Privacy and Policy

This privacy policy applies to:

• your use of our website, whether as a visitor or as an actual or prospective User;
• your receipt of our services as a User.
• The Customer of a User.

This privacy policy replaces any privacy policy that we have previously issued.

Any notices or statements relating to data, data protection, fair processing and/or privacy that we may issue at the time of collecting personal data about you will supplement this privacy policy.  They are not intended to override it.

We may change this privacy policy from time to time to reflect changes in the law and/or our personal data handling and data protection practices.

We encourage you to check this privacy policy for changes whenever you visit our website, as we may not always notify you of the changes.

It is important that the personal data we hold about you is accurate and current.

Please keep us informed if your personal data changes during your relationship with us.

We’re Ravelin Technology Limited, registered at 33 Bowling Green Lane, London EC1R 0BJ.  We are the data controller and/or processor of your personal data.

References within this privacy policy to we, us, our within this privacy policy will be to the applicable data controller.

We have appointed a DPO who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this privacy notice, including any requests to exercise your legal rights relating to your personal data, please contact the DPO using the details set out below.

You can contact us and our DPO for any data related query or to make a complaint about how your personal data is being handled using the details below:

• email address: privacy@ravelin.com ; or
• postal address: 33 Bowling Green Lane, London EC1R 0BJ, marking it for the attention of the DPO

The way we collect data depends on who you are and and the Services that you use.

Ravelin website and web properties: We collect data from Users and prospective Users directly through forms on our website.

Ravelin’s Users’ services:  Ravelin’s Users send data relating to the Customers to Ravelin for the purpose of fraud detection. The type of data, how we handle it and legitimate use is detailed in the section Ravelin as a Data Processor.

Third party service providers:  we may instruct third parties to assist us to collect, handle, or enhnace your personal data on our behalf.  Those third parties will carry out those activities in accordance with this privacy policy.

5a. Ravelin as a Data Processor

We may collect, use and disclose certain Personal Data about Customers when acting as the User’s service provider. Our Users are responsible for making sure that the Customer’s privacy rights are respected, including ensuring appropriate disclosures about third party data collection and use. To the extent that we are acting as a User’s data processor, we will process Personal Data in accordance with the terms of our agreement with the User and the User’s lawful instructions.

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

• Identity Data includes [first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender];
• Contact Data includes [billing address, delivery address, email address and telephone numbers];
• Financial Data includes [payment card details];
• Transaction Data includes [details about payments to and from you and other details of products and services you have purchased];
• Technical Data includes [internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website];
  • Profile Data includes your username, purchases or orders made by you;
  • Usage Data includes information about how you use our website, products and services; and
  • Marketing and Communications Data includes your preferences in receiving marketing from us.

We also collect, handle, use and share:

• aggregated data such as statistical or demographic data for any purpose.  Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice; and
• anonymised data is data created from your personal data where your identity has been removed.

We do not collect any Special Categories of Personal Data about you, which includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.

Nor do we collect any information about criminal convictions and offences.

We do not intentionally collect personal data relating to children.