With this policy, “we”, “us” and “our” refer to DropBox2Go. We (DropBox2Go) are the data controller for the purposes of this policy, the Data Protection Act 1998 and the EU General Data Protection Regulation (the ‘GDPR’).
1.1. We are dedicated in securing the personal data that we keep and use as reverence to your privacy.
1.2. The policy and other archives that we may mention to within this policy defines the data that was collected from you or about you by us, and the way we might use it every now and then.
1.3. This policy implements where we are acting as a data controller; in other words, where we are deciding where and how we utilize the personal data provided to us by you.
2. How we use your personal data:
In section 2 we outline:
a. The kinds of data we possibly will gather and/or continue;
b. The origin of data we possibly will collect;
c. The points for which we possibly will process that personal data and the legal basis of that processing.
2.1. The types of personal data we may collect:
a. The technical data about your use of our website. This may consist of your IP address, geographical location, details of your browser type and version, your operating system, referral source. Also, the data about how you use our website for instance pages you view and the period of your visit.
b. Your account data like your email address and login password if you are registered on our websites.
c. The profile data that you willingly supplied, for instance your name, address, telephone number and date of birth.
d. Your transaction data, as well as your credit or debit card details for the purpose of completing a contract to use the services offered through our website.
e. The service data that you supplied for the purpose of fulfilling the service that you purchase through our website. Precisely, information about your parcel(s) like address information for both the sender and recipient of your parcel(s), details required for customs such as the contents of your parcel(s) and the value of the contents.
f. The correspondence data, for instance transcripts of any conversations you may have with us, for the purpose of providing you with assistance when using our website or services.
2.2. The source of data we may collect:
Data we collect may be from one of the following sources:
a. Directly from you: Information you willingly supplied when using our website (perhaps, when you register, buy a service, leave a review or contact our customer service team). This encloses information you may provide about the recipient of the parcel such as their name, address, email and telephone number.
b. From different sources: We work diligently with third parties catering services to us, and we may receive information about you from them, for example:
I. sub-contractors providing services facilitating payment
II. social networking platforms
III. analytics providers
IV. search information providers
d. Through your browser or device, or through our servers:
1. Your browser spontaneously discloses certain information to us when you use our websites (see Section 2.1.A for examples).
e. Our servers may log your IP address and the pages you view on our websites.
2.3 The purposes for which we may process that personal data and the legal basis of that processing:
We may use your data for a variety of purposes related to the products and services we provide. The legal basis for such processing is set our below:
|Why we use your data||Lawful Basis|
|To perform or contract with you||To comply with legal obligations||To pursue legitimate interest|
|To provide you services under our terms and conditions||x|
|To verify your identity||x||x||x|
|To deal with enquiries or complaints you have||x|
|To detect and prevent fraud and other crimes||x|
|To make improvements to services we provide||x|
|To let you know about important changes to our policies||x|
|Management purposes such as accounting, or auditing||x||x|
|To review and improve your experience on our website||x|
|To ensure the information we hold about you is up to date||x||x|
|For advertising and marketing purposes||x|
3. How we share your data:
We will never sell, rent or swap your personal data or share it to anybody else for them to use for their own intends without making that clear to you.
There are however different ways in which we will share your data:
3.1. We may divulge your personal data to any member of our group of companies (including subsidiaries or our holding company) insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.2. We may divulge your personal data to suppliers and contractors insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.3. We may divulge your personal data to payment service providers in order to process payment for services or otherwise insofar as it is reasonably necessary and on the legal basis set out in section 2.3 of this policy.
3.4. We may divulge your personal data where necessary for compliance with our own legal or regulatory obligations.
3.5. International transfer of your data: Some business process may require that your data be transmitted or stored in countries outside of Europe, for example where our service to you requires delivery to somewhere outside of the EEA and we engage international third party suppliers to fulfil that service to you. Whenever we send (or permit a third party) to send your data outside of the EEA we will take the necessary steps to protect your data as required by law. For example, we may rely on service providers or contractors to adhere to certain compliance programs overseas.
4. Security & retention of your personal data:
4.1. We take data security very earnestly. We have carried out various strategies, controls and measures to look after and secure your data and regularly review those measures. For example, all transfer of data between your browser and our websites are encrypted with SSL technology and payment card data is protected in accordance with the industry approved security controls, the Payment Card Industry (“PCI”) Data Security Standard.
4.2. We will only preserve your data for as long as is necessary for the purposes outlined in this policy. The times for which we retain data vary according to the type of data and the purpose for which we initially collected it. For example, certain transaction data may be retained for many years to comply with our legal obligations, and other data may be kept for a different period because it’s in our
legitimate interests to do so in order to provide a good service.
Our internal data retention policy is frequently reviewed. Once a retention period has elapsed any data held is deleted securely.
5. Your Rights:
The law gives you a number of rights to your personal data and our use of it.
You have the right:
5.1. To see what personal data we hold about you and find out how we process the data.
5.2. To ask us to update personal data we hold about you.
5.3. To ask us to delete your personal data (in some circumstances) without unnecessary delay. For example you may request erasure include when that is in relation to consent-based processes such as direct marketing, however we reserve the right to retain data where necessary for us to complete our regulatory or other legal compliance obligations.
You also have the right to complain about our use of your personal data. You may do so in the EU member state that you live, your place of work or the place of the alleged infringement.
6. How to contact us:
If you have any questions or concerns regarding your personal data you are welcome to contact us:
6.1. By email at [email protected]
7. Amendments to this policy:
7.1. We are updating this policy from time to time; all new versions will be published on our website.
7.2. We will email you to inform you of changes to this policy.
7.3. You should check our website randomly to check for any updates or changes to this policy.