We are committed to protecting your privacy and safeguarding your personal data. Our use of your personal data is subject to the EU General Data Protection Regulation, other relevant UK and EU legislation (together Data Protection Legislation), as well as marketing rules.
In this privacy notice we explain how we will process your personal information obtained through your use of our mobile app, IONN, which is available through the Apple App Store. It is important that you read this privacy notice, together with any other privacy notice we may provide on specific occasions, so that you are fully aware of how and why we are using your data, and what data protection rights you have.
When we say we, us or our in this privacy notice, we mean Wahpp Ltd, a company incorporated and registered in England and Wales with company number 12039711 and whose registered office is at Blossom Hall, Skeldyke Road, Boston, Lincolnshire, England, PE20 1LU.
For the purposes of the Data Protection Legislation, we are the controller of your personal data This means that we are responsible for deciding how we hold and use personal information about you.
Personal data means information which relates to an identified or an identifiable individual.
We may also collect, use and share anonymised, aggregated data such as statistical or demographic data for any purpose. Anonymised data may be derived from your personal data but is not considered personal information in law as this information does not directly or indirectly reveal your identity. For example, we may aggregate information on how you use our app and services to calculate the percentage of users accessing a specific app feature.
We collect most of this information from you direct. However, we may also collect information from other sources.
Under the Data Protection Legislation, we can only use your personal data if we have a proper reason for doing so.
Consent. Generally, we do not rely on consent as a legal basis for processing your personal data other than to:
Where your permission is required, we will ask you for such consent separately and clearly. You have the right to withdraw consent to marketing at any time by emailing us at firstname.lastname@example.org or using the ‘unsubscribe’ link in our marketing emails. Even if we are not required to obtain your consent for marketing purposes, you can still opt-out of receiving marketing communications at any time, so you are still in control.
We are our providers and licensees (for example, Firebase Analytics and Firebase Cloud Messaging) may process your location data and queries to provide and improve location-based and road traffic-based products and services. You can turn off this functionality at any time by turning off the location services settings for our app on your device.
Contract. We will use your personal data if we need to do it to perform our obligations under a contract with you, or if it is necessary for a contract which we are about to enter with you. For example, if we need to:
Legitimate interests. We may process your personal data when we (or third party) have a legitimate reason to use it, so long as this is not overridden by your own rights and interests. For example:
We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are changes in the law, regulation, or structure of our business.
Legal obligation. We may process your personal data to comply with our legal obligation. For example, to:
We may share your information with third parties for the purposes set out in this notice.
We share data with providers of cloud-based tools and services, which we use to operate our business:
We impose contractual obligations on the above providers to ensure that your personal data is protected.
Transfers of data outside the European Economic Area (EEA) are subject to special rules under the Data Protection Legislation. Those of our providers who are based in the US (for example Apple and Google) subscribe to the EU-US Privacy Shield framework. Transfers of personal data to US companies who subscribe to the EU-US Privacy Shield framework are deemed by the European Commission to provide an appropriate level of protection.
Our suppliers may transfer your data outside the EEA but only to countries that have been identified by the European Commission as providing adequate protection (like New Zealand), or a third party using an appropriate safeguard mechanism (for example, by entering into the European Commission’s standard contractual clauses, or, for transfers to US-based third parties, by ensuring that the entity subscribes to the EU-US Privacy Shield).
If you use Apple Pay (see their privacy notice) to pay for our products online, you will be providing your personal data to those payment providers.
We may also:
Our app may contain links to other independent websites which are not provided by us. It may also allow you to share certain content with other persons using messaging tools of independent suppliers (for example, WhatsApp or Twitter). Such independent websites and messaging tools are not under our control, and we are not responsible for and have not checked and approved their content or their privacy policies.
You will need to make your own independent judgement about whether to use any such independent sites, including whether to buy any products or services offered by them.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for. For example, if you:
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
You have a number of rights in relation to your personal data, which allow you to access and control your information in certain circumstances. You can exercise these rights free of charge, unless your request is manifestly unfounded or excessive (in which case we may charge a reasonable administrative fee or refuse to respond to such request).
If you would like to exercise any of those rights, please contact us at email@example.com. Please let us know what right you want to exercise and the information to which your request relates.
We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We hope that we can resolve any query or concern you may raise about our use of your information. You may contact us by using the contact methods set out in the How to contact us section of this policy.
The Data Protection Legislation also gives you a right to lodge a complaint with a supervisory authority, in particular in the European Union (or the European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws has occurred. The supervisory authority in the UK is the Information Commissioner, who may be contacted at https://ico.org.uk/concerns, telephone on 0303 123 1113, or by post to: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. We would, however, appreciate the chance to deal with your concerns before you approach the Information Commissioner’s Office, so please contact us in the first instance.
We may change this privacy notice from time to time, when we do we will publish the new version of the policy on our website and on our app. We may also inform you via email or post.