This privacy notice describes how Page Tiger Limited (a company registered in England and Wales with company number 06907710) (referred to as "PageTiger" or "we" or "us") uses personal data when providing services to its customers. Within this notice the following information is provided:
- What data we collect
- Why we need your data
- Our legal basis for processing your data
- What we do with your data
- How long we keep your data
- Where your data is processed and stored
- How we protect your data and keep it secure
- Your rights
It also describes our direct marketing activities relating to existing and potential customers. It is intended to provide information both for customers and for individuals whose information we hold, including users and Visitors to our websites and documents, and recipients of marketing communications (referred to as "you").
This privacy notice was last updated on 24th August 2020
1.1 PageTiger's activities as a Controller
We hold personal data for our own business purposes and are responsible for how such data is used. A customer may provide PageTiger with individuals' details for these purposes (for example when specifying users for an account). The customer should ensure such individuals are comfortable for PageTiger to use their details in accordance with this privacy notice. We may send marketing communications about our services to customers and other businesses, and may track and analyse information about how marketing materials are accessed and viewed.
As at the date of this notice, we are registered with the UK Information Commissioner's Office (ICO) as a controller under registration number ZA113062.
1.2 PageTiger's activities as a Processor
We hold personal data solely on behalf of our customers, which means it is used for purposes determined by our customers, and they are primarily responsible for how such data is used. This includes, for example, our use of information about individuals within the content of customer documents or materials, or about Visitors who view customer documents or enter surveys within customer documents.
Note: It is the customer's responsibility to ensure such individuals are made aware of how their details are being used, and to obtain any required consents.
1.3 Our legal basis for processing data is our legitimate interests in providing our services and managing our business, for the performance of a contract or because we have been asked by you to take specific steps before entering into a contract.
2. HOW WE USE YOUR DATA
This section describes what data we collect, why we need your data & how we use your data.
2.1 PageTiger account details
In order to receive our services, customers may create one or more PageTiger Accounts.
Account information includes:
- names of users;
- individual email addresses and other contact details;
- login details for PageTiger services; and
- business postal address.
We use such information to manage the PageTiger Account and provide the associated services, and to manage payment and invoicing. You and we may also discuss additional information about you or your business during the course of setting up an Account or providing our services. This may include, for example, job titles or roles and the structure of the customer's business. This may be used by us to manage our services and customer relationships.
2.2. Payment details
We do not currently store customer payment card or bank details, other than:
- such details as appear within our bank statements when a customer makes payments to us; and
- copies of standing order forms, should a customer choose to pay us by standing order.
For VAT-registered customers, we also request and retain the VAT number. Any such payment details will generally relate to a corporate customer, rather than to an individual. Where our customer is an individual, our legal basis for processing this information is that it is necessary for our contract with the customer.
Note: We generally request payments by direct electronic transfer to our bank account but, in some cases, we may use a third party payment provider.
2.3. Marketing activities
We may use your personal data for our marketing activities - see paragraph 4.
2.4. Records of services and logs of access
We collect and maintain records relating to our services to a customer, including details of specific services provided and communications exchanged. We maintain logs and audit trails of access to our systems by users, which may be used to address queries about account activities. Our legal basis for processing the information as described above is our legitimate interests in providing our services and managing our business.
2.5 We maintain logs of Visitors to our websites, documents and materials, and opening of emails, either for our own analysis and marketing activities or as part of our services to customers.
You may complete a contact form or sign up for a trial of our services on our website, in which case we collect your email address and other relevant information, in our legitimate interests, in order to respond to your query and provide the trial services.
If you contact us by other means, we may retain your contact details and your communication in our legitimate interests, in order to handle your query and maintain records of communications.
2.6. Registered visitors
We may give you the option, as a Visitor, to register with PageTiger as a reader or viewer of customer documents, in which case you will need to provide us with your email address and set up login details. Some customers may require you to register with us in order to view their documents.
Our legal basis for processing this registration information is our legitimate interests in providing our services to registered Visitors. Registration also enables us to provide reader verification services to our customers, and we may also collect and analyse registered visitor information on behalf of our customers.
2.7. Other use of your personal data
We may use your personal data (in our legitimate interests in managing our business and maintaining appropriate business records) for:
- contacting you in relation to the services we are providing, which may include communications on system updates and availability, and subscription renewal notifications;
- administration and maintenance of the services and our business;
- reviewing and enforcing your compliance with our terms of service and fair use policy; and
- compliance with legal obligations, or protection and enforcement our legal rights and those of customers or other individuals.
3.1 Content of documents
Customers (or individuals authorised by Customers to use our services) may provide us with personal data forming part of the content of documents or materials created or hosted by PageTiger, such as names, contact details, images and other personal data relevant to the materials being produced using our services. We use these to provide the services and for administration and maintenance of the services.
3.2 Visitors to documents: We may collect information about visitors or expected visitors to customer documents, including login details (where required), email addresses (from lists provided by our customers, or if used to login or where a visitor clicks through from an email), visits, page views and interactive responses (including to surveys and emails). These are stored as part of our services to customers in order to provide reports and statistics, and to maintain logs of use.
Note: Our customers have primary responsibility to ensure PageTiger's use of the information as outlined in this paragraph complies with data protection and privacy laws. PageTiger takes steps to ensure that such data is held securely - see paragraph 5 below. If you have any queries about use of your data for these purposes, they should be directed to the customer.
Note: If a customer integrates forms or other interactive components provided by third parties into its documents, PageTiger does not collect and is not responsible for the use or security of information collected within such forms or interactive components.
Note: If a visitor registers with PageTiger, we will also maintain registration information as a Controller.
4. MARKETING AND TRACKING ACTIVITIES
We may send marketing communications about our services by email to existing or former customers and users. We provide an option to opt out of receiving such communications when setting up the relevant PageTiger Account, and you may also opt out of receiving these at any time within the PageTiger Account or otherwise by contacting us.
We send these communications in our legitimate interests in promoting our business (whilst giving you the opportunity to opt out if you do not wish to receive these).
Note: Even if you opt out of receiving marketing communications, we may still use your email address to contact you in relation to the services you are receiving as described elsewhere in this notice, for example communications on system updates and availability, subscription renewals and payments.
4.2 B2B Marketing
We may purchase email marketing lists from reputable third parties for specific marketing campaigns. Email addresses may be selected by reference to specific types of business or job roles within a business. If you do not wish to receive any further marketing emails from us, please let us know using the "unsubscribe" link within the email, or otherwise by contacting us. We will then put your email address on a "block list" to suppress it from our future marketing campaigns.
We may record that you opened a marketing email sent by us. If you click through to our marketing material from an email, we may keep a record of the areas you view by reference to your email address. This assists us to develop our marketing materials and tailor our marketing activities to appropriate audiences. More information is provided within our Cookies Notice. We may also contact you again in relation to the material which you viewed (unless you have opted out or unsubscribed as described above).
5. SECURITY OF DATA AND INTERNATIONAL DATA TRANSFERS
PageTiger takes steps to protect personal data from loss or misuse, as outlined within our Information Security Policy. Our activities are based in the United Kingdom and, as at the date of this notice, our data is processed and stored securely in data centres located within the United Kingdom. The data centres are assured by the International Information Security standard ISO 27001 and others which are available on request.
We do not otherwise generally transfer your personal data to countries outside the European Union unless our customer has requested this as part of the services and a data transfer agreement is in place.
The customer is responsible for maintaining confidentiality of login details and passwords used to access PageTiger accounts and services.
6. DISCLOSURES OF DATA TO OTHER PARTIES
We may share personal data relating to a PageTiger account with the relevant customer and Account Owner or Administrator, as appropriate to the services being provided (and in our legitimate interests in providing such services). A ‘Data Transfer Authorisation’ is applicable for these purposes.
6.2. Third party publication tools and other service providers.
Where a customer integrates third party tools or components into a document using our services, personal data may be shared, where relevant.
We may disclose personal data, where appropriate, to:
- our professional advisers;
- governmental or regulatory bodies and law enforcement authorities;
- any purchaser or (on terms of confidentiality) likely purchaser of our business; and
- other third parties where required or permitted by law.
The legal basis for such disclosures are our legitimate interests in managing our business, or in order to comply with a legal obligation.
7. RETENTION OF DATA
We may retain records containing your personal data for the purposes described above whilst we are still providing services to the relevant customer and/or the relevant account is live. Where we process personal data on behalf of our customers our customer determines the relevant retention period.
We may retain personal data for appropriate periods following termination of our services and/or closure of the associated PageTiger account in order to maintain records of our services, to comply with our legal obligations and to defend our legal rights. We may also continue to send you marketing communications, subject to your right to opt out as described in paragraph 4 above.
Note: Our system retains customer data as long as a given customer's account maintains an active subscription. Customers retain the control and responsibility of their data which can be managed in-line with appropriate data retention policies. On cancellation, the account will be locked and all data retained for 90 days before being deleted from live and DR systems. It will take a further 90 days (180 days in total) before all customer data is completely removed from backup storage.
8. ACCESSING YOUR DETAILS AND OTHER RIGHTS
You can update your contact and login details, and opt out of receiving marketing communications within a PageTiger account. Alternatively, please send an email to firstname.lastname@example.org.
In accordance with data protection laws, you also have a right:
- To ask about how your personal data is processed;
- To obtain a copy of the personal data we hold about you;
- To request rectification of inaccurate or incomplete data, and, in some circumstances, to request us to erase or restrict our use of your data, or otherwise to object to our processing of your data for direct marketing purposes or for reasons relating to your particular situation;
- To withdraw any consent which you have given relating to use of your data;
- Not to be subject to a decision based solely on automated processing, which significantly affects you, unless additional legal requirements are met; and
- To make a complaint about how we handle your data to the UK Information Commissioner's Office. Please visit www.ico.org.uk for further information about how to do this.
If you would like to access a copy of the data we hold about you or exercise any of your other rights, please send a request by email to us at: email@example.com. Please also contact us if you have any other concerns over how we use your email address or other data.
Note: Your rights under data protection laws are limited to our use of personal data relating to you as an individual, and we are not obliged to respond to requests relating to non-personal business information. As our customers are businesses, not all the information described in this privacy notice will necessarily be your personal data – this will depend on the circumstances. Data protection laws provide certain exemptions to the rights listed above which we may apply on a case by case basis.
Note: To the extent we hold your personal data on behalf of a customer you should direct requests and queries relating to use of such data to the customer.
9. CONTACT DETAILS
Postal correspondence should be addressed to 22 Falstaff House, Bardolph Road, Richmond, Surrey, England TW9 2LH
Email correspondence should be addressed to firstname.lastname@example.org