TWENTY FIRST GROUP – Privacy policy
Twenty First Group (registered number 08547537, of Twenty First Group Limited, 1st Floor, 17-18 Hayward’s Place, Clerkenwell, London EC1R 0EQ, UK) (“Twenty First Group ”, “us” “we”, “our”) is committed to protecting and respecting your privacy.
When you interact with us through the Twenty First Group website (www.twentyfirstgroup.com), through one of our products (such as Evolution) or otherwise, you may provide, or we may collect, certain information from which you are personally identifiable (referred to as personal data). For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your personal data), Twenty First Group is the “data controller”, meaning that we decide the reasons why your data is used. We are also responsible for keeping your data safe and only using it for legitimate purposes.
Please read the following policy carefully to understand our views and practices regarding your personal data and how we will fulfill our commitment to protecting and respecting your privacy.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. However, we advise that you check this page regularly to keep up to date with any necessary changes.
Data THAT we may collect ABOUT you
You may provide to us, or we may collect from you, the following types of personal data when you interact with us (through our website e.g. where you sign up to be on our mailing list, through our products e.g. when you sign-up, log-in and use Evolution, or otherwise e.g. when you communicate with us):
- Contact – first name, surname, DOB, account log-in information, email address, telephone numbers and address
- Financial – payment card details, billing address, purchase information, payment history
- Profile – your preferences for marketing, other website or product preferences, your contact history and feedback on your Twenty First Group experiences (through reviews and surveys)
We may also collect the following types of personal data from you when you use our website or products. Please read our Cookies Policy carefully for more information.
- Technical – this may include device IDs, browser type, IP address, hardware type, network and software identifiers, location data, operating system and system configuration
- Usage – visitor information e.g. time spent on page, click-throughs, download errors, browsing patterns
You don’t have to give us any of this data but if you don’t, you may not be able to use certain functions and may not receive the optimal user experience.
WHY DO WE USE YOUR DATA AND WHAT ARE OUR LEGAL GROUNDS?
The table below sets out how we use your personal data and our lawful basis for doing so in each case.
Why we use your data | What data we use | Why we’re allowed to use your data for these purposes |
Adding you to our mailing list | Contact | Perform our contract with you |
Enabling you to download one of our product flyers | Contact | Same as above |
Signing you up to Evolution or anotherTwenty First Group product and enabling you to log-in to your relevant account | Contact | Same as above |
To arrange a call or demonstration about one of our products | Contact | Same as above |
Notify you of changes to our Privacy Policy or Terms and Conditions | Contact | Perform our contract with you
Necessary to comply with a legal obligation |
Internal administration and record keeping purposes | All | Same as above
Our legitimate interests (for the effective operation of our business) |
Verify your identity and detect fraud and security issues | Contact, Financial, Profile, Technical, Usage | Our legitimate interests (to prevent/detect fraud and criminal activity) |
Administer and protect our company, our website and our products (including troubleshooting, data analysis, testing, maintenance and support,) | Contact, Technical, Usage | Our legitimate interests (for the effective administration of our business, website and products)
Necessary to comply with a legal obligation |
Use data analytics to improve our website, products/services, marketing, user relationships and experiences | Contact, Technical, Usage | Our legitimate interests (to keep our website updated and relevant, to develop our organisation and to inform our marketing strategy) |
Send you service messages by email and SMS in relation to your use of our products | Contact | Perform our contract with you |
Providing customer support, including answering your questions by e-mail or phone | All | Perform our contract with you
Our legitimate interests (to ensure our customers are satisfied with our products and services) |
To understand who is using our website and products | Contact, Technical, Usage | Our legitimate interests (to develop our business and understand our customer base to inform our marketing strategy) |
Get in touch with you about relevant Twenty First Group services and products | Contact, Profile | Our legitimate interests (to promote our products/services)
Consent |
Improve and personalise your user experience by delivering more relevant content whilst you browse, ensuring that our content is presented in the most effective manner for you and for your computer/device, to remember your preferences and to enable you to participate in interactive features of our website and products | Contact, Profile, Technical, Usage | Our legitimate interests (to develop our business, improve our user experience and inform our marketing strategy) |
Enable you to participate in a competition or prize draw | Contact | Perform our contract with you |
Enable you to feedback toTwenty First Group through reviews and surveys | Contact, Profile, Technical, Usage | Our legitimate interests (to develop our business, services and products) |
We also anonymise and aggregate personal data (so that it does not personally identify you). This is not personally identifiable, so we are allowed to use this for any purpose (such as testing our systems and carrying out customer research and analysis).
DO WE TRANSFER/HANDLE YOUR DATA OUTSIDE OF THE EEA?
The European Economic Area or “EEA” is seen as having good standards when it comes to data privacy. As such, we limit the occasions when we may need to transfer or handle your data outside of the EEA. Where we do (for example where our service providers are based outside of the EEA), we make sure that your data is still treated fairly and lawfully in all respects (including making sure we have a legal ground for the transfer and putting in place all necessary safeguards for such arrangement).
Where relevant, you will have the right to see a copy of any safeguards we put in place for international transfers of your data. Just contact us if you would like to find out more.
Disclosure of your information
We may disclose your personal information to the following types of third parties:
- our external consultants who assist with the development and delivery of our products and services;
- analytics and search engine providers that assist us in the improvement and optimisation of our website and products;
- companies who assist with our marketing, customer surveys and feedback tools; and
- third parties who help us detect fraud or criminal activity.
We may also need to disclose your personal information in the following circumstances:
- if we are required to do so by law or pursuant to a binding regulatory request (in each case, such disclosure will be solely to the extent required by law or the applicable regulatory request);
- in the event that we sell or buy any business or assets we may be required to disclose certain of your personal data to the prospective seller or buyer of such business or assets; or
- in order to enforce or apply our terms of use and other agreements.
If we want to share your personal data with third parties for the purpose of them marketing their own products and services to you, we will always get your consent before doing so. You always have the right to opt-out of third party marketing at any time by contacting us or using the unsubscribe function in the relevant email.
KEEPING YOUR DATA SECURE
We have implemented industry standard security measures to prevent unauthorised access to, use or loss of, your data. We also make sure that third parties who need to handle your data when helping us to deliver our services are bound by appropriate confidentiality and security obligations.
Despite the security measures that we implement, please be aware that the transmission of data via the internet is not 100% secure. Therefore, we are unable to guarantee the security of any information which you transmit to us via the internet and any transmission is at your own risk.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or products, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
HOW LONG WILL WE KEEP YOUR DATA?
We will keep your data for as long as required in connection with the original purpose for which that data was collected (e.g. for as long as you hold an account with us and/or where you are still happy to hear from us about our latest news, products and services).
Once you no longer wish to be engaged with us we may still need to keep hold of your data if there is a legal reason for doing so (e.g. for tax purposes or where we are resolving a dispute with you), but we will only retain the data which is strictly necessary for such reason and thereafter, will remove this data from our systems.
THIRD PARTY SITEs
This policy only applies to our website and our products. If you leave our website via a link or otherwise, you will be subject to the policy of that website provider. We have no control over third party policies or the terms of the relevant third party website and you should therefore check their policy before continuing to access the site.
Your rights
You have various rights under GDPR which entitle you, in certain circumstances, to:
- ask us for a copy of the personal data we hold about you;
- correct or update your personal data, which you can do yourself by logging into your account (if relevant) or if you would prefer, please contact us and we can assist;
- request that we delete your personal data;
- object to the handling of your personal data where we are relying on a legitimate interest (as set out in the above table);
- restrict the processing of your personal data;
- request the transfer of your personal data (or some of it) to a third party service provider; or
- where you have provided your consent for something, in certain circumstances, you may withdraw this consent (but note that we may continue to use your personal data if we have legal grounds for doing so).
Please contact us if you would like to exercise your rights, which you can do for free. The only time we may charge a reasonable fee is where your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. Otherwise, we will always respond within one month (unless there is a legal reason for us to take longer).
If it is not clear to us who is making the request, we may ask you to confirm your identity before we proceed.
You may also contact the ICO (Information Commissioner’s Office) if you have any concerns about the way we are handling your personal data. However, where possible, please speak to us first as we would appreciate the opportunity to help with your concern.
HOW TO OPT-OUT OF TWENTY FIRST GROUP MARKETING
To unsubscribe from Twenty First Group newsletters or any other marketing emails, you simply need to click on the unsubscribe link at the bottom of the relevant communication you have received. Alternatively, please contact us (as detailed below) to opt-out of these communications.
Contact
Questions, comments and requests are welcomed and should be addressed to Twenty First Group, 1st Floor, 17-18 Hayward’s Place, Clerkenwell, London EC1R 0EQ, UK. You can also email us at info@twentyfirstgroup.com or call us on +44 (0)207 404 2640