Last Updated: Nov 11, 2024
Privacy Policy
Introduction
Sleekflow Technologies Limited of Cyberport Road, Pok Fu Lam, Southern Hong Kong, with company register number 2654883, trading in the UK as SleekFlow Technologies Company Limited, registered at Room 5 2nd Floor, 39-41 High Street, New Malden, Surrey, United Kingdom, KT3 4BY, with registration number 13855447 (“SleekFlow”, ”we”, ”us”, ”our”) are committed to protecting and respecting your privacy.
We are committed to the protection of the personal data we process in line with the data protection principles set out in the UK General Data Protection Regulation (“UK GDPR”) and the EU General Data Protection Regulation (EU Regulation 2016/679) (“EU GDPR”) (together referred to herein as the “GDPR”); the Hong Kong Personal Data (Privacy) Ordinance (Cap.486) as amended (“PDPO”); the Personal Information Protection Law of the Peoples Republic of China (“PIPL”); the Data Security Law of the Peoples Republic of China (“DSL”); Lei Geral de Proteção de Dados Pessoais of Brazil (“LGPD”); the UK Data Protection Act 2018 (“DPA 2018”); and the Privacy and Electronic Communications Regulations 2003 (“PECR”), as amended.
We have aligned our company data protection compliance programme to the core requirements of the GDPR, as this is considered by SleekFlow as the global ‘gold standard’ of data protection regulation.
This Privacy Notice (“Notice”) explains how we treat personal information processed on our bespoke platform, SleekFlow, what we collect when you visit our website, contact us by email, phone or through one of our social channels, or through other communications. It also explains what information we collect automatically when you visit our website and the information we collect when you use our services.
Please be aware that we have separate privacy notices for employees and job applicants, available from SleekFlow Human Resources. Please also be aware that our clients’ have their own privacy notices on their respective websites.
Our work is predominantly as a Processor for our clients; however, SleekFlow is the Controller for our employee data and for the contact details of our clients. As such, in line with the requirements of UK data protection law, we are registered as a Controller in the UK with the Information Commissioner’s Office (“ICO”), registration number ZB360772.
As an information-led business, we place great importance on ensuring the quality, confidentiality, integrity and availability of the data we hold and in meeting our data protection obligations when processing personal data. We are committed to protecting the security of your personal data. We use a variety of technical and organisational measures to help protect your personal data from unauthorised access, use or disclosure.
We update this Notice from time to time in response to changes in applicable laws and regulations, to our processing practices and to the products and services we offer. When changes are made, we will update the date at the top of this document. Please review this Notice periodically to check for updates.
What information do we process?
Information provided by our clients
The categories of personal data processed by us varies between clients, but may include:
Name
Job Title
Business address
Business mail address
Business telephone number(s)
Business financial information
Location data
Personal data processed on our SleekFlow platform, determined by the Controller
Information provided to us via our website
We process all information you provide to us via our website (“our site”), by telephone, email or otherwise. This includes information you provide when you register for our services as a client, enquire about a product or service, use one of the social media functions linked to our website, or when you report a problem with our website.
The categories of personal data processed may include:
Name
Job Title
Email address
Telephone number
Device information
Location data
Cookies and Web Beacons
SleekFlow uses cookies on our website and web beacons in some emails. Cookies are small text files and web beacons are small graphic images. They are downloaded to your device when you visit a website or receive certain emails, unless you have set your browser to reject them.
We use cookies to remember your preferences and improve your overall experience of our site. We use web beacons to track the actions of individuals (such as email recipients) and measure the success and response rates of our marketing campaigns.
Below is a list of the cookies we use and the purpose of use:
| Type of Cookie | Purpose |
|---|---|
| Session Cookies | These enable you to carry out some essential functions on our sites, such as maintaining log-in details for the session or a transaction. They also help by minimising the need to transfer information across the internet. They are not stored on your computer and expire when you terminate your browser session or logout of certain areas. |
| Analytics | We like to keep track of what pages and links are popular and which ones don’t get used so much to help us keep our site relevant and up to date. It’s also very useful to be able to identify trends of how people navigate our site and help us provide a more friendly solution. |
| Third-party cookies | Analytics tracking (and most web tracking software) use cookies in order to provide meaningful reports about site visitors. However, analytics cookies do not collect personal data about website visitors. |
To learn more about cookies, web beacons and what you can do to opt out of receiving them, please visit https://www.allaboutcookies.org/.
Purposes and bases for processing your personal data
We may use your data for the following purposes and on the following lawful bases:
| Purposes | Lawful Bases for Processing |
|---|---|
| Responding to correspondence from you | It is in our legitimate interest to respond to enquiries made through our website, by telephone, email, through our social channels or any other means |
| Processing data to facilitate client service requirements | We process personal data under written instruction, bound by the contract between us and our client |
| Business management, forecasting and statistical purposes | It is in our legitimate interest to identify areas for managing current business relationships, developing our services and conducting reasonable forecasts for our business |
| Improving our website and the overall website visitor and user experience | It is in our legitimate interest to allow analytics and search engine optimization to help improve and optimize our website We use cookies on our website with your consent |
| Prevention and detection of crime including money laundering, fraud or other crimes | It is in our legitimate interest to identify areas for managing current business relationships, developing our services and conducting reasonable forecasts for our business |
| Responding to suggestions and complaints in order to continually improve the services we provide | It is in our legitimate interest to provide the best service to users of our website and to increase features in order to continually improve and expand the services we provide |
| Analyse and track use of our website for reporting and analytical purposes | It is in our legitimate interest to monitor our website usage in order to continually improve user experience |
Sharing your information
If sharing your personal data becomes necessary for the purposes of providing our services to you, we will only share it where appropriate safeguards are in place, such as the UK International Data Transfer Agreement (“IDTA”) or the EU Standard Contractual Clauses (“SCCs”) with supplementary measures, to ensure your personal data is protected to the same standard expected under the GDPR.
We may, on occasion, engage the services of a third-party sub-processor. Any such third party will act under our written instructions and will adhere to strict data protection obligations, including the implementation of appropriate technical and organizational measures which meet the processing requirements of the GDPR.
We also use a third party for hosting infrastructure, website performance and management, error monitoring, support and other functionality. The written contract in place between us and this third party provides for the maintenance of confidentiality, security, and integrity of the information we share with them.
Our website includes links to social media platforms and messaging services (WhatsApp, Facebook, Instagram, LinkedIn, ‘X’ (formerly Twitter)). Once you navigate away from our site via one of the links, the site may collect your IP address and may set a cookie on your device. When you use one of these links, you are sharing information to another website or service and this Notice will no longer apply. Please read the privacy notices provided by the particular service website you are directed to, before posting any personal information using these links.
Your rights
The GDPR provides you with certain rights in relation to the processing of your personal data, including to:
Request access to personal data about you (a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are processing it lawfully.
Request rectification, correction, or updating of any personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
Request personal data provided by you to be transferred in a structured, commonly used and machine-readable format.
Request erasure of personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove personal data where you have exercised your right to object to processing (see below).
Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you (e.g., if you want us to establish its accuracy or the reason for processing it).
Object to the processing of your personal data in certain circumstances. This right may apply where the processing of your personal data is based on the legitimate interests of SleekFlow.
Some of these rights are not absolute and are subject to various conditions under applicable data protection and privacy legislation, laws, and regulations to which we are subject. If at any time you decide that you no longer wish to be contacted for marketing purposes, or if you would like to exercise any of your rights as set out above, you can contact us at legal.compliance@sleekflow.io. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In addition to the above, please note that you have the right to make a complaint at any time to the relevant supervisory authority within the UK and EEA if you are concerned about the way in which we are handling your personal data.
Data retention
We will retain your personal data for as long as is necessary to provide you with our products and ongoing services and for a reasonable period thereafter, to enable us to meet our contractual and legal obligations and to deal with complaints and claims.
At the end of the retention period, your personal data will be securely deleted in accordance with our Personal Data Retention Policy.
Data protection officer
Due to the nature of our personal data processing, we are required by law to appoint a Data Protection Officer (“DPO”). We have therefore appointed Evalian Limited as our DPO, details as follows:
Evalian Limited, West Lodge, Leylands Business Park, Colden Common, Hampshire, United Kingdom. SO21 1TH
Tel: 03330 500 111
Email: dpo@evalian.co.uk
Contact
You can contact us in relation to data protection and this Notice by emailing legal.compliance@sleekflow.io.