We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint. Summary: We use personal data to provide our ebook service and related content to people who request or register for it, and to manage our relationships with those people. Generally, we do not give your information to third parties, but there are some exceptions where we use external service providers to power our operations – some of these are outside Europe. We are happy to answer your questions about any of this – email us at [email protected].
Perlego Ltd collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
Information collected by us, and how we use it
In the course of running the Perlego service we collect the following personal information, either when it’s provided to us by you, or where we derive it from your use of the service:
Who we share your personal information with
We routinely share information we collect about you with companies that we use to help us provide and run the Perlego service. For example, for administering payments, storage of data, sending out emails, powering our ‘chat’ function, and tracking and reporting user behaviour patterns. For a list of our current service providers who process personal data of our customers, please see the this list . Some of those companies are based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’ below.
We will share personal information with law enforcement or other authorities if required by applicable law.
How long your personal information will be kept
We will hold your information for different periods of time, as follows:
Reasons we can collect and use your personal information
We rely on the following as the lawful basis on which we collect and use your personal information:
We may transfer your personal information to the USA. This is for the purpose of enabling our third party service providers to access and process the data on our behalf. In particular, we use the following service providers who process your information in the USA:
The USA does not have the same data protection laws as the United Kingdom and European Economic Area. Whilst the European Commission has not given a formal decision that the USA provides an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to safeguards as specified in the General Data Protection Regulation that are designed to help protect your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. Some of our US-based providers (including Mixpanel, and Stripe, our payment processor) are certified under the EU-US Privacy Shield, a mechanism which permits transfer of personal data to companies in the US who have certified that they meet privacy norms akin to those in the EU. Our other processors use so-called ‘model clauses’ in our contract with them, which give individual data subjects rights in respect of the provider’s processing of the data and requires the provider to meet certain EU-mandated standard. A description of the
EU-US Privacy Shield is available here - https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en.
A description of the Model Clauses is available here - https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.
To obtain a copy of the safeguards we have in place, please contact us at [email protected].
We will not otherwise transfer your personal data outside of the United Kingdom or European Economic Area.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
If you would like to unsubscribe from any promotional emails we send you, you can also click on the ‘unsubscribe’ button at the bottom of the email or uncheck the marketing consent box in Account Settings.
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org.. Get Safe Online is supported by HM Government and leading businesses.
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
This privacy notice last updated on 20/05/2018. We may change this privacy notice from time to time, when we do we will inform you via your Perlego account or (if appropriate) by email.
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please send an email to [email protected], or contact our Data Protection Officer as follows: