Updated: 15th April 2021
What this policy covers?
MatchPint recognises the importance of personal privacy and security and has developed this privacy statement in order to demonstrate our company commitment to privacy. In order to comply with the new General Data Protection Regulation (EU) 2016/679 and the Privacy and Electronic Communications (EC Directive) Regulations, or any revision or iteration as applicable, the following policy has been designed to give you a clear understanding of how your data is used, shared and protected. It also highlights the tools that can be deployed to protect your privacy and the rights you have, and how you can contact MatchPint. By visiting or making use of the MatchPint website, apps, services or features the user agrees to the policy below.
Scope of this policy
By using our site, in subscribing to our service, or filling in any online forms on our website, or other sites owned by MatchPint Ltd., you agree and accept that we process, store and use the personal data submitted in accordance with the policy below. You can review your rights in the “Your Rights” section.
MatchPint may act as either the Data Controller or the Data Processor depending on how you interact with the website, apps or services. Where it exists as the Data Controller we ensure that any Data Processors that we use are fully compliant and only use the data as set forth in this agreement.
Information We Collect
We collect information about you when you provide it to us, when you use our products, or when other services provide it to us.
Account information: When you register for an account on MatchPint, or from time to time if you provide it, you may enter your personal information including your name, email address gender, Facebook ID and date of birth.
Website visitors (Consumers): If you are one of our website, or other domains registered to MatchPint Ltd., visitors, we may collect non-personally-identifying information such as the browser type you are using, the referring site and date and time of each visit. We collect information when you register on our site, sign up a pub, subscribe to our newsletter or fill out a form.
Automatically collected information: Upon usage or interaction with our services we may track certain information about you. This includes information about the product features you use, web pages you visit, your location to serve relevant content and frequency of platform usage. We use this information in aggregate form only for statistical purposes.
Pub Clients (Customers): Upon registration we might take payment through our payment partner “GoCardless for Xero by Directli” who set up a Direct Debit authorisation to take payment. We do not store or hold any of this information. You can revoke this access at any time by logging in to your Directli account. We may also request your bank account details and VAT number to make reimbursement.
We process information (either personally-identifiable or not) we collect, that has either been provided directly or in-directly by you or automatically collected for certain business legitimate interests which may include some or all of the following:
In all cases where we use legitimate interests to process your Personal Data we have conducted Legitimate Interest Assessments to ensure that your rights and privacy are held in the highest regard. We also commit to constantly re-evaluating our stances and decisions when it comes to Legitimate Interests and anything else in this policy.
Data Storage and Protection
We use a variety of technical and internal security measures to ensure the safety and security of your data at all times, including authentication protocols.
MatchPint’s database is only accessible from the web server via an SSH connection, using registered SSH keys. The servers are secured and dedicated for MatchPint’s sole use and our fully supervised. All of our passwords are hashed as soon as they are inputted and cannot be retrieved except by you. We cannot guarantee the security of your data if you let any un-authorised access to your computer, phone or browser. We may also provide links to third party websites and we are not in control of their privacy policies or control, so we recommend that you understand these respective privacy policies.
Staff training & internal security measures
All MatchPint’s staff are trained and briefed on internal measures to protect security. These are constantly refreshed, and any new staff members are given full training. In addition, our offices are restricted access with key cards only to ensure to minimise the possibility of an internal data breach.
How long we keep information we collect about you depends on the type of account and information that we hold. We will only retain your personal information for as long as necessary to fulfil the reasons that we collected it for, including satisfying legal requirements, reporting purposes, and accounting requirements. We always consider the type of information that we hold, the amount collected, and how sensitive it may be. We will always minimise the risk from anyone using or sharing this information without your permission. After the time period is exceeded all data will either be securely deleted or some may be retained in non-personally identifiable aggregated form, in these instances we will be able to use this information without further notice to you.
If you delete, or request to have your account deleted, then your personal information (other than what is required to be kept by law) will be securely and irreversibly deleted, and your remaining information made anonymous and we will be able to use this information without further notice to you. Please note some information is required to be kept for legal and accounting reasons (see above).
Personal Information is a key component of our business and we do not rent, sell, trade, or otherwise transfer your personally identifiable information to anyone. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We will never pass on your information for marketing purposes, even to trusted third parties, without your explicit prior consent.
However, non-personally identifiable aggregate-level information may be provided to our clients or other parties for marketing, advertising, analysis, or other uses.
You have the right to request:
Where we have asked for consent, you have the right to withdraw at any time.
Children’s Online Privacy Protection Act Compliance
We are fully compliant with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. To the best of our ability all of our website, products and services are all directed to people who are at least 18 years old or older.
Third Party Data Processors
We are affiliated with a variety of organisations (commercial and non-commercial), with some of them functioning as Data Processors. We may supply you with information on behalf of our clients, however these will always come directly from us unless you have directly consented to be shared with them. We may also make use of other business to undertake processing for us, such as for hosting or other service providers, and therefore have a requirement to share your date with them. However, this will always only be for the purposes laid out in our contract with them and will not be for marketing purposes unless it is coming directly form us. All of our Third Parties have committed to the new GDPR regulations and have legal contracts with us and only process any data they receive for us for specific reasons as laid out in the contract, although we are not in control of their Privacy Policies, but we remain the Data Controller under these circumstances.
Below you can find a list of our sub-processors and the reason for using them:
This website uses Google Analytics as a Data Processor for MatchPint, a web analytics service provided by Google to track and evaluate web and app performance. Google Analytics uses the aforementioned cookies in order for MatchPint to evaluate how users interact with our platforms. You can find out more about Google Analytics and its practices here.
We may use Google’s remarketing products in order to display you ads across the Google Display Network (GDN). This enables us to let Google deliver our ads on sites across the web which are relevant to your behaviour on our website. This is done by creating visitors lists based on stored cookies in your browser. This is produced and conducted by Google and is not linked to your personal information in relation to the ads served. You can opt out of Google's use of Google Ads across the Google by modifying you “Ads Preferences Manager” to not serve you relevant ads.
Alternatively, there are other ways of not receiving targeted advertising by either surfing the web anonymously (via private browsing) or by visiting the Network Advertising Initiative and opting-out of these types of adverts.
MatchPint may change this policy periodically and will carefully monitor industry or government mandated changes and their impacts on this policy. We will always inform you of any amendments made to our policies.
Your information is controlled by MatchPint Ltd.
For all other queries regarding this policy and your personal data please get in touch with us at firstname.lastname@example.org. If you would like to remove all of your personally-identifiable information from our servers, please get in touch with the addresses above and MatchPint will respond within 30 days
This policy was updated on the 15th April to update our processing information and provide a comprehensive list of our sub-processors