Privacy Policy
Contents
- Summary
- Who do we collect data from?
- What data do we collect and process?
- How do we collect this data?
- Why do we collect this data?
- Lawful basis of processing
- Data Subject Rights
- Data sharing
- How long do we keep data?
- International Transfers
- How do we protect Personal Data?
- Updates to this statement
- Feedback or Questions relating to this statement
Summary
This is the privacy statement for cherry and associated brands, detailed below. This statement details how cherry, its subsidiaries, branches or representative offices, websites, and services collect, use, secure, transfer and share your information.
cherry is a forum provider and also provides mortgage & financial adviser sourcing through its platforms, which includes but not limited to;
- cherry
- cherryplc.co.uk
- cherryFind.co.uk
The companies address is
The Stables,
Little Coldharbour Farm,
Tong Lane,
Lamberhurst,
Tunbridge Wells,
Kent
TN3 8AD
Who do we collect data from?
As a company we mainly provide an online platform for forum users. In addition, we provide a searchable system for the public to locate a suitable mortgage/financial adviser, as a result we primarily collect and process data in relation to the following data subjects;
- Users & Suppliers of cherry
- Data belonging to Employees and prospective Employees/Applicants
What data do we collect and process?
The type and amount of data that is collected, is different in relation to these two types of “data subjects”.
| Users/Suppliers | Employees/Applicants |
|---|---|
| Full name | Full name |
| Address | Address |
| Contact numbers | Nationality |
| Company status | Date of birth |
| Email addresses | Previous address |
| Industry | Email address |
| Payment history with cherry | Contact numbers |
| Anonymised system usage activity | Employment History |
| IP address | Passport number |
| Browser | Driving licence number |
| Operating system | Bank details |
| Search terms | Salary details |
| Referring URLs | Credit history |
| Analytics on how the services are used | Health information |
| Functional system cookies |
How do we collect this data?
| Users/Suppliers | Employees/Applicants |
|---|---|
| From the user through the website | From the individual through the website |
| During conversations over the phone | During conversations over the phone |
| Post | Post |
| Companies House | Data Suppliers |
| Data Suppliers | Credit reference agencies |
| Credit reference agencies | Recruitment agencies |
| Job Centre | |
| Training providers | |
| Health Professionals |
Why do we collect this data?
The reasons we collect information is different depending on the types of “data subject”
| Users/Suppliers | Employees/Applicants |
|---|---|
| Assess the suitability of the service | Access the suitability of the applicant |
| To enable the smooth operation of the service | To administer the employee/employer relationship |
| Administer and manage the account | Pay salary |
| Collect payments and manage billing | Due diligence |
| Prevent fraud and financial crime | Manage effective communications |
| Manage communications | Ensure contractual obligations are met |
| Ensure contractual obligations are met | Compliance & regulatory obligations |
| Compliance with regulatory obligations | Absentee due to sickness |
| System auditing | |
| System optimisation | |
| Communicate system notifications | |
| Communicate features and upgrades | |
| Communicate other products and services offered within the system and by the company and selected third parties | |
| Due diligence |
Lawful basis of processing
The lawful basis of processing is based on the “data subject” as detailed below:
| Users/Suppliers | Employees/Applicants |
|---|---|
| Consent – We will process your data to tell you about ours and our selected partners services and improve the service we give to you. | Consent – We may process your data to tell you about any opportunities that may be of interest to you. |
| Contract – We will process your data to perform the necessary actions to deliver our commitment under the contract we have with you. | Contract – We will process your data to perform necessary actions to deliver our commitment under the contract we have with you. |
| Legal Obligation – We will process your data to comply with our regulatory obligations. | Legal Obligation – We will process your data to comply with our regulatory obligations. |
| Legitimate Interest – We may process your data for market research, analysis of system performance and statistical analysis | Special Category – We may process health data if you are absent due to sickness or injury. |
| Legitimate Interest – We may process your data for market research, analysis of system performance and statistical analysis |
Data Subject Rights
The following outlines the rights that you hold in respect of the processing of your data by cherry.
Some of the rights may not apply or have limitations based on the legal basis of processing that is taking place.
Right to be informed
All Data Subjects will be informed that cherry is processing their data and what legal basis that data is being processed under.
It is the Users sole responsibility to inform their customers of the data processing, reasons, and rights, as a result of that data being with cherry.
Right of Access & Correction
All Users have the right to access all of the data about them which is being processed by cherry. All data processed by cherry is held within the Users account on the system. As a result, all Users can correct any information held about them that is incorrect, using this facility.
Right to Erasure (Right to be Forgotten)
All Data Subjects have the right to be forgotten in relation to any data collected and processed as a result of the Consent basis of processing. If you would like to exercise this right, please contact us so that we can ensure your requirements are met.
Right to restrict processing
All Data Subjects have the right to restrict the processing of data held by cherry to limit the activities it can carry out in relation to the Consent Basis of processing.
If you would like to exercise this right, please contact us so that we can ensure your requirements are met.
Right to Object (Right to withhold Consent)
All Data Subjects have the Right to Object or withhold consent to the processing of their data under the Consent basis of processing as detailed in the “Lawful basis of processing” table above.
If you would like to exercise this right, please contact us so that we can ensure your requirements are met.
Data sharing
cherry Limited, will only share User data, and Employees/Applicants data with its partners in order to fulfil its obligations under the contract it has with them and to satisfy the Legal Obligation requirement.
cherry Limited will only share Users customer data with its partners in order to carry out the various checks and screens that are required under the Users Legal Obligation requirement and in accordance with fulfilling the contractual obligations.
cherry may share data with prospective/future employers in respect of current and past Employees.
Nothing in this document will prevent cherry from making any disclosure of data as required by law or by any competent authority.
cherry Limited does not share any data for any other reason other than what is stated above.
In respect of data that is shared as above, cherry Limited contractually requires all service providers and/or recipients, to safeguard the privacy and security of personal information they process on our behalf and authorise them to use or disclose the information only as necessary to perform services on our behalf or comply with legal requirements.
cherry reserves the right to transfer your information in the event of a sale or transfer (wholly or partially) of our business or assets, with reasonable efforts on the acquirer to protect/use the information consistent with this statement.
How long do we keep data?
In respect of Users/Supplier data:
We only keep information for the amount of time necessary to fulfil the contractual obligation.
We will keep information for an extended period of time in relation to our Legal Obligation, but we will only keep the necessary information for this purpose.
In respect of Employee data:
We only keep information, for the amount of time necessary, to fulfil the contractual obligation.
We will keep information, for an extended period of time, in relation to our Legal Obligation, but we will only keep the necessary information for this purpose.
We will keep data, for an extended period of time, so that we can provide any necessary references required by the data subject.
This data will not be processed for any other reason beyond the term of employment.
International Transfers
cherry does not carry out transfers of data outside the EEA.
How do we protect Personal Data?
The security of personal data is extremely important to cherry, as a company we are committed to protecting the information we collect store and process. We maintain administrative, technical and physical safeguards designed to protect the data you provide, or we collect, against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use.
We use TLS encryption in transit.
cherry stores data only for as long as it is necessary to fulfil the purpose for which the data is collected, unless otherwise required or authorised by applicable law.
cherry takes appropriate measures to destroy or permanently de-identify any data it is instructed to remove from the system as required by the User or legal authority.
Updates to this statement
From time to time this statement may be updated in light of regulatory changes or changes in the manner or way in which cherry operates in relation to its data. With this in mind we suggest you review this statement at regular intervals. If any changes are significant we will endeavour to notify you and ensure your ongoing consent and/or acceptance.
Feedback or Questions relating to this statement
For any enquiries relating to this statement cherry can be contacted in the following ways:
Address
Data Protection Officer
The Stables,
Little Coldharbour Farm,
Tong Lane,
Lamberhurst,
Tunbridge Wells,
Kent
TN3 8AD
Telephone: 0844 800 99 23
Email: Info@cherryplc.co.uk