Privacy and Terms

This privacy policy is provided by Gitdi Limited, a company registered in England with company number 14652266, whose registered address is Unit 116769 Courier Point, 13 Freeland Park, Wareham Road, Poole, Dorset, BH16 6FH (“we” or “us”).

As part of our business, particularly providing our Gitdi app (the “App”), we collect basic personal details about users of the App, including group organisers who download the App, and group contributors, who pay money into a pot on the App (we refer collectively to such individuals in this policy as “you” or “your”).

Under UK data protection law, we have certain legal responsibilities about how we collect, use, protect and share your personal information. If you have any questions about how we use your personal information or any other questions about this privacy policy, feel free to contact us, using the details set out in paragraph 10 below.

This policy explains our privacy practices in relation to how the App is used, and covers the following:

Who this privacy policy applies to
What personal information is collected and used on the App
Sources of personal information
How we use your personal information
Parties who we share your personal information with
How long we retain your personal information for
Where your personal information is stored
How we legally justify using your personal information
Your legal rights in relation to your personal information
Other relevant information, including how to contact us‍
1. Who this privacy policy applies to

This privacy policy only relates to details that we collect and use, about people who register for and use our App (“Organisers”) and also to people who pay money to the Organiser, in relation to the App (“Contributors”) and also to people who enter our competitions and giveaways. We also have a separate privacy policy, which applies for visitors to our website.

‍‍‍

2. What personal information is collected and used on the App

‍‍

2.1 Information that we collect

Registration – The personal information that we collect from Organisers when they initially register to use the App will only consist of the following: their name, email address, password and date of birth.
Contributors – we receive the name and email address of a Contributor, when they make a payment onto the App via the weblink.
Support – If an Organiser contacts us with a support query, we may collect further limited information about them, for instance, their telephone number.
Payments – When an Organiser or Contributor make payments on the App or via the weblink to the app, we also see summaries of the transactions, once they have taken place – for instance, we will see that you have paid £10 into a central pot, and that the Organiser has withdrawn a total of £100 into a separate bank account (and we will see whose name that separate account is in e.g. the Organiser’s personal account or an account set up in the name of the group itself).
Competitions and Giveaways – When you enter one of our competitions or giveaways we will process the information that is required to enter the competition or giveaway. This may include your name, email address, phone number, address or date of birth.
We will also see partial details concerning an Organiser’s and Contributor’s payment card and/or bank account but at an anonymised level (we can only see the last 4 digits) – so we will never have access to your full card details or bank account details, nor will we be able to identify you from that incomplete card number.

‍‍

2.2 Information collected and used by our third party service providers

If you are an Organiser for a group on the App, and you wish to make a withdrawal from the central pot on the App, into a separate bank account, our third party service provider may need to obtain further ID from you, as part of anti-money laundering checks. This will usually entail asking for your name, photograph on an official document which confirms your identity (e.g. a passport) and your residential address and date of birth.

We do not currently collect, nor can we access any of the following types of personal information which are likely to be used as part of the services delivered through the App:

your bank account details (which are only available to the third party payment services provider who are responsible for delivering the App payment services (Stripe Payments Europe Ltd trading as Stripe, and Butlr Ltd trading as Ryft Pay)).
The above service providers may therefore also collect personal data about you separately from us when you use the App services. You can find out more information about what personal data the service providers collect about you and what they use it for, and how they protect it, via the following links:

Stripe (who provide the payment processing services and also carry out ID verification checks for us): https://stripe.com/gb/privacy
Ryft Pay (who provide the payment processing services and also carry out ID verification checks for us): https://ryftpay.com/privacy-policy
Google Cloud Platform (hosting of the App): https://cloud.google.com/security/privacy/
However, if you have any queries about how your personal information is being used on the App, including by any of the above third party providers, please contact us in the first instance, using the details set out at paragraph 10 below – we may then refer you to the relevant third party provider, depending on the nature of your query.

‍‍

3. Sources of personal information

Generally speaking, we only collect and use your personal information that you provide directly to us, whether this is when you register with the App, and/or when you make transactions using the App or contact us with a support query. We do not collect personal data about you from any third parties, except as follows:

If you use the App in an unauthorised manner, another Organiser or Contributor may pass information to us;
If you enter a competition or giveaway that we are running jointly with another party and you enter the competition or giveaway through that other party who then pass your details to us;
If you pay money into the App using Apple pay or Google pay then we will receive your name and email address from those third parties; and
We may also receive information about Organisers from Stripe and/or Ryft Pay regarding anti-money laundering checks.
‍‍

4. How we use your personal information

We use your personal information in the following ways:

4.1 Organisers‍

Name, email and password – Registering an Organiser as a user and managing their account e.g. handling support queries.

‍Date of birth – Verifying that an Organiser is old enough to use the App (it is only available to users who are aged 18 and over).

Transaction details and partial card number – Storing for audit purposes and ensuring that the App is used in a lawful and legitimate manner, in accordance with our App user terms.

Name and email – We may also, from time to time, alert Organisers about new features of the App and similar services, by email – however, you have the right to opt out of this marketing at any time by contacting us at hello@Gitdi.com or clicking “unsubscribe” on any marketing message.

ID verification information – For anti-money laundering checks on Organisers.

‍‍

4.2 Contributors

‍Name, email – Recording payments on the App, including for audit purposes.‍

Transaction details and partial card number- Storing for audit purposes and ensuring that the App is used in a lawful and legitimate manner.

‍

4.3 Competitions and Giveaways

Name, email, phone number, address – To process your entry to a competition or giveaway and to notify you if you should win the competition or giveaway.

Date of birth – To verify that you meet the age requirements of our competition or giveaway (if applicable).

‍‍

5. Parties who we share your personal information with

We only share your personal information with the following parties, who are our third party service providers:

Stripe Payments Europe Limited trading as Stripe – who are our payment services provider and provider of identity verification for anti-money laundering compliance; and
Butlr Ltd trading as Ryft Pay – who are our payment services provider and provider of identity verification for anti-money laundering compliance; and
Google Cloud Platform – who host the App.
‍‍

6. How long we retain your personal information for

Organisers – For information on anti-money laundering checks, we need to be able to access this information for 5 years, so we retain it for this period. We retain all other personal information which we collect about you for as long as you have an App account with us, plus 7 years.

Contributors – we retain information about Contributors in personally identifiable form for a period of 7 years after you have made a payment onto the App, for financial auditing purposes (following which we fully anonymise the information).

‍

7. Where your personal information is stored

We will not transfer any of your personal information outside of the United Kingdom – it will be hosted on Google’s servers in London. However, please also refer to the privacy policies of the relevant third party providers, available via the links at paragraph 2 above. For instance, Stripe may transfer personal data to the United States and other countries outside of the United Kingdom.

‍

8. How we legally justify using your personal information.

Every use that we make of your personal information must meet a lawful basis, set out under data protection law. For the uses set out in this policy, the lawful bases that we rely on are as follows:

8.1 Organisers

Name, password and email – managing your account, providing support services.
Legitimate interests – for the purposes of performing our contract with you, we need to receive and use your personal information in order to register your account and for you to use the App and receive support from us from time to time – therefore, if you do not wish to share such personal information with us, you will not be able to use our App and/or receive support services from us.‍

Date of birth – verifying your age.
‍Legitimate interests – specifically to be able to determine that you are old enough to use the App.

Transaction details and part of your card number – audit purposes, managing use of our app.
Legal obligations – specifically for audit purposes as required under the Companies Act 2006 and required by anti-money laundering laws; Legitimate interest – specifically for other uses of transaction data – which is about ensuring that our App is used lawfully and in accordance with our terms of use.

Name and email – marketing.
Legitimate interests – particularly, the need to promote new features of the app and similar products and services which we introduce to existing users of the App.

Name, ID documents and date of birth – for anti-money laundering checks.
Legal obligations – required by anti-money laundering laws.

‍

8.2 Contributors

‍Name, email address, transaction details and part of your card number – audit purposes and recording transactions on the App.
Legitimate interests – for the purposes of performing our contract with you, we need to receive and use your personal information in to provide support from us from time to time – therefore, if you do not wish to share such personal information with us, you will not be able to make a payment into our App and/or receive support services from us; Legal obligations – specifically for audit purposes as required under the Companies Act 2006 and required by anti-money laundering laws; Legitimate interest – specifically for other uses of transaction data – which is about ensuring that our App is used lawfully.

Name and email – marketing
Legitimate interests – particularly, the need to promote new features of the app and similar products and services which we introduce to existing users of the App.

‍‍

9. Your legal rights in relation to your personal information

If you have any questions in relation to our use of your personal information, you should first contact us, using the contact details in paragraph 10 below. Under certain conditions, you may have the right to:

require us to provide you with further details on the use we make of your personal information;
require us to provide you with an electronic copy of personal information that you have provided to us;
require us to update any inaccuracies in the personal information we hold;
require us to transfer a copy of your personal information to another data controller, in a structured, machine readable and commonly used format;
require us to delete any personal information that we no longer have a lawful ground to use;
require us to restrict our use of your personal information;
if we use your personal information for direct marketing purposes, object to receiving any further direct marketing from us at any time;
complain to the Information Commissioner at any time; and
object to our uses of your personal information which are based on the ‘legitimate interests’ legal ground. If any of our uses of your personal information based only on this legal ground is causing you undue harm, then we must cease using your personal information for that purpose.
Your exercise of these rights is subject to certain conditions and exemptions, for example to safeguard the public interest in investigating crimes, or protecting legal privilege. If you exercise any of these rights, we will check your entitlement and respond in most cases within a month. As mentioned above, it may be that we will need to refer you to one of our third party providers, for instance if it relates to personal information concerning the card payment feature or other third party service.

If you are not satisfied with our use of your personal information or our response to you, you can complain to us, using the details set out at paragraph 10 below.

‍

10. Other information, including how to contact us

We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to your personal information, by contacting us, using the email address below.

From time to time, we may make changes to our App and services and, consequently, our privacy policy may change at any time in the future. We therefore encourage you to review it from time to time, to stay informed of how we are using your personal information.

We are required to employ adequate technical and organisational security measures to protect your personal information from any loss, destruction, damage or unlawful disclosure. However, no transmission of personal information over the internet or via the App can ever be guaranteed as secure. Consequently, please note that we cannot guarantee the security of any personal information which you transfer to us or which we transfer to you or a third party over the App.

If you would like further information about the matters set out in this policy, please contact us at: gitdi@Gitdi.com