2. Payments for the use of the Send Holiday Postcard app and the Send Holiday Postcard web app are via a Pay As You Go Service (“PAYG”). What we collect: Contact information including your IP and email address that are used to authorise payments via Debit and Credit Cards and via PayPal. We also record the date and time of transactions. We retain copies of the receipted invoices generated when paying to use our PAYG service. All invoices list the names of the postcard recipients. All data encrypted during data transfer and is kept encrypted on Holiday Postcards Ltd’s servers; in the unlikely event of a successful break in of our servers, no data whatsoever will be readable in clear text. This is known as encryption at rest. Holiday Postcards Ltd have also put in place other appropriate security measures to reduce any unauthorised access to their servers.
3. What we do with the information we gather: We require this information to provide you with our service and for internal record keeping, administration and accounting purposes. It will be available to Holiday Postcards Ltd’s Management and also, to its Printers, Accountants, Solicitors, HM Revenue and Customs, Debit and Credit Card providers and to PayPal. Also to any third parties to whom we may wish to sell, transfer, or merge parts of Holiday Postcards Ltd’s business to and any other professional advisers, persons or organisations that the Management deem should have access to all or part of the information collected. You may withdraw your consent anytime by writing to The Data Controller, Holiday Postcards Ltd in accordance with item 8 below. Your details (except for copies of invoices which we must keep for VAT records for at least 6 years), will be removed from our database and you will receive a final message from us, in accordance with item 5 below, advising that your instructions have been carried out.
4. Should Holiday Postcards Ltd be made aware of any unlawful use by the User of the Send Holiday Postcard app or the Send Holiday Postcard web app, then the User irrevocably authorises Holiday Postcards Ltd to report details to any law enforcement authority, giving their permission to disclose all information known about them.
5. Encrypted information of a PAYG service is an unattractive target for hackers. Security has been prioritised for users of the Send Holiday Postcard app and the Send Holiday Postcard web app. As well as storing encrypted information, Holiday Postcards Ltd adopt restricted communications between themselves and users to only 'Push Notifications' and an exchange of messages via their online account. Unless we send a message as a push notification or via your online Account asking you first and getting your acceptance Holiday Postcards Ltd’s policy is never to phone, send text messages or emails or write to anyone; all message exchanges, on any subject, must be initiated via the website message facility without exception; this is to minimise the possibility of users being victims of criminal deception by anyone who masquerades as representing Holiday Postcards Ltd. We will advise you of a message for you to read by an appropriate push notification. Holiday Postcards Ltd cannot be held responsible for you missing important messages if you suppress notifications.
8. Controlling User’s personal information: We will not sell, distribute or lease your information to third parties. Except for third parties detailed in item 3 above, we will not provide User’s information to anyone else unless required to do so by law. You may request details held about you under The General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA 2018). If you would like a copy of the information, please write to The Data Controller, Holiday Postcards Ltd, 30 St Giles, Oxford, OX1 3LE. England. If you believe information we hold is incorrect or incomplete, write as soon as possible, to the Oxford address so we can promptly correct it.