GDPR, Website Terms and other legal bits and pieces
We do not track your information when you our website (no cookies!). Yes really, no cookies, which is why we don't have those annoying cookie permission pop-ups.
We do not store any information without your explicit permission and we do not share that information.
We are the data controller which means we decide how your information is used and protected. We take your privacy and our responsibility to protect your information seriously.
Read our Privacy Notice to understand:
- Who we are
- What information we collect about you
- How we use your information
- Who can see your information
- When we share your information
- How we look after your information
- How long we keep your information
- International transfers of your information
- Your rights and choices
Who We are
Endzone.io Ltd t/a HappyPorch is a company registered in Scotland, Company Number 492581, at 272 Bath Street, Glasgow G2 4JR.
You can contact us via:
FAO: HappyPorch, Unit 5395, PO Box 26965, Glasgow, G1 9BW
Email: [email protected]
What information do we collect about you
The information you provide to us might include: your name, first name, email address, and phone number. Your information includes anything which identifies you so if you provide an email to us under a “Contact” section on our website www.happyporch.com (the “Website”) we will receive personal data information mentioned hereto.
We will not ask you to provide us with any sensitive information such as details about your racial or ethnic origin, political opinions, religious, philosophical or similar beliefs, trade union membership, health, sexual life or orientation.
We collect your information when you:
- interact or correspond with us by post, phone, SMS, email or via our Website;
- attend events we hold or interact with us in person;
- enter into a contract with us; and
- apply to a job vacancy
If you are applying for a job role with us, we request that you send your CV by email, so would collect any and all the information that you provide us within this document.
In certain circumstances, we will receive information about you from third parties. For example, if you are a job applicant we may contact your referees to provide information about you.
Website Visitors only (cookies)
We use the open source Plausible Analytics, which is a GDPR, CCPA and cookie law compliant site analytics tool.
No cookies are used and no personal data—not even an IP address or browser user agent—is stored. For more information, see the Plausible Data Policy.
How we use your information
We use your information lawfully. We do not sell your information to third parties. However, we may share your information as set out in the section ‘When we share your information’.
The details of how we use your information and the legal bases for our use are set out below:
When we have your consent to contact you, we may use your information to:
- keep in contact with you and provide you with marketing communications about our news and events;
- tell you about you services that may be of interest to you (for more information, see section ‘When we share your information’);
We will sometimes use your information on the basis of our ‘legitimate business interests’ (our “legitimate interests”). This means, for example, our legitimate interests in conducting and managing our business and our relationship with you.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests do not automatically override yours and we will not use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you have any concerns about our processing you have rights and choices which include the right to object or rectify (please see the section headed ‘Your rights and choices’).
We may use your information for the purposes listed below on the basis of our legitimate interests:
- to respond to an email that you have sent to us directly or via the Website
- to process any job applications you submit to us;
- to work with our third-party recruitment agency to process any job applications you submit to us;
- to operate a safe and lawful business or where we have a legal obligation;
- to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees;
Who can see your information
Your information may be processed by our staff or by the staff of third parties we work with to deliver our business. Processing can mean any activity that involves the use of information about someone that can identify them. All uses, for example, obtaining, recording, storing, disclosing, organising, retrieving, deleting and destroying are types of data processing. We take measures to ensure that third parties processing your information on our behalf are acting lawfully in accordance with our instructions and are subject to appropriate confidentiality requirements. We also have adequate technical and organisational safeguards in place in our company and with third party processors to protect your information.
Third party processors of your information include:
- our Website hosts and operators, IT support providers, database operators, site analytics providers and software developers;
- our marketing or publicity services providers;
- our financial services and payment service provider; and
- our auditors, technical consultants and legal advisors.
When we share your information
We share your information within our company, which may include our international team. Where we share your information outside our company you will be asked to consent to a third party sharing your information and if you choose to give your permission any interaction you have with a third party is governed by their privacy terms. The third party becomes a joint data controller of your information with us. This means that the third party can make decisions about how to use your information. Before we share your information we require third parties to enter into a data sharing agreement which stipulates that they must maintain appropriate security to protect your information from unauthorised access, processing or use.
We may share your information with the following third parties:
- any prospective seller or buyer of businesses or assets, only in the event that we decide to acquire, transfer or sell any business or assets; and
- any other third parties (including legal or other advisors, regulatory authorities, courts and government agencies) where necessary to enable us to enforce our legal rights, or to protect the rights, property or safety of our employees or where such disclosure may be permitted or required by law or where we have a legal obligation to do so.
How we look after your information
We look for opportunities to minimise the amount of personal information we hold about you. Where appropriate we anonymise and pseudonymise your information. We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
- ensuring the hosting services we provide meet relevant international standards
- ensuring the physical and digital security of our equipment and devices by
- using appropriate password protection and encryption;
- maintaining a data protection policy for, and delivering data protection training to, our team; and
- limiting access to your personal information to those in our company who need to use it in the course of their work.
How long will we keep your information
We will retain your information for as long as it is necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our legitimate interests, such as for the purposes of processing your job application, responding to correspondence, exercising our legal rights, etc.
We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example,
- we operate a best practice email retention policy requiring password-protected folders and departmental shared drives to provide restricted access to information;
- deleted emails are auto-deleted periodically;
- we conduct regular access reviews to keep access profiles and policies up to date;
- we maintain a suppression list of email addresses of individuals who no longer wish to be contacted by us. So that we can comply with their wishes we must store this information permanently; and
- we retain CVs and related information from job applicants who have not been successful for a maximum duration of twenty-four (24) months starting from the last contact with the candidates. Once that period is over, we proceed to the deletion of this data.
International Transfers of your information
Our company is registered in the United Kingdom but some of our team are located elsewhere in the European Union and the World. Whenever we transfer your personal information out of the European Economic Area (“EEA”) we will take all steps necessary to ensure that it is adequately protected and processed in accordance with this Privacy Notice by using all appropriate cross-border transfer safeguards such as:
- by entering into the European Commission’s Standard Contractual Clauses with the provider which give personal data the same protection it has in the EEA; and
- where the provider is in the United States, the EU-US Privacy Shield if the provider is part of the EU-US Privacy Shield Framework, or Binding Corporate Rules when applicable.
Please contact us if you would like additional information on the specific means used by us when transferring your personal data outside of the EEA.
Your Rights & Choices
You have different rights, and in particular a right of access, rectification, erasure, restriction and objection to the processing of your information as well as the right to portability.
Your right to object
You have the right to object to our using your information for direct marketing and on the basis of our legitimate interests (refer to section ‘How we use your information’ above to see when we are relying on our legitimate interests). If you want to do this you can contact us using the details in the section ‘Who we are’.
Your right to withdraw consent
The right to withdraw your consent for our use of your information in reliance of your consent (refer to section ‘How we use your information’ to see when we are relying on your consent), which you can do by contacting us using any of the details in the section ‘Who we are’.
Your other rights and choices
You also have other choices and rights in respect of the information that we hold about you, including:
- the right to request access to the information that we hold about you to check that we are acting lawfully;
- the right to receive a copy of any information we hold about you in a structured, commonly used, machine readable format or in another format of your choice;
- the right to request that we transfer your information to another service provider in a structured, commonly used, machine-readable format;
the right to ask us to correct information we hold about you if it is inaccurate or incomplete;
- the right to ask us, in certain circumstances, to delete information we hold about you; and
- the right to ask us, in certain circumstances, to restrict processing of your information.
You may exercise your rights and choices by contacting us using the details above in the ‘Who we are’ section.
Your right to complain
Please contact us if you have any questions or are unhappy about the way your information is used. We hope we will be able to resolve any problems or issues you may have.
You also have the right to lodge a complaint about us and our use of your information to the Information Commissioner’s Office in the United Kingdom (https://ico.org.uk/).
We may make changes to this Privacy Notice from time to time to stay abreast of technological developments, industry practices and regulatory requirements, or for any other reason. Any changes will be directly updated on our Website.
Our responsibility for loss or damage suffered by you
If you are a business user:
We exclude all implied conditions, warranties, representations or other terms that may apply to our site or any content on it.
We will not be liable to you for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:
- use of, or inability to use, our site; or
- use of or reliance on any content displayed on our site.
In particular, we will not be liable for:
- loss of profits, sales, business, or revenue;
- business interruption;
- loss of anticipated savings;
- loss of business opportunity, goodwill or reputation; or
- any indirect or consequential loss or damage.
Which country’s laws apply to any disputes?
This page was updated on 20 August 2022.