Privacy Policy

Website privacy notice and cookie policy

This Privacy Policy was last updated on 12th January 2022.

Introductions

ANNEXUS LTD (hereinafter - ‘we’, ‘us’, ‘our’, ‘ANNEXUS’) is a company, registered under the laws of the United Kingdom. ANNEXUS operates the https://www.annexus.co.uk (the ‘Website’) and provides development services such as coaching, consulting or facilitating support in achieving a specific personal or professional goal by providing training and guidance (the ‘Service’).

We at ANNEXUS LTD have created a Privacy Policy that aims to inform you of our policies regarding the collection, use, and disclosure of data about a living individual who can be identified from those data (the ‘Personal Data’) when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use.

Also our Website does not sell your Personal Data to third parties. A ‘sale’ of Personal Data under the CCPA is defined broadly to include the ‘selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means’ the Personal Data of a consumer to another business or third party ‘for monetary or other valuable consideration.’ If we decide to sell our Website or our business, we will inform you about this, so you can forbid us to transfer your Personal Data together with our business. If so, we will delete your data from the databases prior to a business transfer.

For the purposes of this policy, we define the term ‘User’ as an individual, using the Website and filling our contact form.

We adhere to the following principles in order to protect your privacy:

  • principle of purposefulness - we process personal data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;

  • principle of minimalism - we collect personal data only to the extent necessary for the achievement of determined purposes and do not keep personal data if it is no longer needed;

  • principle of restricted use - we use personal data for other purposes only with the consent of the data subject or with the permission of a competent authority;

  • principle of data quality - we update personal data shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;

  • principle of security - security measures shall be applied in order to protect personal data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;

  • principle of individual participation - the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.


1. Data we collect

1.1. Usage Data

1.1.1

We may collect, record and analyze information of the Users of our Website.

1.1.2

Where our Website is accessed purely to gain information, i.e. where you do not provide us information in any way, we only collect the personal data provided by your browser to our server. Where you want to view our website, we collect the following data necessary for technical purposes to be able to demonstrate our Website to you and to ensure adequate access stability and security (therefore, the legal basis for is the legitimate interest of ANNEXUS):

IP address;

Enquiry date and time;

Time zone difference to Greenwich Mean Time (GMT);

Enquiry content (the exact web page accessed);

Access status/HTTP status code;

Data volume transmitted in each case;

Website generating the enquiry;

Browser;

OS and its interface;

Browser language and version.

1.1.3

We use this information in aggregate to assess the popularity of the web pages on our Website and how we perform in providing content to you. When combined with other information we know about you from previous visits, the data could possibly be used to identify you personally, even if you did not provide any information to us. Information collected this way is stored for no longer than one year.

1.1.4

Processing of Usage Data relies on our legitimate interests. It is necessary for managing and running our business efficiently and effectively, providing quality services including website support, developing and improving products, determining who may be interested in them.

1.1.5

Our Website allows you to contact us by using the contact form. To do so, you need to provide your name, email address, as well as the text of your inquiry. We use the collected Personal Data only to communicate with you, as you reasonably expect us to answer you, and we may also record your request and our reply in order to increase the efficiency of the organisation of our support service.

1.1.6

We collect email address and data of User’s profile in instant messaging applications (e.g. name, nickname, phone number) only when User wants to contact us and writes us on our email address that is available on the Website or communicates with us via instant messaging applications, that are listed on our Website. We use the collected Personal Data only to communicate with you, as you reasonably expect us to answer you.

1.1.7

While processing Personal Data of our Users, we rely on your consent to the processing of your Personal Data for the purpose of communicating with you. We use such Personal Data in ways you would reasonably expect and which have a minimal privacy impact. You can withdraw your consent at any time by sending us an email to privacy@annexus.co.uk with your withdrawal request and your Personal Data will be deleted within seventy-two (72) hours.

1.1.8

Processing of Personal Data for marketing purposes also relies on the consent obtained from you. We use data in ways you would reasonably expect and which have a minimal privacy impact.

1.1.9

Wherever possible, we aim to obtain your explicit consent to process your Personal Data, for example, by asking you to agree to use Cookies.

1.1.10

Users can control the use of Cookies at the individual browser level. If you reject Cookies, you may still use our Website, but your ability to use some features or areas of our website may be limited. To learn more and for a detailed Cookie notice, Users may refer to our Cookie Policy.

1.2. Personal Data

1.2.1

In order to provide Services to our Users we collect its personally identifiable information.

1.2.2

When the User uses our Services by submitting an online order form on the Website, a contract is formed between the User and us. In order to carry out our obligations under that contract we must process the information that the User gives to us.

1.2.3

During the submission of an online order form on the Website, the User provides us with its first and last name. This information is used by us to identify our Users and provide them with services and to meet other contractual obligations.

1.2.4

Also, User provides us with the following information about the Addressee during the submission of an online order form on the Website:

        • Email address.

        • Phone number.

        • Any question that relates to the provision of Services.

        • Cookies and Usage Data.

1.2.5

This information is used by us to identify you, to personalize the User and to provide you needed Service in full.

1.2.6

We may obtain Users’ Personal Data from third parties such as payment service providers, whose services we use.

1.2.7

We process this information on the basis there is a contract between us and the User, we use the information before we enter into a legal contract.

1.3. Communication data

1.3.1

We collect any data that you share to us whether that be through the contact form on our website, through email, text, social media messaging, social media posting or any other communication that you send us. We process this data for the purposes of communicating with you, for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.

1.4. Marketing data

1.4.1

We collect data about your preferences in receiving marketing from us and our third parties and your communication preferences. We process this data to enable you to partake in our promotions such as competitions, prize draws and free give-always, to deliver relevant website content and advertisements to you and measure or understand the effectiveness of this advertising. Our lawful ground for this processing is our legitimate interests which in this case are to study how Users use our products/services, to develop them, to grow our business and to decide our marketing strategy.

1.4.2

Processing of Personal Data for marketing purposes also relies on the consent obtained from you. This processing has appropriate safeguards and a minimal privacy impact. You can object to the processing by following the “unsubscribe” link you will find on all the email marketing messages we send you. Alternatively, you can contact us at privacy@annexus.co.uk.

1.4.3

If you no longer wish to receive promotional emails, you may opt out of them by replying to one of such emails or send us an email with a request.

1.5. Additional terms of processing

1.5.1

We do not collect any sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.

1.5.2

Where we are required to collect Personal Data by law, which you do not provide us with, we may not be able to perform the contract (for example, to deliver Services to you). If you don’t provide us with the requested data, we may have to cancel a product or Service you have ordered but if we do, we will notify you at the time. We will only use your Personal Data for a purpose it was collected for or a reasonably compatible purpose if necessary. For more information on this please email us at privacy@annexus.co.uk.

1.5.3

In case we need to use your details for an unrelated new purpose we will let you know and explain the legal grounds for processing. We may process your Personal Data without your knowledge or consent where this is required or permitted by law.

1.5.4

We do not carry out automated decision making or any type of automated profiling.


2. Compliance with the applicable law

2.1

For Users located in the European Economic Area (EEA) privacy rights are granted and all processing of Personal Data is performed in accordance with regulations and rules following the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR).

2.2

For Users located in California all processing of Personal Data is performed in accordance with regulations and rules following the California Consumer Privacy Act, Cal. Civ. Code § 1798.100 et seq. (“CCPA”)

2.3

For Users located in the United Kingdom all processing of Personal Data is performed in accordance with regulations and rules following the Data Protection Act 2018.

2.4

For Users located in Brazilia, all processing of Personal Data is performed in accordance with regulations and rules following the Lei Geral de Proteção de Dados (“LGPD”).

2.5

We may need to share your Personal Data with the third parties that provide the Services. Where your Personal Data are transferred outside of the European Economic Area (‘EEA’), we require that appropriate safeguards are in place.

2.6

We guarantee that we have Data Processing Agreements in place with our service providers, ensuring compliance with the GDPR and our contracts with them, requiring us to maintain the confidentiality of Personal Data. All data transfers inside and outside of the EEA are being done in accordance with these Data Processing Agreements. All data transfers are performed in accordance with the strictest security regulations.

2.7

For more detailed information about the international information transfers to our business partners, service providers and developers outside of the EU/EEA, please contact us using the details given in the “Contact us” section below.


3. Legal rights of the user

3.1

Users can review, correct, update, delete or transfer their personally identifiable information. For that, contact us directly at privacy@annexus.co.uk. We will acknowledge your request within seventy-two (72) hours and handle it promptly and as required by law.

3.2 Right to access

Any User may contact us to get confirmation as to whether or not we are processing his/her Personal Data. Where we process Users’ Personal Data, we will inform the User of what categories of Personal Data we process regarding him/her, the processing purposes, the categories of recipients to whom Personal Data have been or will be disclosed and the envisaged storage period or criteria to determine that period.

3.3 Right to withdraw consent

In case our processing is based on a consent granted by the User, the User may withdraw the consent at any time by contacting us. You can withdraw your consents at any time by replying to the email with your withdrawal and your Personal Data will be deleted in 72 hours. Withdrawing a consent may lead to fewer possibilities to use our Services.

3.4 Right to object

In case our processing is based on our legitimate interest to run, maintain and develop our business, any User has the right to object at any time to our processing. We shall then no longer process User’s Personal Data unless for the provision of our Services or if we demonstrate other compelling legitimate grounds for our processing that override User’s interests, rights and freedoms or for legal claims. Notwithstanding any consent granted beforehand for direct marketing purposes, any User has the right to prohibit us from using his/her Personal Data for direct marketing purposes, by contacting us or by using the functionalities of the Services or unsubscribe possibilities in connection with our direct marketing messages.

3.5 Right to restriction of processing

Any User has the right to obtain from us restriction of processing of his/her personal data, as foreseen by applicable data protection law, e.g. to allow our verification of accuracy of Personal Data after User’s contesting of accuracy or to prevent us from erasing Personal Data when Personal Data is no longer necessary for the purposes but still is required for User’s legal claims or when our processing is unlawful. Restriction of processing may lead to fewer possibilities to use our Services.

3.6 Right to data portability

Any User has the right to receive his/her Personal Data from us in a structured, commonly used and machine-readable format and to independently transmit that data to a third party, in case our processing is based on User’s consent and carried out by automated means.

3.7

To exercise any of the above mentioned rights, User should primarily use the functions offered by our Services. If such functions are however not sufficient for exercising such rights, User shall send us a letter or email to the address set out below under Contact, including the following information: name, address, phone number, email address and a copy of a valid proof of identity. We may request additional information necessary to confirm User’s identity. We may reject requests that are unreasonably repetitive, excessive or manifestly unfounded.

3.8

If you are from California and dissatisfied with how we have used your Personal Data, you can complain to the California Department of Justice. Also You have the right to lodge a complaint with a supervisory authority if you think that we violate your rights. You could contact The California Department of Justice (Department) via their website.

3.9

If you are from the United Kingdom and you object to your data processing, you can complain to the Information Commissioner’s Office at casework@ico.org.uk.

3.10

If you are from Brazil, you can also file a complaint with Brazil’s National Data Protection Authority (ANPD) through its official channels.


4. Data retention

4.1

We will retain Personal Data for as long as you use our Service, or continue to communicate with our support team. Your information will be deleted if you did not communicate with the support team for more than 36 months, unless otherwise agreed with the User in writing.

4.2

When deciding what the correct time is to keep the data for we look at its amount, nature and sensitivity, potential risk of harm from unauthorised use or disclosure, the processing purposes, if these can be achieved by other means and legal requirements.

4.3

For tax purposes the law requires us to keep basic information about our Users (including contact, identity, financial and transaction data) for 12 months after they stop being Users.

4.4

In some circumstances we may anonymise your Personal Data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

4.5

Any data collected for the purpose of analytics will be deleted in 12 months after being collected.


5. Information security

5.1

We care to ensure the security of Personal Data. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We maintain technical, physical, and administrative security measures to provide reasonable protection for your Personal Data. When we or our Service Providers process your information, we also make sure that your information is protected from unauthorised access, loss, manipulation, falsification, destruction or unauthorised disclosure. This is done through appropriate administrative, technical and physical measures.

5.2

We always use pseudonymisation as a method of securing the Personal Data we process as the Processor.

5.3

There is no 100% secure method of transmission over the Internet or method of electronic storage. Therefore, we cannot guarantee its absolute security. But we make our best efforts to make the transmission as secure as possible.

5.4

We never process any kind of sensitive data and criminal offence data not as a Controller nor as a Processor. Also we never undertake profiling of personal data.


6. Service providers

6.1

We may employ third party companies and individuals to facilitate our Service (‘Service Providers’), to provide the Service on our behalf, to perform Service-related services or to assist us in analysing how our Service is used.

6.2

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

6.3. Analytics

We may use third-party Service Providers to monitor and analyse the use of our Service.

6.3.1 Google Analytics

Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualise and personalise the ads of its own advertising network. You can opt-out of having made your activity on the Service available to Google Analytics by installing the Google Analytics opt-out browser add-on. The add-on prevents Google Analytics JavaScript (ga.js, analytics.js, and dc.js) from sharing information with Google Analytics about visits activity. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page. Your data will be stored in Google's network of data centers. Google maintains a number of geographically distributed data centers.

6.4. Behavioral Remarketing.

ANNEXUS uses remarketing services to advertise on third party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimise and serve ads based on your past visits to our Service.

6.4.1 Google AdWords.

Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customise the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on - https://tools.google.com/dlpage/gaoptout - for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy & Terms web page: https://policies.google.com/privacy?hl=en. Your data will be stored in Google's network of data centers. Google maintains a number of geographically distributed data centers.

6.4.2 Facebook

Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page. To opt-out from Facebook's interest-based ads follow these instructions from Facebook. Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings. For more information on the privacy practices of Facebook, please visit Facebook's Data Policy: https://www.facebook.com/privacy/explanation. Your data will be stored in Facebook data centers, located in Sweden, Denmark, and Ireland.

6.4.3 Mailchimp

Mailchimp is provided by Rocket Science Group. It is a marketing automation platform and email marketing service. You can learn more about this service from Mailchimp by visiting this page. For more information on the privacy practices of Mailchimp, please visit its Privacy Policy. Your data will be stored in Mailchimp data centers in the USA.

6.5. Form constructors and hosting providers

6.5.1 JotForm

JotForm is provided by JotForm Inc. This is an online form builder that helps you in creating forms, surveys, order forms, etc. Creating a form using JotForm is easy with its intuitive drag and drop method. You can learn more about this service from JotForm by visiting this page: https://www.jotform.com/help/. For more information on the privacy practices of JotForm, please visit JotForm's Privacy Policy: https://www.jotform.com/privacy/. JotForm servers are co-located in a cloud based architecture with Google Cloud and Amazon Web Services (AWS). Google Cloud data centers are hosted in Iowa (US). AWS data centers are located both in Germany, Frankfurt (EU) and US, Virginia (US).

6.5.2 Google Cloud web hosting

Google Cloud web hosting service is provided by Google Inc. It provides infrastructure tools and services to build and host web applications on and implements all our custom development projects with the latest technology and services provided by Google Cloud Platform. You can learn more about this service from Google Cloud by visiting this page: https://cloud.google.com/security/privacy. For more information on the privacy practices of Google Cloud, please visit Google Cloud's Privacy Policy: https://cloud.google.com/security/privacy.

6.6 Payments

We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your Personal Data is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information.

6.7 The payment processors we work with

6.7.1 Stripe

Their Privacy Policy can be viewed at this address.

6.7.2 Paypal.

Their Privacy Statements can be viewed at this address.

6.7.3 Google Pay

Their Privacy notice can be viewed at this address.

6.7.4 Apple Pay

Their Privacy and security overview can be viewed at this address.

6.8

For a complete list of Service Providers - contact us.


7. Children's privacy

7.1

We do not provide Services to children. Users declare themselves to be adults according to their applicable legislation.

7.2

Our Website and Services are not directed to persons under the age of 13. Minors may use our Website only with the assistance of a parent or guardian. Under no circumstances persons under the age of 13 may use the Website.

7.3

We collect data about all Users without verification of their age. We do not anticipate that some of those Users will be children.

7.4

Users shall not provide us with any Personal Data of children.


8. Applicability

8.1

This Privacy Policy is applicable to our Website. Our website contains links to other websites. Once redirected to another website, this Policy is no longer applicable.


9. Acceptance of the terms

9.1

We assume that all Users have carefully read this document and agree to its content. If one does not agree with this Privacy policy, they should refrain from using our Website.


10. Permitted disclosure

10.1

We may have to share your Personal Data with the parties set out below:

      • Other companies in our group who provide services to us.

      • Service Providers who provide IT and system administration services.

      • Professional advisers including lawyers, bankers, auditors and insurers

      • Government bodies that require us to report processing activities.

      • Third parties to whom we sell, transfer, or merge parts of our business or our assets.

10.2

We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, it’s explained in the cookie policy below.


11. Cookie Policy

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, it’s explained below.

What’s a cookie?

  • A “cookie” is a piece of information that is stored on your computer’s hard drive and which records how you move your way around a website so that, when you revisit that website, it can present tailored options based on the information stored about your last visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes.

  • Cookies are used by nearly all websites and do not harm your system.

If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings. You can block cookies at any time by activating the setting on your browser that allows you to refuse the setting of all or some cookies. By not blocking cookies and continuing to browse you are authorising the use of cookies. If you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.

How do we use cookies?

We use cookies to track your use of our website. This enables us to understand how you use the site and track any patterns with regards how you are using our website. This helps us to develop and improve our website as well as products and / or services in response to what you might need or want.

Cookies are either:

Session cookies: these are only stored on your computer during your web session and are automatically deleted when you close your browser – they usually store an anonymous session ID allowing you to browse a website without having to log in to each page but they do not collect any personal data from your computer;

or

Persistent cookies: a persistent cookie is stored as a file on your computer and it remains there when you close your web browser. The cookie can be read by the website that created it when you visit that website again. We use persistent cookies for Google Analytics.

Cookies can also be categorised as followed:

Strictly necessary cookies: These cookies are essential to enable you to use the website effectively, such as when buying a product and / or service, and therefore cannot be turned off. Without these cookies, the services available to you on our website cannot be provided. These cookies do not gather information about you that could be used for marketing or remembering where you have been on the internet.

Performance cookies: These cookies enable us to monitor and improve the performance of our website. For example, they allow us to count visits, identify traffic sources and see which parts of the site are most popular.

Functionality cookies: These cookies allow our website to remember choices you make and provide enhanced features. For instance, we may be able to provide you with news or updates relevant to the services you use. They may also be used to provide services you have requested such as viewing a video or commenting on a blog. The information these cookies collect is usually anonymised.


12. Changes

12.1.

From time to time, we may update this Privacy Policy. We will notify you about material changes by either sending an email message to the email address you most recently provided to us or by prominently posting a notice on our Service. We encourage you to periodically check back and review this Policy so that you always will know what information we collect, how we use it, and with whom we share it.


13. Contact us

13.1.

If you have any questions, the practices of this Site, or your dealings with this website, please contact us at privacy@annexus.co.uk.


ANNEXUS LTD

Registered address: Beechwood, Park Drive, Doncaster, DN5 7LP

Company number: 07525885