SECTION 1 – INTRODUCTION
OpenPlay (OP) is a technology platform that helps people get more physically active and provides the technological infrastructure for the MOVES product. OP works as the DATA PROCESSOR and our client partners such as UK universities are the DATA CONTROLLER.
OP is committed to the protection of your personal information in accordance with the principles set out in the Data Protection Act 2018 and all applicable laws and regulations relating to the processing of personal data and privacy, including where applicable the guidance and codes of practice issued by the Information Commissioner; and any successor legislation specifically including the General Data Protection Regulation; (EU 2016/679) (GDPR) (“the Data Protection Legislation”).
These principles require that personal data which we hold must be:
Processed fairly and lawfully
Processed for limited purposes and in an appropriate way
Adequate, relevant and not excessive for the purpose
Not kept longer than necessary for the purpose
Processed in line with data subjects’ rights
Here are the details that we have to provide as a ‘Data Processor’:
Our website addresses are:www.openplay.co.uk and http://www.openplay.net
Our company name is: Openplay Ltd
Our registered address is: Uncommon Borough, 1 Long Lane, London, SE1 4PG
Tel: 0800 086 2006
SECTION 2 – WHAT DO WE DO WITH YOUR INFORMATION?
When you interact with and/or purchase something from our platform, websites and mobile apps we collect the personal information you give us such as your name, mobile number and email address.
When you browse our platform, websites and mobile apps, we also automatically receive your device’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system and technical information regarding how you connect to our platform.
We may collect and use personal information for the following purposes:
To run and operate our platform, websites and mobile apps
We may need your information to display content on our platform, websites and mobile apps correctly.
To improve customer service
Information you provide helps us respond to your customer service requests and support needs more efficiently.
To personalise user experience
We may use information in the aggregate to understand how our users as a group use the services and resources provided on our platform, websites and mobile apps.
To improve our platform, websites and mobile apps
We may use feedback you provide to improve our products and services.
To process payments
We may use the information Users provide about themselves when placing an order only to provide service to that order. We do not share this information with outside parties except to the extent necessary to provide the service.
To send periodic emails
We may use the email address to send user information and updates pertaining to their order or other aspects such as points balance and friend requests. It may also be used to respond to their inquiries, questions, and/ or other requests.
SECTION 3 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, make a booking, amend or cancel a booking, fill out a form, respond to a survey, and in connection with other activities, services, features or resources we make available on our platform, websites and/or mobile apps we imply that you consent to our collecting it and using it for that specific reason only.
We will collect personal identification information from users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain platform, websites and/or mobile apps related activities.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time by:
Emailing us at email@example.com C/O Data Protection Officer
Mailing us at: Uncommon Borough, 1 Long Lane, London, SE1 4PG
SECTION 4 – DISCLOSURE
We may disclose your personal information if we are required by law to do so.
SECTION 5 – Amazon Web Services
Our platform, websites and mobile apps are hosted on Amazon Web Services. They provide us with the online infrastructure on which our e-commerce platform sits.
Your data is stored in private Amazon Web Services (AWS) SQL Server databases located in the UK and Ireland and sitting behind a secured firewall with automated server back-ups.
SECTION 6 – PAYMENTS
When you make a payment during the booking process to complete your purchase It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and sent to third party payment gateways as chosen by our clients (Stripe, Payment Sense and GoCardless). Your purchase transaction data is stored on our servers for the purposes of client reconciliation.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard and American Express.
PCI-DSS requirements help ensure the secure handling of credit card information by our platform, websites and mobile apps and its service providers.
SECTION 7 – COOKIES
The table below lists the cookies we collect and what information they store.
This cookie is set when the cookie notification bar is closed.
This cookie is set when data is submitted via the download forms.
Google analytics cookie. Used to distinguish users.
SECTION 8 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
When you click on links on our platform, websites and mobile apps, they may direct you away from our platform, websites and mobile apps. We are not responsible for the privacy practices of other websites and applications and encourage you to read their privacy
SECTION 9 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted through third party payment gateways using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 10 – SHARING YOUR PERSONAL INFORMATION
We do not sell, trade, or rent Users personal identification information to others. We may share anonymised, aggregated non-personal data with partners, advertisers and third parties. We share such information for the purpose of conducting research analysis, advertising, marketing or other business purposes. You may opt out of marketing offers by logging into your account and managing your notification preferences.
We may use third party service providers to help us operate our business and the platform, websites and mobile apps or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
SECTION 11 – AGE OF CONSENT
By using this platform, websites and/or mobile apps, you represent that you are at least the age 16 years old and you have given us your consent to allow any of your minor dependents to use this platform, websites and mobile apps.
If our platform, websites and/or mobile apps are acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 13 – ACCEPTANCE OF THESE TERMS
By using this platform, website and/or mobile app, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our platform, websites and mobile apps. Your continued use of the platform, websites and mobile apps following the posting of changes to this policy will be deemed your acceptance of those changes.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information please contact our Privacy Compliance Officer at:
firstname.lastname@example.org; or through post to:
Openplay Ltd, To the attention of: Privacy Compliance Officer
Uncommon Borough, 1 Long Lane, London, SE1 4PG