- Who we are and what is our role in collecting your data?
- What information do we collect about you and why do we collect it?
- How we use the information about you?
- How we protect your information?
- How long do we keep your information for?
- Giving your information to others
- International data transfers
- Acting as data processor
- Accessing, correcting and deleting your data
- Changes to this policy
- Contacting Jezzam
1 Who we are and what is our role in collecting your data?
Jezzam Ltd owns and provides various websites, services, and software that facilitate scheduling and appointment management (collectively known as our "Services"). We are registered as a data controller with the Information Commissioner’s Office, which is the UK’s supervisory authority for data protection matters.
For the purposes of data protection, we act as both a data controller and a data processor depending on the specific context in which we collect data.
a) Personal Data we collect for our own purposes
When you visit our website or subscribe to use our Services we are using your data for our own purposes. In these cases we are acting as the data controller. In other words, we are responsible for deciding what personal data we collect from you and we determine the purpose and means of the processing of that personal data.
b) Personal Data we collect on your behalf
When you, our Customer, are using our Services for appointment scheduling and are collecting the personal data of individuals making bookings (End-Users), we are acting as the data processor for you and you are acting as the data controller. In other words, you have made the decision to collect personal data and are responsible for deciding what personal data is collected from your End-Users. Jezzam processes that data in accordance with your requirements.
If you use Jezzam's Services and operate within the EU or any of your End-Users are EU citizens, then you, our customer, are the controller and you are responsible for informing your End-Users about the processing. As a data controller, you are also responsible for being compliant with the GDPR or any other local Data Privacy and Protection legislation.
2. What information do we collect about you and why do we collect it?
We may collect, store and use the following kinds of personal information:
Website usage data: We may process information about your computer and about your visits to and use of our websites and Services. This data may include, but is not limited to, your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths). The legal basis for this processing is our legitimate interest in monitoring and improving our websites and Services for you.
Account data: We may process data for your account details when you register for an account on our website or Services. This data may include your name, email address, address, telephone number and profile pictures. The legal basis for this processing is our legitimate interest in the proper administration of our business, the performance of any legal obligations we might have and the provision of our Services to customers and their End-Users.
Transaction data: We may process data relating to any purchases you make of our Services or any other transactions that you enter into through our website or Services. This data may include your name, address, telephone numbers, email address and card details. The legal basis for this processing is our legitimate interest in the proper administration of our business, the processing of transaction and the handling of issues relating to the transactions.
Support data: We may process personal data provided in the course of using our support services. The legal basis for this processing is our legitimate interest in the providing you with the best support we can in relation to the use of using our Services.
Correspondence data: We may process data contained in or relating to any communication that you send to us or send through our website. This data may include the communication content and metadata associated with the communication. The legal basis for this processing is our legitimate interest in the proper administration of our business and in providing you with the most effective communications.
Please note, before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with this policy
3. How we use the information about you?
We may use your personal information to:
- administer our website and business
- personalise our website for you
- enable your use of the Services available on our website
- supply to you Services purchased through our website
- send statements, invoices and payment reminders to you, and collect payments from you
- send you non-marketing and transactional communications required for the effective operation of our Services
- send you email notifications that you have specifically requested
- send you marketing communications relating to our business which we think may be of interest to you, where you have specifically consented to this. You have the right to remove this consent at any time and can contact us or use links in these communications to do so
- send you occasional requests to solicit your feedback about our Services
- deal with enquiries and complaints made by or about you relating to our website
- keep our website secure and prevent fraud
- verify compliance with the terms and conditions governing the use of our website
- comply with any legal or regulatory obligation required of us
Users of Services may register for an account (a ‘Site Account’) to implement scheduling and appointment management. If you are an End-User of any Site Account, your personal information may be shared with that Site Account and any other Site Account that you transact with or have transacted with in the past. This includes but is not limited to, making and managing bookings and/or becoming a member of the Site Account. In these cases the Site Account is acting as a data controller and Jezzam is processing your personal data on their behalf.
If you submit personal information for publication using our Services, we will publish that information accordingly.
To help us quickly and efficiently resolve customer support issues, you consent to us logging into your account from time-to-time. If you do not wish us to access your account, then you may notify us in writing.
4. How we protect your information?
We take protecting your information seriously and have appropriate physical and technological security measures in place to keep it safe. All data that is transferred via our website is protected by a mechanism called Secure Socket Layer (SSL). This is a standard technology which provides a secure connection between internet browsers and websites, allowing you to transmit private data online. Within our organisation, we restrict access to personal information. Only staff who need the information in order to do their jobs have access to it.
5. How long do we keep your information for?
We only keep your personal information for as long as in necessary to properly administer our business and to provide you with the Services you have requested. Where you have signed up for a trial or a subscription to use our Services and no longer wish to use the Service, we provide ways for you to easily remove your information (please see our support site for more details).
We keep information for backup purposes and we also need to keep some information for longer periods of time, where it is required by law.
6. Giving your information to others
We do not sell, trade, or otherwise transfer your personal information to other companies for marketing purposes.
However, we may ask other companies to process or provide services to you on our behalf. These services may include processing payments, providing you with help, sending you informative emails, requesting your feedback and/or review of our Services and analysing data. We will only provide those companies with the information they need to deliver the service we have asked them to provide, and they must not use the information for any other purpose.
All our website financial transactions are handled through our payment service providers, Stripe and PayPal. You can review the providers' privacy policies at https://stripe.com/gb/privacy and https://www.paypal.com/uk/webapps/mpp/ua/privacy-full. We will share information with our payment service provider only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
We may have to reveal your information by law or because a court, the police or other law-enforcement agency has asked us for it. If a majority of our shares are bought by another company or we transfer a substantial amount of our assets to another company, we will give your personal information to that purchaser.
7. International data transfers
Information that we collect may be stored and processed in and transferred between any of the countries in which we operate in order to enable us to use the information. Information that we collect may be transferred to the following countries which may not have data protection laws equivalent to those in force in the European Economic Area: the United States of America and India. Personal information that is collected through the Services may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
If you do not want your personal information to be transferred across borders, you should not provide Jezzam with your personal information or use our Services.
8. Acting as a data processor
If you sign up for a trial or subscription to use our Services, the information set out in the policy applies to your data, as we are acting as a data controller for that information. However, for the information you are collecting about your End-Users, we are the data processor. If you use Jezzam's Services and operate within the EU or any of your End-Users are EU citizens, then you are the controller and you are responsible for informing your End-Users about the processing. As a data controller, you are also responsible for being compliant with the GDPR or any other local Data Privacy and Protection legislation
9. Accessing, correcting and deleting your data
Jezzam has been designed with the promotion and protection of privacy in mind. We fully respect your rights concerning the personal information that we have collected about you.
You have the right to access the personal information we hold about you. You can view the information in your Site or User Account by logging in to your account. You also have the right to request a copy of your personal information from us, which we will provide in a usable format.
You have the right to have any inaccurate personal data about you corrected. You can correct the information in your Site or User Account by logging in to your account. You can also contact us to have information corrected.
You have the right to delete any personal data. You can delete your Site or User Account by logging in to your account. You can also contact us to have your information deleted. Please note, deletion of you personal information may only be possible if your use of our Services is terminated. We may not be able to delete certain information if it is required by law for us to keep it.
10. Changes to this policy
11. Contacting Jezzam