This Policy sets out how Solutions (UK) Limited (“Solutio”, “we”, “our”, “us”) stores and uses the personal data which we collect from individuals (“you”, “your”)in whatever capacity and by whatever means whether via this Solutio website www.solutio.com (the “Site”) or otherwise.
Solutio is a leading provider of cloud based payroll services. Some of our services require the processing of personal data and this Policy is intended to help you understand how we deal with any personal information we may obtain from you and how you may access, alter, rectify and / or ask us to remove your information from our records. Unless otherwise indicated in this Policy, Solutio is the Data Controller in respect of the personal data which we collect. Our company number is 09029240 and our registered address is 5 Chancery Lane, Holborn, London EC4A 1BL.
Solutio takes the processing of your personal information very seriously and this Policy is based on the General Data Protection Regulation (EU) 2016/679 as implemented by the Data Protection Act 2018 (“GDPR”) which governs the processing of personal data. Please read this Policy carefully and ensure that you understand it. If you do not agree to the terms of this Policy you should cease to access the Site immediately.
WHY WE COLLECT YOUR DATA
We will use the information you provide us (or which third parties provide to us on your behalf) for the following purposes:
- to reply to enquiries and to provide information which you may request;
- to establish a customer relationship and to communicate with you;
- to meet our contractual obligations;
- to provide timely, reliable, and value-added services to customers, including payroll, worker onboarding, contract management, timekeeping, reporting, and billing services;
- to process any transactions that you enter into with Solutio and respond to any enquiries you may have;
- to meet requirements imposed by law; and
- other purposes directly relating to any of the above.
Where we store personal data in connection with the provision of payroll and related services for a third party client we act as a data processor rather than as a data controller. The purposes for which we process personal data and the manner in which we do so is therefore governed by our contractual agreements with that third party and, in such circumstances, the third party will be the data controller in respect of any processing which we undertake. In the event that you have any questions concerning the processing of your data in such circumstances you should contact the relevant data controller (the employer) in the first instance. This does not affect your statutory rights as set out below (Your Rights).
WHAT DATA WE COLLECT
Depending upon your use of The Site and/or services, we may collect some or all of the following personal and non-personal data:
- Identity Data – this may include first name, maiden name, last name, username or similar identifier, country of citizenship, marital status, title, date of birth and gender.
- Contact Data this may include postal addresses, email addresses and telephone number.
- Financial Data this may include bank account details.
- Transaction Data includes details about payments to and from you when we are providing payroll services relating to you and other details of products and services you have purchased from us.
- Business information this may include business/company names, job titles, professions and business contact details such as postal addresses, email addresses and telephone numbers;
- Technical information this may include IP addresses, web browser types and versions, operating system details and a list of URLs starting with a referring site, your activity on our site, and the other site you exit to;
We do not collect any of the following categories of special data (as defined under GDPR) about you: details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions and trade union membership. Special data also includes information about your health, and genetic and biometric data which we also do not collect save that we may be required to maintain Statutory Sick Pay records when we are providing payroll services to an employer. We do not collect any information about criminal convictions and offences.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
HOW WE USE YOUR DATA
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under GDPR at all times. Our use of your personal data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data (e.g. by subscribing to emails), or because it is in our legitimate interests and your interests and fundamental rights do not override those interests. Most commonly, we may use your data for the following purposes:
- providing and managing your access to our Site and/or services;
- personalising and tailoring your experience on our Site and/or services;
- supplying our services to you (please note that we require your personal data in order to enter into a contract with you);
- personalising and tailoring our services for you;
- replying to emails, requests submitted through the contact form available on the Site or other correspondence from you or sent by you;
- to comply with our legal obligations
You have the right to withdraw your consent to us using your personal data at any time, and to request that we delete it.
DISCLOSURE AND SHARING OF YOUR DATA
We sometimes contract with third party service providers who may need access to your personal information to enable them to assist us in our activities as set out above (How we Use Your Data). In certain circumstances we may also provide your personal data to our professional advisors and to third parties such as HM Customs & Revenue where we are legally required to do so. Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your personal data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR.
We use online data collection tools to evaluate the effectiveness of our websites, improve functionality and enhance security. We may compile statistics about the use of our Site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law. In certain circumstances,
We may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal requirements, a court order, or a governmental authority.
HOW AND WHERE WE STORE YOUR DATA
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.
Unless we tell you otherwise your data will be held only within the European Economic Area (“the EEA”). In the event that we do intend to process any of your personal data outside of the EEA we will advise you in advance and, where we are the data controller, we will give you the option to opt out of such processing. In any event, all personal data will be processed only as allowed under GDPR.
PROMOTIONAL ACTIVITIES AND MARKETING
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
We may use information which you provide to us to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
You may receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.
You can ask us to stop sending you marketing information at any time by following the opt-out links on any marketing message sent to you or by contacting us as set out below.
It is not our practice to share personal data with third parties for marketing purposes.
|First Party Cookie||Purpose||Strictly Necessary|
|__cfduid||Trusted Web Traffic Identification|
|connect.sid||Browser Session Identification|
|jsID||Session ID for logged in user or tenant||Yes|
On the other hand, you may also receive certain Third Party Cookies on your computer or device by using our Site and/or services. Third Party Cookies are those placed by websites, services, and/or parties other than us. These cookies are not integral to the functionalities of our Site and your use and experience of our Site will not be impaired by refusing consent to them.
|Third Party Cookie||Purpose||Provider|
|Fabric (API_KEY)||Error Log Sending||Firebase – Crashlytics|
|Version (server, url)||Domain Server Fetching thru App Version||Firebase – Realtime Database|
|gcmMessageIDKey||Push notification Services||Firebase – Messaging|
|apnsToken||Push notification Entitlements||Apple Push Notification|
The information collected by the cookie is not used in connection with any other information that could identify you personally. You can choose to enable or disable cookies on your web browser. You can also choose to delete cookies on your computer or device at any time, however, you may lose any information that enables you to access our Site more quickly and efficiently including, but not limited to, login and personalisation settings.
The security of your Personal Information is important to us. We make all reasonable arrangements to ensure that the personal data in our possession or under our control are protected against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. In certain cases, your personal data will be encrypted during transmission using the Secure Socket Layer (SSL) technology. This means that the communication between your computer and our servers takes place using a recognised encryption method, provided that your browser supports SSL. However, remember that no method of transmission over the Internet, or method of electronic storage, is completely secure. Although we will do our best to protect your personal data, we cannot guarantee the absolute security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features in order to prevent unauthorised access.
As a data subject, you have the following rights, which this Policy and our procedures for the use of personal data have been designed to uphold:
- The right to be informed about our collection and use of personal data;
- The right of access to the personal data we hold about you;
- The right to rectification if any personal data we hold about you is inaccurate or incomplete;
- The right to be forgotten or the right to ask us to delete any personal data we hold about you;
- The right to restrict or prevent the processing of your personal data;
- The right to data portability by obtaining a copy of your personal data to re-use with another service or organisation;
- The right to object against using your personal data for particular purposes; and
- The rights with respect to automated decision making and profiling.
If you wish to exercise any of the rights set out above, please contact us using the contact details set out at the end of this Policy.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
- Address: 5 Chancery Lane, Holborn, London, EC4A 1BL
- Phone: 0203 819 7970
- Email: email@example.com
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.