Privacy Policy

Last Updated: 27 July 2021

Who are we and what is this policy all about?

Hello! We are Libryo Limited, a company incorporated in terms of the laws of England & Wales, under registration number 1000773, and registered in terms of the company laws of South Africa as a foreign company under registration number 2016/471548/10 (Libryo, our, us or we).

We are committed to protecting your data and respecting your privacy and this Privacy Policy (Policy) explains how we do it.

This Policy applies to users (like you) of all of our websites (Websites), which are accessible from libryo.com and its sub-domains, including our Customer Platform (the Customer Platform), as well as any associated mobile applications (Mobile Apps) owned and controlled by Libryo from time to time. Libryo is the operator of the Websites and the Customer Platform.

By using any of the Websites or the Customer Platform, you consent to how we use data as described in this Policy. If you do not agree with the data practices described in this Policy, you should not use the Websites or the Customer Platform.

We may modify this Policy from time to time. We will use our reasonable endeavors to notify you of any material amendments to this Policy by placing a clear notice about them on the Websites and the Customer Platform or by other means. Please review this Policy whenever you use this Site or the Customer Platform as any changes apply from the date that we make them.

About your privacy and where we fit in

Whether you are just a visitor to our Websites, or a Libryo Customer using the Customer Platform, we act, for the most part, as the ‘data controller’ of your personal data. This means that we determine how and why your data is processed. We are registered as a data controller at the UK Information Commissioner’s Office under reference number ZA482985. For the purposes of this Policy, a "Customer" is any company, organisation or person who has subscribed to the Customer Platform and the products and services provided via the Customer Platform.

Note that, where we process personal information in South Africa, we do so as either a responsible party or an operator, depending on the context. This means that, while we sometimes determine how and why your data is processed (as a responsible party), we also process data in accordance with contracts or mandates we have with our customers.

If you are a Libryo Customer, using the Customer Platform, and you make use of certain features of the Customer Platform which allow for the upload and storage of certain documents or information, we act as the ‘data processor’. This means we only process your data to help us provide our service to you, or in accordance with your instructions, or as required by law.

It is important to us that you fully understand where you fit in in this process, so we ask that you -

  • please continue to read this Policy carefully;
  • if you are a Libryo Customer, please also check the contracts between us: they may contain further details on how we collect and process your data; and
  • take note that if you provide us with personal information about other people, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. By submitting the information, you confirm that you have the right to authorise us to process it on your behalf, in accordance with this Policy.

How and why we use your data?

Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:

The information we collect allows us to manage your requests, login and authenticate you, remember your settings, process payments and facilitates hosting and back-end infrastructure as well as to personalise your experience of the Websites and Customer Platform.

(The Legal basis for our use of your data is due to a contract that is in place between us and you and / or your employer, as our Customer, and / or legitimate interests)

The information we collect allows us to administer and improve our Websites and Customer Platform. It allows us to test features, interact with feedback platforms and questionnaires, manage landing pages, use heat mapping on our site, ensure traffic optimization and facilitates data analysis and research, including profiling and the use of machine learning and other techniques over your data and in some cases using third parties to do this.

(The Legal basis for our use of your data is due to a contract that is in place between us and you and / or your employer, as our Customer, and / or legitimate interests)

The information we collect allows us to communicate with you and provide customer services, including notifying you of any changes to our service, investigate any queries or complaints, solving issues via live chat support, phone or email, including any bug fixing.

(The Legal basis for our use of your data is due to a contract that is in place between us and you and / or your employer, as our Customer)

The information we collect, with your consent, allows us to contact you (by emails and messages) with information, newsletters, blogs and relevant marketing materials about topics relevant to you as well as our new features, products and services. It also allows us to conduct statistical and trend analyses and market research.

(The Legal basis for our use of your data is due to you having given us your explicit consent)

The information we collect allows us to report to your employer, as our registered Customer, about its users and their usage of the Customer Platform, as well as the subscribed for products and services.

(The Legal basis for our use of your data is due to a contract that is in place between us and you and / or your employer, as our Customer, and / or legitimate interests)

The information we collect may be used to allows us to meet any applicable legal, regulatory and compliance requirements including, allowing us to monitor and analyse the use of any account to prevent, investigate and/or report fraud, misrepresentation, security incidents or crime.

(The Legal basis for our use of your data is due to a contract that is in place between us and you and / or your employer, as our Customer, and / or legitimate interests)

Please be aware that we may employ the services of third parties to help us in certain areas. In some cases the third party may receive your personal information. However, at all times, we will control and be responsible for the use of your information where a third party acts on our behalf.

Consent, Contract, Legitimate Interests? What do these terms actually mean?

You have given clear consent for us to process your personal data for a specific purpose. It is important that you know that you can change your mind at any time.

If you have previously given consent to our processing your data, you can freely withdraw such consent at any time. You can do this by emailing us at datasuccess@libryo.com / contacting us as set out in the Getting in Touch with Libryo section below.

If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights.

Processing your data is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.

Processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:

  • gaining insights from your behaviour on our Websites or Customer Platform;
  • delivering, developing, growing and improving the Libryo service;
  • enabling us to enhance, customise or modify our services and communications;
  • determining whether marketing campaigns are effective and improving them; and
  • enhancing data security

In each case, these legitimate interests are only valid if they are not outweighed by your rights and interests.

What data we collect and when and how we do it

From the first moment you interact with Libryo, we collect data. Sometimes you provide us with data, sometimes data about you is collected automatically.

Types of data we collect

We may collect, store and use the following kinds of personal information about you

Information that you provide to us when registering on a Website or our Customer Platform or in relation to purchases of or subscriptions for our products and services (including your contact details (see below), subscription information (see below), password and, if payment is required, your financial information (see below))

Your name, address, telephone number, email address and other contact details.

Your bank account number, sort code, credit/debit card details and any other related details that you provide.

Information that you provide to us for the purpose of subscribing to our notifications, newsletters or bulletins.

Information generated in the course of the use of our products and services (including the timing, frequency and pattern of service use).

Your IP address or other device ID, login information, browser type and version, time zone setting, referral source, browser plug-in types, geolocation information about where you might be, operating system and version.

Information collected about your device and your use of our Websites or the Customer Platform including your URL clickstreams (the path you take through any of these sites), products/services viewed, page response times, download errors, how long you stay on our pages, what you do on those pages, how often, and other actions.

Information collected through cookies and similar technologies (for more information see the Cookies section below)

Information contained in or relating to any communications that you send to us through our Websites or the Customer Platform or by other means (including the content and metadata associated with the communication).

We use mobile analytics software to allow us to better understand the functionality of our Mobile Apps on your mobile device. This software may record information relating to how often you use the application, aggregate usage, performance data and where the application was downloaded from.

When you use our Mobile Apps we may also collect your city location, device model and version, device identifier, OS version and your Libryo Customer credentials.

We may send push notifications on our Mobile Apps from time to time. If you no longer wish to receive such notifications, you are able to turn them off at a device level.

Information about you that your employer, as our registered Customer, provides to us (including the details of persons who are authorised users of our Customer Platform and our products and services).

Any other personal information that you choose to send to us.

We don’t collect any "sensitive data" about you (like racial or ethnic origin, political opinions, religious/philosophical beliefs, trade union membership, genetic data, biometric data, health data, data about your sexual life or orientation, and offences or alleged offences) except when we have your specific consent, or when we have to in order to comply with the law.

Libryo is a business-to-business service directed to and intended for use only by those who are 18 years of age or over. We do not target Libryo at children, and we do not knowingly collect any personal data from any person under 16 years of age.

When and how we collect your data

We collect the data for the reasons set out above when:

  • you browse any page of our Websites;
  • you fill out a contact form on our Websites;
  • you give us data in person, on the phone or by email;
  • you use our Customer Platform; and / or
  • when you use any of our Mobile Apps.

Your privacy rights and choices

What are your privacy choices?

If you choose to do this, you can continue to use the Websites and browse their pages, but we will not be able to process transactions without personal data. You will be unable to use the Customer Platform if you choose not to provide us with personal data, like your name and email address and so on.

You can block cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings. If you turn off cookies, you can continue to use the website and browse its pages, but certain services will not work effectively.

We will inform you (before collecting your data) if we intend to use your data for marketing and if third parties are involved. You can opt out from marketing by clicking on the link from any marketing emails we may send you and following the the steps to unsubscribe, emailing us at datasuccess@libryo.com or contacting us as set out in the Getting in Touch with Libryo section below

What are your privacy rights?

Should you wish to exercise any of your rights, please contact us by clicking on the link from any marketing emails we may send you and following the the steps to unsubscribe, emailing us at datasuccess@libryo.com or contacting us as set out in the Getting in Touch with Libryo section below

We may require you to provide verification of your identity before we provide a copy of the information we hold.

Your right to access the information we hold about you includes the right to ask us for supplementary information about:

  • the categories of data we are processing;
  • the purposes of data processing;
  • the categories of third parties to whom the data may be disclosed;
  • how long the data will be stored (or the criteria used to determine that period); and
  • your other rights regarding our use of your data.

We will provide you with the information within one month of your request. Please note that in certain circumstances we may withhold access to your information where we have the right to do so under current data protection legislation. We will tell you if we cannot meet your request for that reason.

You may review, correct, update or change your personal information at any time.

We may use your data to determine whether we should let you know information that might be relevant to you (for example, tailoring emails to you based on your behaviour). Otherwise, the only circumstances in which we will do this is to facilitate your use of the Libryo Customer Platform and the related products and services.

You can do this by asking us to erase any personal data we hold about you. We will only be able to do this if it is no longer necessary for us to hold the data for purposes of your use of the Libryo Customer Platform or any related products and services.

Should you request it, we will give you a copy of your data in a structured, commonly-used, machine readable form so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you. We will not do so to the extent that this involves disclosing data about any other individual.

You can manage your communication preferences by using any unsubscribe or ‘opt-out’ mechanisms provided within the communications that you receive.

Please contact us at datasuccess@libryo.com before lodging a complaint. We would like to have a chance to address your concerns. If we are unable to resolve your concerns, you can address any complaint to the UK Information Commissioner’s Office, either by calling their helpline or as directed on their website at www.ico.org.uk.

We have physical, electronic, and managerial procedures to safeguard and secure the information we collect. For more information on our efforts to ensure your data is held in a secure manner, please see our Data Security Policy.

Importantly, please remember that…

  • You provide personal data at your own risk: unfortunately, no data transmission is guaranteed to be 100% secure.
  • You are responsible of your username and password: it is up to you to make sure that they are safe and secure.
  • If you believe your privacy has been breached, please contact us immediately.

Storing of personal data

The personal data we collect is processed:

  • at our offices in London and Cape Town;
  • where our employees work remotely to those offices, and where they have access to your personal data to enable them to carry out their work, at the location of such employees; and
  • in any data processing facilities operated by the third parties identified below.

By submitting your personal data, you agree to this transfer, storing or processing by us. We may transfer some or all of your data to countries outside the European Economic Area (EEA) (for example, to third party service providers and to our our other offices or remote working locations from time to time). Some of these countries may not have data protection laws equivalent to those in force in the EEA. If we transfer or store your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue to be protected as outlined in this Privacy Policy.

We will archive and stop actively using any personal identifiable information about you within 6 months from the last time you used the Libryo Customer Platform or a related product or service or visited or interacted with the Libryo Websites. We will delete your personal data from our archives no later than 6 years from the last time you used the Libryo Customer Platform or a related product or service or visited or interacted with the Libryo Websites or as agreed with you in a separate contract.

Technology businesses often use third parties to help them host their applications, communicate with customers, power their emails etc. We partner with third parties who we believe are the best in their field at what they do.

When we do this, sometimes it is necessary for us to share your data with them in order to get these services to work well. Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy.

Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Infrastructure

Service Provider

Amazon Web Services, Inc. (Privacy policy)

Data collected or shared
  • Contact details
  • Data from your contracts
  • Data that identifies you
Purpose

This is a web hosting provider: we use it to store contracts and other data you generate by using the service securely in the cloud.

Place of Process

EU

Analytics

Service Provider

Google Analytics (Privacy policy)

Data collected or shared
  • Contact details
  • How you use Libryo and the Websites
  • Data that identifies you
  • Cookies
Purpose

Google Analytics is a web analytics service: we use it to track your use of the Websites to improve them and your experience

Place of Process

USA

Communications

Service Provider

Hubspot, Inc. (Privacy policy)

Data collected or shared
  • Contact details
  • Data of how you use the Customer Platform and the Websites and your communication with us.
  • Cookies
Purpose

So we can make sure we only send you relevant and interesting communication and help you succeed in purchasing and using Libryo.

Place of Process

USA

Payments

Service Provider
Data collected or shared
  • Email address
  • Full names
  • ID numbers
  • Bank account details
Purpose

To enable us to make payment to staff and contractors.

Place of Process
  • UK
  • South Africa
  • Ireland

Cookies

We use cookies or similar technologies. Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify when the browser visits each page. Watch this useful video from Google to understand this better. Unless you adjust your browser settings to refuse cookies, we (and the third parties indicated above) will send cookies to your browser when you interact with Libryo. These may be ‘session’ cookies, meaning they delete themselves when you leave any of our sites or ‘persistent’ cookies which do not delete themselves and help us recognise you when you return so we can provide a tailored service and optimise our Websites and Customer Platform.

You can block cookies by activating a setting on your browser allowing you to refuse the setting of cookies. You can also delete cookies through your browser settings. If you use your browser settings to disable, reject, or block cookies (including essential cookies), certain parts of our website will not function fully. In some cases, our website may not be accessible at all. Please note that where third parties use cookies we have no control over how those third parties use those cookies

To find out more about cookies please visit www.allaboutcookies.org or see www.youronlinechoices.eu which contains further information about behavioral advertising and online privacy.

Links to other websites

Our Websites and our Customer Platform may contain links to other websites over which we have no control. We are not responsible for privacy policies or practices of other websites to which you choose to visit from any of any of our Websites or our Customer Platform. Our provision of such links does not constitute our endorsement of these other websites, their content, their owners, or their practices. We encourage you to review the privacy policies of those other websites so you can understand how they collect, use and share your information.

Security

We have implemented reasonable technical and organisational measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration or disclosure. However, the Internet is an open system and we cannot guarantee that unauthorised third parties will never be able to defeat those measures or use your personal information for improper purposes.

Getting in touch with Libryo

Congratulations for getting to the end of this policy. We’re very impressed. We have designed it to be as transparent, clear and useful as possible. If you have any questions about this Policy or our treatment of your personal information, would love to hear from you: Please email us at: datasuccess@libryo.com