We are Prospect Technology Ltd trading as myconversation.ai. ICO registration No. ZA786947.
- the personal information we collect about you;
- what we do with your information;
- who your information might be shared with.
Who we are
Prospect Technology Limited (‘we’ or ‘us’) are a ‘data controller’ for the purposes of the Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679 and any subsequent UK data protection legislation and we are responsible for, and control the processing of, your personal information.
Our data protection officer is John Regan.
- our prospective customers and recipients of our marketing communications;
- our customers and users;
- our suppliers, service providers, agents, and subcontractors.
If you are unsure how this policy applies to you, please contact us (see ‘How to contact us’ below) and we will be happy to help.
What information do we collect and process?
Personal information provided by you
During the course of accessing our website or application, using our Services, contacting us, providing services to us, or otherwise dealing with us, you may provide us with a range of personal data which we will use in the course of our business. This personal information may include:
- your name or another unique identifier;
- your gender;
- your address;
- your age and/or date of birth;
- your contact details (which may include your landline telephone number, mobile number, and/or email address);
- payment or other financial details (e.g. payment card information, bank information);
- professional information (e.g. job title and/or type, professional qualifications, industry);
- other related information, including information you provide via user questionnaires and other interactive features made available via our Services.
- Meta data associated with our communications with you
- The contents of our communication and your responses to our communication.
Information we collect automatically
Our Services and may collect certain information about you automatically, such as your IP address, geographical location, browser type and version, operating system, as well as general behavioural information regarding your use of the website, application, Services and your interests.
Personal information provided by third parties
Occasionally we may receive information about you from other sources (such as our suppliers, customers, or group companies), which we will add to the information we already hold about you in order to help us operate our business effectively.
Publicly available information
We may process information found on public social networking profiles (“Public Data“) and other publicly available sources.
Third Party Data
We may process your personal data where we purchase this data from a third party.
We may process data about our communications with you.
Personal information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- transfer the personal data and give consent on his/her behalf to the processing of his/her personal data;
- receive on his/her behalf any data protection notices; and
- give consent to the transfer of his/her personal data abroad.
How we use your data and our legal basis for processing your data
We may process your data for a variety of reasons, including because:
- we are legally obliged to e.g. to confirm your identity;
- the processing is necessary for the performance of the contract with you or your employer to provide our Services; or
- it is in our legitimate business interests to do so.
In some instances, we will rely on your consent to process personal data and where we do this, it will be flagged to you at the time.
In all cases, we agree that personal data will be processed lawfully, fairly, and in a transparent manner and will only be used for clear, established purposes. The personal data we hold and process will be kept as accurate and up to date as possible and will be limited to what is necessary in order to conduct our processing activities.
Our main processing activities for personal data, and the legal basis on which we perform those activities are:
- Finding new clients.
We may process your personal data in order to contact you in relation to our products and services.
Our legal basis for doing so is consent, which you will have given when you provided the personal data to us or one of our suppliers which you can withdraw this consent at any time by following the instructions in our communications or by contacting us. We may also rely on Legitimate Interest as our lawful basis where your request represents an invitation to send you information about our services
We may also contact you in relation to other products and services. Our legal basis for doing so will be the same as for finding new clients, as set out above.
- Communicating with suppliers, service providers etc.
We will process your personal data in order to receive goods and/or services from you and to manage our relationship. Our legal basis for doing so is that the processing is necessary for the performance of a contract.
- Marketing relevant goods or services on behalf of our clients
We will process your personal data in order to market relevant goods and/or services to you and/or your employer. The legal basis for this processing is our legitimate interests, namely the administration of our business, to develop our business, and to deliver services to our clients.
We may process data obtained from third party data suppliers. Where this is the case we will ensure that the supplier has the appropriate lawful basis in place and is GDPR compliant. We will also ensure that we have appropriate evidence of consent where necessary or have an alternative appropriate lawful basis and GDPR compliance processes in place to allow us use your data.
We may process information contained in or relating to communications between us. This ‘Correspondence Data’ is processed for the purposes of communicating with you, record-keeping and to optimise our targeting process. The legal basis for this processing is our legitimate interests, namely the administration of our business, to develop our business, and to deliver services to our clients.
Other processing activities
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of training, fraud prevention, and/or quality assurance. We may also retain copies of communications and details provided to us by you, for example support requests, account queries, complaints, for internal account management and auditing purposes. This is done on the basis of legitimate interests.
We may also use information collected to tailor the advertising displayed to you. This is based on behavioural trends, using cookies (please see our ) and your personal data will not be shared with third parties as a result of this processing. You can remove or disable cookies within your browser settings (see details below). This will not prevent advertising being displayed but will make adverts less relevant to you and your interests.
We may share anonymised reports and statistics regarding the use of our Services, including your responses to questionnaires, demographic information and purchasing information, with third party business partners. Personal information will not be disclosed as part of such reports.
Storage of your information and who your information might be shared with
We store your personal data on third party (Microsoft Azure) servers.
We may disclose your personal data to:
- other companies within our group to the extent that there is a legitimate interest in doing so to support our business aims;
- our agents and service providers, to the extent that they require access to the data in order to provide goods/services to us or to you (for example, the provision of prizes if you enter a prize draw);
- law enforcement agencies in connection with any investigation to help prevent unlawful activity;
- a third party purchaser if we sell our business, in which case, customer and user information will be a transferred asset.
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How to contact us’ below).
We will ensure that adequate records are kept of the personal data we process, the class(es) of data subject whose personal data we hold, the purposes for such processing, the third parties we share personal data with, how we deal with the retention and deletion of personal data, and the technical and organisational measures we have in place to protect such personal data.
What can I do to keep my information safe?
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
Transfers of your information out of the EEA
We do not routinely store or transfer your personal data outside of the European Economic Area. We may need to do so in the future but will only do this if appropriate safeguards are place in accordance with data protection legislation.
How long do we keep your personal information?
We keep your personal information for as long as we need to for the purposes for which it was collected or (if longer) for any period for which we are required to keep personal information to comply with our legal and regulatory requirements. Normally, this will be for as long as you remain a user of the Services and/or, if you enter into any prize draws, for as long as necessary to meet our auditing and regulatory obligations in relation to the entrants of the prize draw(s) and the selected winner(s).
We may use automated processing to verify your contact details and to determine whether to contact you as part of a prospecting campaign on behalf of our clients. The purpose of this process is to determine whether the campaign is likely to be of interest to you and to verify your contact details.
- recognise you whenever you visit us or access any Service (this speeds up your access as you do not have to log in each time);
- obtain information about your preferences, online movements and use of the internet;
- carry out research and statistical analysis to help improve our content, products and services and to help us better understand our user requirements and interests;
- target our marketing and advertising campaigns and those of our partners more effectively by providing interest-based advertisements that are personalised to your interests;
- make your online experience more efficient and enjoyable.
We work with third party suppliers who may also set cookies on the Services. These third party suppliers are responsible for the cookies they set on our Services. If you want further information please go to the website for the relevant third party. Description of cookies
Cookies generally fall into the following categories:
- Session cookies are automatically deleted at the end of each browsing session, typically when the web browser is closed.
- Persistent cookies remain until the expiry date and time set by the web server. They can be manually deleted by the user.
- 1st party cookies originate from the same domain as the website being visited, in this case endsleigh.co.uk.
You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our Service features may not function as a result.
For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies .
What rights do you have?
You are responsible for ensuring that information you provide to us is accurate, complete and up-to-date. You can review and change your information by contacting us.
You have a number of rights in relation to your personal data, these include the right to:
- find out how we process your data;
- request that your personal data is corrected if you believe it is incorrect or inaccurate;
- obtain restriction on our, or object to, processing of your personal data;
- if we are relying on consent, you can withdraw your consent to our processing of your personal data (including any direct marketing);
- if we are relying on legitimate interests for direct marketing, you can object to receiving such direct marketing;
- obtain a copy of the personal data we process concerning you. We will take steps to verify your identity before responding to your request. Once we have verified your identity we will respond as soon as possible and in any event within one month;
- lodge a complaint with the UK supervisory body, the Information Commissioner’s Office (the ICO) here https://ico.org.uk/. If you have a concern or complaint about the way we handle your data, we ask that you contact us in the first instance to allow us to investigate and resolve the matter as appropriate.
If you would like to exercise any of your rights or find out more, please contact us. We will respond to data subject requests within one month, although up to two months may be required for more complex requests.
How to contact us
If you wish to contact us, please send an email to email@example.com