Version 3.1, Last updated:20 June 2023
Information about us and our role
The personal data we process as a controller
Purposes for processing
Personal Data to:
send you marketing communications including:
updates about new or improved functionality of Previse’s applications and services and events, promotions or competitions being offered by us; and
information from us about goods and services which may be of interest to you;
If you are a corporate subscriber, we will do this because it is in our legitimate interests to process Personal Data in this way. You are entitled to object to us contacting you or to amend your communication preferences by contacting us at email@example.com.
If you are an individual subscriber, we will process Personal Data in this way where you have consented to receive these marketing communications from us. You are entitled at any time to withdraw your consent to receiving these marketing communications from us at any time.
If you subsequently decide that you do not want to receive marketing communications from us, please click the “unsubscribe” link provided in our marketing messages. Objecting to receiving marketing communications will not affect our use of the Personal Data prior to you objecting but it will mean that we will not be able to contact you about the offers we may run and other services we may be able to offer to you in the future.
contact you, if we receive a request to contact you or to send you any requested information. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with you, to respond to your request and develop the relationship between us. It may also be necessary for us to:
use Personal Data to perform an agreement with you, where we would be unable to provide those services without that information (for example, if a particular service or information is to be provided to you, we would be unable to provide that service or information unless we were able to use Personal Data for that reason);
use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with you;
enable us to contact you for security reasons. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;
manage our relationship with you. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with you to develop the relationship between us. It may also be necessary for us to
use Personal Data to perform an agreement with you, where we would be unable to provide those services without that information;
use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with you;
verify your identity, onboard you as a customer, supplier and/or funder of Previse, conduct anti-money laundering checks, risk management, credit checks and other compliance related activities as well as to satisfy our internal operational requirements. We do this because it is in our legitimate interests to make sure that the identities of our counterparties are genuine and relationships are not being established for fraudulent or other illegal reasons. We may also do this because we may be subject to legal obligations which require us to confirm the details that you provide to us before entering into a relationship with you;
to corroborate, match with or enrich personal data held by us for the purposes of identifying, establishing and managing business relationships. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;
address other business needs such as website administration, fraud prevention, legal compliance and business continuity. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes. We may also do this because we may be subject to legal obligations that require us to use Personal Data for these purposes.
With respect to the Personal Data that you provide to us, you will be informed at each information collection point which information is required to be provided and what we will use it for. We will let you know where you must provide us with the Personal Data in order to perform an agreement or to comply with a legal obligation. You can choose not to enter any such Personal Data. However, if you choose not provide us with Personal Data in circumstances where we require it, we will be unable respond to enquiries, engage in further communications with you and/or make Previse’s applications and services available to you in circumstances where the Personal Data is required to do that.
Previse does not sell your Personal Data to non-affiliated third parties (including for their own direct marketing purposes) without your consent. In addition, Previse has not sold your Personal Data to non-affiliated third parties in the last 12 months. If you are entitled to any disclosure rights in your jurisdiction regarding our sale of your Personal Data to non-affiliated third parties or our disclosure of your Personal Data to third parties for their own direct marketing purposes, this disclosure satisfies those requirements. If you still wish to learn more about our compliance with this requirement, please contact us using the information provided in the “Contact Information” section below.
You may give us your:
identity data (such as your first name, last name, date of birth, gender, title and the company you work for);
contact data (such as your postal address, email address or telephone number);
profile data (such as your product interests, the subject of your enquiry and any personal information contained in the message section of your enquiry, feedback and survey responses);
marketing and communications data (such as your preferences in receiving marketing from us or your communication preferences); or
application data (such as contact data of any referees, personal information included on your CV/resume such as employment history, education history, citizenship status and immigration status, directorships and other business dealings).
You may submit this Personal Data by filling in forms on our Website or by corresponding with us by post, phone, email or otherwise when you submit a request for our products or services, make a business or press enquiry, subscribe to our publications, request marketing material to be sent to you, give us feedback, make a general employment enquiry or apply for a specific job or otherwise contact us.
Information we collect from your browser and your device
As you navigate through the Website, we will automatically collect information about your interaction with the Website such as your IP address, traffic data, clickstream information, time stamp, location data, web logs, other communication data and the resources that you access when you visit the Website and your browser or other applications on your device interact with it. We automatically collect this data using various technologies such as cookies, web logs and beacons as described below. This information allows us to better tailor our content to users’ needs and is only gathered while you are on the Website.
We automatically receive and record such information on our server logs from your browser. As discussed below, we use this information to diagnose problems with our server, report aggregate information for statistical analysis, determine the fastest route for your computer to connect to the Website and administer and improve the Website.
To the extent this information constitutes Personal Data, we use it as described in Clause 3.1.1, which includes to ensure that content from the Website is presented in the most effective manner for you and your device because it is in our legitimate interests to improve our users’ online experience in relation to the Website.
Cookies and other tracking technologies
The following table sets out the types of cookies used on the Website and provides detail about what they are used for. When you use the Website for the first time, cookies which are essential to make the Website operate (see those identified as “essential cookies” below) will have been set but other cookies will not have been set unless you agreed to those cookies being set at that time. If you have agreed to accept cookies, then the Website will remember this and continue to set cookies each time you visit.
Some cookies are deleted when you close your browser. These are known as session cookies. Others remain on your device until they expire, or you delete them. These are known as persistent cookies and enable us to remember things about you as a returning visitor, particularly if you wish to be remembered so you do not have to click on a link on every time you visit the Website.
If you do not want cookies to be stored, then you may delete certain cookies listed below individually, or you can select the appropriate options on your web browser to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of the Website, such as being able to access specific areas.
If you would like to disable cookies, you can set your web browser to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on the Website.
Sharing of Personal Data with third parties
We will share Personal Data with the following third parties:
Our or any of our Affiliates’ accountants, insurers, auditors, partners and managers;
Our or any of our Affiliates’ legal advisers and representatives for the purposes of establishing, exercising and defending our legal rights and obligations and otherwise taking legal advice;
Our or any of our Affiliates’ service providers and sub-contractors;
Our or any of our Affiliates’ customers, suppliers and funders;
Potential purchasers of and/or successors in title to member(s) of the Previse Group and their Affiliates and representatives in connection with a sale, acquisition, reorganisation or other disposition of all or part of Previse Group’s business or assets, or the insolvency, bankruptcy or receivership of a member of the Previse Group;
Those third parties identified in the InstantPay terms and conditions you have executed with us;
Data analytic companies for the purposes of managing credit risk through the use of Delphi scoring;
Operators of publicly available and private databases of business and individuals for the purposes of verifying identities. For example, we may use databases such as those retained by LinkedIn for this purpose;
Third party service providers for the purpose of fraud protection and credit risk reduction such as industry associations (such as CIFAS) and their members and any agents, delegates, nominees, attorneys, trustees or custodians acting on our or any of our Affiliate’s behalf;
To those third parties where we are required to do so by law or court order or in response to reasonable enquiries from or as a result of cooperating with any governmental, banking, taxation, supervisory, industry association (such as CIFAS) or other similar body or by the rules of any stock exchange;
To law enforcement and fraud prevention agency.
Records of Personal Data
International Personal Data Transfers
We store and process Personal Data:
in the UK and the European Economic Area (“EEA”) if you are located in the UK or in the EEA; and
in the UK, the EEA and/or the United States of America (“US”) if you are located in the US.
Do Not Track Disclosure; No Tracking Across Websites
Certain web browsers may provide a do-not-track (“DNT”) option. You may be able to ask your browser to inform websites that you do not wish your activities to be tracked, either with cookies or other persistent identifiers, commonly called “DNT signals”.
Other people’s personal data
The information you give us, or that we collect through your use of our website, may contain your or another person’s personal data. If you provide us with information about another person, you confirm that they have appointed you to act for them, they consent to you providing their personal data to us and any processing of their personal data and that you have informed them of our identity and the purpose for which their personal data will be processed – as set out in this Privacy Notice.
Your relationship with us
You warrant, represent and undertake to us that the Personal Data that you provide or otherwise make available to us is true, complete and up-to-date.
If any of the Personal Data that you have provided to or made available to us changes (for example if you change your contact details) then you will promptly notify us by sending an email to help@Previ.se.
Depending on your applicable jurisdiction, including if your Personal Data is subject to the GDPR, you may have certain rights with respect to your Personal Data. Such rights may include the right to:
request access to that Personal Data;
receive a copy of that Personal Data which you have provided to Previse in a structured commonly used format so that you can share it with others;
where that Personal Data is inaccurate or incomplete, ask for Personal Data to be rectified or completed;
request the transfer of that Personal Data to another party;
ask for that Personal Data be erased;
object to us processing that Personal Data by asking for the processing of that Personal Data to be restricted or stopped. For example, if Previse uses Personal Data for marketing purposes; and
make a complaint to the applicable data protection supervisory authority about the manner in which Previse processes Personal Data, such as the UK Information Commissioner’s Office.
Please contact firstname.lastname@example.org for additional information, or if these rights apply to you based on your jurisdiction, to exercise these rights. When you contact us to exercise the above rights, we may ask for further information from you, to confirm your identity and, if applicable, the jurisdiction to which you are subject. You may also be able to access and update the information you have provided to us via your weblink.
We have implemented appropriate technical and organizational measures on our servers, which are designed to protect Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
You should keep in mind that internet transmissions (including emails) are never completely secure or error-free. As such, you should take steps to protect yourself, especially online and take special care in deciding what information you send to us via e-mail or other transmissions. Where you use weblinks, ID numbers, or other special access features on the Website, it is your responsibility to safeguard them. You should choose a strong password for your device, do not use the same password that you use elsewhere and do not share your password with anyone else. Also remember to close your browser window when you have finished to ensure that others who may have access to your computer cannot access Personal Data.
Whilst we may take any information provided by you into account, only we will determine the content of any related public statements and any required notices to the affected data subjects and/or the relevant supervisory authorities in connection with a personal data breach in relation to the Personal Data.
Links to other websites
No Collection of Children’s Data
Previse does not seek to, nor do we knowingly collect, information directly from children under the age of 16. If a child has directly provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. To do so, contact us through the information provided below in the “Contact Information” section.
Third party rights
Governing law and jurisdiction
Privacy Notice for California Residents
This “Privacy Notice for California Residents” section only applies to California residents. This notice describes how we collect, use and disclose your personal information (as defined in the CCPA), and your rights with respect to that personal information.
Information We Collect
Clauses 3.2, 3.3 and 3.4 describe the personal information we may collect from you, including the categories of sources of that information. We collect the information for the purposes of described in section 3.1. We share this information as described in section 3.5. We will retain your personal information as set forth in section 3.6. For the purposes of this clause 7, we may use the terms “personal information” and “Personal Data” interchangeably.
The CCPA provides California residents with specific rights to request information about Previse’s collection, use and disclosure of your personal information over the prior twelve (12) months, and ask that we provide you with the following information:
Access to Specific Information and Data Portability Rights
You have the right to request that we disclose certain information to you about our collection and use of your personal information.
Once we receive and confirm your verifiable consumer request, we will disclose to you:
the categories of personal information we collected about you;
the categories of sources from which we collect personal information;
purpose for collecting, using or selling personal information;
the categories of third parties with whom we share that personal information;
the specific pieces of personal information we collected about you (known as “data portability request”); and
if applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold.
Deletion Request Rights
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you;
detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;
debug products to identify and repair errors that impair existing intended functionality;
exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;
comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. Seq.);
engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;
enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; or
comply with a legal obligation.
Exercising Access, Data Portability, and Deletion Rights
To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us at: email@example.com. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.
The verifiable consumer request must:
provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: First Name, Last Name, Email used to register with Previse, and Phone Number; and
describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Sensitive personal information
We do not use or disclose sensitive personal information except for purposes for which you do not have a right to limit the use and disclosure of sensitive personal information under the CCPA. For example, we may use Sensitive personal information to provide you products or services you have requested. “Sensitive personal information” includes Social Security number, government-issued identification, bank account and routing numbers, credit and debit card information, voice identification and Photo IDs or Precise Geolocation (each capitalized terms have the meanings ascribed to them under the CCPA).
Privacy Notice for Residents of Certain Other U.S. States
This “Privacy Notice for Residents of Certain Other U.S. States” section applies to U.S. residents subject to the applicable U.S. Data Protection Laws, except the CCPA. Please refer to section 5 above to understand the categories of personal data that we process and disclose to third parties, the purposes for which we process personal data, and the categories of third parties that we disclose personal data. As residents in a State subject to the U.S. Data Protection Laws, you may be entitled to the same rights described in section 3.6 and section 8.2. However, these rights are not absolute, and we may decline your request as permitted by the applicable U.S. Data Protection Laws.
Definitions and interpretation
“Affiliates” means, with respect to any specified person or entity, any other person or entity that, directly or indirectly, controls, is under common control with or is controlled by such specified person or entity. The term “control” (including its correlative meanings “under common control with” and “controlled by”) as used in the preceding sentence means the possession, directly or indirectly, of the power to direct or cause the direction of the management or policies of a person or entity, whether through ownership of securities or partnership or other interests, by contract or otherwise;
“Data Protection Legislation” means data protection and/or privacy laws, including, where applicable, U.S. Data Protection Laws and European Data Protection Laws;
“European Data Protection Laws” means the GDPR and the Privacy and Electronic Communications Directive 2002/58/EC, as implemented into and supplemented by domestic legislation of each EU Member State and in the UK (such as by the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 in the UK) and as amended, replaced or superseded from time to time;
“GDPR” means the EU General Data Protection Regulation 2016/679;
“Personal Data” means any personal data collected by us about you which we use for the purposes described in Clause 3.1.1 and as set out in Clauses 3.2, 3.3 and 3.4; and
“Previse Group” means us and each of our Affiliates;
“U.S. Data Protection Laws” means the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA“), the Virginia Consumer Data Protection Act (“VCDPA“), the Colorado Privacy Act (“CPA“), the Connecticut Data Privacy Act (“CTDPA“), and the Utah Consumer Privacy Act (“UCPA“) but excluding, without limitation, consent decrees.
The terms, “Commission“, “controller“, “data subject“, “Member State“, “personal data“, “personal data breach“, “processor“, “processing” and “supervisory authority” will have the same meaning as in the GDPR (even if the GDPR does not apply to the applicable data) as implemented and/or supplemented by domestic data protection laws (such as by the Data Protection Act 2018 in the UK), and their cognate terms will be construed accordingly.
Unless a contrary indication appears, any reference to:
the singular will include the plural and vice versa;
a “Clause” is a reference to a Clause to these terms and conditions;
the word “including” (and its derivations) must be construed as being for illustration or emphasis only and not as limiting the generality of any preceding words;
the word “other” must not be construed as being limited by the context in which it appears or the words that precede it where a wider construction is possible;
any “person” includes any assignee, transferee, successor-in-title, delegate or appointee of that person (but, in the case of you or us, only permitted assignees or transferees). It also includes any individual, company or other body corporate, any state or state agency or any unincorporated body, association, trust, joint venture, consortium or partnership whether or not having separate legal personality);
a “regulation” includes any regulation, rule, official directive, request or guideline (whether or not having the force of law) of any governmental, intergovernmental or supranational body, agency, department or of any regulatory, self-regulatory or other authority or organisation;
a provision of law is a reference to that provision as amended or re-enacted;
a time of day is a reference to local time in London, United Kingdom; and
clause headings are for ease of reference only.