SotoGo Privacy Policy
SotoGo (www.sotogo-6-2.northx.co.uk) takes the privacy of our users extremely seriously. This Privacy Policy includes information about the type of data that is collected and recorded by SotoGo and how we intend to use it.
If you have any additional questions, or would like to contact us, please email privacy@sotogo-6-2.northx.co.uk
This website is not intended for children and we do not knowingly collect data relating to children.
You have the right to refuse us processing your personal data for our legitimate business interests or for direct marketing purposes.
About us
The website sotogo-6-2.northx.co.uk is provided by NorthX Ltd. NorthX Ltd is a private limited company incorporated in (and subject to the laws of) England and Wales (registration number 07917942). Our registered address is 50 Castle Court, 1 Brewhouse Lane, London SW15 2JJ. NorthX Ltd is the Data Controller of the personal data you provide to us.
The personal data we collect and why
Personal data is any information that identifies you personally. This data may be collected directly from you (e.g. you providing us your name), or indirectly (e.g. information derived for how you use our website or our products and services).
We may collect the following data from you:
- Contact details: includes your name, email address, username and information we use to create accounts, to allow you to give feedback or leave reviews, or where you enter competitions or submit surveys.
- Marketing and Communications: Includes information about your preferences for receiving marketing from us or from third parties. When you have consented to receiving marketing information, we will use your personal data to contact you and inform our decisions about which information to provide to you (always inline with your stated communication preferences).
- Technical data: This includes information about the device you are using to access our website such as recording your IP address, details about your logins or accessing the website and the technology on the device you use to access the website.
- Profile data: Includes information that you have submitted such as username, password, interest and preferences that you have declared to us.
- Usage date: Comprised of information about how you use our website, products and services.
- Correspondence: We may collect any additional personal data that you provide to us if you contact us be email, telephone, through our website or by other means.
We also obtain information about you from other sources:
- Cookies and similar technologies: We monitor and follow your usage of our website using cookies and other similar technologies to enable certain features and functionality to be used. These technologies are also used to monitor the website’s usage and personalise your experience.
- Third Parties: We may make use of data that you have provided to third parties when you have given consent to that third party to provide this data to us.
What we do with your Personal Data
Use it to contact you
Provided that you have provided your consent or we otherwise have the right to do so, we may use your personal data to send you direct marketing and inform you of promotions by email, SMS, post or telephone relating to our products and services.
You can choose to unsubscribe from our direct marketing at any time by clicking the unsubscribe link in our email correspondence or by emailing us at privacy@sotogo-6-2.northx.co.uk
To provide Direct Marketing (including by third parties)
If you have provided consent for us to share your contact details with our trusted business partners then we may share your name, email address or telephone number with them. The trusted business partners may use this data to share details of their products, services and promotional offers. You will be able to unsubscribe from these partners by clicking the unsubscribe link in their emails or by adjusting your preferences via their website. To see which third parties and marketing partners we may share your date please see our Cookie Policy. ADD LINK
To monitor your usage of our website, communications, products and services
We use cookies and similar technology for a number of reasons:
- To provide additional functionality and important features on our website.
- To monitor how you use our communications and improve the service we offer as a result.
- To optimise our website, detect errors and identify problems with our interface.
To comply with our legal obligations and prevent fraud
In specific circumstances we may use your personal data to enable us to comply with our legal obligations. This includes for fraud detection, investigation and prevention purposes. This may require us to provide your personal data to law enforcement agencies including Trading Standards.
Legal Basis for Processing
Current data protection law permits us to only process your personal data if we satisfy one or more conditions. These conditions are set out in data protection law and we rely on the following grounds for the processing that we perform.
Consent
When you have provided your explicit consent for us to process your personal data and explicitly permitted us to perform stated tasks with it. The tasks that we might perform in these circumstances are:
- Send you marketing communications about our products, services and promotions.
- Conduct market research.
- Share your name, email address and telephone number with trusted business partners so that they may provide marketing to you about their own products, services and promotions.
Necessity for the performance of a contract or our legal obligations
It is necessary for us to process our contact details to set up an account for you or, if a contract exists between us, to fulfil our obligations. Examples of when this might be the case include:
- Where you have entered a competition or promotion with us.
- To communicate with you about changes to our Terms & Conditions, Privacy Policy or other similar information.
Necessary to fulfil our legitimate business interests or those of a third party
To perform our legitimate functions as a business it may sometimes be necessary to collect and process your personal data. The legitimate business functions are:
- To improve our understanding of our users so as to enhance our product, services and marketing.
- To comply with contractual obligations to third parties for purposes such as our gaining of insurance cover or loans.
- To improve, optimise and extend our website.
- To train our staff
- To provide informed responses to enquiries or complaints that you have made or deal with disputes that may arise in our provision of our products and services to you.
- To allow effective management and administration of our business.
- To comply with regulatory guidance, document retention and exercise or defend legal claims.
It is important to note that where we intend to rely on the legal ground of legitimate business need we are required by data protection law to consider whether our business needs are overridden by your interests or fundamental rights and freedoms. We may only continue to process your personal data only if we determine that your interests, rights and freedoms are not overridden by our legitimate interests.
We have considered these matters and on balance believe that the business functions described above provide benefits to you which are not outweighed by your interest or fundamental rights and freedoms.
Should we consider that there is a risk to your interests or fundamental rights and freedoms that might arise as a consequence of our processing your personal data, we will not do so unless there is another legal ground for doing so (for example you have provided your direct consent for us to do so) unless it is necessary for us to perform our contract with you or comply with our legal obligations.
Who we share your personal data with and where it is stored
We may share your personal data with:
- Our service providers and suppliers who perform certain business services for us and act as Data Controllers of your personal data on our behalf.
- Other organisations who may use your personal data for their own purposes and are Data Controllers of such data in their own right. These organisations may be located outside of the European Economic Area (EEA).
In certain circumstances we may disclose your personal data:
- If we have a duty to disclose or share your personal data to comply with a legal obligation.
- To protect the rights, property or safety of our business, our customers or others. This could be in order to protect against fraud.
- To successors in title or replacement operators of all or part of our business.
In some cases there may be a need to transfer your personal data outside the EEA. Such destinations might not have legislation which protects your data to the same extent as the EEA. We are required by data protection law to ensure that when data is transferred outside the EEA by our Data Processors it is treated securely and protected against unauthorised access, loss or destruction, unlawful processing and any processing which is inconsistent with the purposes detailed in this Privacy Policy.
Our suppliers and service providers
| Name of recipient | Why your personal data is shared | Location of processing | Safeguards used to protect personal data processed outside the EEA |
| 1&1 Ionos | 1&1 Ionos provides web hosting for our site | EEA | N/A – processing is taking place with the EEA |
| Google provide analytical data for our site | USA | Google confirms that it adheres to EU regulations including those on GDPR. |
How long we keep your personal date for
We will not retain your personal data for longer than is necessary for the purpose for which it was provided. This duration will vary depending on the type of data that has been provided. In determining how long the data is held, the following factors are considered:
- Recommendations from the relevant data protection authorities.
- Legal obligations under applicable law for retaining data.
- Potential or actual disputes.
- Statute of limitations under applicable law
Your rights
You have the following rights regarding your personal data:
Right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Policy.
Right of access
You have the right to obtain access to your personal data (if we are processing it) and certain other information (similar to that provided in this Privacy Policy). This is so you are aware and can check that we are using your personal data in accordance with data protection law.
Right to rectification
You are entitled to have your personal data corrected if it is inaccurate or incomplete.
Right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal data where there is no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.
Right to restrict processing
You have the right to ‘block’ or suppress further use of your personal data in certain circumstances. When processing is restricted, we can still store your personal data, but may not use it further. We keep lists of people who have asked for further use of their personal data to be ‘blocked’ to make sure the restriction is respected in future.
Right to data portability
You have the right to obtain and reuse your personal data in a structured, commonly used and machine-readable format in certain circumstances. In addition, where certain conditions apply, you have the right to have such information transferred directly to a third party.
Right to object to processing
You have the right to object to us processing your personal data for our legitimate business interests or for direct marketing purposes (including in each case any related profiling).
Right to withdraw consent to processing
If you have given your consent to us to process your personal data for a particular purpose (for example, direct marketing), you have the right to withdraw your consent at any time (although if you do so, it does not mean that any processing of your personal data up to that point is unlawful).
Right to make a complaint to the data protection authorities
You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we have handled your personal data or believe our processing of your personal data does not comply with data protection law.
Contact us
If you would like more information, wish to exercise your data protection rights or make a complaint about how we have handled your personal data, please contact us by emailing privacy@sotogo-6-2.northx.co.uk or by submitting a message through our Contact Us form.
If you’re not satisfied with our response to any enquiry or complaint or believe our processing of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) by:
- Writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF;
- Telephoning +44 303 123 1113
- Submitting a message through the ICO’s website at: org.uk.
Links to other websites
Our website contains hyperlinks to sites not managed or owned by us. These sites are not governed by our Privacy Policy and we encourage you to review their Privacy Policies before making use of these sites. We do not accept any responsibility or liability for the privacy practices of these third party websites and your use of such websites is at your own risk.
Changes to this Privacy Policy
This document was last updated on 18th April 2019. This policy may be updated in future and although we will endeavour to alert you to changes, we recommend that you check this policy before providing your personal data to us.
