Date of last revision: 19 th June 2019
Smarter Applications Limited takes your privacy seriously, and is committed to protecting and respecting it.
We ask that you read this privacy notice (“Notice”) carefully as it contains important information on:
– who we are
– the personal data we collect and store about you
– how and why we collect personal data
– what we do with personal data
– the categories of third parties with whom we share your personal data
– international transfers
– how long we retain your information, and how we keep it secure
– your rights and how to exercise them
– how to contact us.
It also contains information on the correct people to contact in the unlikely event that you have a complaint.
In certain circumstances – for example, if you download our App – you will have an opportunity to read another privacy notice that may be specific to those circumstances. All our privacy notices sit together and do not override one another.
Please note that this website is not intended for children, and that we do not knowingly collect personal data relating to children.
Please also note that this website contains third-party links that will take you to other websites not owned or operated by us. By clicking on any link, you will leave this website: you should check the privacy notices on any other website that you visit, since this Notice will no longer apply at that point.
1. Who are we?
Here are some key details about us:
Smarter Applications Limited (we will refer to ourselves using the word “we” and related words such as “us” and “our” in this Notice)
Place of incorporation:
England and Wales (this is where we are registered)
Unit 2.G.1, Block 2, The Leather Market, 11-13 Weston Street, London SE1 3ER
Under data protection law, we are considered to be a “controller”. As a controller, we are responsible for, and control the processing of, your personal data. We are registered as a data controller with the Information Commissioner’s Office, which is the UK’s supervisory authority for data protection matters.
2. What information do we collect?
Personal data is information about an individual, from which that individual can be identified (whether by one piece of data alone or from a combination of data).
Anonymous data, from which identity has been removed, is not personal data.
In the course of our business we may collect the following personal data about you:
• personal details, such as
– name and title
– date of birth
• contact data, such as
– e-mail address
– telephone and mobile number(s)
– billing address
• payment details, such as
– bank account
– card details
• transaction data, such as
– details about payments to and from you
– details of services you have requested from us
• technical data, such as
– internet protocol (IP) address
– your browser type and version
– time-zone setting and location
– browser plug-in types and versions
– operating system and platform and other technology on the devices you
use to access our website
• usage data, such as
– information about how you use our website and services
• marketing data, such as
– your preferences in receiving marketing and communications.
• in some situations, biographical data from job applications and CVs, such as
– institutions attended
– academic and other results gained
– employment history
– any other personal information you provide
• aggregated data for statistical purposes, such as assessing the popularity of certain pages on our website. Aggregated data does not reveal your identity (either directly or indirectly), and is not considered to be personal data. To the extent that we use or combine any aggregated data so that you can be identified, we would treat the aggregated data as personal data in that situation, and would therefore use it only in accordance with this Notice.
We do not ordinarily collect what are known as “special categories of personal data”.
This description denotes particularly sensitive data to which more stringent processing conditions apply, and comprises data concerning your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, and genetic data and/or biometric data.
We also do not collect information about criminal convictions or offences.
In all cases, we do not collect more data than we believe is necessary.
3. How do we collect personal data?
We obtain personal data from the following sources:
• directly from you, for example when you
– send us your details
– apply for, or purchase, our products and/or services
– subscribe to mailing lists
– request information
– [attend an event that we hold]– write to us
– [take part in a survey]– give us feedback
– apply for a job with us or send a CV
– use our products, in certain circumstances: for example
(a) when you use our iKettle, we will collect information on the times at
which you operate it, should use allow us to have this information;
(b) it is conceivable that we will collect personal data if you use our
FridgeCam, for example if you store a product in the fridge containing
your personal details on the label.
Please contact us if the personal data you’ve given to us changes: we always
want to make sure we’re using accurate data.
• from third parties and publicly available sources, for example:
– if you are copied on an e-mail that is sent to us, and your e-mail address
– from Google Analytics (based outside the EU)
– from search-information providers
– from referees whom we approach in respect of any job application
– from providers of technical, payment and delivery services – please note,
all website financial transactions are provided by our payment services
– in some cases from public sources, such as Companies House
Note: if you are ever providing another person’s details to us, please ensure you have that person’s explicit consent to do so
• from automated technologies such as cookies and tags when you use our
website, although we do not participate in automated decision-making – for
more information on automated technologies, please see our Cookies Policy
4. For what reasons do we use your personal data?
We will only use your personal data when the law allows us to, and we will not use it more extensively than we believe is required.
Most commonly, we will use your personal data in the following circumstances:
• to perform a contract we are about to enter into, or have entered into, with you
• if it is necessary for our legitimate interests (or those of a third party) and
these are not overridden by your own rights and interests
• where we need to comply with a legal or regulatory obligation.
In order to process personal data, we must have a lawful basis for doing so. We always ensure that this is the case, and we set out our lawful bases below. Please note that more than one may apply at any given time: for example, if we inform you of changes to this Notice, we may process your personal data on the basis of complying with law and on the basis of legitimate interests.
We will use your personal data only for the purposes for which we collected it, unless we fairly consider that we need it for another reason that is compatible with the original purpose.
Please contact us if you would like more information on this, and on situations in which more than one lawful basis applies.
If you are our customer (or potential customer) or applying for a job, we will process your personal data for the following purposes, on the legal basis that it is necessary for us to provide our products and services to you:
• to identify you
• to respond to your enquiries
• to the extent necessary to provide pre-contractual information about our
• to register you as a customer
• to manage our relationship with you
• to provide our services
• to carry out billing and administration activities
• to evaluate your CV or job application and take any next steps, and to
evaluate your suitability where you have asked to be considered for future
We process your personal information for our legitimate business purposes, which include the following:
• to conduct and manage our business
• to enable us to carry out our services
• to deliver website content
• to ensure our website and systems are secure (for example, by conducting
security penetration tests on our website to ensure our security tools are
• via data analytics, to analyse, improve and update our website, products,
services, marketing and customer relations for the benefit of our customers
• to deal with complaints
• to recover sums due to us
• to let you know about our services or events that we consider may be of
interest to you: please see section 8 below for further information about our
marketing activities and regarding your right to opt out.
Whenever we process your personal data for these purposes, we ensure that your interests, rights and freedoms are carefully considered.
Compliance with Laws
We may process your personal data in order to comply with applicable laws: for example, if we are required to hold and process your data for accounting or taxation purposes, or if we are required to co-operate with an investigation pursuant to a court order.
Generally we do not rely on consent as a legal basis for processing your personal data, other than in relation to sending third-party direct marketing communications to you electronically where we are not otherwise entitled to do so. You have the right to withdraw consent to marketing at any time. This will not affect the lawfulness of
processing that took place prior to the withdrawal of consent.
We will always be clear whenever we intend to process on the basis of consent, and we will process lawfully and only for the purpose for which consent was given.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
5. Do we share your personal data?
We may provide your personal data to the following recipients for the purposes set out in this Notice:
• our service providers, including
– e-mail service providers
– technical and support partners, such as the companies who host our
website and who provide technical support and back-up services
– professional advisers, including lawyers, accountants and insurers in
relation to the services they provide
• any business or person with whom we may be involved in merger or
• HM Revenue & Customs
• law-enforcement agencies, government or public agencies or officials,
regulators, and any other person or entity that has the appropriate legal
authority where we are legally required or permitted to do so, to respond to
claims, or to protect our rights, interests, privacy, property or safety
• any other parties, where we have your specific consent to do so.
In all cases, we require third parties to use your data lawfully and only for specified purposes, and to observe strict standards of security.
6. Do you have to provide personal data – and, if so, why?
To form a contract with you, or where the law requires, we will need some or all of the personal data described above so that we can perform that contract (or the steps that lead up to it): this is set out above in this Notice.
If we do not receive the data, it will not be possible for us to perform that contract, but we will inform you of this at the time.
7. For how long will we keep your personal data?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
We may store your contact details, and carry out marketing profiling activities, for direct marketing purposes.
If you have given your consent, or if we are otherwise permitted to do so (for example, if you are a current customer, or in some cases where you are a corporate customer using a corporate e-mail address, and in each case where you have not opted out), we may contact you about our services that may be of interest to you.
You will be given the opportunity to opt out each time you are contacted, and you may also opt out at any other time. This will not affect the lawfulness of processing that took place prior to your opt-out.
We never pass your details to third parties so that they can market to you for their own purposes.
9. Do we transfer personal data outside the European Economic Area (EEA)?
Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield scheme, which requires them to provide similar protection to personal data shared between Europe and the US.
Should the United Kingdom cease to be part of the EEA, we will update this section accordingly.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
10. How do we keep your personal data secure?
We have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only our authorised employees and third parties processing data on our behalf have access to your personal data.
We take all reasonable steps to keep your data safe and secure and to ensure the data is accessed only by those who have a legitimate interest to do so. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
Please contact us using the details in section 15 below if you would like more information about this.
11. Your information rights
We would like to draw your attention to the following rights that you have under data protection law:
• right to be informed, in a clear and transparent manner, about the collection and use of your personal data – this Notice helps us to meet our obligations in that regard
• right of access to your personal data, and the right to request a copy of theinformation that we hold about you and supplementary details about that information
• right to have inaccurate personal data that we process about you rectified:
we will always be happy to correct any inaccuracies, and indeed we welcome the opportunity of doing so
• right of erasure (also known as the “right to be forgotten”): this is a right for you to request that we remove or destroy certain personal data about you where there is no compelling reason for its retention. Please note, however, that there are limitations on this right, and in some instances we may be entitled or required not to implement your request
• right to object to certain processing, including that related to direct
• right to restrict processing: in these circumstances, we may still retain your personal data (on a list of those who have requested a restriction of
processing) but will not continue to process it
• right of portability of your data in certain circumstances.
(i) you will be asked to provide proof of your identify to ensure we are
dealing with the correct person, and we may ask you to provide further
details to assist us in the provision of such information
(ii) we do not ordinarily charge a fee to enable you to have access to your
personal data or to exercise other rights. However, in some circumstances we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances
In all cases, we will reply within the time limits set by law.
Please contact us using the details in section 15 below if you would like to know more about, or to exercise, these rights.
These rights are subject to certain limitations that exist in law. Further information about your information rights is available on the ICO’s website: https://ico.org.uk/.
13. Changes to this privacy notice
We may change this Notice from time to time. You should check this Notice on our website occasionally, in order to ensure you are aware of the most recent version.
14. What should you do if you have a complaint?
We hope that you will be satisfied with the way in which we approach and use your personal data.
Should you find it necessary, you have the right to raise a concern with our supervisory authority, the Information Commissioner’s Office: https://ico.org.uk/.
However, we very much hope that if you have a complaint about the way in which we handle your personal data, you will contact us in the first instance using the contact details in section 15 below, so that we have an opportunity to resolve it.
15. Do you want to contact us?
If you would like to contact us about this Notice, including if you wish to receive further information about any aspect of it, our details are as follows:
For the attention of:
The Privacy Manager
Smarter Applications Limited
Unit 2.G.1, Block 2
The Leather Market
11-13 Weston Street
London SE1 3ER
END OF PRIVACY NOTICE