Effective: 1 September 2018
Read time: 4 minutes
Your privacy is important to us at SMYL. We will only use your personal information to administer your account, provide the products and services you have requested from us, and to keep you informed about our products and services. The protection, confidentiality and integrity of your personal data are our prime concerns. This privacy notice explains what personal information we collect from you when you interact with our products and services, and how we use this information.
We continuously review our policies and procedures in order to improve. We’ll let you know about any important changes being made here.
SMYL provides a solution for effective communications via multiple platforms including desktops, add-ins, extensions, website and mobile applications. This Privacy Notice applies to these services and its related platforms, including smyl.app, other SMYL related websites, apps, communications and services.
What personal data do we collect?
We need certain personal information to be able to offer you the best experience and to keep you informed of our products and services. You provide some of this data directly, for instance when you create an account or enter your details into our add-in. Additionally, we receive some of your personal data indirectly through your devices, by recording how you interact with our services (e.g. through cookies). This allows us to personalise and improve our products.
When you create a SMYL account, start using our add-in, or otherwise use our services, we process the following details:
- First and Last Name
- Title (Mr, Mrs etc.)
- Email address
- Social media account information, if you use a social media plugin to register
- IP address
- Company name (if applicable)
We also receive information from third parties we work with. While the partners we work with may change, these mainly include:
- Our clients, who use our service to facilitate communications of their employees. If you are an employee in such an arrangement, we receive your name, or personnel ID, e‐mail address, from your employer, which is used to create your own account.
- Existing SMYL users who will send you an invite to join SMYL. We receive your e-mail address after which you can sign up and create an account.
Cookies and other similar technologies
We collect certain data through cookies and similar technologies (e.g. web beacons, tags, device identifiers). Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. We register your interaction with our services in order to improve our website, content and services. You can manage your cookie preferences through your browser settings.
Device and location
If you have enabled this in your phone and app settings, we receive data about your location when you use our services. We use this information to verify and facilitate your SMYL transactions by for example help you decide whether or not to communicate given the time of day and place. You can always change your preferences in your settings.
How do we use your personal data?
We only use your data for the purposes for which it was collected and, where relevant, to meet local legal obligations. We use your personal data for the following purposes:
Performance of agreements with users – To provide you with our products and services of your choice, we process your information for example to provide you with suggestions for effective communications with other users.
Customer support – We use your information to support you in your use of our products and services. This includes the use of personal information to diagnose product problems, rectify erroneous usage and provide other customer support related services.
Customer engagement and communication – We use your information to communicate with you via email, SMS text or other electronic media for instance on service‐related matters, such as invoices. Other instances where we engage with you include confirming the opening of an account, resolving complaints, and asking you to take part in one of our surveys.
Marketing – We would like to send you information which may be of interest to you, about our products and services and those of other companies (in so far as you have consented to this) that may be of interest to you. We communicate with you via email, SMS text or other electronic media. You have the right at any time to stop us from contacting you for marketing related purposes. Depending on your preferences, you can unsubscribe, change your settings on‐line or contact our Customer Support team to do so.
Safety, security and dispute settlement – We use your details to protect the security, integrity and safety of our products, services and customers. This includes processing in the context of detecting and preventing fraud, theft and other misuse of our services. We may also use personal information in the context of dispute settlements, to enforce our agreement with you, to enforce our rights towards third parties or defend ourselves against any third party claims or allegations.
Legal obligations – We may process your information in relation to a legal obligation. This includes cases where we must comply with requests from competent authorities, administrative obligations and in cases involving legal disputes.
Improving and personalising our products and services – We use your personal information to improve our products and services. Clicking behaviour and search results on our website can for instance help us to prioritise or identify new product features.
Maintenance, development and incident management – If you experience issues with one of our products or services, we may need to process some of your personal information, such as your name, vehicle registration number and client ID, in order to resolve the respective issue. We may also use your personal information in relation to certain system development processes, for instance if we move customer data to a new database.
General business process execution, internal management and management reporting – To be able to run our business, we also use your personal information for general business processes. This includes processing your information for archiving, insurance and other administration related purposes, management reporting or processing in relation to audits.
With whom do we share your personal data?
We share your personal data with third parties such as suppliers (e.g. hosting, customer care and e‐marketing facilities), clients (e.g. corporate clients/employers), and other partners. Who we share your information with, depends on your location on the services you use. We share your information:
- To the extent necessary to operate our business, to provide you our services, or our client services (e.g. your employer), to complete any related transactions and collect related payments, to provide customer care and to communicate with you in connection with our services. For instance, to process payments and transactions.
- Where you gave us explicit consent to do so;
- If we are legitimately requested or obliged to do so pursuant to law enforcement, e.g. for investigation of illegal activities;
- To enforce our rights towards third parties, or to defend ourselves against any third‐party claims or allegations;
- To protect the security, integrity or safety of our Services.
Where is your personal data processed?
Your personal data is mainly processed by our staff in the United Kingdom. We may also share data with our affiliates in the context of operating our business, providing our services and other processing purposes as outlined in this Privacy Notice. For hosting and maintenance purposes your personal data is located in the United Kingdom.
To the extent any other personal data will be transferred to a country outside the European Union or an international organisation, we will make sure that this only happens to such countries and international organisations that ensure an adequate level of protection, have put appropriate safeguards in place to protect your data and your rights in accordance with the EU privacy law (GDPR), or as is otherwise allowed under the GDPR.
If you wish to receive more information of the safeguards we have implemented, please contact our Customer Support team.
How long do we keep your personal data?
We will retain your personal information only for as long as is necessary for the purposes for which the information was collected, or as long as is required pursuant to law.
If you do not use your account for more than 18 months, we will mark it in our database as “inactive”. We will then no longer actively use your account information, e.g. to inform you on our products and services, but will archive the account to be able to easily re‐activate it should you wish to use our services again in the future.
In case you wish to close your account, please contact our Customer Support team. Upon closure, we will remove your personal information without undue delay except for information that we are obliged to keep pursuant to law. For instance in order to meet statutory administrative retention obligations, we need to keep some of your account related information (e.g. copies of invoices/receipts), for six years.
Data may be retained longer in cases where it is used in relation to a legal claim or is used in relation to a valid legal process.
Accessing and managing your personal data
You can directly view and edit your personal details via your personal account by contacting our Customer Support team. There you can also make choices about our collection and use of your data. For instance, you can always choose in your account settings. How you can access or control your personal data will depend on which products and services you use.
If you cannot access, rectify, or erase certain personal data yourselves, if you want a copy of the personal data that we process of you, if you wish to request a restriction of processing of your personal data or to object to processing, please contact our Customer Care department using our web form. We will respond to such requests within 30 days.
Lawful basis for data processing
We only collect and process your personal data when there is a lawful basis to do so. The lawful basis we rely on in this respect includes:
- Contract: the processing is necessary to perform your Service contract;
- Legitimate interest: for example, i) a legitimate commercial interest to process certain of your personal data, e.g. for running our business and the purposes of certain forms of direct marketing and profiling; ii) to archive certain account information to facilitate you to re‐use your account in the future; or iii) if there is a legitimate interest from business or security perspective, e.g. to prevent fraud or abuse of our Services, or for purpose of network and information security of our IT systems;
- Legal obligation: the processing necessary to comply with a legal obligation, e.g. the legal requirement to keep administrative records for a certain period of time, or the legal obligation to share certain data on a police order for criminal investigation purposes;
- Consent: where you gave us explicit consent to process the data concerned, for example ‐ if applicable ‐ to share your data with partners or other third parties for commercial purposes.
If you have given your consent to the processing, you have the right to withdraw your consent at any time, by completing a web form. We will discontinue the processing of your information upon receipt of your withdrawal. However, any processing performed prior to your withdrawal remains a legitimate processing based on a valid consent at the time. We will not be under the obligation to reverse the processing.
Questions, concerns and complaints
If you have questions or concerns about the way in which we use your personal data, please contact Customer Support through firstname.lastname@example.org or assistance. You may also contact our Data Protection Officer (DPO) via email@example.com.
If you feel that an issue has not properly been resolved, you also have the right to lodge a complaint with the supervisory authority ICO: https://ico.org.uk/concerns/.
SMYL is a trading name of SMYL Global Limited having its address at 25 Moorgate, London, EC2R 6AY, United Kingdom, and is registered with Companies House under no. 11289682 which acts as the controller for this personal data processing.
Our Information Commissioner’s Office registration number is ZA443270.