B2B Privacy Policy

Last updated: 13th January 2024.

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

The words of which the initial letter is capitalised have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Policy:

  • Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.
  • Company (referred to as either “the Company”, “We”, “Us” or “Our” in this Agreement) refers to Botmedica Ltd, Bartle House, 9 Oxford Court, Manchester, M2 3WQ; Company number: 15317962.
  • Country refers to: United Kingdom of Great Britain and Northern Ireland.
  • Device means any device that can access the Service such as a computer, a mobile phone or a digital tablet.
  • Customer Company Data pertains to information related to the business entity of the Customer.
  • Personal Data is any information that relates to an identified or identifiable individual and the company or organisation to which they are affiliated.
  • Service refers to the chat assistant application provided to the Customer by the Company.
  • Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analysing how the Service is used.
  • Authorised Users of the Service are limited to legitimate visitors of the Customer’s website, including customers and prospective customers. It also includes the Customer’s employees and any other person working for, or on behalf of the Customer, including contractors.
  • Website refers to our website, accessible from https://botmedica.com/.
  • You (the “Customer”) refers to the organisation or legal entity that has engaged the Company to provide the Service to Authorised Users.

Collecting and Using Your Personal Data

Personal Data

For provision of the Service, We may ask You to provide Us with certain information that can be used to contact or identify You or the company or organisation to which You are affiliated. We may also obtain Company Data from publicly accessible sources, or an authoritative online database.

Usage Data is collected automatically when You use our Website. This might encompass details such as Your computer’s Internet Protocol address (IP address), the type and version of Your web browser, the specific pages within our Service that You access, the date and time of Your visit, the duration of Your interaction with those pages, distinctive device identifiers, and additional diagnostic information.

Personal Data may include, but is not limited to:

  • Personal details (title, first name, last name, position)
  • Contact details
  • Company information (company name, company number, country of registration)
  • Usage Data
Use of Your Personal Data

We collect and process Your Personal Data based on the lawful basis outlined in Article 6(1) of the UK GDPR. Our lawful basis for processing includes, but is not limited to, the necessity of processing for the performance of a contract, compliance with a legal obligation, protection of vital interests, consent, and the pursuit of legitimate interests.

We rely on legitimate interests as the lawful basis for certain data processing activities under Article 6(1)(f) of the UK GDPR. These interests may include, but are not limited to, ensuring the security of our systems, analysing and improving our services and conducting marketing activities.

In further detail, the Company may use Personal Data for the following purposes:

  • To provide and maintain our Service, including to monitor the usage of our Service and Website.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us.
  • To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, regarding updates or informative communications related to the functionalities, products or contracted services, when necessary or reasonable for their implementation.
  • To provide You with news, special offers and general information about other goods, services and events, given that You have opted into these communications.
  • To manage Your requests: To attend and manage Your requests to Us.
  • For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our customers is among the assets transferred.
  • For other purposes: We may use Your information for other purposes, such as evaluating and improving our services, customer data analysis, determining the effectiveness of Our promotional campaigns and improving Our customer support processes.

We may share Your personal information with various categories of recipients under the following circumstances:

  • With Service Providers: We may share Your personal information with third-party Service Providers, such as cloud-based providers and/or marketing firms, to assist in data storage, processing, monitoring and analytics. This helps Us to provide, monitor and analyse the use of the Service, our customer support processes and our marketing efforts. These Providers are selected based on their ability to meet data protection and security standards, and they are contractually bound to adhere to our data protection requirements.
  • For business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of Our business to another company.
  • With Affiliates: We may share Your information with Our affiliates, in which case We will require those affiliates to honour this Privacy Policy. Affiliates include any parent company or other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
  • With business partners: We may share Your information with Our business partners to offer You certain products, services or promotions.
  • With Your consent: We may disclose Your personal information for any other purpose with Your consent.
Retention of Your Personal Data

The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use Your Personal Data to the extent necessary to comply with our legal obligations (for example, if We are required to retain Your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

If there is not a specific retention period applicable, We determine the retention period based on the nature of the data, the purposes for which it is processed, and legal requirements. Once Your information is no longer necessary for the purposes it was collected, We will securely delete or anonymise it.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company’s operating centers and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ to those of Your jurisdiction.

Transfer of personal data outside the European Union (EU) or European Economic Area (EEA) may be made without Adequacy Decision. When such transfers occur, We ensure the adequate protection of Your data by implementing appropriate safeguards, such as standard contractual clauses or other mechanisms as required under Article 46, 47, or 49 of the UK GDPR. Copies of these safeguards and additional information regarding the transfer of Your data can be obtained by contacting us, using the information at the end of this document.

Your consent to this Privacy Policy followed by Your submission of such information represents Your agreement to such transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Policy and no transfer of Your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of Your data and other personal information.

Delete Your Personal Data

You have the right to delete or request that We assist in deleting the Personal Data that We have collected about You.

You may contact Us to request access to, correct, update, amend or delete any personal information that You have provided to Us.

Please note, however, that We may need to retain certain information when We have a legal obligation or lawful basis to do so.

Disclosure of Your Personal Data
Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Policy.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability
Security of Your Personal Data

The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

CCPA

Under the CCPA, among other rights, Customers of California have the right to:

Request that a business that collects a consumer’s personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.

Request that a business delete any personal data about the consumer that a business has collected.

Request that a business that sells a consumer’s personal data, not sell the consumer’s personal data. Note that We do not sell personal data.

If You make a request, We have one month to respond to You. If You would like to exercise any Your CCPA rights, please contact us.

GDPR

The Company is compliant with the UK GDPR and has Data Processing Agreements in place with sub-processors of personal data.

We would like to make sure You are fully aware of all of Your data protection rights. Every Customer is entitled to the following:

The right to access – You have the right to request copies of Your personal data. We may charge You a small fee for this service.

The right to rectification – You have the right to request that We correct any information You believe is inaccurate. You also have the right to request that We complete the information You believe is incomplete.

The right to erasure – You have the right to request that We erase Your personal data, under certain conditions.

The right to restrict processing – You have the right to request that We restrict the processing of Your personal data, under certain conditions.

The right to object to processing – You have the right to object to our processing of Your personal data, under certain conditions.

The right to data portability – You have the right to request that We transfer the data that We have collected to another organisation, or directly to You, under certain conditions.

If You make a request, We have one month to respond to You. If You would like to exercise any of these rights, please contact us.

Your consent to the processing of personal data is required to access and use Our Service, in accordance with our business partnership agreement. By incorporating Our Service into Your offerings, You are providing consent to the processing of Your personal data as outlined in this Privacy Policy. You have the right to withdraw this consent at any time. Withdrawing consent will not affect the lawfulness of any processing done prior to the withdrawal. To withdraw consent or for any inquiries regarding Your personal data, please contact Us using the information at the end of this document. The process for withdrawal is as simple as granting consent.

Complaints: You have the right to lodge a complaint with a supervisory authority, such as the Information Commissioner’s Office (ICO), if You believe We have not handled Your data correctly. Please contact Us first. If You are not satisfied, You may contact the ICO at 0303 123 1113.

Children’s Privacy

We do not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 18 without verification of parental consent, We take steps to remove that information from Our servers.

If We need to rely on consent as a legal basis for processing Your information and Your country requires consent from a parent, We may require Your parent’s consent before We collect and use that information.

Our Website may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

This Privacy Policy was drafted with the help of the Privacy Policy Generator, then subsequently reviewed and finalised by our team. We may update Our Privacy Policy from time to time. We will notify You of any changes by email and by posting the new Privacy Policy on this page, prior to the changes becoming effective. We will also update the “Last updated” date at the top of this Privacy Policy.

Contact Us

If You have any questions about this Privacy Policy, You can contact us by email at legal@botmedica.com.