Last Updated: 16th November 2022
ClearStake Limited (“ClearStake”, “we, “our”) is committed to protecting the privacy and security of the personal data we collect about end customers and users of our services (“you/your”).
The purpose of this privacy notice is to explain what personal data we collect about you when visit our website. When we do this, we are the data controller. Please note that this privacy notice applies to website users only. Please see our Platform Privacy Notice for more information on how your personal data will be handled when using our affordability platform.
Please read this privacy notice carefully as it provides important information about how we handle your personal information and your rights. If you have any questions about any aspect of this privacy notice you can contact us using the information provided below or by emailing us at privacy@clearstake.com.
‘Personal data’ is any information from which you can be identified, either directly or indirectly. For example, your name or an online identifier.
‘Special category personal data’ is more sensitive personal data and includes information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purposes of uniquely identifying someone, data concerning physical or mental health or data concerning someone’s sex life or sexual orientation.
We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are also subject to the EU General Data Protection Regulation (EU GDPR) in relation to services we offer to individuals in the European Economic Area (EEA). The personal data we collect includes:
We may also collect technical data about you via cookies on our website. This includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. Please see our “How we collect your personal data” section for more information on this.
We collect most of this personal data directly from you, such as where you provide information through filling in our “Contact us” form on our website.
We also collect personal data though cookies and similar technologies on our site. As you interact with our website, we may collect technical information and data about your usage of our site. For more information about the use of cookies and similar technologies on our site, please visit our Cookie Notice.
When providing services to you, we may use your personal data for the following purposes and on the following lawful bases:
We will process your personal data to respond to any queries, questions and complaints you send. We rely on the lawful basis of legitimate interests to process this data. We have a legitimate interest in communicating with you to ensure your enquiry, question or complaint is dealt with appropriately.
We may also process your personal data to administer this website. This includes enabling you to use our website, troubleshooting, testing, system maintenance, support and reporting of data. We rely on the legal basis of legitimate interests to perform this processing. It is necessary for our legitimate interest in running our business, nuisance caller management, to defend our servers against malicious attacks and operational performance improvement.
Your personal data may also be used to deliver relevant website content and ensure that it is presented in the most effective manner for you and your device. This is in our legitimate interest to achieve the most user-friendly website navigation experience.
Where your personal data has been collected for marketing purposes, we may send you emails from time to time informing you of products and services that are of interest to you. We rely upon your consent to do so. You can withdraw your consent at any time by using the unsubscribe feature contained within the emails.
For some business activities, we may share your personal data with our vendors and third party service providers, for instance, with the third parties listed below:
External third parties:
Personal data may also be shared with other third parties including government authorities and/or law enforcement officials for the prevention or detection of crime, if required by law or if required for a legal or contractual claim and to other third parties to whom we may choose to sell, transfer or merge parts of our business or our assets.
When we collect your personal data, it may be processed outside the UK. This is because the organisations we use to provide our services to you are located in other countries.
We have taken appropriate steps to ensure that where personal data processed outside the UK, it has an essentially equivalent level of protection as it has within the UK. We do this by ensuring that:
We will retain your personal data for as long as is necessary to provide you with our services and for a reasonable period thereafter to enable us to meet our contractual and legal obligations and to deal with complaints and claims. For more information about our retention periods, please contact us at privacy@clearstake.com.
At the end of the retention period, your personal data will be securely deleted or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for statistical analysis and business planning.
We have implemented appropriate technical and organisational measures to safeguard your personal data and protect it from accidental or unlawful destruction, loss or alteration and from unauthorised disclosure or access.
In addition to the technical and organisational measures we have put in place, there are a number of simple things you can do to in order to further protect your personal information, such as;
Secure Online Services
You can easily identify secure websites by looking at the address in the top of your browser which will begin https:// rather than http://.
You have certain rights in relation to the processing of your personal data, including to: