Privacy Notice

We care about your privacy

This privacy notice aims to give you information on how Conferma Limited (“Conferma”, “we”, “us”) of Towers Business Park, Ocean House, Wilmslow Road, Didsbury, Manchester, M20 2RY collects, uses, discloses, transfers, stores, and processes your information when you use our services.

At Conferma, we primarily serve as a data processor, diligently executing payment processing tasks on behalf of our customers who act as data controllers, adhering strictly to their directions. This Privacy Notice, however, is specifically tailored for instances where Conferma acts as a data controller. In these situations, we are responsible for deciding how and why your personal data is processed.  Whenever we’re processing data, it is handled with the utmost respect for privacy rights and this notice informs you about our responsibilities.

Access to and use of our site is conditional upon acceptance of our Cookie Policy and Terms of Use into which this privacy notice is incorporated by reference and which this privacy notice is an integral part of.

We may update or replace this notice from time to time and without advance notice. The updated notice will supersede earlier versions and will apply to personal data provided to us previously.  We recommend that you revisit and read this Privacy Notice regularly to ensure that you are up to date with the current terms‍.

References in this notice to Data Privacy Laws means all applicable data protection laws including the following:

  • UK General Data Protection Regulation, (UK Data Protection Act 2018) ,
  • EU General Data Protection Regulation, (Regulation (EU) 2016/679)
  • Australian Privacy Act 1988 (Cth) No. 119 1988 (as amended),
  • California Consumer Privacy Act of 2018 (Cal. Civ. Code § 1798.100, et seq. and all implementing regulations promulgated by the California Attorney General and the California Privacy Protection Agency to date, as amended from time to time),
  • Singapore Personal Data Protection Act 2012 and all subsidiary legislation.

 

Our Data Protection Officer for the purpose of the Data Privacy Laws can be contacted at: [email protected]

Information we may collect about you

Generally, we may collect and process the following information about you to:

  1. Information that you provide by filling in forms on this site. This includes information provided at the time of registering to use this site, subscribing to our service, posting material, downloads, subscriptions or requesting further services. We may also ask you for information when you report a problem with this site;
  2. If you contact us, we may keep a record of that correspondence;
  3. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
  4. Details of transactions you carry out through this site and of the fulfilment of orders if applicable;
  5. Details of your visits to this website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
  6. We may also collect information on how the site is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), MAC address, browser type, operating system, device-identifying information, browser type, browser version, unique device identifiers and other diagnostic data, and the domain name from which you accessed our sites. In addition, we may collect information about your browsing behaviour, such as the date and time you visit our sites, the areas or pages of our sites that you visit, the amount of time you spend viewing our websites, the number of times you return to our websites and other clickstream data; and
  7. Data that allows us to remember you, any interests that you have recorded and how you use this site. This allows us to arrange our website content to match your preferred interests. We use “cookies” to collect this data. Cookies are text files of small amounts of information that are downloaded by your computer or mobile device when you visit a site. You have the ability to accept or decline cookies. See our cookie notice for more information on how we use cookies and how to manage them.

Uses made of the information.

We may process your information for the following reasons:

Purpose for Collection Category of Personal Data Collected Source Lawful basis
To communicate with and respond to our customers and prospective customers about the services we sell or the work we do for them including verification of identity and to notify customers about any legal or service changes. Contact information: including your name, address, and phone number From our customers or users when they visit our site, call us, sign-up for emails or another service, or otherwise interact with us.

 

Legitimate interest to ensure we can conduct our business activities, where permitted under applicable Data Privacy Laws.

 

To comply with legal obligations, or where otherwise permitted under applicable Data Privacy Laws.

 

If you are in Australia:  the use or disclosure is for the primary purpose for which we collected it, or for a secondary purpose, if that secondary purpose is one which you would reasonably expect and is related to the primary purpose.

To conduct our marketing activities and send you marketing information Contact information: including your name, address, and phone number From our customers or users when they visit our site, call us, sign-up for emails or another service, or otherwise interact with us.

 

Legitimate interests to ensure we can market, promote and grow our business, where permitted under applicable Data Privacy Laws.

 

Consent of the individual to receive marketing messages.

 

 

If you are in Australia: (a) we collected the contact information directly from you, you would reasonably expect us to market to you and we provide a simple means for you to opt out of our marketing; and (b) if the contact information is an email address or phone number, we have obtained your opt-in consent to send you emails, texts or similar types of electronic messages.

 

 

To evaluate usage of our site and improve our performance and our sites Browsing information: such as your IP address, MAC address or other device identifier, the kind of browser or computer you use, pages and content that you visit on our site, what you click on, the state and/or country from which you access our site, date and time of your visit, and site pages from which you linked to our site. Our site and your interactions with our sites, including using cookies and other tracking technologies explained further   within our cookie policy. Legitimate interests – to enable business improvement and particularly to ensure we can improve our site and our performance
To protect the security and integrity of our site and our business, such as preventing fraud, hacking, and other criminal activity or to meet legal obligations. Browsing information: such as your IP address, MAC address or other device identifier, the kind of browser or computer you use, pages and content that you visit on our site, what you click on, the country from which you access our site, date and time of your visit, and site pages from which you linked to our site. Our site and your interactions with our sites, including using cookies and other tracking technologies explained further within our cookie policy. Legitimate interests –

fraud prevention; and network and information security.

 

If we do not collect the personal data specified in the above table, we may not be able to respond to your questions to us or provide you with our services.

External sites

While we have carefully chosen  the partners with whom we work, especially those involved in the transmission of information on behalf of our business, and while we strongly encourage all third parties we work with to comply with the data protection requirements under Data Privacy Laws, we do not control and are not responsible for the privacy practices or content of third-party sites, including those of affiliates, business partners, sponsors, advertisers, or other sites to which we may link from time to time.

When visiting any third-party sites, you are responsible for reviewing the privacy notice and terms of use applicable to each site. We do not accept any responsibility or liability for these policies, or any acts or omissions of such third parties.

Where do we store & transfer your Personal Information?

Conferma is headquartered in the UK and its servers are located in the UK. The data that we collect from you may be transferred to, and stored at destinations, which are outside the UK and the European Economic Area (“EEA”) since some of our external third parties are based outside of the UK and the EEA.

Whenever we transfer your personal information in this way, we ensure that it is provided a standard of protection at least comparable to that under the Data Privacy Laws of the jurisdiction from which the information is transferred and ensuring at least one of the following safeguards are implemented:

  • We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the UK Secretary of State.
  • Where we use certain service providers, we may use specific contracts approved for use in the UK EU which give personal information the equivalent protection that it has in the UK.

Please contact us if you want further information on the specific mechanisms used by us when transferring your personal information out of the territory from which it is collected.

Disclosure of your information

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries for the purposes described in section 2 of this notice.

We may also disclose your personal information to external third parties or partners for the purposes described in section 2 of this notice. These include:

  • Service providers, for example third parties which provide our online form builder and email software and who help us with fraud protection and site analytics.
  • Professional advisers who provide consultancy, banking, legal, insurance and accounting services; and

Law enforcement and other governmental authorities in accordance with applicable law.

We may also disclose personal information to comply with a legal requirement, for the administration of justice, when interacting with anti-fraud databases, to protect the security or integrity of our databases or this site, to enforce or apply our terms of use or other agreements, to take precautions against legal liability or in the event of a joint venture, collaboration, financing, sale, merger, reorganisation, change of legal form, dissolution or similar event including disclosure of your personal data to any successor of ours.

This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Data retention

We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the information, the potential risk of harm from unauthorised use or disclosure of your information, the purposes for which we process and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

In some circumstances we will anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

Your privacy rights

Data Privacy Laws give you certain rights to control your personal information, subject to the exemptions and requirements under applicable Data Privacy Laws. You may have the following rights to:

  • check whether we hold personal information about you and to access a copy of such information;
  • request correction of inaccurate information or erasure of personal data about you;
  • request the transfer of certain personal information.
  • object to the processing of your personal information based on consent or legitimate interest grounds;
  • request the restriction of processing concerning you;
  • make a complaint to a supervisory authority which in the UK is the UK Information Commissioner’s Office.

All of these rights are subject to applicable exemptions and qualifications under applicable Data Privacy Laws. When you exercise these rights and submit a request to us, we will verify your identity by asking you for relevant information to confirm your identity.  Please note that Conferma may charge a reasonable fee for dealing with certain rights requests were permitted by applicable Data Privacy Laws.

To exercise your rights please contact our Data Protection Officer at [email protected]

Children

Our site does not address and is not directed to anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that a child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

Contact us

Please contact us at [email protected] if you have any queries, wish to make a compliant or want more information how we process personal information.

Last Updated February 2024