Privacy Policy
1. Introduction:
1.1 At Fenix Certify (“us” or “we” or “our”), we respect the privacy rights of our online visitors and the users of our website and application, and recognise the importance of protecting the information we collect about you. This Policy is designed to help you understand how we collect, hold, use, disclose and delete personally identifiable information (“personal data”) about you.
1.2 This Policy, together with our Terms and Conditions and any other documents referred to in it, sets out the basis on which we, Fenix Certify will process any personal data we collect from you, or which you provide to us, in the course of using our website (“Site”) and/or our application (“App”).
1.3 For the purpose of the Data Protection Act 2018 (“DPA’18”) we, Fenix Certify, are the data controller and can be contacted on the following email address – help@fenixcertify.com.
2. Users of our Site and App:
2.1 Our Site and App (collectively known as the “Platform”) aims to provide a platform for those within the Electrical sector to create the required certificates.
2.2 The Platform is designed to be used by both individuals and companies working within the Electrical sector who wish to streamline the process of creating such certificates. This is done by inputting the relevant data directly into our Platform which then automatically formulates a report based on the data provided, as appose to manually inputting such data into a template or creating such certificate by hand.
3. Your information:
3.1 The personal data of users of our Platform is processed under the General Data Protection Regulation (“GDPR”) and DPA’18.
3.2 The personal data relating to direct users of our platform (i.e. companies or individuals who make a purchase via our Platform or sign up to a subscription) is processed on the lawful basis of contract.
3.3 All other personal data collected, including commercial data relating to users who visit our Site or make an enquiry by filling in a contact form, is processed on the lawful basis of legitimate business interest to facilitate sales and marketing information relating to the provision of our services.
3.4 The provision of personal data is necessary in order to facilitate the provision of the service.
4. Information that may be collected about you:
4.1 The following personal data may be collected from you as a User of our Platform when you either 1) fill in our contact form, 2) create an account, 3) login to an existing account, or 4) generally use our Platform:
- Your full name;
- Your email address;
- Your photograph;
- Your signature; and
- Your log in details, such as user name and password.
4.2 During the course of using our Platform other personal data may be collected from you as a User. The personal data that may be collected includes:
- Your Internet Protocol (“IP”) address;
- Any referring or exit pages taking you to or from our Site;
- Your web and browser type;
- Your device type, for example iOS or Android;
- Your device ID;
- Geo-location information;
- Computer and connection information;
- Statistics on page views; and
- Traffic to and from the sites.
5. Special category personal data:
5.1 We ask you not to send us, and you not to disclose, any special category of personally identifiable information (such as information related to racial or ethnic origin, religion or other beliefs, health, criminal background or trade union membership) on or through our Platform or otherwise. If, contrary to this request, you do provide any special category personal data, in doing so you consent to us collecting and handling that information in accordance with this Privacy Policy.
6. How your personal data may be used:
6.1 The personal data we collect about you during the course of you using our Platform may be used in a number of ways including, but not limited to, the following:
- To provide you with access to our services through our Platform;
- To respond to any enquiries;
- To provide any additional services requested;
- To fulfil our obligations under any contract we have with you in relation to our Platform;
- To bill you and collect payment for our services;
- To provide you with updates regarding our Platform;
- To ensure that the content on our Platform is presented in the most optimised and effective manner for you and your device;
- To diagnose and fix technology problems;
- To control unauthorised use or abuse of our Platform or otherwise detect, investigate or prevent activities that may violate our policies or are otherwise illegal;
- To carry out our obligations arising from the interactive features of our Platform;
- To notify you about changes to our Platform, our services or our policies;
- To deliver support where necessary;
- To administer our Platform including for data analysis, testing, traffic monitoring, research, statistical and survey purposes;
- To send you newsletters and other marketing information from time to time;
- To keep you up to date with our services; and
- To provide you with information regarding our Platform that you request, or we feel may interest you.
6.2 If you do not wish to be contacted for marketing purposes please tick any relevant box on which you submit your personal data or unsubscribe from any marketing communication using the unsubscribe function in the footer of the email.
7. Where your personal data may be stored:
7.1 The personal data you provide to us is stored on our Europe based servers and is encrypted using HTTPS encryption.
7.2 We take your privacy seriously and will take all reasonable steps to protect your personal data. However, please beware that any data which you send to us via our Platform is sent at your own risk.
7.3 In order to provide services to you, we may transfer your personal data to third parties, parent companies, affiliates, subsidiaries and other service providers, some of which may process and/or store your personal data outside of the European Economic Area (“EEA”). In such instances all reasonable steps will be taken to ensure that your personal data is treated securely and in accordance with this Policy (where possible). Any data transfers that take place outside of the EEA will be covered by appropriate safeguards, for example Standard Contractual Clauses (“SCC’s”).
8. How your personal data may be disclosed:
8.1 In accordance with clause 7.3 above, the third parties in which your personal data may be disclosed to include, but are not limited to:
- RevenueCat - https://www.revenuecat.com/privacy
- Stripe - https://stripe.com/gb/privacy
- Google – https://policies.google.com/privacy?hl=en-GB
- MongoDB - https://www.mongodb.com/legal/privacy-policy
- Apple - https://www.apple.com/uk/privacy/
9. Additional information regarding the storage of your personal data:
9.1 We hold your personal data in a combination of hard copy and electronic files for the period necessary to support our Platform, comply with our legal obligations, resolve disputes, or otherwise fulfill the purposes outlined in this Policy.
9.2 In order to provide our services, we may use third party systems who may process, store and/or have access to your personal data. These third parties will act as data processors on our behalf and will operate in line with this Policy where possible.
9.3 We may also retain backup information on our servers for some time in order to comply with applicable laws and regulations, and our internal security policies and procedures. Where applicable, we do not always remove or delete all of your personal data for a number of reasons including due to technical and system constraints, contractual requirements or legal requirements.
9.4 In line with our internal procedures and applicable laws and regulations, including requirements set by the National Inspection Council for Electrical Installation Contracting (“NICEIC”), we operate under a data retention period of 6 years.
9.5 At the end of the above data retention periods, all of the data stored, including personal data, will be reviewed and securely deleted/destroyed.
9.6 Please note that no method of transmission over the internet, method of electronic storage or other security methods are 100% secure. Therefore, while we strive to use commercially acceptable means of security, such as firewalls, encrypted databases with limited physical and electronic access, and other encryption methods, to protect your personal data against unauthorised use, disclosure or modification, we cannot guarantee its absolute security.
10. Processing of personal data of those below the age of 13:
10.1 Our Platform is not intended for the use by anyone under the age of 13 nor does Fenix Certify knowingly collect or solicit personally identifiable information from anyone under the age of 13. If you are under the age of 13, you may not attempt to send any information about yourself to us, including your name, address, telephone number, or email address.
10.2 In the event that we confirm that we have collected personally identifiable information from someone under the age of 13 without verification of parental consent, we will delete/destroy that information promptly. If you are a parent or legal guardian of a child under the age of 13 and believe that we might have any information from or about such child, please contact us at the email or mailing address provided at the end of this Privacy Policy.
11. Data subject rights:
11.1 Subject access request – Under the DPA’18 you have the right to access the personal data we hold about you. If you wish to exercise this right please send your request to help@fenixcertify.com.
11.2 Right to rectification – Under the DPA’18 you have the right to request the amendment or updating of all the personal data that we hold about you. If you wish to exercise this right please send your request help@fenixcertify.com.
11.3 Right to erasure – Under the DPA’18 you have the right to have all of the personal data that we hold about you deleted in line with our statutory and legal responsibilities. If you wish to exercise this right please send your request to help@fenixcertify.com.
11.4 Right to restriction of processing – Under the DPA’18, and in line with Article 18 (1) (a) to (d) of the GDPR, you have the right to obtain from us the restriction of processing. If you wish to exercise this right please send your request to help@fenixcertify.com.
11.5 Right to data portability – Under the DPA’18, where applicable, you have the right to request a copy of all of the personal data we hold about you in a structured, commonly used and machine-readable format. If you wish to exercise this right please send your request to help@fenixcertify.com.
12. Enforcement:
12.1 Fenix Certify regularly reviews its compliance with relevant data protection laws and regulations, and this Policy.
12.2 Where applicable, we cooperate with the appropriate regulatory authorities, including data protection authorities, for example the UK Information Commissioners Office (“ICO”), to resolve any complaints regarding the collection, processing and disclosure of personal data that cannot be resolved between us and the individual.
13. Notices and provisions:
13.1 Please note that this Policy applies to our Site and App only. If you as a user of our Site and/or App click on or follow any links from our Site or App to an external website or application, this Policy will no longer apply. Please ensure you check the privacy policies of any such external website or application before submitting any personal data as we cannot accept any responsibility or liability in relation to such websites or applications.
13.2 We reserve the right to change this Policy at any time. These changes will take immediate effect unless you are notified otherwise. For this reason, we recommend that you refer to this Policy on an ongoing basis so that you understand our current practice at the time of using our services.
13.3 If you have a concern about this Policy or you would like to know more about how your personal data is collected, processed, stored or disclosed, please contact us using the contact information supplied below.
13.4 If you wish to contact us with a complaint regarding the processing of your personal data, please ensure you include your full name, contact information and a detailed description of your complaint.
13.5 If you are not satisfied with our response to any of your data subject rights or a complaint that you have made, you may also contact your local data protection authority to lodge a complaint.
14. Contact information:
