fbpx

Privacy Policy

 

Introduction

Sanoflow (“Sanoflow”, ”we”, ”us”, ”our”) is committed to protecting and respecting your privacy.

We are committed to the protection of the personal data we process in line with the data protection principles set out in the UK General Data Protection Regulation (“UK GDPR”) and the EU General Data Protection Regulation (EU Regulation 2016/679) (“EU GDPR”) (together referred to herein as the “GDPR”); and the Privacy and Electronic Communications Regulations 2003 (“PECR”), as amended.

We have aligned our data protection compliance program to the core requirements of the GDPR, as this is considered the global “gold standard” of data protection regulation.

This privacy notice (“Notice”) explains how we treat personal information processed on our bespoke platform, Sanoflow, what we collect when you visit our website, contact us by email, phone, or through one of our social channels, or through other communications. It also explains what information we collect automatically when you visit our website and the information we collect when you use our services.

Please be aware that we have separate privacy notices for employees and job applicants. Please also be aware that our clients may have their own privacy notices on their respective websites.

Via our platform services, Sanoflow predominantly acts as a Data Processor for our clients. Meanwhile, we also act as Data Controller of employee data and of contact details of our clients. 

As an information-led business, we place great importance on ensuring the quality, confidentiality, integrity, and availability of the data we hold and in meeting our data protection obligations when processing personal data. We are committed to protecting the security of your personal data. We use a variety of technical and organizational measures to help protect your personal data from unauthorized access, use, or disclosure.

We update this Notice from time to time in response to changes in applicable laws and regulations, to our processing practices, and to the products and services we offer. When changes are made, we will update the date at the top of this document. Please review this Notice periodically to check for updates.

What information do we process?

Information provided by our clients

The categories of personal data processed by us vary between clients, but may include:

  • Name

  • Job Title

  • Business address

  • Business email address

  • Business telephone number(s)

  • Business financial information

  • Business type

  • Business size

  • Location data

Information provided to us via our website

We process all information you provide to us via our website (“our site”), by telephone, email, or otherwise. This includes information you provide when you register for our services as a client, enquire about a product or service, use one of the social media functions linked to our website, or you report a problem with our website.

The categories of personal data processed by us vary between clients, but may include:

  • Name

  • Job Title

  • Email address

  • Telephone number

  • Device and browser information

  • Location data

  • Details about how you browse our websites and platform

 

If you integrate third-party marketplace(s), such as e-commerce store(s) into Sanoflow, the additional categories of data Sanoflow collects and/or processes may include:

  • Inventory information

  • Order information

  • Customer information

 

 

If you submit a “Book a Demo” form on our website, we may collect additional information from you such as:

  • Company size

  • Business financial information

Cookies and Web Beacons

Sanoflow uses cookies on our website and web beacons in some emails. Cookies are small text files and web beacons are small graphic images. They are downloaded to your device when you visit a website or receive certain emails unless you have set your browser to reject them.

We use cookies to remember your preferences and improve your overall experience of our site. We use web beacons to track the actions of individuals (such as email recipients) and measure the success and response rates of our marketing campaigns.

Below is a list of the cookies we use and the purpose of use:

Type of Cookie

Purpose

Session Cookies

These enable you to carry out some essential functions on our sites, such as maintaining log-in details for the session or a transaction. They also help by minimizing the need to transfer information across the internet. They are not stored on your computer and expire when you terminate your browser session or logout of certain areas.

Analytics

We like to keep track of what pages and links are popular and which ones don’t get used so much to help us keep our site relevant and up to date. It’s also very useful to be able to identify trends of how people navigate our site and help us provide a more friendly solution.

Third-party cookies

Analytics tracking (and most web tracking software) use cookies in order to provide meaningful reports about site visitors. However, analytics cookies do not collect personal data about website visitors.

 

To learn more about cookies, web beacons, and what you can do to opt out of receiving them, please visit https://www.allaboutcookies.org/.

 

Purposes and bases for processing your personal data

We may use your data for the following purposes and on the following lawful bases:

Purposes

Lawful Bases for Processing

Responding to correspondence from you

It is in our legitimate interest to respond to enquiries made through our website, by telephone, email, through our social channels, or any other means

Processing data to facilitate client service requirements

We process personal data under written instruction, bound by the contract between us and our client

Business management, forecasting, and statistical purposes

It is in our legitimate interest to identify areas for managing current business relationships, developing our services, and conducting reasonable forecasts for our business

Improving our website and the overall website visitor and user experience

It is in our legitimate interest to allow analytics and search engine optimization to help improve and optimize our website We use cookies on our website with your consent

Prevention and detection of crime including money laundering, fraud, or other crimes

It is in our legitimate interest to identify areas for managing current business relationships, developing our services, and conducting reasonable forecasts for our business

Responding to suggestions and complaints in order to continually improve the services we provide

It is in our legitimate interest to provide the best service to users of our website and to increase features in order to continually improve and expand the services we provide

Analyse and track the use of our website for reporting and analytical purposes

It is in our legitimate interest to monitor our website usage in order to continually improve user experience

 

Sharing your information

If sharing your personal data becomes necessary for the purposes of providing our services to you, we will only share it where appropriate safeguards are in place, such as the UK International Data Transfer Agreement (“IDTA”) or the EU Standard Contractual Clauses (“SCCs”) with supplementary measures, to ensure your personal data is protected to the same standard expected under the GDPR.

We may, on occasion, engage the services of a third-party sub-processor. Any such third party will act under our written instructions and will adhere to strict data protection obligations, including the implementation of appropriate technical and organizational measures that meet the processing requirements of the GDPR.

We also use a third party for hosting infrastructure, website performance and management, error monitoring, support, and other functionality. The written contract in place between us and this third party provides for the maintenance of confidentiality, security, and integrity of the information we share with them.

Our website includes links to social media platforms (Facebook, Instagram, LinkedIn, Twitter). Once you navigate away from our site via one of the links, the site may collect your IP address and may set a cookie on your device. When you use one of these links, you are sharing information to another website or service and this Notice will no longer apply. Please read the privacy notices provided by the particular service website you are directed to, before posting any personal information using these links.

Direct marketing communications

To market, promote, and drive engagement of our products and services, we use data about you to send promotional communications that may be of specific interest to you. These communications are to drive your engagement and maximize the value of our services to you. Occasionally, we will use your name and address for marketing and promotional communications via written email, phone calls, faxes, postal mail, and text messages through platforms like SMS, WhatsApp, Telegram, and more.

In particular, by submitting a “Book a Demo” form on our Website, you consent to receive email messages, text messages, phone calls, faxes, and postal mail, including that of a promotional nature, from Sanoflow. Where local law permits, you consent to receive phone calls from Sanoflow and its affiliates, even if your phone number is listed on the “Do Not Call” registry. You may not provide consent on behalf of someone else or provide someone else’s contact information.

Your rights

The GDPR provides you with certain rights in relation to the processing of your personal data, including to:

  • Request access to personal data about you (a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.

  • Request rectification, correction, or updating of any personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

  • Request personal data provided by you to be transferred in a structured, commonly used, and machine-readable format.

  • Request erasure of personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal data where you have exercised your right to object to processing (see below).

  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you (e.g. if you want us to establish its accuracy or the reason for processing it).

  • Object to the processing of your personal data in certain circumstances. This right may apply where the processing of your personal data is based on the legitimate interests of Sanoflow.

Some of these rights are not absolute and are subject to various conditions under applicable data protection and privacy legislation, laws, and regulations to which we are subject. If at any time you would like to exercise any of your rights as set out above, you can contact us at compliance@sanoflow.io. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

In terms of direct marketing communications, your personal data is stored for marketing purposes as long as you have not objected to such marketing communication and/or the subscription to the email newsletter is active, as the case may be. Similarly, You can opt out of receiving our direct marketing communications at any time through our unsubscribe or opt-out mechanisms provided, or by contacting us at compliance@sanoflow.io.

If an opt-out request is received, you may still receive communications from us for up to ten (14) business days as we process the opt-out request. We reserve the right to continue sending out communications regarding service announcements, administrative messages, and accounts administration relating to Sanoflow that are necessary to our relationship with you. All data will be processed in accordance with this Privacy Policy.

In addition to the above, please note that you have the right to make a complaint at any time to the Information Commissioner’s Office if you are concerned about the way in which we are handling your personal data.

Data retention

We will retain your personal data for as long as is necessary to provide you with our products and ongoing services and for a reasonable period thereafter, to enable us to meet our contractual and legal obligations and to deal with complaints and claims.

At the end of the retention period, your personal data will be securely deleted in accordance with our Personal Data Retention Policy.

Your customers’ information

We collect and use personal information about your customers. In general, we only collect and use this personal information as directed by you. We will never use your customers’ information to independently market or advertise to your customers unless they are also using our applications or services directly.

You need to make sure your customers understand how you (and how we on your behalf) collect and process their personal information.

Also, if you are collecting any sensitive personal information from your customers (for example, information about health, race, ethnicity, genetics, biometrics, trade union membership, political opinions, philosophical or religious beliefs, criminal history, or sexual interests), you should get the affirmative, express consent from your customers to use and process this information.

Contact

You can contact us in relation to data protection and this privacy notice by emailing compliance@sanoflow.io.

    Start Free Trial