Privacy Policy

Our customer’s privacy is extremely important to us and we take protection of your data very seriously. We only use your personal information for providing our Services and improving the Website.

The below Privacy Policy sets out how we collect, use and process your personal data when you use our website at www.deductic.com (the “Website”). Our Privacy Policy should be read carefully as it becomes legally binding when you use our Services. Note all capitalised words contained herein are fully defined in our Terms of Service.

The data controller of the personal information collected via our Website is Deductic Ltd (“Deductic”) which has its registered offices at 85 Great Portland Street, First Floor, London, England, W1W 7LT, United Kingdom. Our registration number with the Information Commissioner’s Office UK (“ICO”) is ZB286458.

The Data We Collect About You

We will collect and process the following data about you:

  • Information you give us – you likely will give us personal information about you when you sign up or through continued use of our Website and Services. This may include personal information that can be used to identify or contact you such as your name, email address, national insurance number, government identification, and address. This may include accounting and financial information, such as your income and expense data, or credit card or debit card details. There may also be certain instances where we need further personal details from you in order to comply with anti-money laundering regulations.
  • Information we collect about you – when using our Website, we may automatically collect certain log data information. This may include technical information, such as your login information, the Internet Protocol (“IP”) address used to connect your computer/tablet/mobile to the internet, browser type, browser version, pages of our Website that you visit (including time and date of your visit), length of time spent on certain pages, operating system and platform. We may also collect information about your visit, such as the full uniform Resource Locators (“URL”) clickstream to, through, and from our Website (including date and time), information on page interaction (e.g. scrolling, clicks, mouse-overs, etc), page response times, and download errors. If you contact our support team, we may also keep records of your interactions with us for quality control and training purposes.
  • Information we receive from other sources – there may be times that we receive information about you from third parties that we work closely with, such as when you have given them permission to disclose your personal details to us.
  • Information from social media networks – If you access our Website through social media (e.g. Facebook, Instagram, Google, etc) the social networking service may provide us with access to your personal information.

Sensitive Data

We will only process a limited amount of sensitive data to carry out verification of identity documents containing biometric data in order to comply with anti-money laundering regulations. This is also covered under the substantial public interest condition (condition 14) of Part 2, Schedule 1, Data Protection Act 2018.

Users under 18 (“Children”)

Our Website and Services are designed for use by adults aged 18 years and above. Our Website is not intended for, and should not be used by, Children. Therefore we do not knowingly collect Children’s data, unless in specific instances with the parent’s consent due to their need to report such information as part of our Services. If any data is unknowingly collected from a child without verification of parental consent, it would be deleted.

How We Protect Your Personal Information

We have multiple physical, electronic, and procedural safeguards to keep your personal information safe and secure as it is of paramount importance to us.

  • We employ strong encryption of your personal data on our Website.
  • We have a technical security function that proactively monitors for abnormal and malicious activity on our Website and Services.
  • We use Digital Ocean (“DO”) to host our Website and Services, which is a best-in-class cloud services provider and deploys multiple safeguards for physical information security.
  • We restrict access to your personal information to only those employees (or contractors) of Deductic who have a business reason for knowing such information and who are subject to a duty of confidentiality.
  • We have continuous education and training for our employees on the importance of confidentiality and privacy of customer personal information

Disclosure Of Your Information

There may be instances where we disclose your personal information with selected third parties. Most relevant to our Services is that we disclose your information to HMRC when you e-file your tax return through us as part of the contractual necessity for us to provide our Services to you. In other cases, we may do so to enable third parties (e.g. affiliates, suppliers, sub-contractors) to perform and execute a contract we have with them or you, to allow advertising networks to select and serve relevant advertisements to you with your consent, if we are under a legal duty to disclose or share your personal data, to prevent and detect fraud or illegal activity, or to develop customer relationships and services.

Where Your Personal Information is Stored

Our Website is hosted by DO on servers in the United Kingdom (“UK”) and therefore your personal data is kept in the UK. We may transfer and store your data at a destination outside the UK.

It may also be processed by staff operating outside the UK who work for us or for one of our suppliers. Such staff may be engaged in the operation of the Website to provide the Services (e.g. providing support services) or the processing of your payment details. By providing us with your personal information, you agree to this transfer, storage, and processing. It may also be the case that your data is transferred to third parties (see above) based outside of the UK and in such cases both ourselves and our third party partners take adequate and appropriate security measures to protect your data.

In all the above cases, we take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy and applicable law.

Cookies and Other Similar Technology

We use small text files (cookies) to operate our website and to see how you use our website. We put them on your computer, tablet, or mobile device when you visit our website and use them to recognise you and store information or settings in between visits. By accessing this website, you agree that we can set such cookies on your device when you visit our website, although it is entirely your choice as to whether you consent or not (note that blocking cookies may reduce the quality of your experience on our website). For further information on cookies that we use, see our Cookies Policy.

Data Retention

We store your personal information only for the length needed under the law. We only access your data internally on a need to know basis and only if it is absolutely necessary. We always delete data that is no longer required to fulfil our obligations to you or under the law.

Your Rights

Subject to applicable laws, you may have the right to access, correct, and/or erase information we hold about you. Your rights of access, correction, and erasure can be exercised in accordance with the Data Protection Act 2018. This includes requesting the deletion of any personal information that is no longer necessary (subject to any legal obligations we may have to retain this).

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of trade secrets and legal privilege).

If you exercise your rights and it is a non-frivolous request, we will endeavour to respond within a month. Be aware there are a number of limitations to these rights, and so circumstances may arise where we are not able to comply with your request or need to charge a small fee in order to comply with certain requests.

Links to Third Party Websites

Some areas of Our Website and Services may contain links to and from third party websites of our advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies. This Privacy Policy does not cover the actions of those other websites, which we recommend you read before submitting any personal data to those websites. We do not accept any responsibility for the data protection practices of these third party websites.

Changes to our Privacy Policy

This Privacy Policy is effective as of its creation and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page. We reserve the right to update or change our Privacy Policy at any time without notice in order to keep up with changing legislation and best practice. Therefore we encourage you to periodically check back to this page to stay up to date with any changes. Your continued use of the Website following any amendments to the Privacy Policy on this page will constitute your acknowledgment and acceptance of the amended Privacy Policy.

Contact

If you have any questions about our Privacy Policy, please contact us at support@deductic.com. You can also write to us at the following address – 85 Great Portland Street, First Floor, London, England, W1W 7LT, United Kingdom.

Where you are not happy with how we have addressed your questions or you believe your data protection rights have been violated in any way, you can complain to the UK’s ICO via the following link https://ico.org.uk/global/contact-us.