1.0 Purpose of this Privacy
This privacy notice aims to give you information on how the BoltFlare collects and processes your personal data. This privacy notice is provided in a layered format so you can click through for further detail on the specific areas set out below. Please also use the Glossary to understand the meaning of some of the terms used in this privacy notice.
2.0 Who are we and how can you contact us?
BoltFlare is a trading name of BoltFlare Ltd.
It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements any other notices previously provided and is not intended to override them.
Registered office address: 2 Frederick Street London WC1X 0ND, United Kingdom.
If you have any questions about this privacy notice, including any requests to exercise your legal rights, please email us at firstname.lastname@example.org.
Data Privacy Manager: Ali Husnain
Email Address: email@example.com.
Postal Address: 2 Frederick Street London WC1X 0ND, United Kingdom.
3.0 The data we collect about you
The type of data we collect about you includes:
- Identity Data includes first name, last name, username or similar identifier.
- Contact Data includes email address.
- Financial Data includes payment card details.
- Transaction Data includes details about payments from you and other details of services you have purchased from us.
- Technical Data includes internet protocol (IP) address and the city and country calculated by IP address, your login data, browser type, version and language, time zone setting and location, operating systems and platform, the number of Twitter followers and other technology on the devices you use to access the BoltFlare website and your journey through the BoltFlare platform including information collected from any forms you complete (e.g., contacting us for support reasons). We may also analyze which marketing activity or source led to you taking specific action on our platform (e.g., creating a BoltFlare account).
- Profile Data includes your username and password, purchases or orders made by you, feedback and survey responses.
- Usage Data includes information about how you use our website and services.
- Marketing and Communication Data includes your preferences in receiving marketing from us and your communication preferences.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users who upgrade a BoltFlare site within a given timeframe.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
4.0 How your data is collected
We use different methods to collect data from and about you including through:
Direct Interactions: You may give us your data by filling in forms, using our website, using Wi-Fi, by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- create a BoltFlare account on our website.
- subscribe to our mailing list.
- make a support request using the live chat function on our platform.
- enter competitions or promotions.
- surveys; or
- give us some feedback.
Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using server logs and other similar technologies.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources, such as:
- Technical Data from analytics providers such as AWS; advertising networks and search information providers all based inside or outside the EU.
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services based inside OR outside the EU such as Stripe.
5.0 PROMOTIONAL OFFERS FROM US
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you opted in to receiving such communications when you: requested information from us; registered as a BoltFlare user with an account; or if you provided us with your details when you entered a competition or registered for a promotion.
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at firstname.lastname@example.org.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.
We may also participate in Facebook’s ‘Custom Audience’ service from time to time. This service enables BoltFlare to display to you personalized advertisements when you visit Facebook’s social media platforms. It works by converting your email address to a unique number that Facebook uses to match to unique numbers that Facebook generates from email addresses of its users. Where we use Facebook Custom Audiences, we will only include you if you have consented to receive marketing from us.
6.0 Disclosures of your personal data
Information about our users is an important part of our business and we do not sell it to others. We only share it in the circumstances set out below:
Third Party Service Providers: We employ other companies and individuals to perform functions on our behalf, fulfil our obligations and as activation partners. Examples of such activity include analyzing data, providing marketing assistance, processing credit card payments, providing customer services, social networks, fraud prevention agencies, hosting providers, data storage providers and other technical partners.
Promotional Offers: Sometimes we send offers to selected groups of customers on behalf of other businesses. When we do this, it will only be in circumstances where you have indicated the necessary marketing preferences.
Protection of BoltFlare and third parties: We release account and other personal information when we believe release is appropriate to comply with the law; enforce or apply our Conditions of Use and other agreements; or protect the rights, property or safety of BoltFlare our users or others.
With Your Consent: Other than as set out above, you will receive notice when information about you might go to third parties and you will have an opportunity to choose not to share the information.
List of third-party service providers: AWS, SendGrid, Stripe, PayPal.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
You have the right to ask BoltFlare to provide you with all the information it stores on you. To see all the personal data held on you, you can make a Data Subject Access Request by contacting email@example.com.
You have the right to ask BoltFlare to rectify, block, complete and delete your personal data, to restrict its use, and to port your data to another organization. You have the right to object to the processing of your data by BoltFlare, provided such processing is not necessary to continue to provide goods or services to you, we will stop processing your data in accordance with your request. Where we have asked for consent to process your data, you can withdraw this consent at any time by emailing firstname.lastname@example.org.
BoltFlare may be able to retain data even if you withdraw your consent, where we can demonstrate that we have a legal requirement to process your data.
If at any time you are unhappy with the way your data has been processed or you feel we have not provided you with correct information you can make a complaint to the Information Commissioner’s Office (the ICO). The ICO website is also a useful resource should you require any further guidance on the contents of this privacy notice.
7.0 Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Aggregated Data means statistical or demographic data derived from your personal data but is not considered personal data in law.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.