YoCoBoard is committed to respecting your privacy and ensuring that personal information you have entrusted to us is held securely. We process personal information in accordance with the Data Protection Act 1998, Privacy & Electronic Communications Regulations 2003 and the European Union's General Data Protection Regulation (GDPR) that came into force in May 2018. The GDPR will strengthen your rights to privacy and give you control over the personal information that organisations hold about you.
Under the EUs General Data Protection Regulation:
Personal Data is defined as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person
We use the information we hold about you in a range of different ways, which fall into these broad categories:
The personal data we collect from you may include the following:
We will send you offers and information only if you have given your consent for us to do so, in which case we will contact you via email, post, phone or online about any of our group products and services. We never share your data with companies outside our group for them to use for their own marketing. From time to time, we may team up with a third party to bring you details of a product or service we think might interest you, but when we do this, the contact will come from us - we will never pass your details to the third party without your prior consent.
If you have enabled cookies in your browser you may receive banner adverts on our homepage, as these are cookie-based and not tailored using other information we hold about you. As they are cookie-based, you will receive them even after you have opted out of personalised marketing, but you can control them easily via your browser settings.
If you have given your consent to marketing, we will work with social media companies such as Facebook and Twitter to provide you with information about our products and services via their platforms. If you do not wish to see these adverts, you can control this easily by disabling preference-based marketing in the privacy and ad settings on each individual platform.
Even if you have withdrawn your consent to personalised marketing by YoCoBoard, you might still see general adverts for YoCoBoard products and services on your social media feeds. These will not be specifically targeted to you, and again, you can control this via the privacy and ad settings on each platform.
In addition to any sharing listed above, we may disclose anonymized data (such as aggregated statistics) about the users of our Services in order to describe our sales, customers, traffic patterns and other information to prospective partners, advertisers, investors and other reputable third parties and for other lawful purposes, but these statistics will not contain your personal data.
We may occasionally be required by law, court order or governmental authority to disclose certain types of personal data.
We may also share your information with third parties in the following situations, to the extent permitted by law.
If we think doing so is necessary to protect the rights, property, security, or safety of us, our Service, our users, or the public.
Some of the third-party suppliers/ partners we use are based in, or carry out their activities in, countries outside the European Economic Area (EEA), which is made up of the EU Member states plus certain countries considered to offer a standard of data protection equivalent to that of Europe. Where this means personal information is transferred outside the EEA, we have put in place additional legal protections on top of our standard checks and measures, to ensure it receives the same level of protection as it would within Europe. We do this by using standardised contractual clauses (sometimes called 'the EU Model Clauses) approved by the European Commission and European privacy regulators, although there are alternative approved legal mechanisms which we can decide to use instead. Where necessary, we also put in place any additional contractual measures required by local law in any of the countries in which we operate, except where they conflict with the General European Data Protection Regulation.
We hold your personal information only as long as we have a valid legal reason to do so, which includes providing you with the services you have requested, meeting our legal and regulatory obligations, resolving disputes and enforcing our agreements.
The length of time for which we keep different types of personal information can vary, depending on why we originally obtained them, the reason we process them and the legal requirements that apply to them.
When setting our data retention and deletion timescales we take into account a range of factors including applicable regulations and standards relating to taxation, payment processing and complaint handling, the need to prevent or detect crime or other misuse of our services, and audit requirements. To fulfil our requirements, some of your personal data will need to be retained for a period of time after you cease to be a customer. When we no longer need it to fulfil the above requirements, we delete it securely. When we wish to retain any information for analysis purposes, we first anonymise it to the standards approved by the UK Information Commissioner's Office, (which, as we are also located in the UK, is our lead regulator on matters relating to Data protection) so that it can no longer be linked back to an individual. Please note that if you opt out of receiving marketing from us, we will still need to keep your contact details in order to suppress them from future marketing activity.
We strive to protect your personal data and our Services from unauthorised access to or alteration of your personal data. This includes use of various security measures to protect your personal data held by or on behalf of us and ongoing review of our information collection, storage and processing practices.
The General Data Protection Regulation (GDPR) gives you:
You can opt out of receiving information from YoCoBoard at any time by simply withdrawing consent.
We Will update inaccuracies promptly, and within a month if you are requesting a simple and straightforward change.
Data protection law gives you the right to express an objection to how we process your personal information.
People sometimes refer to this as the 'right to be forgotten. Under data protection law, you have the right to ask us to delete any personal information about you that we hold.
If you would like a copy of the personal information we hold about you, you can request for it.
The right to 'data portability aims to enable consumers to re-use some of their personal information online by making it available in a commonly-used, machine-readable format that can be passed to and used by other organisations. However, if you wish to exercise this right, you should let us know in writing and we will provide you with the information as a CSV file.
If you believe your privacy rights have been infringed, or you disagree with a decision we have made about your privacy rights, you have the right to complain to the privacy regulator. As we are based in the UK, our principal data protection regulator is the UK's ICO.
Simple, by contacting us by writing to us via post. And we will respond to your request within 30 days for all reasonable requests.
Note: How you can exercise your rights will depend on the lawful basis by which we process your information.
Please contact us if you wish to raise a concern about YoCoBoard's handling of your personal information, or compliment what you think we have done well. You also have the right to lodge a complaint with the Information Commissioner's Office about how we manage your personal data
Your browser also generates other information, including which language the Website is displayed in, and your Internet Protocol address ("IP address"). An IP address is a set of numbers which is assigned to your computer during a browsing session whenever you log on to the internet via your internet service provider or your network (if you access the internet from, for example, a computer at work). Your IP address is automatically logged by our servers and used to collect traffic data about visitors to our Website. We also use your IP address to help diagnose problems with our server, and to administer our Website.
A 'cookie' is a small text file that is downloaded onto your Access Device when you visit a website and that enables the website to obtain certain information from your browser, such as your preferences. Cookies allow us to maximise your experience using the Website by increasing its functionality and allowing the Website to remember information and selections as you move from page to page and from visit to visit, depending on the cookie. A cookie does not harm Your Access Device nor does it contain any viruses or other malware.
YoCoBoard will review our privacy notice regularly. The terms of this notice may be updated at any time for example, in the event of changes in law and how we operate. Please do check our website from time to time. If there are any significant changes in the way we process your personal information, we will provide prominent notice on our website or send a notification. This notice was last updated in March 2020.