Privacy Policy

Effective Date: 20.12.2023

Data Controller Information

Deep Clear Technologies Ltd, is the data controller. Registered office address,26 Alderminster, Stratford-Upon-Avon, England, CV37 8NY. Company registration number, 15192347.

Information We Collect

Personal Data

When you use our Investment Centre and website, we may collect personally identifiable information (“Personal Data”) for the following purposes –

Registration and Account Information

To access certain features, you may need to create an account. We collect information such as your name, email address, and other details relevant to your account.

Communication Data

We may process data when you communicate with us, including emails and other forms of communication.

Usage Data

In addition to Personal Data, we collect information on how the Service is accessed and used (“Usage Data”). This may include:
• Internet Protocol (IP) address
• Browser type and version
• Pages of the Service visited
• Date and time of visits
• Time spent on pages
• Unique device identifiers
• Other diagnostic data

Legal Basis for Processing

The processing of your personal data is based on

Consent
You give explicit permission for the processing of your personal data for specific purposes. Consent must be freely given, informed, and easily withdrawable.

Contractual Necessity
Processing is necessary for the performance of our contract to which you are party to the implementation of pre-contractual measures taken at the individual’s request.

Legal Obligation
Processing is necessary for compliance with a legal obligation including obligations imposed by laws or regulations.

Legitimate Interests
Processing is necessary for the legitimate interests pursued by Deep Clear Technologies Ltd or a third party, except where such interests are overridden by your fundamental rights and freedoms. Legitimate interests might include fraud prevention, direct marketing, or improving services.

Vital Interests
Processing is necessary to protect someone’s life. This legal basis is typically used in emergency situations where the life or health of an individual is at risk.

Public Task
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority.

International Data Transfers

If we transfer personal data outside the UK or the European Economic Area (EEA), we ensure the appropriate safeguards are in place, such as standard contractual clauses or Privacy Shield certification.

Retention Period

We retain personal data for a minimum 6-month period, this may be extended based on the terms and conditions of individual contracts.

Purpose Limitation
It is deemed that it is necessary for your data to be held for a minimum 6 month period to enable us to deliver your desired outcomes regarding our standard contractual agreement

Consent Duration
Data may be retained for longer if we have agreed an extended contractual period with you.

Third-Party Service Providers

We may share your Personal Data with third-party service providers to facilitate the Service or assist us in analysing how our Service is used. These third parties are obligated not to disclose or use the information for any other purpose.

Cookie Policy

We use cookies and similar tracking technologies to enhance your experience on our website. By using our website, you consent to the use of cookies in accordance with our Cookie Policy

Data Security

The security of your data is important to us. We implement and maintain appropriate security measures, including

Data Classification

All data handled by us is classified based on sensitivity. Categories may include, but are not limited to, Public, Internal Use, Confidential, and Restricted. Access controls and security measures are implemented based on these classifications.

Data Access and Handling
• Access to personal data is restricted to authorised personnel only.
• User access privileges are assigned based on job responsibilities and the principle of least privilege.
• Employees are trained on data handling procedures, including secure storage, transmission, and disposal.

Data Encryption
• All sensitive data in transit is encrypted using secure protocols.
• Stored personal data is encrypted, especially when stored on mobile devices, portable media, or in the cloud.

Physical Security
• Physical access to data storage locations is restricted and monitored.
• Workstations and devices with access to personal data are secured when unattended.

Network Security
• Firewalls, intrusion detection/prevention systems, and other security measures are implemented to protect the network infrastructure.
• Wireless networks are secured using encryption and strong authentication protocols.

Incident Response
• An incident response plan is in place to address and mitigate the impact of data security incidents.
• Employees are trained on reporting security incidents promptly.

Data Breach Notification
In the event of a data breach, Deep Clear Technologies Ltd will comply with the GDPR requirements for notifying the appropriate authorities and affected individuals.

Data Retention and Disposal
• Personal data is retained only for the period necessary for the purposes for which it was collected.
• Regular reviews and audits are conducted to ensure compliance with data retention policies.
• Secure methods are used for the disposal of data, including shredding physical documents and secure deletion of electronic records.

Employee Responsibilities
• Employees are required to sign confidentiality agreements and are made aware of their responsibilities in safeguarding personal data.
• Regular training and awareness programs are conducted to keep employees informed about data security best practices and policy updates.

Data Security Compliance Review
• Periodic reviews of data security policies, procedures, and controls are conducted to ensure ongoing compliance with applicable laws and regulations.

Policy Review and Updates
• This policy will be reviewed regularly, at least annually, and updated as needed to reflect changes in the regulatory landscape or business practices.

Children’s Privacy

Our website is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at kate@deepclear.tech

Data Subject Rights

You have the right to access, correct, or delete your Personal Data. If you have any questions or requests regarding your data, please contact us at kate@deepclear.tech

Notification of Breach

In the event of a data breach, we will notify users and relevant authorities in accordance with applicable data protection regulations.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. Changes will be effective when posted on this page. We will notify you of any significant changes via email or a prominent notice on our website.

Policy Review

This privacy policy will be reviewed and updated every 6 months. Users will be informed of changes through email or a notice on our website.

Contact Us

If you have any questions about this Privacy Policy, please contact us at Andrew@deepclear.tech