in the UK.
You have certain rights with respect to your personal data. If we do not agree to a request by you with respect to privacy or your personal data, please contact the Data Protection Officer.
Under current data protection legislation there are exemptions to these individual rights where it is determined that the restriction is a necessary and proportionate measure, for example to safeguard the prevention, investigation, detection or prosecution of criminal offences.
If you believe that any of your rights with respect to your personal data have been violated by us, our employees or agents, please communicate with the Buddi Data Protection Officer via email@example.com
We reserve the right to revise this notice and to make the revised notice effective for all individuals for which data is processed.
Questions relating to revisions to this Privacy Notice may be addressed to the Data Protection Officer. The Privacy Notice will be promptly revised if there is a material change to a policy described herein.
All queries should be addressed to:
The Data Protection Officer, Buddi Limited, Talbot House, 17 Church Street, Rickmansworth, Hertfordshire WD3 1DE, United Kingdom.
Effective Date: This Privacy Notice is effective as of 8th June 2018.