Privacy Policy

Within this policy Crugo is referred to as ‘us’ or ‘we’ and the visitor/user of the service is referred to as ‘you’ or ‘your’. We are committed to safeguarding the privacy of our service visitors and account holders; this policy sets out how we will treat your personal information when you use this service.

With the exception of the information you provide when creating an account, the information we gather is anonymous and you cannot be personally identified. This information is to monitor changes in trends, software and usage which enables us to maintain a website that remains user-friendly and compatible with users equipment. Whether you are personally identifiable or not you can be assured the data we collect will only be used in accordance with this policy.

Who & What Does This Policy Apply To?

Our Privacy Policy deals with how we handle “personal information” as it is defined in the Privacy Act (Personal Information). We handle Personal Information for our own business, as well as potentially storing Personal Information in our systems on behalf of our customers and users that input Personal Information into our systems.

Our Privacy Policy does not apply to information we collect about businesses or companies, however, it does apply to information about the people in those businesses or companies which we store. The Privacy Policy applies to all forms of information, physical and digital, whether collected or stored electronically or in hardcopy.

Our website and services are unavailable to children (persons under the age of 18 years). If an individual is under 18 years of age, they can only use our website and services under the supervision of a parent or guardian.

What Information Do We Collect?

In the course of business it is necessary for us to collect Personal Information. This information allows us to identify who an individual is for the purposes of our business, share Personal Information when asked of us, contact the individual in the ordinary course of business and transact with the individual. Without limitation, the type of information we may collect is:

• Personal Information. We may collect personal details such as an individual’s name, location, date of birth, nationality, family details and other information defined as “Personal Information” in the Privacy Act that allows us to identify who the individual is;

• Contact Information. We may collect information such as an individual’s email address, telephone & fax number, third-party usernames, residential, business and postal address and other information that allows us to contact the individual;

• Financial Information. We may collect financial information related to an individual such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our services;

• Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes; and Information an individual sends us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities.

We may collect other Personal Information about an individual, which we will maintain in accordance with this Privacy Policy. We may also collect non-Personal Information about an individual such as information regarding their computer, network and browser. This may include their IP address. Where non-Personal Information is collected the UK Privacy Principles do not apply.

Any time an individual provides Personal Information or other information about someone other than himself or herself, the individual warrants that they have that person’s consent to provide such information for the purpose specified.

How Information Is Collected

Most information will be collected in association with an individual’s use of Crugo, an enquiry about Crugo, or generally dealing with us. However we may also receive Personal Information from sources such as advertising, an individual’s own promotions, public records, mailing lists, contractors, staff, and our business partners. In particular, information is likely to be collected as follows:

• Registrations/Subscriptions. When an individual registers or subscribes for a service, list, account, connection or other process whereby they enter Personal Information details in order to receive or access something, including a transaction;

• Accounts/Memberships.

• When an individual submits their details to open an account and/or become a member with us;

• Supply. When an individual supplies us with goods or services;

• Contact. When an individual contacts us in any way;

• Access. When an individual accesses us physically we may require them to provide us with details for us to permit them such access. When an individual accesses us through the internet we may collect information using cookies (if relevant – an individual can adjust their browser’s setting to accept or reject cookies) or analytical services; and/or Pixel Tags.

As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that an individual is always aware of when their Personal Information is being collected.

Where we obtain Personal Information without an individual’s knowledge (such as by accidental acquisition from a client) we will either delete/destroy the information, or inform the individual that we hold such information, in accordance with the UK Privacy Principles.

Use & Disclosures

In general, the primary principle is that we will not use any Personal Information other than for the purpose for which it was collected other than with the individual’s permission. The purpose of the collection is determined by the circumstances in which the information was collected and/or submitted.

We will retain your personal data for as long as it is needed to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

It may be necessary for us to disclose an individual’s Personal Information to third parties in a manner compliant with the UK Privacy Principles in the course of our business.

We will not disclose or sell an individual’s Personal Information to unrelated third parties under any circumstances.

Information is used to enable us to operate our business, especially as it relates to an individual. This may include: The provision of goods and services between an individual and us; Verifying an individual’s identity; Communicating with an individual about: Their relationship with us; Our goods and services; Our own marketing and promotions to customers and prospects; Competitions, surveys and questionnaires; Investigating any complaints about or made by an individual, or if we have reason to suspect that an individual is in breach of any of our terms and conditions or that an individual is or has been otherwise engaged in any unlawful activity; and/or As required or permitted by any law (including the Privacy Act).

There are some circumstances in which we must disclose an individual’s information: Where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of; As required by any law (including the Privacy Act); and/or In order to sell our business (in that we may need to transfer Personal Information to a new owner).

We will not disclose an individual’s Personal Information to any entity outside of the UK that is in a jurisdiction that does not have a similar regime to the UK Privacy Principles or an implemented and enforceable privacy policy similar to this Privacy Policy. We will take reasonable steps to ensure that any disclosure to an entity outside of the UK will not be made until that entity has agreed in writing with us to safeguard Personal Information as we do.

We may utilise third-pay service providers (such as Intercom from Intercom, Inc.) to communicate with an individual and to store contact details about an individual. These service providers are located in the United States of America.

All our website financial transactions are handled through our payment services providers, Stripe and Recurly. You can review their respective privacy policies at https://stripe.com/privacy and https://recurly.com/security/ We will share information with our payment services providers only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.

Your Rights

An individual may opt to not have us collect their Personal Information. This may prevent us from offering them some or all of our services and may terminate their access to some or all of the services they access with or through us. They will be aware of this when: Opt-In. Where relevant, the individual will have the right to choose to have information collected and/or receive information from us; or Opt Out. Where relevant, the individual will have the right to choose to exclude himself or herself from some or all collection of information and/or receiving information from us.

If an individual believes that they have received information from us that they did not opt in or out to receive, they should contact us on the details below.

Security Of Your Personal Data

We may appoint a Privacy Officer to oversee the management of this Privacy Policy and compliance with the UK Privacy Principles and the Privacy Act. This officer may have other duties within our business and also be assisted by internal and external professionals and advisors.

We will take all reasonable precautions to protect an individual’s Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

The security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.

We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s Personal Information to in accordance with this policy or any applicable laws). The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.

If an individual suspects any misuse or loss of, or unauthorised access to, their Personal Information, they should let us know immediately.

We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorised to provide that person with the Personal Information.

You are responsible for keeping your password and login details confidential. We will not ask you for your password (except when you log in).

Updating & Accessing Your Information

Subject to the UK Privacy Principles, an individual has the right to request from us the Personal Information that we have about them, and we have an obligation to provide them with such information within 28 days of receiving their written request.

An individual has the right to request the removal of any and all Personal Information that we have about them, and we have an obligation to remove such information within 28 days of receiving their written request.

If an individual cannot update his or her own information, we will correct any errors in the Personal Information we hold about an individual within 7 days of receiving written notice from them about those errors.

It is an individual’s responsibility to provide us with accurate and truthful Personal Information. We cannot be liable for any information that is provided to us that is incorrect.

Complaints & Disputes

If an individual has a complaint about our handling of their Personal Information, they should address their complaint in writing to the details below.

If we have a dispute regarding an individual’s Personal Information, we both must first attempt to resolve the issue directly between us.

If we become aware of any unauthorised access to an individual’s Personal Information we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed.

Contacting Individuals

From time to time, we may send an individual important notices, such as changes to our terms, conditions and policies. Because this information is important to the individual’s interaction with us, they may not opt out of receiving these communications.

Contact

All correspondence with regards to privacy should be addressed to: Privacy Officer, Crugo, Pure Offices, Hatherley Lane, Cheltenham, GL51 6SH, United Kingdom, or email support@crugo.com. You may contact the Privacy Officer by email in the first instance.

Policy Amendments

We may update this Privacy Policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.

We may do things in addition to what is stated in this Privacy Policy to comply with the UK Privacy Principles, and nothing in this Privacy Policy shall deem us to have not complied with the UK Privacy Principles.