Codapt

Privacy Policy

The provisions included in these terms and conditions and associated documents, apply to the Codapt Services. For the purpose of the General Data Protection Regulations ("GDPR"), the company in charge of your information (as known as the Data Controller) is Codapt Limited ("Codapt", "us", "we", or "our") of 2nd Floor Offices, Bank House, Main Road, Hathersage, Hope Valley, S32 1BB (no. 14871502). Our registration number with the Information Commissioner's Office UK ("ICO") is ZB672214.

We developed this Privacy Policy to inform you of our practices regarding the collection, use, and disclosure of Personal Data when you use our services, submit information via our online widget, interact with our customer support or visit the Codapt website which include the following url, www.codapt.co.uk.

Your privacy is important to Codapt, we will only use your personal information to administer your account and improve our Service. We will never sell, share, or use your Personal Data other than as is described on this page. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from Terms & Conditions.

1. Definitions

For the purpose of this Privacy Policy:

  • Account Data means the data associated with the activity of an account.
  • Customer Data means any Personal Data that is submitted and uploaded to our Service by you in the capacity as the Data Controller.
  • Data Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.
  • Data Processor (or Service Providers) means any person (other than an employee of the Data Controller) who processes the data on behalf of the Data Controller.
  • Lawful Basis means the legal reason for processing Personal Data.
  • Personal Data means any information relating to Data Subject.
  • Data Subject means any living individual who is the subject of Personal Data.
  • Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Personal Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

2. Data Controller and Data Processor

For the purpose of this Privacy Policy, we are a Data Controller of your data. For the purpose of you uploading any Customer Data to the Service, you act as the Data Controller.

Through our services and websites, we provide you with the facility to upload, store and process Personal Data of your customers ("Customer Data"), in that situation we act as a 'Data Processor' and yourself as a 'Data Controller'. You must ensure that you also comply with the GDPR as you are responsible for your own data as well as the Personal Data you possess, upload and process through the Service offered to you by Codapt. We will not use any Personal Data obtained this way for any other purpose and will not release it to anyone other than yourself, in your capacity as the Data Controller, unless we are required to do so by law.

3. Information We Collect

We may collect the following types of information:

  • Contact information (name, email address, telephone number)
  • Business information (company name, postcode)
  • Technical data (IP address, browser type, device information)
  • Usage data (how you use our website and services)
  • Communication data (records of correspondence)

4. Data Storage and Security

The Personal Data that we collect from you as a Data Controller is stored inside the European Economic Area ("EEA") on ISO27001 accredited hosting services.

GDPR also specifies a set of Personal Data categories which are deemed 'sensitive' and which require special consideration by Data Controllers. Codapt's websites and available services, do not knowingly collect or process any sensitive Personal Data.

5. Your Rights

Under the GDPR, you have the following rights:

  • The right to access your personal data
  • The right to rectification of inaccurate personal data
  • The right to erasure ('right to be forgotten')
  • The right to restrict processing
  • The right to data portability
  • The right to object to processing
  • Rights related to automated decision-making and profiling

We assist the Controller in providing subject access and allowing Data Subjects to exercise their rights under the GDPR.

6. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Last updated: January 2024