Privacy Policy

Privacy Policy

Introduction

This notice applies across all websites that we own and operate under the general heading GoTenant. This applies to all services we offer, including our online services and any other products, apps or services we may offer (for example, events or training). For the purpose of this notice, we'll call them our 'services'.

We know that you care how information about you is used and shared and we appreciate your trust in us to do that carefully and sensibly. When we say 'personal data' we mean identifiable information about you, like your name, email, address, telephone number, support queries, position in the marketing plan, financial information including invoice history for people subscribing to "paid for" services and so on. If you can't be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn't apply. We may need to update this notice from time to time. Where a change is significant, we'll make sure we let you know – in general, we will notify you by email.

Last updated: May 24, 2018

Who are we?

GoTenant, the website, offers users information, resources, tools and content, that are directly provided under GoTenant Ltd's direction. PSP UK Group Ltd ("PSP") works on behalf of GoTenant Ltd to make sure that the website is available and working for you. PSP is the data controller and is responsible for your personal data. The relationship between you as a user of GoTenant the website, GoTenant Ltd and PSP works well to the benefit of all parties.

In this notice, where we refer to 'we' (or 'our' or 'us'), that means GoTenant Ltd under the stewardship of PSP and all its affiliates or wholly owned subsidiaries, suppliers and licensors. We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below in the Contact section.

Please read our Privacy Policy carefully so that you are aware of information we collect and how we use it now or may use it in the future. This policy applies to all visitors and registered users of the web site.

Note: This privacy policy only covers the GoTenant.co.uk domain and not cover any websites which are linked to or from this site.

Controllers of Information

We control personal information provided to or gathered by this site or by other means.

GoTenant Ltd is registered with the Information Commissioner's Office on the Register of Data Controllers under registered number ZA343851. PSP UK Group Ltd is registered with the Information Commissioner's Office on the Register of Data Controllers under registered number Z9786407. For the purpose of the Data Protection Act 1998 ("the Act") the data controller is PSP UK Group Ltd.

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out the Contact section below.

This policy is available from a link on all pages of our web site. If you have any comments regarding this policy please contact our Privacy Officer.

How do we approach data protection?

Our policy is based on four key principles and they underpin everything we do relating to personal data:

Stewardship : We accept the responsibility that comes with controlling and processing personal data.

Transparency : The fundamental principles of openness, honesty and transparency underpin everything we do.

Empowerment : We use personal data to make connections, empower and enable productivity and growth.

Security : We ensure we adopt industry standard approaches to securing the personal data entrusted to us.

Information we collect and how it is used

How we collect your data

When you visit our websites or use our services, we collect personal data. There are 3 main ways in which we collect personal data:

Information you give us directly

Some parts of the GoTenant website and/or services may ask you to provide personal data to us. For example, we ask for contact information when you sign up for a newsletter, subscribe to paid services and tools, set up your profile including your social media details, take part or register in training and events, contact us with questions or request support. You don't have to provide us with personal data, but it is likely that you won't be able to use some or all of our websites or services without letting us have access to this personal data, for example without your username and password, you will not be able to login to the private areas of the website.

Information collected automatically

When you visit GoTenant websites or use our services we will automatically collect some information like your IP address, browser details and device type. When you navigate through GoTenant we will make a note of details such as what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you are using our websites and services and also so that in the event of you having difficulty, we are better able to assist you through our helpdesk support services. We may collect this information by recording it or using cookies and similar tracking technologies such as receiving a notification when you or one of your customers opens an email or uses the GoTenant websites or services.

A number of companies offer utilities designed to help you visit websites anonymously. Although you will not be able to access GoTenant without accepting the use of such automated collection of personal data, we want you to be aware that these tools exist.

Information we get from third parties

The majority of information we collect, we collect directly from you. You can view the profile data in the Setup area of the website. We only process this personal data to enable us to perform a contract with you in the provision of the GoTenant services, or where we have legitimate interests to process the personal data and they're not overridden by your rights, or in accordance with a legal obligation, or where we have your consent. If we don't collect your personal data, we will be unable to provide you with our services, and the GoTenant website will be unavailable to you. If you don't have a relationship with us, but believe that a GoTenant user has entered your personal data into our websites or services, you'll need to contact that GoTenant user for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data).

How we use your data

Primarily, we use your personal data to operate our websites and provide you with any services you've requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:

Operational communications with you to provide you with information you've requested from us (like training or education materials) or information we are required to send to you such as changes to our websites and services, security updates, invoices and payment notices or assistance with using our websites and services.

Support communications such as when assisting with the resolution of technical support issues or other issues relating to the GoTenant websites or services, whether by email, in-app support or otherwise.

Improving the GoTenant offering such as using tracking and monitoring of your use of GoTenant websites and services so we can keep improving them, carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools. We may analyse, aggregate and report on this personal data (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share with third parties.

Protecting You so that we can detect and prevent any fraudulent or malicious activity, and make sure that everyone is using our websites and services fairly and in accordance with our terms of use.

Cookies

Information may be sent to your computer by an Internet "cookie". This information is useful for us as it helps us get a better understanding of how you are using our websites and services and also so that in the event of you having difficulty, we are better able to assist you through our helpdesk support services. We may collect this information by recording it or using cookies and similar tracking technologies such as receiving a notification when you or one of your customers opens an email or uses the GoTenant website or services.

The cookie is stored on your computer. Our server may request that your computer return a cookie to it. These return cookies do not contain any information supplied by you or any personally identifiable information about you.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

A number of companies offer utilities designed to help you visit websites anonymously. Although you will not be able to access GoTenant meaningfully without accepting the use of such automated collection of personal data, we want you to be aware that these tools exist.

Sharing your data

There will be times when we need to share your personal data with third parties. We will only disclose your personal data to other companies in the PSP group of companies, GoTenant, third party service providers and partners who assist and enable us. For example, we may undertake, analysis of the website performance using Google Analytics and similar services, or support delivery of or provide functionality on the website or services. We may share appropriately, aggregated personal data with an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business, or to regulators, law enforcement bodies, government agencies, courts or other third parties where we believe we are obliged to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure

International Data Transfers

When we acquire personal data, we may need to transfer it to, and process it in countries other than the country you live in – such as to the United States, or where our data hosting provider's servers are located. These countries may have laws different from what you're used to. Rest assured, where we transfer personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.

Security

We take the security of your data very seriously. We regularly undertake penetration testing of our servers to make sure our security measures are maintained. We advise you to keep up to date with your own security protection to avoid exploitable vulnerabilities for example stay up to date with your operating system updates and use and maintain up to date anti-virus and anti-phishing software. We work to protect the security of your information and will continue to develop our web site and its safeguards as new processes and procedures become available. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you. It is important for you to protect against unauthorised access to your password and to your computer. Be sure to log out from the top menu bar when you finish using a shared computer.

Security policy

Our Payment Service Provider is Opayo (formerly SagePay) – the largest independent payment service provider (PSP) in the UK and Ireland.

Opayo provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is Opayo’s utmost priority to ensure that transaction data is handled in a safe and secure way.

Opayo uses a range secure methods such as fraud screening, I.P address blocking and 3D secure. Once on the Opayo systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.

Opayo is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.

Opayo is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation.

In addition, you know that your session is in a secure encrypted environment when you see https:// in the web address, and/or when you see the locked padlock symbol alongside the URL.

So when buying through our site, you can be sure that you are completely protected.

Retention

We will reduce the amount of data we keep to the minimum required depending on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you've requested or to comply with applicable legal, tax, reporting or accounting requirements). We'll retain your personal data for as long as we have a relationship with you and then the minimum data necessary for period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we'll make sure it's deleted or anonymised.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your rights

It's your personal data and you have certain rights relating to it. We do not send marketing communications to you and so do not offer you an unsubscribe option as there is nothing to unsubscribe from. The only communications we send you are as part of the operation need defined by your access to the GoTenant websites and services. You have the right to know what personal data we hold about you, to make sure it's correct and up to date, to request a copy of your personal data, or ask us to restrict processing your personal data or delete it. You may also object to our continued processing of your personal data. You can exercise these rights at any time by sending an email to the address in the "How to contact us" section below. We will review and investigate your complaint, and try to get back to you within a reasonable time frame.

You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint. If you do have a complaint, please do give us the opportunity to resolve it for you – we are absolutely committed to providing you with the highest level of care and customer service, please contact us by one of the methods shown in the "How to contact us" section below. You do also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

How to contact us

We're always keen to hear from you. If you're curious about what personal data we hold about you or you have a question or feedback for us on this notice, our websites or services, please get in touch. As a technology company, we prefer to communicate with you by email – this ensures that you're put in contact with the right person, in the right location, and in accordance with any regulatory time frames.

Our email is hello@gotenant.co.uk