Document Portal Privacy Policy

Date of Publication: 28^th April 2022

 

This is the Document Portal Privacy Policy of My Wealth Cloud Limited. It describes how we respect your privacy and look after your personal data (otherwise known as “protected data”) when you interact with our portal and it tells you about your privacy rights and how the law protects you.

 

If you are using the Document Portal as a client or authorised user of a third-party business or organisation, that business or organisation should have its own policies regarding storage, access, modification, deletion, and retention of your personal data which apply to your use of the Document Portal and you should refer to these.

 

Important information and who we are

My Wealth Cloud Limited (“we“, “us“ or “our” in this privacy notice) is committed to protecting and respecting your privacy and personal data.

 

This privacy policy sets out the basis on which any personal data we collect from you, or that you provide to us, when you interact with us, will be processed by us. Our Document Portal is not intended for children use and we do not knowingly collect data relating to children.

 

Please read the following carefully to understand how and why we are using your data. This supplements any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you and is not intended to override them.

The data controller for users of the Document Portal with direct agreements with us, is My Wealth Cloud Limited, (a company registered in England and Wales with company registration number: 07562559) whose registered office address is 55 Station Road, Beaconsfield, Buckinghamshire, HP9 1QL. Our email address is info@docportal.co.uk. Our ICO Registration number is: Z2742632.

 

Where your access to the Document Portal is as a client, employee or agent of a third-party organisation, the third-party is the Data Controller and we act as the Data Processor only. You are referred to the Privacy Notice of the relevant third-party organisation for information as to how your personal data is collected and used by that organisation.

 

We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy notice. Our Data Protection Officer (DPO) is: George Harris, who can be contacted via the details provided above.

 

Changes to the privacy policy and your duty to inform us of changes.

 

We keep our privacy policy under regular review and we therefore encourage you to check and review our privacy policy on a regular basis. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

 

Third-party links

Our Document Portal may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our Document Portal, we encourage you to read the privacy notice of every website you visit.

 

INFORMATION WE MAY COLLECT FROM YOU

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been irretrievably removed (anonymous data) or the data cannot be linked with other data to identify an individual.

 

To provide the Document Portal services (dependent upon the contractual relationship you have entered into either directly with us or with a third-party organisation) we need to capture or process the following personal information:

·        Your Name

·        Your Email Address

·        Your Mobile Telephone Number

 

This information is used to create a unique account for you and paired with a unique identifier. We cannot provide the full range of Document Portal services without this information.

 

In addition to the information detailed above we may capture and process the following personal information within the Document Portal:

·        Your Address

·        Other Telephone Numbers

·        Your Date of Birth

·        Your bank account and payment card details (if you have entered into a contract directly with us)

·        Your IP Address

 

This information is processed and presented to ensure the records we hold are correct and up to date. You can update this information at any time through the Profile area of the Document Portal.

 

To support the delivery of the Document Portal services we may also collect or process information about you in the following ways;

·        From an organisation with whom you have an existing relationship as a client, employee or agent or through your ability to share access with others e.g. family members or friends to your private area of the Document Portal.

·        Directly from you where you have registered for a Document Portal account facility (i.e. create an account on our website) directly with us.

·        Information that you provide to us when you write to us (including by email);

·        Information that you provide to us when we speak to you by telephone or in person. We may make and keep a record of the information you share with us;

·        Information that you provide to us by completing surveys or participating in competitions. We may ask you to complete surveys that we use for research purposes, although you do not have to respond to them;

·        Details of your visits to the Document Portal and related sites including, but not limited to, traffic data, location data, weblogs, device and operating system information and other communication data, whether this is required for our own billing purposes (if you have

entered into a direct contract with us) or for the purposes of your contract with a third party organisation and the resources that you access;

·        Technical data which includes internet protocol (IP) address, login data, cookies (see our policy statement below), browsing patterns;

·        Information obtained by us from third parties in accordance with a processing agreement entered into between the third-party organisation and us.

 

We process the above information on the grounds of performance of a contract between us and you (in the case of a direct agreement) or the performance of a contract between you and a third-party organisation to whom we provide access for you to the Document Portal services.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

 

Special categories of data. In pursuance of the performance of a contract you have entered into with a third-party organisation in some circumstances we may process special categories of personal data. This includes data which can reveal an individual's racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. It also includes processing of genetic data, biometric data for uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation. You should have given your explicit consent to the collection and processing of such data to the relevant third-party organisation e.g. this may apply where you have applied for a life insurance policy.

 

UPLOADING DOCUMENTS

We are obviously unable to tell what type of information will be contained in any of your documents that you may wish to upload. It is your responsibility to ensure you understand the content of any documents uploaded to the Document Portal.

 

Where you have uploaded documents on behalf of a third-party organisation for whom you are an authorised user, these will be processed in accordance with the processing agreement between the Customer and Us.

 

Where your access to the Document Portal has been provided as a client of a third-party organisation, any of your documents are uploaded to the Document Portal at your own choice and pursuant to your contractual relationship with the third-party organisation and as such we process this information under the legal basis of the processing agreement between the third party organisation and Us. However, you can delete your documents from the Document Portal at any time save where they are loaded to a shared area between you and a third-party organisation.

 

Where your access to the Document Portal is through a direct agreement with My Wealth Cloud any documents uploaded to the Document Portal will be processed as part of our obligation to you to fulfil the contract between us. As above, you can delete any documents you have uploaded to the Document Portal at any time.

 

HOW LONG DO WE KEEP YOUR DATA

We will retain all the information required for the delivery of Document Portal services for the duration of your account with us. Unless they are required for the purposes of legal proceedings described above, we will retain your documents until you delete them or close your account.

We may retain some small amounts of information (such as your name and email address) as is required to fulfil any legal, regulatory, tax, accounting or reporting obligations.

 

 

IP ADDRESSES, COOKIES AND SESSIONS

Cookies are widely used to make online systems work, or work more efficiently, as well as to provide information to the owners of the website.

 

We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration to report aggregate information to our development teams and advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

 

Cookies contain information that is transferred to your computer’s hard drive. They help us to improve the Document Portal and to deliver a better and more personalised service. Some cookies are essential to the operation of the Document Portal. They enable us:

·        To estimate our user population size and usage pattern;

·        To recognise referred traffic for marketing, promotions and introductory offers.

·        To speed up your searches;

·        To recognise you when you return to Our Site;

·        To make your browsing experience more convenient.

 

What cookies do we use?

Google Analytics – To estimate our audience size and usage pattern. These are identified as _utma to

_utmz. Some cookies expire at the end of the session and other remain on your computer or device. For more details see http://www.google.com/analytics/index.html

 

PHPSESSID – A session is a way to identify and manage the state – the session variables – for a particular user. We use it to identify the landing page of a user and determine if this is referred traffic from marketing, promotion or introductory offer which will pass the promotional details when the user Applies.

 

Hotjar - We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.

For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.

 

What if I don’t want to accept cookies from the Document Portal?

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you select this setting or do not consent to the use of cookies by us, you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system may issue cookies when you log on to or visit our website.

 

WHERE WE STORE AND PROCESS YOUR PERSONAL DATA

All data submitted to the Document Portal is stored within our cloud based servers within Amazon web services (AWS) UK based datacentre.

 

We use sub-processors to assist in the fulfilment of processing activities in accordance with the terms of service agreed and any additional instruction received from users. For example, we may pass your email address to our SMTP relay providers to deliver system generated notifications to you.

The information we collect from you may be transferred to, and stored at, a destination inside or outside the European Economic Area (“EEA”•). It may also be processed by staff operating inside or outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the processing of your contact details and the provision of support services. By submitting your personal data, you agree to this transfer, storing and/or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

 

USES MADE OF THE INFORMATION

We may use information held about you in the following ways:

·        To facilitate the provision of services through the Document Portal or otherwise;

·        To ensure that content from the Document Portal is presented in the most effective manner for you and for your computer;

·        To provide you with information, products or services that you request from us, where you have consented to be contacted for such purposes;

·        To carry out our obligations and enforce our rights arising from any contracts entered into between you and us;

·        To allow you to participate in interactive features of the Document Portal, when you choose to do so;

·        To notify you about changes to the Document Portal.

 

If you are an existing Customer or user with a direct agreement, we will only contact you by electronic means (telephone, email or SMS) with information about goods and services similar to those which were the subject of a previous sale. We will not otherwise contact you by electronic means to provide you with information about goods and services which may be of interest to you, unless you have consented to this. If you are a new customer we will only contact you by electronic means to provide you with information about goods and services which may be of interest to you if you have consented to this.

 

We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users (for example, we may inform them that 500 men aged under 30 have clicked on their advertisement on any given day). We may also use such aggregate information to help advertisers reach the kind of audience they want to target (for example, women in SW1). We may make use of the personal data we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisements to that target audience.

 

We do not undertake any automated decision-making processing activity.

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

 

We may disclose your personal information to third parties:

·        In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

·        If we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers will be one of the transferred assets.

·        If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions of Website Use and/or other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organisations, such as credit reference agencies and fraud prevention agencies, for the purposes of fraud protection and prevention, credit risk reduction and to pursue debtors.

·        If we use a third party to host the servers on which your personal information is stored.

·        In any other manner mentioned elsewhere in this policy.

 

TRANSFER OF YOUR PERSONAL DATA OUTSIDE THE EEA

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

•Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

•Where we use providers based in the United States of America (US), we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

 

 

YOUR RIGHTS

In accordance with the GDPR, and insofar as is technically feasible you have the right to request access to, and rectification or erasure of personal data as well as the right to restrict or object to processing concerning your data or withdraw consent for such processing, and the right to data portability. For further information on these rights please click here.

 

If you wish to exercise any of these rights, please email us at info@docportal.co.uk. Please refer to our Data Subject Access Request Policy.

The Document Portal does not undertake any automated decision making or profiling with your information.

 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.