Privacy Policy

This policy

This privacy notice gives you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website when you sign up to our newsletter, or purchase a product or service from us.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

Apperio acknowledges that users of this website may wish to upload confidential company information when using Apperio's services. Such information may include personal data. The collection and protection of such information will be subject to a separate agreement with Apperio and is not covered in this privacy policy.

This version was last updated on 16 April 2018 and historic versions can be obtained by contacting us.

Who are we?

Apperio Limited is the controller and responsible for your personal data (collectively referred to as "Apperio", "we", "us" or "our" in this privacy policy). We are the Controller in relation to the personal data processed in accordance with this policy.

The data we collect about you

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data includes first name, last name, username or similar identifier and password, and email address.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

How is your personal data collected?

We use different methods to collect data from and about you including through:

  • Direct interactions. You may give us your Identity and Marketing and Communications Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
    • Apply for our products or services;
    • create an account on our website;
    • subscribe to our service or publications;
    • request marketing to be sent to you; or
    • give us some feedback.
  • Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data and / or Usage Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies.

Cookies

When you interact with our website, we try to make that experience simple and meaningful. When you visit our website, a web server sends a cookie or other similar technology to your computer or mobile device (as the case may be). Cookies are small pieces of information which are issued to your computer or mobile device (as the case may be) when you visit a website and which store and sometimes track information. A number of cookies we use last only for the duration of your web session and expire when you close your browser. Other cookies are used to remember you when you return to the website and will last for longer.

The cookies and/or other similar technologies we use collect information, such as the type of internet browser or mobile device you use, any website from which you have come to the website, your IP address and/or the operating system of your computer or mobile device.

We use cookies to:

  • remember that you have visited us before. This means we can identify the number of unique visitors we receive and for security reasons ensure that use of your account is by yourself and not another third party. This allows us to make sure we have enough capacity for the number of users that we get;
  • confirm that you have accepted the cookies banner notification;
  • customise elements of the layout and/or content of the pages of the website; and
  • collect anonymous statistical information about how you use the website (including how long you spend on the website) and where you have come to the website from, so that we can improve the website and learn which parts of the website are most popular with users.

Some of the cookies used by the website are set by us, and some are set by third parties who are delivering services on our behalf.

Most web and mobile device browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or mobile device. Please note, however, that by blocking or deleting cookies used on the website, you may not be able to take full advantage of the website.

What do we do with your personal data?

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.

We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

Purpose / Activity Type of data Lawful basis of process, including basis of legitimate interest
To register your interest in becoming a new customer Identity data Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) Identity, Technical and Usage data Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
To deliver relevant website content to you and measure or understand the effectiveness of the advertising we serve to you Identity, Technical and Usage data Necessary for our legitimate interests (to study how users use our products/services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences Technical and Usage data Necessary for our legitimate interests (to define types of users of our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

Promotional offers from us

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased services from us and, in each case, you have not opted out of receiving that marketing.

Who do we disclose your personal data to?

We may share your personal data with:

  • Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
  • Appropriate third parties including:
    • our business partners, customers, suppliers and sub-contractors for the performance of any contract we enter into or other dealings we have in the normal course of business with you or the person that you work for; and
    • our auditors, legal advisors and other professional advisors or service providers;
  • In relation to information obtained via our website:
    • analytics and search engine providers that assist us in the improvement and optimisation of our site and subject to the cookie section of this policy.

Other disclosures we may make

We may disclose your personal data to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets subject to the terms of this privacy policy.
  • If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of supply terms and other agreements with you; or to protect the rights, property, or safety of Apperio Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

What are the legal grounds for our processing of your personal data?

The basis on which we process your personal data is as follows:

  • Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, we will obtain and rely on your consent in relation to the processing concerned (see below for how to withdraw your consent at any time).
  • Otherwise, we will process your personal data only where the processing is necessary:
    • for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
    • for compliance with a legal obligation to which we are a subject; or
    • for the purposes of the legitimate interests pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data (most circumstances in which we process your personal data in relation to a relationship that we have with the person that you work for will fall into this category).

How long do we process personal data for?

We process personal data only for so long as is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.

Where do we process personal data?

The data that we process in relation to you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA") that may not be subject to equivalent data protection law. It may also be processed by staff situated outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the fulfilment of orders, the processing of payment details and the provision of support services.

Where personal data is transferred in relation to providing our services we will take all steps reasonably necessary to ensure that it is subject to appropriate safeguards, such as relying on a recognised legal adequacy mechanism which may include by entering into EC approved standard contractual clauses relevant to transfers of personal information (see here) and that it is treated securely and in accordance with this privacy policy.

All personal data processed by us is stored on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or systems, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website and any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

What are your rights?

You have the following rights in relation to personal data relating to you that we process:

  • You may request access to the personal data concerned (please see the section on obtaining access to your personal data, below).
  • You may request that any incorrect personal data about you that we are processing be rectified.
  • In certain circumstances (normally where the personal data has been provided by you and it is no longer necessary for us to continue to process it), you may be entitled to request that we erase the personal data concerned.
  • Where we are processing personal data relating to you on the basis of your prior consent to that processing, you may withdraw your consent at any time, after which we shall stop the processing concerned.
  • If you have a complaint about any processing of your personal data being conducted by us, you can contact us or lodge a formal compliant with the Information Commissioner.

How to withdraw your consent to processing or exercise your right of access to your personal data

You can withdraw your consent to any relevant processing of personal data:

Please note that we may be required to ask you for further information in order to confirm your identity before we provide the information requested.

Third Party Links

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

The Information Commissioner

The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.

Changes to this policy

Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Monzo Bank Selects Apperio