Privacy Policy
INTRODUCTION
Solutions4Startups Ltd (“S4S”,”we”, “us”, or “our”) is committed to protecting and respecting your privacy and data under the law and guidelines of the Data Protection Act 2018 that implement the General Data Protection (“GDPR”). This policy contains information about how we collect, process and keep your data safe when you visit our site or we provide services or advice relating to:
- dispute management & resolution;
- debt recovery & enforcement;
- contract drafting and management;
- business formation;
- corporate governance;
- compliance;
- company secretarial work;
- mergers & acquisitions; and
- private and company investigations or other due diligence services (together “Services”).
The aim of the policy is to inform you of your privacy rights under the law and how you can exercise them. The policy also seeks to inform our employees and workers of all their obligations and protocols when processing Personal Data.
We may collect or use data of our clients, suppliers, business contacts, employees, workers and/or workers/associates of our clients and any other people that S4S has a relationship with or may need to contact.
This Privacy Policy applies to all our employees and workers and all personal data processed at any time by us.
If you want to check the meaning of some terms used in this Privacy Policy you can go to our Glossary.
Data Controller and Data Protection officer
S4S is your Data Controller and responsible for your personal data. The Data Protection Officer (“DPO”) is Laura Chaparro.
The DPO is responsible for administering questions in relation to this Privacy Policy. If you have any questions or doubts about how to exercise your legal rights surrounding the treatment of your Personal Data please contact the DPO at assistance@s4slegal.com or send a letter to our correspondence address, PO Box 13137, Sandringham House Sandringham Avenue, Dpt# 1000015, Harlow, Essex, England, CM20 9TR
You have the right to contact the Information Commissioner’s Office (ICO) the UK supervisory authority for any protection enquiries (www.ico.org.uk). We kindly request that you contact us prior to escalating any queries or issues to the ICO in the first instance as we may be able to deal with your concerns.
Processing your Data
Due to the nature of the work we do, there are Data Processors that may act on behalf of S4S (Data Controller). The Data Processor has the following responsibilities:
- Ensure all Personal Data is processed in accordance with the GDPR and any other applicable laws.
- Ensure the staff and all the persons authorised to process Personal Data have understood and committed themselves to confidentiality or have a statutory obligation of confidentiality.
- Implement technical and organisational measures to ensure the appropriate level of security in relation to the risk of processing Personal Data.
- Acquire specific or general written authorisation from the Data Controller before engaging another Data Processor.
- Assist the Data Controller in the fulfilment of the Data Controller’s obligation to respond to requests for exercising the data subject’s rights.
- Make available to the Data Controller all information necessary to demonstrate compliance with the obligations of the GDPR and allow for and contribute to audits, including inspections, conducted by the Data Controller or another auditor mandated by the Data Controller
- Keep records of all categories of processing activities carried out on behalf of a Data Controller
- Cooperate, on request, with the supervisory authority in the performance of its tasks
- Report to the Data Controller without any delay after becoming aware of a Personal Data Breach.
- Ensure that any person acting under the authority of the Processor who has access to Personal Data does not process them except on instructions from the Controller
- Allocate a data protection officer where required by the GDPR, publish their details and communicate them to the supervisory authority.
- Support the DPO in performing their tasks by providing resources necessary to carry out those tasks and access to Personal Data and processing operations, and to maintain the protection officer expertise.
DATA COLLECTION BY LAW
Types of Data
Personal Data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped together below. Not all of the following types of data will necessarily be collected from you but this is the full scope of data that we collect:
- Profile/Identity Data: first name, last name, date of birth and gender.
- Contact Data: includes, address, email address.
- Communications Data: includes your preferences in receiving marketing from us and your communication preferences.
If you engage any of the Services or complete the financial process with us this will include:
- Billing Data: debit/credit card holder information (name/billing address) of whoever purchased something from S4S. Managed by third parties service providers.
- Financial Data: We rely on third party platforms to retain and store your credit/debit card information and we do not retain it ourselves, in the course of your use of our site.
- Transaction Data includes details and narratives relating to the Services that paid for during the course of your engagement with S4S.
If you log onto the contact us through any of our live-chat software, instant messenger, third-party platforms or our in-house platforms (‘Channels’):
- Technical Data: internet protocol (IP) address, browser type and version, time zone setting and location, operating system and platform, and other technology on the devices you use to access this website.
- Customer Support Data includes feedback and survey responses. If you have contacted us by webchat, email or by live-chat we will retain a record of that conversation.
- Usage Data includes information about how you use our site, products and services.
We also may use:
- Anonymous Data: Any Data collected by S4S for site administration, analytics, advertising and promotional purposes, and we may share such information with other entities (such as service providers) for such purposes. We may also aggregate data to enable research or analysis so that we can better understand and serve you and others. For example, to undertake a research on your demographics and usage. Although this aggregated data may be based in part on Personal Data, it does not identify you personally. We may share this type of anonymous data with others, including service providers, our affiliates, agents and current and prospective business partners.
We may use your anonymous data outside of S4S to improve third party marketing or use your data in combination with third party data to improve your experiences both in and outside S4S. We may retain your IP address and/or other device-identifying data in order to help us diagnose problems with our servers, to administer the Services including personalizing content or links relevant to your geographic area or device-type, to gather broad anonymous demographic data (such as the number of visitors from a geographic area), to enforce compliance with the Terms of Use for our site, Terms of Engagement or otherwise in order to protect our services, the website, our in-house software, Clients, or other third parties. We use analysis tools including Google Analytics, HubSpot and/or others. These provide us with information about how our Clients use the website.
- Special Categories of Personal Data. This category includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. S4S do not normally collect any of these Special Categories of personal Data unless they are required to comply with our contractual obligations or provide the Services.
The Legal Basis for Collecting That Data
Following the provisions set up by the GDPR, there are different reasons that allow collection and processing of Personal Data. The main ones are:
- Consent: When you tick a box that confirms you are happy to receive email newsletters from us, or ‘opt in’ to a service.
- Contractual Obligations: When we need certain information to fulfil our contractual obligations and provide you with the promised and adequate service.
- Legal Compliance: When the law requires that we collect and process certain types pf data including (but not limited to) illegal activity or fraudulent actions.
- Legitimate Interest: When we need to meet our legitimate interests. This includes aspects that can be reasonably expected as part of running our business, that will not have a material impact on your rights, freedom or interests.
HOW WE COLLECT YOU PERSONAL DATA?
Through our Interactions
You may give us your identity, contact and financial data by filling in forms or by corresponding with us by phone, email, the website or otherwise. This includes Personal Data you provide when you:
- inquire about our Services and go on to use them;
- speak to our support team using any of our Channels;
- agree or request marketing information (such as promotions or estimates) to be sent to you; or
- give us feedback or contact us.
Automated Technologies or Interactions
As you interact with our site, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Data by using cookies and other similar technologies. Please see our Cookie Policy for more information.
Third-parties or Publicly Available Sources
We will receive Personal Data about you from various third parties including:
- Analytics providers such as Google
- Advertising networks such as LinkedIn, Bark, Upwork and Google
- Financial and Transaction Data from providers of payment and delivery services such as Stripe, Upwork and PayPal
- Identity and Contact data from publicly available sources such as Companies House and Her Majesty’s Courts and Tribunals.
USING YOUR PERSONAL DATA
Change of Purpose to use your Personal Data
We will only use your Personal Data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you would like an explanation of how the new purpose is compatible with the original one, please contact our DPO whose details are set out above.
If we need to use your Personal Data for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
YOUR RIGHTS
Control of how S4S Legal uses my Personal Data
You can request us to delete/correct personally identifiable data from our Database subject at any time, but we reserve the right to refuse such requests if it conflicts with our legitimate interest.
Protect Client Data
We are aware of the importance of keeping your data secure and protected. To avoid any risk of disclosure we implement a variety of security measures to ensure the security of your Personal Data on our systems. Any Personal Data collected by us is contained behind secured networks and is only accessible by a limited number of employees and workers who have special access rights to such systems and are bound by obligations of confidentiality.
If and when we use subcontractors to store your data, we will not relinquish control of your Personal Data or expose it to security risks that would not have arisen had the data remained in our possession. However, unfortunately, no transmission of data over the internet is guaranteed to be completely secure. It may be possible for third parties not under the control of S4S to intercept or access transmissions or private communications unlawfully. While we strive to protect your Personal Data, we cannot ensure or warrant the security of any Personal Data you transmit to us. Any such transmission is done at your own risk. If you believe that your interaction with us is no longer secure, please contact us.
Request your Data
You will not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, if your request is clearly unfounded or excessive, we may refuse to comply with your request.
In order to keep your Personal Data safe we may need to request specific information from you to help us confirm your identity and ascertain that you are the data subject with the right to access the respective Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it.
YOUR DATA AND THIRD PARTIES
Sharing your data with third parties
We may share:
- non-personal data with third parties to, for example (but not by way of limitation), improve S4S and to enable data aggregation as described above;
- your Personal Data with subcontractors or affiliates (subject to confidentiality obligations to use it only for the purposes for which we disclose it to them and pursuant to our instructions).
We may also share Personal Data with interested parties in the event that S4S anticipates a change in control or the acquisition of all or part of our business or assets.
If S4S is sold or makes a sale or transfer, we may, in our sole discretion, transfer, sell or assign your Personal Data to a third party as part of or in connection with that transaction. Upon such transfer, the Privacy Policy of the acquiring entity may govern the further use of your Personal Data. In all other situations your data will still remain protected in accordance with this Privacy Policy (as amended from time to time).
We may share your Personal Data at any time if required for legal reasons or in order to enforce our Website Terms and Conditions/Terms of Engagement or this Privacy Policy.
RETAINING YOUR DATA
We will only retain your Personal Data for as long as reasonably necessary to fulfil the purposes we collected it for. For example, we are bound to retain Client care letters as they act as a record of our relationship with you. In contrast, conversations you have with us over email or through our Channels will be retained while the matter is ongoing, but once our conversation ends we may delete the record of that conversation in so far as it is not directly pertinent to your matter.
We may retain your Personal Data for a longer period than usual in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
AGE RESTRICTIONS
To be able to use the Services provided by S4S, you must be aged 18 or older. If you are under 18 and you access the Services by misleading us about your age, or otherwise, in breach of our Website Terms and Conditions/Terms of Engagement or this Privacy Policy, you must immediately stop using the Services.
Our site is not intended for children and we do not knowingly collect data relating to children.
INTERNATIONAL TRANSFER OF DATA
Your information may be stored and processed in the UK or other countries or jurisdictions outside the UK where S4S has facilities. We reserve the right to process your data in any jurisdiction outside the UK and so, by using S4S, you are permitting and consenting to the transfer of information, including personal data, outside of the UK.
NOTIFICATION OF CHANGES AND ACCEPTANCE OF POLICY
We keep our Privacy Policy under review and will place any updates on this webpage. This version is dated 19 May 2022. By using the Services or engaging S4S, you consent to the collection and use of data by us as set out in this Privacy Policy. Continued access or use of our site or the Services shall constitute your express acceptance of any modifications to this Privacy Policy.
INTERPRETATION
All uses of the word “including” mean “including but not limited to” and the enumerated examples are not intended to in any way limit the term which they serve to illustrate. Any email addresses set out in this policy may be used solely for the purpose for which they are stated to be provided, and any unrelated correspondence may be ignored.
Only our directors are authorised to contract on behalf of S4S, waive rights or make representations (whether contractual or otherwise).
TERMS OF USE/ TERM OF SERVICE
Please also see Website Terms and Conditions and Terms of Engagement (which is available when we agree to provide you with a Service).
These set out the terms, disclaimers, and limitations of liability governing your use of our site or the Services.
GLOSSARY
- GDPR: The General Data Protection Regulation (EU) 2016/679 (GDPR)
- Client: Any individual who either browses the public website, engages with our chat support feature, speaks with our employees and staff members.
- Personal Data: Information relating to an individual who can be directly identified from the information. Personal Data includes factual information as well as expressions of opinion or intentions.
- Data Controller / Controller: The organisation that determines the manner and purposes for which Personal Data is to be processed. In our case, Solutions4Startups Ltd.
- DPO: The Data Protection Officer.
- Personal Data Breach: Loss, theft or unauthorised access, use or disclosure of Personal Data.
- Privacy Policy: This document
- Aggregated Data: Statistical or demographic data derived from your personal data but not considered personal data in law as the data will not directly or indirectly reveal your identity.
- Processors: Workers, contractors or service providers of S4S authorised to discharge the responsibilities of the Data Controller.