Effective from 18 Feb 2024
This Privacy Notice provides information about how we collect and use your personal data. It also explains the rights you have in relation to your personal data and how to exercise them.
USEO™ is the trading name for the Union of Steward Employee Owners Ltd, a company limited by guarantee and registered in England and Wales under number 16180966.
USEO will be the ‘controller’ in relation to your personal data and is registered as a fee payer with the Information Commissioner’s Office (ICO).
We’re required to handle your personal data in accordance with the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018 (DPA) and certain other regulations relating to privacy and data protection.
We shall ensure that the personal data we hold is:
Account credentials data includes username, email address and mobile number (for two-factor authentication)
Audit trail data includes details of the actions taken by a user when logged into the platform including the time and date of such actions
Biographical and contact data includes your name, phone number, email address and other contact information provided by you
Communications data includes email communications, direct messages via social media and notes stored in our CRM system
Customer support data includes correspondence relating to any customer support queries submitted to us
Donation data includes the amount and frequency of your donations if you are an individual supporter
Social media data includes your social media handle/username, social media profile and any public exchanges between us
Technical data includes your IP address (which may indicate whether you are accessing our website from a corporate network and therefore reveal the name of your employer), unique device identifier, device type, browser type and the country or city in which you’re located
Tracking data includes information about how you arrived at content on our website and how you interacted with it (such as the links you clicked and how long you spent on certain pages)
We also collect and use statistical and demographic data, for example, to understand the profile of visitors to our website and the content that appeals to them. While such data may be derived from your personal data, if it can’t directly or indirectly identify you, it doesn’t constitute ‘personal data’. However, if we’re able to combine that data with other data to identify you, then we will treat it as personal data in accordance with this privacy notice.
We'll use your personal data for the purposes listed below. Against each of these purposes, we've identified which categories of personal data listed above are required and the legal ground relied on by us in line with the GDPR and DPA.
| Purpose | Categories of personal data | Legal ground |
|---|---|---|
Processing donations from individual supporters | Processing is necessary for the performance of a contract with you as an individual supporter | |
Ensuring the security and stability of our platform | Our legitimate interests in maintaining the security of our platform, infrastructure and data | |
Monitoring the use of our platform | Our legitimate interests in understanding how our platform is used for service improvement purposes | |
Providing support | Our legitimate interests in providing a positive experience and dealing with any questions relating to USEO, pledges and donations, and use of our platform | |
Responding to any enquiries submitted using forms | Our legitimate interests in responding to enquiries submitted through our website concerning USEO | |
Sending you our email newsletter | Where your email address is a corporate email address, we may rely on our legitimate interests in adding you to our mailing list; if you subscribe directly, your consent | |
Engaging with you on social media platforms | Our legitimate interests in engaging with potential new customers, employees, suppliers and marketing contributors via social media | |
Tailoring how our website is presented to you and keeping our website secure | Where we can do so without storing any cookies or similar files on your device, our legitimate interests in tailoring the content of our website to your location and type of organisation you work for; if we need to store cookies or similar files on your device, your consent |
We may also use your personal data for purposes that are compatible with the above purposes. In doing so, we'll take into account various factors including the link between the original purpose and the purposes of the intended further processing, the nature of our relationship, the nature of the personal data, the potential consequences for you and any additional safeguards that we can put in place.
We'll generally get your personal data directly from you, but may also receive personal data from your employer where relevant.
Depending on which of the purposes listed above applies, we may share your personal data with:
The core systems we use to provide our services are hosted on servers within the United Kingdom (UK) and the European Economic Area (EEA). When it comes to providing our payment services, we won’t transfer any personal data outside the UK or EEA unless:
We will only keep your personal data for as long as necessary in connection with the purposes for which we collected it. We maintain a data retention schedule for each category of personal data we hold.
We will retain technical data and tracking data for up to 2 years from when it was collected, communications data for up to 3 years from the date of the last communication and social media data for as long as it remains available in the public domain.
You may withdraw your consent from storing cookies and similar files using the options on our website or through your browser settings. You may also unsubscribe from our newsletters at any time by clicking the ‘unsubscribe’ link in the footer of each email and, in any case, we will ask you to confirm whether you want to continue receiving newsletters from us every 2 years.
You’ve got several important rights in relation to the personal data we hold about you. The most relevant are:
Some of the above rights only apply in certain circumstances and may be subject to certain exemptions. You’ll not have to pay any fee to exercise any of the above rights, though we may charge a reasonable fee or refuse to comply with your request, if permitted to do so by law. Where this is the case, we’ll let you know. To protect the confidentiality of your personal data we may ask you to verify your identity before fulfilling any request in relation to your personal data.
You’ve the right to complain if you’re not happy with how we have collected or used your personal data. We would hope to resolve any issues informally but, if we can’t, you also have the right to raise a complaint with the ICO.
If you have any questions regarding this Privacy Notice, or you wish to update your preferences or exercise any of the legal rights described above, you can do so by emailing [email protected].