This policy also explains your rights in relation to your personal information and how to contact us or the relevant supervisory authorities in the event you have a complaint.
To enable us to provide the Hoddle service to you, we collect, use and store some of your personal information and consequently we are subject to the General Data Protection Regulations (“GDPR”).
GDPR is the EU Data Protection regulations and this was adopted by the UK in it’s entirety into UK law as the UK General Data Protection Regulation (“GDPR”) as tailored by the Data Protection Act 2018 (“DPA”).
For the purposes of DPA, Hoddle is responsible as ‘controller’ for that personal information.
The responsible authority for the collection, processing and use of personal data is Hoddle Ltd, (“Hoddle”). Hoddle Limited is the owner of Hoddle.app.
Hoddle is registered with the Information Commissioner’s Office UK (ICO). If you have any questions about how we protect or use your data, please contact us through our app Hoddle.app.
Legal basis for processing your data
The legal basis we use for collecting and processing your information according to current legislation is:
- Where you have provided your consent to use your data
- If we have a legitimate interest to do so provided this does not go override your legal rights
- When necessary for entering into or performing a contract with you
- Where we believe it is in your best interests to share your personal details
- Where required to comply with our legal and regulatory obligations.
We will collect and process the following data about you:
Information you provide
- You will be required to provide us information about you when you sign up to Hoddle, personal details such as your name and email address. This also includes information you provide through use of Hoddle services, your participation in discussion boards or other social media functions on our App such as competitions, promotions or surveys and by reporting problems with our Services. The information you give us may include your name, address, email address, phone number, financial information (including credit card, debit card, or bank account information), payment reason, geographical location, social security number, personal description and photograph.
- In some cases, such as when you send or receive high value or high volume transactions or where we need to comply with anti-money laundering regulations, we may be required to request further commercial or identification information from you.
Information we collect
With regard to your use of our Services, we may automatically collect the following information:
- details of the transactions you carry out when using our services including geographic location from which the transaction originates
- technical information including the Internet protocol (IP) address, login details, browser, date, time and time zone, etc.
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our App (including date and time)
- products you viewed or searched for; page visit information and methods used to browse away from the page.
Information from other sources.
We may receive information about you from multiple external sources such as social media or any of the third parties who provide services to Hoddle. For example:
- the banks you use to transfer money to us will provide us with basic personal data such as name, address, your bank account details and transaction history
- our third party service providers may also provide us with your name and address as well as other financial information such as card payment information
- advertising networks, analytics providers and search information providers may provide us with other information about you such as how you found Hoddle.app
- credit reference agencies do not provide us with any personal information about you but we may use them to corroborate the information which you yourself provided
Hoddle do not allow access via social media accounts (for example, Facebook or Google)
As part of our regulatory requirements, Hoddle will process some sensitive data when we carry out verification of identity documents that contain biometric data. For this, we will rely on the substantial public interest condition in Article 9(2)(g) of the GDPR and on condition 14. Preventing fraud in Part 2 of Schedule 1 of the DPA 2018.
Our products and services are directed at adults aged 18 years and over and are not intended for children. Our verification process prevents Hoddle from collecting such data however, in the unlikely event that such data is accidentally collected from a child without verification of parental consent, it will be deleted.
How we use your data
We only use your information as needed:
- to fulfil our contractual obligations to you to provide you with our services
- to comply with our legal and regulatory obligations
- to notify you about changes to our services
- to provide you with a safe and secure service
- to satisfy our internal operational needs, including data analysis, testing, research, statistics and problem solving
- to regularly review and improve our services to you
- to allow other Hoddle customers to request or send money to you through our services
- to measure the effectiveness of any advertising we may provide you with
- to allow you to participate in interactive features of our services
- to provide you with information about other similar goods and services
- to combine information we receive from you and from other sources we collect about you and to use this for any of the above.
How we protect your data
Security of your data is one of our key priorities and we take your trust in us very seriously. The following are some of the measures we use to ensure security of your data:
- All Communication between you and Hoddle is encrypted
- We perform regular testing and penetration testing of our system defences
- Our Systems team proactively monitor for any unusual activity such as malware or cyber attacks
- Your information is subjected to several layers of protection such as your passcode which are unique to you
- Our team undergo regular training and updates to ensure they are up to date with the latest threats
- Our Risk & Compliance team continually monitor and review all activity to identify any unusual patterns
- We restrict access to your personal information to those employees of Hoddle who have a business reason for knowing such information.
- We maintain appropriate physical, electronic and procedural safeguards that comply with the relevant laws and regulations to protect your personal information from unauthorised access
- We require all our third party service providers to provide the same level of due diligence, monitoring and oversight.
Disclosure of your data
Hoddle will not sell, share or otherwise disclose your data to any third parties for commercial gain however we may disclose your personal data to selected third parties under the following circumstances including:
- affiliates, third party service providers, suppliers and subcontractors for the performance and execution of any contract we enter into with them or you
- advertisers and advertising networks solely to select and serve relevant adverts to you and others with your consent
- analytics and search engine providers that assist us in the improvement and optimisation of our site; and
- Hoddle group entities or subsidiaries
- in the event that Hoddle might buy or sell any business or assets we may disclose your personal data to the prospective buyer/seller
- where we have a contractual duty to disclose or share your personal data in order to comply with any legal obligation
- where we are required to enforce or apply our Customer Agreement and/or any other applicable agreements, or to protect the rights, property, or safety of Hoddle, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
- to assist us in conducting or co-operating in investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so;
- to prevent and detect fraud or crime;
- in response to a subpoena, warrant, court order, or as otherwise required by law;
- to assess financial and insurance risks;
- in the event of your insolvency to recover debt and
- where appropriate, to develop customer relationships, services and systems.
Hoddle do not maintain a specific list of all third parties we share your data with. This would be dependent on your specific use of our Services. However, should you wish any further information about who we have shared your data with or a list specific to you, please contact us through our app at tHoddle.app
Sharing and storing your data
As mentioned above, in order to provide our services to you, it may be necessary for us to transfer your data to third party service providers who may be based outside of the UK. In such event, Hoddle will ensure that both we and our third party service providers take all appropriate security measures to protect your data. We will also ensure that appropriate contractual protections are in place with these parties before transferring any of your data.
Profiling and Automated Decision Making
We want you to have the best possible experience we can give you, so like many firms, we may use data such as your transaction history, to personalise your services, the information we provide to you and in general to to address your needs to the best of our ability.
E.g.: You may regularly transfer funds from one particular currency to another and we might use this to inform you of relevant product updates or other features that you might find useful.
We may also use Automated Decision Making (ADM) to improve your experience or to help fight financial crime. E.g.: to provide you with a fast and efficient service, we may use ADM to
- verify your identity documents, or
- to confirm the accuracy of the information you have provided to us.
Rest assured, we’ll take all necessary measures to ensure that your data privacy and security is protected. These activities and/or ADM processes have no legal effect on you.
For HMRC and other accounting and regulatory reasons, Hoddle is required by law to store some of your personal and transactional data beyond the closure of your account with us. We will only access your data internally on a need to know basis, and we’ll only access or process it if absolutely necessary.
We will always delete any data that is no longer legally required to be held and we will only hold your data for as long as we are legally bound to and no more.
In the UK, you may have the right to access any information we hold about you and you can exercise this right in accordance with the provisions of the Data Protection Act 2018 (“DPA”).
Should you have any questions regarding our use of your data, please contact us and we will do all we can to answer your questions and/or resolve any issues you may have.
All of your personal data will be available to you via your unique login to your Hoddle account however under the DPA and in certain conditions, you may have the right to require us to:
- provide details on how we use your data
- provide a copy of the information that you have gave us
- update any incorrect or out of date personal information we hold
- delete any personal information that is no longer necessary or no longer subject to a legal obligation to which Hoddle is subject to. Hoddle has certain legal obligations so it may not be possible to delete your data at the time of request. In such circumstances, we will comply with your request as soon as any required time has elapsed
- stop processing your data by withdrawing your consent
- request that we discontinue any direct marketing to you updating the notification preferences of your account;
- where we undertake wholly automated decision making resulting in a legal obligation, you may request that we provide information about the decision-making methodology and request that we verify that the decision was made correctly. Under certain circumstances, we may legally reject such requests. E.g.:
- If the response would result in the disclosure of a trade secret or
- Would interfere with the prevention or detection of fraud or other crime ort
- Require the disclosure of another person’s personal data
- object to any processing of your data on the rounds of legitimate interests unless our reasons for that processing outweighs any presumed prejudice to rights
- restrict how we use your information whilst a complaint is being investigated
Exercise of these rights is subject to exemptions that safeguard the public interest such as the prevention or detection of crime and our interests such as the maintenance of legal privilege.
Should you exercise any of these rights, we will first confirm your entitlement to do so before responding. In most cases, we will respond within 30 days.
Linked Third Parties
From time to time, our app may contain links to and from the websites of our partner networks and affiliates. In the event that you follow a link to any of these websites, please note:
When you click on any of these links and enter these websites, you have left Hoddle.app. These websites are responsible for their own privacy policies and we recommend that you review these policies before providing any personal data. Hoddle cannot accept any responsibility for these sites.
Your Privacy is very important to us which is why we give you this undertaking. We will ensure that this policy is maintained current and up to date with changes to UK legislation, regulation and best practice.
In the event revisions to this policy and/or changes in how we process your data are required, we will immediately publish the updated Policy on our website to keep you up to date. So keep in touch with the latest policy by checking in periodically.
- In the event you believe we may not have addressed your issues adequately or you believe that we have infringed your data protection or privacy rights in some way, you may complain to the UK supervisory body responsible for enforcing the UK privacy laws. This is the Information Commissioner’s Office (“ICO”) whose details may be found at the following link to their website:
ICO website. https://ico.org.uk/