1 Who we are
We are Lunebase Ltd, a company registered in England (company number: 12519446). Our registered office is at Lunebase Ltd, The Hive, Halton Mill, Halton, Lancashire, LA2 6ND.
We are committed to protecting the privacy and security of your personal information, in accordance with the applicable data protection laws, including the General Data Protection Regulation (Regulation (EU) 2016/679).
2 How to contact us
If you have any questions about this privacy notice or our data protection policies generally, please contact us:
By post: Lunebase Ltd, The Hive, Halton Mill, Halton, Lancashire, LA2 6ND
By email: firstname.lastname@example.org
3 Privacy notice
We are committed to protecting your personal data and your privacy. This privacy notice sets out the basis on which any personal data we collect from you, or that you provide to us, or that we acquire through a third party, will be processed by us.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Cookies are small files saved to your computer’s hard drive that track, save and store information about your interactions and usage of the Site. This allows the Site, through its server to provide the users with a tailored experience.
5 Users of our website / platform
What information do we collect and process?
- Telephone: If you call us, we will collect your name and telephone number, and whenever relevant, we may collect other contact details.
- E-mail: If you e-mail us, we will collect your name, e-mail address and the contents of your message and any attachments.
- Website contact forms: When you fill out any of our contact forms, we will collect your name and your email address.
- Post: Any correspondence you send to us by post, we may collect any personal data contained in such correspondence.
Where you create an account with us to use our products and services, we will collect personal data about you from your use of our products and services.
Anonymised Aggregated Data – We also collect, use and share anonymised aggregated data such as statistical or demographic data for any purpose. Aggregated anonymised data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.
We may monitor e-mails and other electronic messages for security reasons. We use e-mail monitoring or blocking software.
We may use third parties to develop or provide our services, and these third parties will have access to your personal data that we store. The third parties we use are data processors and will only process your personal data on our instructions and subject to obligations of confidentiality.
When we process your personal data in connection with telephone calls, e-mails, Website/Application contact forms or other media, we do so on the basis of our legitimate interests in responding to customer and other queries and in creating and retaining records of such communications for training purposes and for evidentiary purposes.
We will collect “special categories” of personal data through our Website/Application contact form or other media. We may also generate special categories of personal data through your use of the Application. Special categories of personal data includes health data. In order to lawfully process special category personal data, we must have a lawful basis to do so and also have your explicit consent for such processing. Our lawful basis for processing special category personal data which you provide us or is generated by us so we may fulfil our contract with you. Where we collect special category personal data through our Website/Application contact form or we generate special category personal data through your use of our services then we do this only with your explicit consent, and this explicit consent is granted via our consent forms. You have the right to withdraw consent to the processing of your special category personal data at any time, however we may not be able to provide our full services to you if you do withdraw consent to such processing.
6 How long do we retain your data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. This includes satisfying any legal, accounting, or reporting requirements.
We will only ever contact you for direct marketing purposes where you have clearly expressed a preference for us to do so. You can stop receiving such correspondence at any time by simply letting us know. You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels.
You can stop direct marketing communications from us by:
- Clicking the ‘unsubscribe’ link in any email communication that we send you.
- Emailing us at email@example.com
- Writing to us at the address in section 2.
8 Additional Information
We may disclose your personal data to third parties if we are acquired by a third party. In this instance the personal data held by us about our customers and users will be one of the transferred assets.
We do not transfer personal data outside of the European Economic Area (EEA). If you use the Lunebase platform in a country outside the EEA, your personal data will be transferred to and processed in the country where you have accessed the platform. You acknowledge that any transfer of your personal data out of EEA is your responsibility.
9 Data Security
We have in place security measures to prevent your personal data from being accidentally lost, used or accessed in any unauthorised manner. We limit access to your personal data to only named employees, agents and contractors. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
In the event of any suspected personal data breach we will notify you and any applicable regulator of a breach where we are legally required to do so.
10 Your rights
Access to information
The Data Protection Legislation gives you the right to access information held about you. Commonly known as a “data subject access request”. This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it. You will not have to pay a fee to access your personal data.
Right to be Forgotten
In certain circumstances you can request us to delete all information we hold which identifies you. You can make this request at any time by emailing: firstname.lastname@example.org but please note we may be compelled to maintain your information due to specific legislative or regulatory requirements.
You have the right to require us to correct any inaccuracies in your data free of charge. You can exercise this right at any time by emailing: email@example.com You will need to provide us with enough information to identify you and specify the information that is incorrect and what it should be replaced with.
If you want to exercise any of these rights, please contact us using the details in section 2.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
You have the right to complain to the Information Commissioner’s Office, which is the regulator for the way companies process personal data.