Privacy Policy

Privacy Policy

Novatum Tech Limited is committed to protecting and respecting your privacy.

We take data security extremely seriously and we make sure we have appropriate security measures in place to prevent your personal data from being accidentally lost and from unauthorised use and access. Please read this Privacy Policy carefully as it explains our practices regarding your personal data and how we will treat it. This Privacy Policy sets out the basis on which any personal data will be processed by us.

By visiting our websites, you are accepting and consenting to the practices described in this policy.

We operate under the Data Protection Act 2018 (‘DPA’) and the European General Data Protection Regulation (‘GDPR’).

For the purpose of the applicable data protection legislation, the data controller is Novatum Tech Limited of 30 Moorgate London EC2R 6DN, United Kingdom.

Our data controller registration number is ZA878024 . You can check our registration on the Data Protection Public Register by visiting https://www.ico.org.uk/esdwebpages/search

References in this Privacy Policy and on our website to “we”, “our” or “us” are references to Novatum Tech Limited. References to “you” and “your” means each natural or legal person who interacts with us, uses our website or the products and services we provide.

Data Protection Controls

To meet our Data Protection obligations, we have established comprehensive and proportionate governance measures.

We ensure data protection compliance across the organisation through:

  1. Implementing appropriate technical and organisational measures including internal data protection policies, staff training, internal audits of processing activities, and reviews of internal HR policies
  2. Maintaining relevant documentation on processing activities
  3. Implementing measures that meet the principles of data protection by design and data protection by default including data minimisation, pseudonymisation, transparency, deploying the most up-to-date data security protocols and using data protection impact assessments across our organisation and in any third party arrangements

The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity data includes first name, maiden name, last name, title.
  • Contact data includes email address and telephone numbers.
  • Technical data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage data includes information about how you use our website and services.
  • Marketing and communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

How is your personal data collected?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity, and Contact Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • complete our enquiry form on our website,
    • contact us by telephone or email to seek a quote; and
    • when you instruct us to provide services for you by telephone or email and you become our client.
  • Third parties or publicly available sources. We may receive personal data about you from various third parties including Technical Data from analytics providers such as Google based outside the EU.
  • Cookies. Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, refer to our Cookie Policy below.

How we use your information

Your personal data will only be processed for specific, explicit and legitimate purposes in accordance with the data protection principles. The core principles to which Novatum adheres are the following:

  • lawfulness, fairness and transparency – we process data only in a lawful manner, which is fair and transparent within its means and aims;
  • data minimization – we do not collect, store, or process more information than is reasonably required in order to achieve a particular aim;
  • accuracy – we keep all data accurate and up-to-date, and where relevant correct any of wrong information;
  • storage limitation – we keep data in a form that allows your identification for no longer than is necessary for the purposes that it was collected;
  • integrity and confidentiality – we store and process the data in a manner that ensures appropriate security of the personal data;
  • accountability – we are accountable to follow our data protection obligations.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract, we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

Purposes for which we will use your personal data

We have set out below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose

Type of information

Legal basis

To identify customers

Personally identifiable information; Information about your visit;

Technical information; Transaction information

Consent;

Contractual performance; Legal obligations.

To adhere to the obligations under the laws on the prevention of money laundering and terrorist financing

Personally identifiable information; Information about your visit;

Technical information;

Transaction information

Legal obligations

To conclude and execute agreements and provide services

Personally identifiable information; Information about your visit;

Technical information

Contractual performance

To respond to your inquiries and fulfil your requests, such as to respond to your questions and comments

Personally identifiable information; Information about your visit;

Technical information; Transaction information; Other information that you provide

Contractual performance; Legitimate interests- to provide good customer service

To send administrative information to you

Personally identifiable information;

Transaction information

Contractual performance

To contact you if we have not heard from you in a while

Personally identifiable information;

Legitimate interests – to provide good customer service and keep data updated

To offer and facilitate the provision of services upon your request

Personally identifiable information;

Consent

To improve and further develop our services

Information about your visit;

Technical information; Transaction information;

Legitimate interests – to provide good customer service and improve our

business

To resolve conflicts, manage litigation, resolve issues, and provide you customer service (including troubleshooting in connection with customer issues).

Personally identifiable information; Information about your visit;

Technical information; Transaction information; Other information that you provide

Contractual performance; Legitimate interests – to provide good customer service in connection with our administrative duties

Risk management

Personally identifiable information; Information about your visit;

Technical information; Transaction information

Legal obligations

The processing of transactions

Personally identifiable information; Information about your visit;

Technical information; Transaction information

Contractual performance

To complete and fulfil your orders, communicate with you regarding the service and provide you with related customer service

Personally identifiable information; Information about your visit;

Technical information

Contractual performance

To provide you  with updates and announcements concerning our products, promotions, and programs and to send you invitations to participate in special programs (direct marketing)

Personally identifiable information;

Consent;

Legitimate interests – to update you with our new products and services

To personalise your experience on the website by presenting products and offers tailored to you

Personally identifiable information; Information about your visit;

Technical information

Legitimate interests – to provide for you a good service experience

For our business purposes, such as analysing and managing our businesses, market research, audits, developing new products, enhancing our websites, identifying usage trends, determining the effectiveness of our promotional campaigns and evaluating customer satisfaction

Personally identifiable information; Information about your visit;

Technical information; Transaction information

Legitimate interests – to tailor and improve services in accordance to your needs

To comply with obligations under applicable law, including laws outside of your country of residence. To respond to requests from public and government authorities, including public and government authorities outside your country of residence. To enforce our terms and conditions. To protect our rights, privacy, safety or property, and/or that of our affiliates, you,

or others.

Personally identifiable information; Information about your visit;

Technical information; Transaction information; Other information that you provide

Legal obligations

Protection of the legal rights and interests of Novatum, including, but not limited to, the

discovery, conduct or defence of legal rights

Personally identifiable information; Information about your visit;

Technical information; Transaction information; Other information that you provide

Legitimate interests- to preserve normal conduct of business and protect our company;

Legal obligations

 

Disclosure of your information

Personal information may be shared with the following third parties:

  • Financial institutions, payment systems and card associations with whom we work together  to develop or provide a product or service, to execute transactions, to resolve conflicts and   to investigate and prevent fraud;
  • Other transaction participants;
  • Other companies that provide services to us. We may share personally identifiable information with other partners who provide services and functions on our behalf. These partners, for example, provide services to you as defined in our service agreements and/or offer additional functionality which you have requested.  Anonymised  data  and  performance analytics that help better understand the use of our services and increase your satisfaction;
  • Third parties for our business purposes or as permitted or required by law;
  • With relevant authorities/third parties to investigate violations of any agreements or other legal provisions applicable to our services or to enforce legal rights.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of Firm Name, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Security measures

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic  and  managerial  procedures to safeguard and secure the information that we process and collect.

All information you provide us is stored on our secure servers within European Economic Area (“EEA”). All our webpages, html application forms, and any payment transactions are encrypted using SSL technology. You are responsible for keeping website login and passwords credentials, OTP/MAC token generator confidential and not to share them with anybody.

You have to be aware that the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk only.

Once we have received your information, we will use encryption and other security technologies to protect information from unauthorized access. We ensure that information, personal data, and data under our responsibility is properly backed up and that arrangements for recovery processes are in place. Additionally, Novatum uses reliable internal data protection mechanisms combined with a robust security system.

Retention of your data

We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.  When you leave us as a client, we shall agree a data retention period with you and after expiry of this period, your personal data shall be deleted.

Data protection rights

Under the Data Protection Legislation, you have certain rights in respect of the personal data we hold about you. These may include rights to: request a copy of the personal data that we hold, request that we correct personal data if it is inaccurate, request that we erase or block your personal data, and to object to our processing of your personal data. These rights are limited in some situations. For example, if we have a legal requirement or a compelling legitimate ground we may continue to process your data even where you request its deletion.

If you would like to exercise any of these rights, please contact us using the details in the Contact section below.

You also have the right to make a complaint if you feel your personal data has been mishandled. We would encourage you to contact us in the first instance but you are also entitled to complain directly to the Information Commissioner’s Office (ICO) (if you are in the UK), or to your local data protection authority (if you are outside the UK).

If you wish to exercise any of your data protection rights, you may send us an email to: dpo@novatum.uk

Cookies

A cookie is a small file and holds a certain amount of data, which our website can send to your browser. It may then be stored on your computer's hard drive and can be accessed by our web server. This cookie data can then be retrieved and can allow us to customise our web pages and services accordingly. It is important to clarify that cookies do not collect any personal data stored on your hard drive or device.

Our website uses these “cookies” to collect information and to improve our  services. You have  the option to either accept or refuse these cookies. If you choose to refuse our cookies, some of  our services may not be available to you.

The cookies used on our website fall into three categories:

  • Functional: These cookies are used to enable core website functionality and  do  not contain any personal information.
  • Analytics: These cookies allow us to count page visits and traffic sources, so we can monitor and improve the performance of our website.
  • Advertising cookies: We partner with affiliate networks and other websites to help  promote Novatum. If you use their websites or have come to our site via these affiliates, then their cookies will be sent through our website.

When you enter our websites for the first time, we provide you with an opportunity to accept or decline the usage of cookies. You will have a possibility to granularly accept cookies, meaning that you will have a choice on  what type of  cookies you will  allow. You can also delete and  block cookies at any time from this website through your browser. However, note that some features on this website will not function without cookies.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments, and requests regarding this privacy policy are welcomed and should be addressed to dpo@novatum.uk

If you believe that the processing of your personal data violates the applicable data protection law or your data protection rights have been violated in any way, you may choose to file a complaint with the Information Commissioner’s Office by calling +44 303 123 1113 or filing a report over the Internet https://ico.org.uk/concerns/. If you are residing in another country, you may contact your competent national authority responsible for data protection.