INONDA LIMITED PRIVACY NOTICE
Inonda Limited (including our trading names of Inonda Marketing) understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and suppliers and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Information About Us
Inonda Limited, a limited company registered in England under company number 10574911.
Registered address: 35-37 Ludgate Hill, London EC4M 7JN
What Does This Notice Cover?
This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
What Is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
The personal data that we use is set out in Part 5, below.
What Are My Rights?
Under the Data Protection Legislation, you have the following rights, which we will always work to uphold:
The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 10.
The right to access the personal data we hold about you. Part 10 will tell you how to do this.
The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 10 to find out more.
The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold. Please contact us using the details in Part 10 to find out more.
The right to restrict (i.e. prevent) the processing of your personal data.
The right to object to us using your personal data for a particular purpose or purposes.
The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 10.
It is important that your personal data is kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us on info@Inonda.co.uk with your complaint.
What Personal Data Do You Collect and How?
Depending upon your use of Our Site and our Services, we may collect and hold some or all of the personal and non-personal data set out in the table below, using the methods also set out in the table. We do not routinely collect any special category’ or ‘sensitive’ personal data or data relating to criminal convictions and/or offences unless you expressly provide that information to us yourselves.
How We Collect the Data
Identity Information including name or pseudo name and user name and gender and date of birth (if given)
Information provided by you on registration form, on public social media platforms or that you have provided to us in another way.
Contact information including email address (if given) or user name.
Information provided by you on registration form,on public social media platforms or that you have provided to us in another way.
Payment information including card details
Information provided by you to us, including if applicable, to third party payment provider.
Profile information including preferences, interests, your social media profile image and any information that you provide such as education, interests etc.
Information provided by you on registration form, on public social media platforms or that you have provided to us or publicly in another way.
Images information, including photographs and videos and any information that you provide.
Information provided by on public social media platforms or that you have provided to us or publicly in another way.
IP information, including IP address, browser type and operating system, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths);
Information collected by software.
Communication information such as any information contained in or relating to any communication that you send to us or send through our website (including the communication content and metadata associated with the communication
Information provided by you on public social media platforms or that you have provided to us or publicly in another way.
How Do You Use My Personal Data?
Under the Data Protection Legislation, we must always have a lawful basis for using personal data. The following table describes how we may use your personal data, and our lawful bases for doing so:
What We Do
What Data We Use
Our Lawful Basis
Administering our business and our website
Your Identity and Contact information along with your IP Information
Supplying our services to you
Your Identity and Contact information along with your IP Information and Images information
Under a contract with you or based on your consent (as applicable)
Managing payments for our services, including sending statements, invoices and payment reminders and to collect payments from you
Identity, Contact and Payment information
Under a contract with you
Personalising and tailoring our services for you or your employees
Your Contact details and IP Information
Sending you emails that you have specifically requested, or marketing communications relating to our business or the businesses of our clients or carefully-selected third parties which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (you can inform us at any time if you no longer require marketing communications)
Your Identity, Contact details, Profile information and IP Information
Communicating with your identified or potential customers of contacts
their Identity, Contact details, Profile information and IP Information
Communicating with you, including sending you non marketing communications
Your Contact details and IP Information (and in some circumstances) Communication Information
Providing third parties with statistical information about our users (but those third parties will not be able to identify any individual user from that information)
Any or all of the relevant information (although it will be aggregated and anonymised)
Dealing with enquiries and complaints made by or about you relating to our website
Your Identity Profile Information, IP Information and Communication Information
Keeping our website secure and prevent fraud
Your Identity Profile Information, Payment Information, IP Information and Communication Information
Verifying compliance with the terms and conditions governing the use of our website (including monitoring private messages sent through our website private messaging service)
Any or all of the relevant information
With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email with information, news, and offers on our services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out. We will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes and you will be able to opt-out at any time.
We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us using the details in Part 10.
If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.
In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with this policy.
How Long Will You Keep My Personal Data?
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected.
How and Where Do You Store or Transfer My Personal Data?
We have protected passwords and work off of virtual servers based in the UK. Only our authorised personnel have access to any information that you have provided to us (including any of your personal social media log on details) as required by us to be able to provide you with our Services under a contract with you.
We will store or transfer your personal data within the European Economic Area (the “EEA”) and will carry out data collection and data entry activities (on publicly available information) through third parties in other countries (India) with whom we have carried out reasonable due diligence and have in place adequate commercial arrangements to protect personal data (as described below for “third countries”). This processing takes place on our networked servers under our control rather than being stored remotely in those third countries.
The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the Data Protection Legislation, GDPR, and/or to equivalent standards by law.
If you are resident outside the EEA, it may be that some of your data is processed, stored or transferred some or all of your personal data in countries that are not part of the EEA whilst that data is on route to the EEA. These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means if the data is under our control, we will take additional reasonable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation. While your data is under your control (for example while you are logged on to our Site or providing us with your data) you should take your own measures to ensure the security of your data, as we do not have responsibility and are not liable for any unlawful or authorised use of your data if it is not under our control.
The security of your personal data is essential to us, and to protect your data, we take a number of important measures, including the following:
limiting access to your personal data to those employees, agents, contractors, and other third parties with a legitimate need to know and ensuring that they are subject to duties of confidentiality;
procedures for dealing with data breaches (the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your personal data) including notifying you and/or the Information Commissioner’s Office where we are legally required to do so.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure encrypted Azure data base (which is password- and firewall-protected). You are required to login to your accounts with a strong password to access your data. Your account holder administrators (such as School admin) can see students accounts data.
All electronic financial transactions entered into with our payment services providers in relation to our website will be protected by encryption technology.
By providing us with your personal data, you acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
Do You Share My Personal Data?
We will not share any of your personal data with any third parties for any purposes, subject to the following exceptions.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
We may sometimes contract with the following third parties to supply products and services.
Activity Carried Out
IT support providers.
To provide us with IT support and development services
Payment services providers
To collect payment from you as set out in our services
Data entry and collection providers
To provide us with back office and Data entry and collection services
EEA and Third country (India)
We will share information with our payment services providers only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds. With your permission, our payment services providers will securely store your payment details in encrypted form to enable repeat transactions.
If any of your personal data is shared with a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Part 8.
If any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the Data Protection Legislation, as explained above in Part 8.
How Can I Access My Personal Data?
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 10.
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
How Do I Contact You?
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details, preferably expressly referring to data processing in your email message title:
Email address: info@Inonda.co.uk
Cookies and third party sites
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
Cookies can be used by web servers to identify and track users as they navigate different pages on a website and identify users returning to a website.
We use both session and persistent cookies on our website.
The names of the cookies that we use on our website, and the purposes for which they are used, are set out below:
We use Google Analytics to analyse the use of our website.
Our analytics service provider generates statistical and other information about website use by means of cookies.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
The analytics cookies used by our website have the following names:_ga, _gat, __utma, __utmt, __utmb, __utmc, __utmz and __utmv].
Google Interest-based advertising
From time to time we may publish Google AdSense advertisements on our website.
To determine your interests, Google may track your behaviour on our website and on other websites across the web using the DoubleClick cookie
This behaviour tracking allows Google to tailor the advertisements you see on other websites to reflect your interests (we do not publish interest-based advertisements on this website).
You can view, delete or add interest categories associated with your browser by visiting: http://www.google.com/settings/ads/.
Most browsers allow you to refuse to accept cookies; for example:
(a) in Internet Explorer (version 11) you can block cookies using the cookie handling override settings available by clicking "Tools", "Internet Options", "Privacy" and then "Advanced";
(b) in Firefox (version 42) you can block all cookies by clicking "Tools", "Options", "Privacy", selecting "Use custom settings for history" from the drop-down menu, and unticking "Accept cookies from sites"; and
(c) in Chrome (version 46), you can block all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Content settings", and then selecting "Block sites from setting any data" under the "Cookies" heading.
Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.
You can delete cookies already stored on your computer; for example:
(a) in Internet Explorer (version 11), you must manually delete cookie files (you can find instructions for doing so at http://windows.microsoft.com/en-gb/internet-explorer/delete-manage-cookies#ie=ie-11);
(b) in Firefox (version 42), you can delete cookies by clicking "Tools", "Options" and "Privacy", then selecting "Use custom settings for history" from the drop-down menu, clicking "Show Cookies", and then clicking "Remove All Cookies"; and
(c) in Chrome (version 46), you can delete all cookies by accessing the "Customise and control" menu, and clicking "Settings", "Show advanced settings" and "Clear browsing data", and then selecting "Cookies and other site and plug-in data" before clicking "Clear browsing data".
Deleting cookies will have a negative impact on the usability of many websites.
Changes to this Privacy Notice
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
Any changes will be made available on our Site. This Privacy Notice was last updated on February 2019.