Terms & Conditions

Introduction

1. onboardbrands.com (“OB”) is the brand name and website for ONBOARD BRANDS, a technology product by AKOJO LTD, registered in the UK under company number 11543543. If you have any comments or queries please contact support@onboardbrands.com.

2. This Privacy Policy, updated on 6 December 2022, outlines the information we collect about you on our website, as well as information collected when you communicate or interact with us, how we use the information and the choices you have to review, revise and/or restrict our usage of this information. This Privacy Policy is separate to the data protection and confidentiality clauses we include in our client agreements.

3. Our Cookies Policy is set out below, at the end of this Privacy Policy.

Purpose

1. Purpose

   2.1.1   In accordance with new EU / UK General Data Protection Regulation (GDPR) rules, this Privacy Policy aims to give you information on how OB collects and processes your personal data through your use of this website, including any data you may provide through the website when you sign up to receive our marketing material, purchase a product or service or take part in a competition.
   
   2.1.2   This website is not intended for children and we do not knowingly collect data relating to children.

2. Controller

   2.2.1   onboardbrands.com is the controller and responsible for your personal data (collectively referred to as, “we”, “us” or “our” in this Policy).

3. Contact

   2.3.1   You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (https://ico.org.uk). In the UK, please read: https://ico.org.uk/for-the-public/raising-concerns/ for details of how to do this. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

4. Changes

   2.4.1   We may need to update this Privacy Policy at any time and where we do this we will notify you of such changes on our website and/or by emailing you.

   2.4.2   It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.

Data We Collect

1. OB collects customer information in an effort to:
   • a)   improve our customers user experience;
   • (b)   to communicate with our customers about our products, services and promotions; and
   • (c)   to enhance and improve the performance and accuracy of our operations and website.
2. We may collect the following types of information when you register, save your information with us or just generally use our website:
   • (a)   Identity Data includes first name and last name. It also includes your gender, if you choose to provide it to us;
   • (b)   Contact Data includes the data we use to contact you including your email address, browsing location and telephone number;
   • (c)   Profile Data includes your username (email address), your login data, orders made by you, your interests, preferences, feedback and survey responses;
   • (d)   Financial Data includes the payment method and card association used to process your payments for your orders. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third party service providers;
   • (e)   Transaction Data includes details about transactions you have made on our website including the payments to and from you along with other details of products and services you have purchased from us;
   • (f)   Technical Data includes details about the device(s) you use to access our website including your browser type and version, location, browser plug-in types and versions, operating system and platform on the devices you use to access this website;
   • (g)   Usage Data includes information about how you use our website, products and services. This includes your browsing patterns and information such as how long you might spend on one of our webpages and what you look at and for on our website; and
   • (h)   Marketing and Communications Data includes your preferences in receiving marketing from us.

3. We may also collect, use and share aggregated and/or anonymised data (“Aggregated Data”) such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

4. Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, where you do not provide suitable delivery instructions to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

Third Party Links

1. Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

Third Party Data Sharing

1. We may also collect from and share data with the following:
   • (a)   Cloud storage providers – we may use cloud computing platforms that securely store all of our data, including customer details.
   • (b)   Email service providers – in order to send you marketing content and transactional emails, we share your details with our email service providers.
   • (c)   Social Media Platforms – We may make your name and email address available to companies in order to advertise and market our services to you through other platforms on the internet (e.g. Instagram).
   • (d)   Analytics tools – we use analytics tools to track the way that users interact with our website.
   • (e)   Customisation tools – we use digital tools to understand how you engage with our website and show you content we think will be most relevant to you, based on our understanding of your interests and preferences.
   • (f)   Payment providers – in order to facilitate any payments made on our site, we facilitate the sharing of your financial data with payment providers.
   • (g)   Marketing and insights providers – marketing and insights tools allow us to understand our customers better so that we may provide you with the best possible website, products and customer service experience. We may share certain information about our customers to facilitate this process.
   • (h)   Customer service platforms – when you interact with our customer service team, your details may be shared with our customer service platform providers.
   • (i)   Feedback providers – we may engage a third party to send out feedback forms on our behalf.
   • (j)   Professional Advisers and Investors – we may also share your data with professional advisers such as our lawyers and insurers to manage risks and legal claims, and/or as part of our relationship and obligations to our investor organisations. This is in our legitimate interests.
   • (k)   Group companies & purchasers – it is possible we could sell our business to a third party or re-organise our business or become insolvent. In that scenario, our database of customers is one of the biggest parts of that business and so we would need to share it with the third-party buyer and their advisers. This is in the legitimate interests of selling our business.
   • (l)   Law Enforcement/Legal Compliance – we will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement requests from within or outside your country of residence. This may include disclosing your personal information to government or law enforcement agencies, or private parties, when we have a good faith belief that disclosure is required by law or when we, in our discretion, believe that disclosure is necessary to protect our legal rights, or those of third parties and/or to comply with a judicial proceeding, court order, fraud reduction or legal process served on us. In such cases, we may raise or waive any legal objection or right available to us. These uses of your data are in our legitimate interests of protecting our business security,(each party being an “External Third Party”).

2. We require all third parties to respect the security of your personal data and to treat it in accordance with the law and they may only use your data for the purposes we specify in our contract with them. We will always work with them to protect your privacy.

Your Personal Data

1. • 6.1.1   We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
     (a)   Where we need to perform the contract we are about to enter into or have entered into with you;
     (b)   Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
     (c)   Where we need to comply with a legal or regulatory obligation.
   • 6.1.2   Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third-party direct marketing communications to you via email or text message.
2. Opting out
   • 6.2.1   You can ask us to stop sending you marketing messages at any time by logging into your account and [adjusting your marketing preferences, by following the opt-out links on any marketing message sent to you or by contacting us at any time].
   • 6.2.2   If you opt out of receiving email marketing from us, we will no longer share your email address with External Third Parties. However, you may continue to see our ads through them, due to their general demographic targeting. Please check the social media platforms for more detail of how to opt out from seeing these ads.
   • 6.2.3   Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase or related correspondence, and we will continue to process such data in accordance with this Privacy Policy and only ever as permitted by law.

International Processes

1. Some of our External Third Parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.

2. Whenever we transfer your personal data out of the EEA, we will ensure a similar degree of protection is afforded to such personal data.

3. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA

Data Security

1. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

2. We will limit access to your personal data to our employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

3. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

4. You acknowledge that the Internet is not a completely secure medium for communication and, accordingly, we cannot guarantee the security of any information you send to us (or we send to you) via the Internet.

5. We are not responsible for any damages which you, or others, may suffer as a result of the loss of confidentiality of such information.

Data Retention

1. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.