PRIVACY POLICY

If your country of residence or establishment is within the European Economic Area (“EEA”), Switzerland or the United Kingdom, the Privacy Policy for European Users apply to you.

If your country of residence or establishment is outside of the EEA, Switzerland, and the United Kingdom, the Privacy Policy for Non-European Users apply to you.

DISCLAIMER FOR EUROPEAN USERS

01 Who We Are

Easol Trading Limited Limited ('Easol', 'we', 'us' or 'our') is a private company limited by shares, registered in England and Wales with Company Number 09245218 and registered office address at 34 High Street, Aldridge, Walsall, West Midlands, United Kingdom WS9 8LZ.

Easol’s core business relates to the provision of software systems and services allowing suppliers such as event and experience companies, tour operators and holiday/travel agencies to market effectively to, and communicate with, their customers (our ‘Services'). For the purposes of data protection law, for certain activities we are a data processor acting upon the instructions of our suppliers (‘Clients’). However, in certain circumstances we also act as a data controller. This privacy policy addresses personal data processing we carry out in these circumstances.

02 Scope

This Privacy Policy (‘Policy’) applies to anybody who browses our platform, app, or website (together the ‘Website’). It also applies to those who request communication or services via the Website, those who post material on the Website, and to personal data processed in pursuit of our own marketing and business development efforts. We may also ask you for personal data when you report a problem on the Website. Please also review our Cookies Policy, which forms part of this Policy.

Our clients may also have their own privacy policy which should be reviewed in addition to this policy. This Policy does not apply to the personal data of our Job Applicants, Employees, Agents and Contractors. The fair, lawful and secure processing of these types of data is governed by other company policies outside the scope of this Policy.

03 ACKNOWLEDGEMENT

By submitting personal data to Easol you acknowledge and accept the practices described in this Policy.

04 PERSONAL DATA THAT EASOL COLLECTS FROM YOU

The personal data we collect from you includes:

  • The name and contact details that you provide at the time of making an enquiry (e.g., your email), when you register as a Easol customer, or otherwise submit personal data via the Website;
  • Your payment and address details;
  • Your marketing preferences, including any consent you have given us, which may be adjusted or withdrawn at any time;
  • Information you provide when you complete surveys that we use for research purposes;
  • Your browser or device information; and
  • Information about your use of the Website.
05 PROCESSING ACTIVITIES

The following table summarises the types of data processing activities we undertake in relation to personal data subject to this Policy:

Information we ProcessPurposes for ProcessingLegal Basis for Processing
Publicly available informationTo contact event companies and tour operators to enquire whether they are interested in becoming Clients of Easol.Our legitimate interests, namely the pursuit of our own marketing and business development efforts.
Any personal data you provide to us on or after registration, such as names, contact details, occupation, purchase history, etc.
  1. To facilitate the delivery our Services.
  2. To deliver promotional materials when:
    • specifically requested;
    • consent is given by way of your marketing preferences;
    • authorised in the context of a specific request.
  3. To allow you to participate in interactive features of our Service, if you choose to do so;
  4. To notify you about changes to our Services.
  5. To publish testimonials.
  1. The performance of our contractual obligations to our Clients.
  2. The performance of our contractual obligations to users of our Services.
  3. Your consent (private individuals/sole traders) or our legitimate interests, specifically the pursuit of our own marketing and business development efforts.
Information you generate when you visit our website or our apps

To:

  1. Ensure that content from our Website is presented in the most effective manner for you and your device;
  2. provide and/or enhance functionality on our Website;
  3. analyse the performance of our Website;
  4. make sure our Website is robust and safe; and
  5. deliver relevant marketing from time to time from us and our partners. For further information, please see ourCookie Policy.
Our legitimate interests, namely monitoring and improving our website and services, and your consent whenever required (such as for non-essential cookies).

We may combine data from different sources. For example, we may combine data that we have collected offline with data we collect online.

If you submit any personal data relating to other people to us, you represent that you have the authority to do so and to permit us to use the information in accordance with this Policy.

06 THIRD PARTIES

You understand and acknowledge that we use the services of third party suppliers to facilitate our business and our Services, including but not limited to customer relationship management systems, holiday/travel agencies, event companies and tour operators. These suppliers have given contractual undertakings that they will safeguard personal data disclosed to them in the course of providing such services and have agreed to be held liable in the event of any breach of data protection law for which they are responsible. We reserve the right to disclose personal data to Clients or suppliers for the purposes of fraud monitoring and reducing credit risk. Our legal basis for this processing is our legitimate interests, namely the protection of our own and our clients’ businesses and legal rights.

In addition to these suppliers, there are other third parties with whom we may need to share your personal information for the reasons set out below:

Third PartyPurposes for ProcessingLegal Basis for Processing
Companies within our corporate group (including affiliates and ultimate beneficial owners), or who acquire a controlling interest in our business or its assetsTo facilitate the provision and promotion of our Services and to monitor business development.The performance or negotiation of the contractual relationship between us and our Clients, our legitimate interests, specifically the pursuit of our own marketing and business development efforts, and your consent whenever required.
Suppliers, such as CRM systems and marketing agenciesTo facilitate the provision and promotion of the Services.The performance or negotiation of the contractual relationship between us and our Clients and our legitimate interests, specifically the pursuit of our own marketing and business development efforts.
Professional advisors, such as accountants and solicitorsOnly when necessary, and limited to what is necessary.Our legitimate interests, namely the proper administration of our business, or fulfilling our legal obligations to Clients or users of our Services or in relation to enforcing or defending legal claims.
Competent authorities, such as regulatory authorities, the Police and HMRCOnly when compelled to and/or when under an obligation to do so.Compliance with legal obligations, such as for the purposes of fraud reporting or other criminal activity, or in order to apply or enforce our Acceptable Use Terms.
07 INTERNATIONAL TRANSFERS

We work solely with world-class suppliers, some of whom have branches outside the European Economic Area (‘EEA’). Any transfers of your personal data outside the EEA take place only subject to appropriate safeguards as provided in data protection law. These safeguards are intended to secure your rights as a data subject with respect to any relevant non-EEA domiciled entities.

Personal data may in limited circumstances be shared with our affiliates in order to provide and/or develop our Services or where one of the other legitimate interests identified above applies. Personal data collected in the EEA may be accessed from our US affiliate Easol, Inc. This is usually carried out for the purposes of providing 24/7 customer support or in relation to product development. Easol assumes responsibility for the security of personal data that is accessible by our overseas affiliates.

08 YOUR RIGHTS

We are committed to guaranteeing the statutory rights of individuals. If you send us a request regarding your rights under data protection law we will respond within one month of receipt and, where possible, address your request within such time. Where necessary, this period may be extended by up to a further 60 days.

The persons to whom this Policy applies are under no statutory or contractual obligation to provide personal data to Easol. However, should you decide to submit personal data to us, you will have the following rights, as a data subject, under data protection law as summarised below:

the right to be informedthe right to accessthe right to rectification
the right to erasurethe right to restrict processingthe right to object to profiling
the right to data portabilitythe right to complain to the Information Commissioner's Officethe right to withdraw consent (e.g. to direct marketing)

Please note these rights may not always apply, for example if fulfilling your request would require us to reveal personal data relating to another user, or if you ask us to delete information which we are required by law to keep or have a compelling legitimate interest in keeping. If this is the case, then we will let you know at the same time as we respond to your request.

Easol does not engage in automatic decision making which is capable of producing legal or other significant effects for individual data subjects.

Detailed information on the content and the means to exercise your rights is provided by the United Kingdom's Information Commissioner's Office.

09 RETENTION PERIOD

Easol operates an internal Data Retention Policy. In respect of all personal data within the scope of this Policy, Easol will retain such personal data until you advise us to securely dispose of it, or until it becomes outdated, or it is no longer appropriate for us to retain such data. It is your responsibility to inform Easol of any material changes to your personal data to ensure it is accurate. Outdated personal data is periodically deleted in accordance with our Data Retention Policy which is available for review upon request.

10 SECURITY MEASURES

Easol operates an internal Information Security Policy. We have taken technical and organisational measures to ensure our own and our suppliers' information security standards are appropriate to the risks associated with the personal data processing we undertake. Our security objectives include guaranteeing the confidentiality, integrity and availability of personal data and the resilience of the systems that process it. Our Information Security Policy is available for review upon request.

It is your responsibility to keep the password provided to you on registration secure and confidential at all times. We will not be held liable for any breach of data protection law arising from your improper use of the Website, or due to your password details being disclosed to any third party. In the event you have reason to believe your interactions with us are not secure, or the integrity of your login has been compromised, please contact us immediately.

11 CHANGES TO THIS POLICY

We reserve the right to amend this Policy from time to time. You will be informed of any material changes without delay.

We reserve the right, in the event that we buy or sell all or part of our business or assets, to disclose personal data held by us to the prospective seller or buyer of such business or assets.

12 Contact

In relation to any queries about this Policy or any other data protection matters, please contact: hello@Easol.com

Ver RS April 2020

DISCLAIMER FOR NON-EUROPEAN USERS

01 Who We Are

Easol Trading Limited ('Easol', 'we', 'us' or 'our') is a private company limited by shares, registered in England and Wales with Company Number 09245218 and registered office address at 34 High Street, Aldridge, Walsall, West Midlands, United Kingdom WS9 8LZ.

Easol’s core business relates to the provision of software systems and services allowing suppliers such as event and experience companies, tour operators and holiday/travel agencies to market effectively to, and communicate with, their customers (our ‘Services'). For the purposes of data protection laws, such as the European Union (‘EU’) General Data Protection Regulation 2016/679 (‘GDPR’) and the UK Data Protection Act 2018, and the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100 et. seq., as implemented and amended (‘CCPA’), for certain activities we may be a data ‘processor’ (as defined by GDPR) or a ‘service provider’ (as defined by CCPA) acting upon the instructions of our suppliers (‘Clients’). However, in certain circumstances we also may act as a data ‘controller’ (as defined by GDPR) or ‘business’ (as defined by CCPA). This privacy policy addresses personal data processing we carry out in these circumstances.

02 Scope

This Privacy Policy (‘Policy’) applies to anybody who browses our platform, app, or website (together the ‘Website’). It also applies to those who request communication or services via the Website, those who post material on the Website, and to personal data processed in pursuit of our own marketing and business development efforts. We may also ask you for personal data when you report a problem on the Website. Please also review our Cookies Policy, which forms part of this Policy.

Our clients may also have their own privacy policy which should be reviewed in addition to this policy. This Policy does not apply to the personal data of our Job Applicants, Employees, Agents and Contractors. The fair, lawful and secure processing of these types of data is governed by other company policies outside the scope of this Policy.

03 ACKNOWLEDGEMENT

By submitting personal data to Easol you acknowledge and accept the practices described in this Policy.

04 PERSONAL DATA THAT EASOL COLLECTS FROM YOU

The personal data we collect from you includes:

  • The name and contact details that you provide at the time of making an enquiry, when you register as a Easol customer, or otherwise submit personal data via the Website;
  • Your payment and address details;
  • Your marketing preferences, including any consent you have given us, which may be adjusted or withdrawn at any time;
  • Information you provide when you complete surveys that we use for research purposes;
  • Your browser or device information; and
  • Information about your use of the Website.
05 PROCESSING ACTIVITIES

The following table summarises the types of data processing activities we undertake in relation to personal data subject to this Policy:

Information we ProcessPurposes for ProcessingLegal Basis for Processing
Publicly available informationTo contact event companies and tour operators to enquire whether they are interested in becoming Clients of Easol.Our legitimate interests, namely the pursuit of our own marketing and business development efforts
Any personal data you provide to us on or after registration, such as names, contact details, occupation, purchase history, etc.
  1. To facilitate the delivery our Services.
  2. To deliver promotional materials when:
    • specifically requested;
    • consent is given by way of your marketing preferences;
    • authorised in the context of a specific request.
  3. To allow you to participate in interactive features of our Service, if you choose to do so;
  4. To notify you about changes to our Services.
  5. To publish testimonials.
  1. The performance of our contractual obligations to our Clients.
  2. The performance of our contractual obligations to users of our Services.
  3. Your consent (private individuals/sole traders) or our legitimate interests, specifically the pursuit of our own marketing and business development efforts.
Information you generate when you visit our website or our apps

To:

  1. Ensure that content from our Website is presented in the most effective manner for you and your device;
  2. provide and/or enhance functionality on our Website;
  3. analyse the performance of our Website;
  4. make sure our Website is robust and safe; and
  5. deliver relevant marketing from time to time from us and our partners. For further information, please see our Cookie Policy.
Our legitimate interests, namely monitoring and improving our website and services, and your consent whenever required (such as for non-essential cookies).
06 DISCLOSURE ACTIVITIES

You understand and acknowledge that we use the services of third party suppliers to facilitate our business and our Services, including but not limited to customer relationship management systems, holiday/travel agencies, event companies and tour operators. These suppliers have given contractual undertakings that they will safeguard personal data disclosed to them in the course of providing such services and have agreed to be held liable in the event of any breach of data protection law for which they are responsible. We reserve the right to disclose personal data to Clients or suppliers for the purposes of fraud monitoring and reducing credit risk. Our legal basis for this processing is our legitimate interests, namely the protection of our own and our clients’ businesses and legal rights.

In addition to these suppliers, there are other third parties with whom we may need to share your personal information for the reasons set out below:

Third PartyPurposes for ProcessingLegal Basis for Processing
Companies within our corporate group (including affiliates and ultimate beneficial owners), or who acquire a controlling interest in our business or its assetsTo facilitate the provision and promotion of our Services and to monitor business development.The performance or negotiation of the contractual relationship between us and our Clients, our legitimate interests, specifically the pursuit of our own marketing and business development efforts, and your consent whenever required.
Suppliers, such as CRM systems and marketing agenciesTo facilitate the provision and promotion of the Services.The performance or negotiation of the contractual relationship between us and our Clients and our legitimate interests, specifically the pursuit of our own marketing and business development efforts.
Professional advisors, such as accountants and solicitorsOnly when necessary, and limited to what is necessary.Our legitimate interests, namely the proper administration of our business, or fulfilling our legal obligations to Clients or users of our Services or in relation to enforcing or defending legal claims.
Competent authorities, such as regulatory authorities, the Police and HMRCOnly when compelled to and/or when under an obligation to do so.Compliance with legal obligations, such as for the purposes of fraud reporting or other criminal activity, or in order to apply or enforce our Acceptable Use Terms.
07 INTERNATIONAL TRANSFERS

We work solely with world-class suppliers, some of whom have branches outside the European Economic Area (‘EEA’). Any transfers of your personal data outside the EEA take place only subject to appropriate safeguards as provided in data protection law. These safeguards are intended to secure your rights as a data subject with respect to any relevant non-EEA domiciled entities.

Personal data may in limited circumstances be shared with our affiliates in order to provide and/or develop our Services or where one of the other legitimate interests identified above applies. Personal data collected in the EEA may be accessed from our US affiliate Easol, Inc. This is usually carried out for the purposes of providing 24/7 customer support or in relation to product development. Easol assumes responsibility for the security of personal data that is accessible by our overseas affiliates.

08 YOUR RIGHTS

We are committed to guaranteeing the statutory rights of individuals. Depending on your jurisdiction, you may have certain rights with respect to your personal data. If you would like to contact us about any of your rights, please do so using the below contact information. Please note that we may request additional information to respond to or fulfill any requests regarding your rights under applicable laws or regulations.

You can always opt out of any subscription for emails, involving any updates, information, postings, news, and/or press releases, by clicking ‘Unsubscribe’ at the bottom of the email. We might still send you some important emails, like responding to you by email if you send us a request or comment.

Your California Privacy Rights

CCPA governs the use of ‘personal information’, which includes any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household.

If you are a California consumer, you may have the right, subject to certain exceptions defined in CCPA, to request that businesses (as defined by CCPA):

  • disclose certain information to you about their collection, use, and disclosure of your personal information over the past 12 months and to request access to such information;
  • delete any of your personal information that it has collected from you and retained; and
  • not sell your personal information.

California consumers also have the right not to receive discriminatory treatment if they exercise the rights list above.

Businesses are not required to respond to a consumer’s requests for access or disclosure of personal information more than twice in a twelve (12) month period.

California Civil Code Section 1798.83 permits California residents to request a list of all third parties to which we, during the immediately preceding calendar year, have disclosed certain personal data for direct marketing purposes. We do not share personal information with other people or non-affiliated businesses for their direct marketing purposes. We are only required to respond to a customer request once during any calendar year. To make such a request you should send a letter to Easol Trading Limited 34 High Street, Aldridge, Walsall, United Kingdom WS9 8LZ. Please be aware that not all information sharing is covered by the California privacy rights requirements and only information sharing that is covered will be included in our response.

Additionally, we do not sell your personal data to third parties.

Easol may act as a service provider when it collects personal information on behalf of Easol’ clients. In such instances, any request for such personal information should be made directly to the organization that uses our Services. If you submit a verified consumer request to Easol for such information, we will direct you to make that request directly to our client.

Your Nevada Privacy Rights

Although Easol does not sell personal data, Nevada residents have the right to submit a verified request directing Easol not to sell their personal data. If you are a Nevada resident, and would like to submit such a request, please send your request by contacting us at: hello@easol.com.

09 RETENTION PERIOD

Easol operates an internal Data Retention Policy. In respect of all personal data within the scope of this Policy, Easol will retain such personal data until you advise us to securely dispose of it, or until it becomes outdated, or it is no longer appropriate for us to retain such data. It is your responsibility to inform Easol of any material changes to your personal data to ensure it is accurate. Outdated personal data is periodically deleted in accordance with our Data Retention Policy which is available for review upon request.

10 SECURITY MEASURES

Easol operates an internal Information Security Policy. We have taken technical and organisational measures to ensure our own and our suppliers' information security standards are appropriate to the risks associated with the personal data processing we undertake. Our security objectives include guaranteeing the confidentiality, integrity and availability of personal data and the resilience of the systems that process it. Our Information Security Policy is available for review upon request.

It is your responsibility to keep the password provided to you on registration secure and confidential at all times. We will not be held liable for any breach of data protection law arising from your improper use of the Website, or due to your password details being disclosed to any third party. In the event you have reason to believe your interactions with us are not secure, or the integrity of your login has been compromised, please contact us immediately.

11 CHILDREN

We do not knowingly or specifically collect personal data from users under the age of 13 and no one under age 13 is authorized to submit any information, including personal data, on the site. If we determine that such information has been inadvertently collected on anyone under the age of 13, we will take the necessary steps to ensure that such information is deleted from our systems. If you are a parent or guardian and become aware that your child has provided us with information, please contact us at the email provided below.

12 Links to other websites

The Website may contain links, references, and other forms of connectivity to third party website, apps, or platforms. This Policy does not apply to the information (including personal data) collected on any such third party website, app, or platform over which we have no influence or control. We are not responsible for the privacy practices of such websites, apps, or platforms. Accordingly, we recommend that you review the privacy notice and related policies posted on any such websites, apps, or platforms.

13 CHANGES TO THIS POLICY

We reserve the right to amend this Policy from time to time, indicated by a revision date below. You will be informed of any material changes without delay. Your use of our Website, and your continued use of our Website after this Policy has been updated, indicates your agreement and acceptance of this Policy, including the modifications made as of the date of your use.

We reserve the right, in the event that we buy or sell all or part of our business or assets, to disclose personal data held by us to the prospective seller or buyer of such business or assets.

14 Contact

In relation to any queries about this Policy or any other data protection matters, please contact: hello@Easol.com

This Policy was last updated on 31 July 2020.