This Privacy Notice was last modified: May 20 2018
The EU General Data Protection Regulation - GDPR
The General Data Protection Regulation 2016 (GDPR) is one of the most significant pieces of legislation affecting the way Innovate1Services carries out its information processing activities. It is Innovate1Services policy to ensure that our compliance with the GDPR and other relevant legislation is clear and demonstrable at all times.
During enrolment for INNOVATE1 Services, we require You to enter your personal Information. These may include your name, debit or credit card number, card verification number, card expiration number, address, telephone number and email address. For Providers, we require that You provide your bank account number and may require your personal address, business category, social security number and other Information concerning your Payment Transaction (‘Information”). This Information is stored within your INNOVATE1 Services account.
Personal Information and Information Use
Third Party Information
We may obtain Information about You from third parties to protect You from fraud, financial misconduct, and to verify the Information You provided.
We collect Information about every Payment Transaction carried out by You using the INNOVATE1 Services Service. These include but are not limited to transaction amount, description of the goods or services being provided by the Provider, names of the Provider and the Customer and the modes of payment employed.
INNOVATE1 Services Usage
We may require Information about your service usage to enable us to validate your identity and thereby stall any fraudulent conduct. Such Information will only be used to prevent fraud. Any other use would require your expressed permission.
Information on Logs
Our servers record Information sent by your browser each time You use INNOVATE1 Services. These logs may include your IP address, the browser type and language, the date and time of your request, your web requests and cookies that help identify your browser.
We may save emails and other communication sent by You to enable us to process your queries, respond to your requests, and improve our services.
We may present links in a format that will help us identify if they were followed or not. Using this Information can help us improve the quality of our search feature, provide quality services to You, carry out auditing, research and analysis for improving the quality of our services, facilitate the technical functionality of our network and develop new solutions.
We take measures to ensure that the Information You provide is recorded accurately and completely and is stored securely. Information collected from/about Customers is used exclusively for the purpose of providing better service. It is never released to third parties except when expressly permitted by the customer. Any Information You provide is completely confidential and will be protected from unauthorized use.
However, we may share your personal Information with individuals outside INNOVATE1 Services in the following situations:
- Credit/debit card transactions are processed through a third party. All Information is encrypted and is used only to complete the appropriate transactions.
- To prevent or detect fraud or technical issues.
- Where we have your consent and User has elected to opting for the sharing of any personal Information.
- We have a good faith belief that access, use, preservation or disclosure of such Information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against imminent harm to the rights, property or safety of INNOVATE1 Services, its users or the public as required or permitted by law.
- We may share aggregated non-personally identifiable Information with third parties. If we do share this aggregated Information, we do not include personally identifiable Information without your explicit opt-in consent or in the limited circumstances described above.
- In the event that INNOVATE1 Services is acquired by or merged with a third party entity, we reserve the right, in any of these circumstances, to transfer or assign the Information we have collected from our Users as part of such merger, acquisition, sale, or other change of control. In the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors' rights generally, we may not be able to control how your personal Information is treated, transferred, or used.
You must keep your User/Private ID and Password confidential. If You do share this Information with a third party, they could obtain access to your account and all personal Information stored within.
Access and Updating Your Personal Information
You will be able to update your payment Information by signing into your INNOVATE1 Services account and going to the appropriate page. In this page, You can change your address and method of payment. You can also see or print your previous transaction history.
However, to facilitate our auditing and reporting functions, and also to guard against fraud, the Information will be saved to our systems but will not be shared with anybody.
You have the right to ask for a copy of the personal information Innovate1Services holds about you. If you request access to your personal information, we will gladly comply, subject to any relevant legal requirements and exemptions, including identity verification procedures. Before providing data to you, we will ask for proof of identity and sufficient information about your interaction with us so that we can locate any relevant data. We may also charge you a USD 20 fee for providing you with a copy of your data (except where this is not permissible under local law)
Note that disabling your INNOVATE1 Services transaction history functionality does not close your INNOVATE1 Services account.
It is Innovate1Services policy to be fair and proportionate when considering the actions to be taken to inform affected parties regarding breaches of personal data. In line with the GDPR, where a breach is known to have occurred which is likely to result in a risk to the rights and freedoms of individuals, the relevant supervisory authority will be informed within 72 hours. This will be managed in accordance with our Information Security Incident Response Procedure which sets out the overall process of handling information security incidents.
Data Retention Period
Our retention periods for Enrolment and Personal Data are based on business needs and legal requirements. We will retain your Personal Data as long as is necessary for the processing purpose(s) for which it was collected and any other permitted linked purpose. Where personal data is no longer needed, we either irreversibly anonymise the data or securely destroy it.
Export outside the EEA (European Economic Area)
Your Personal Data may be accessed by staff or partners, transferred, and/or stored outside the EEA, including to countries which may have a lower level of data protection than under EU Data Protection law.
We must comply with specific rules when we transfer Personal Data from inside the EEA to outside the EEA. When we do this, we will use appropriate safeguards to protect any Personal Data being transferred.
We will transfer your Personal Data subject to European Commission approved contractual terms that impose different data protection obligations directly on the recipient, or as otherwise permitted under EU DP Law.
You have certain rights under the law with regards to how your personal information is processed. These rights are:
- The right to be informed how your personal information is being used.
- The right of access to your personal information.
- The right to rectification if your personal information is incorrect.
- The right to erasure your personal information. (Where the law permits this)
- The right to restrict processing of your personal information.
- The right to data portability.
- The right to object to how your personal information is used.
- Rights in relation to automated decision making and profiling.
- The right to withdraw your consent.
If you feel that your personal information has been handled incorrectly or You have a complaint about how your personal information is processed then You have the right to complain to our Data Protection Officer.