Privacy Policy

Introduction

Welcome to Caax Limited ("we," "our," or "us"). We are committed to safeguarding the privacy of our users and customers. This Privacy Policy explains how we collect, use, and protect your personal data when you use our software-as-a-service (SaaS) accounting product (the "Service"). This policy complies with the General Data Protection Regulation (GDPR) and the Data Protection Act 2018, applicable within the United Kingdom.

By using our Service, you agree to the collection and use of your personal data as described in this Privacy Policy.

1. Data Controller

For the purposes of the Data Protection Act 2018 and GDPR, the data controller is Caax Limited, registered in England and Wales with company number 09007799. Our registered office is located at Devonshire House, 582 Honeypot Lane, Stanmore, Middlesex, HA7 1JS, United Kingdom.

2. Information We Collect

2.1 Personal Data

When you use our Service, we may collect and process the following personal data:

  • Contact Information: Name, email address, telephone number, and postal address.
  • Account Information: Username, password, and security-related information.
  • Financial Information: Bank account details, payment information, and transaction history.
  • Usage Data: Information about your interaction with our Service, including IP address, browser type, device information, and usage patterns.
  • Support Information: Information you provide when contacting our customer support team, such as the nature of your enquiry and any relevant data.

2.2 Non-Personal Data

We may also collect non-personal data that cannot identify you directly. This includes aggregated data, anonymised information, and statistical data used for analysis and improving the Service.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To Provide the Service: To set up and manage your account, process transactions, and provide access to our accounting software.
  • To Improve the Service: To analyse usage patterns, gather feedback, and enhance our product offerings.
  • To Communicate with You: To send you important updates, newsletters, marketing communications, and respond to customer support requests.
  • To Comply with Legal Obligations: To meet our legal obligations, including tax reporting, fraud prevention, and compliance with regulatory requirements.
  • To Protect Our Interests:To enforce our terms and conditions, protect our rights and property, and manage legal claims.

4. Legal Basis for Processing

We rely on the following legal bases for processing your personal data:

  • Contractual Necessity: Processing your personal data is necessary for the performance of the contract between you and us.
  • Legitimate Interests: We process your personal data to pursue our legitimate business interests, provided these interests are not overridden by your rights and freedoms.
  • Consent: Where required by law, we will obtain your consent before processing your personal data for specific purposes, such as marketing communications.
  • Legal Obligations: We process your personal data to comply with our legal and regulatory obligations.

5. Data Sharing and Disclosure

We do not sell or share your personal data with third parties, except in the following situations:

  • Providers: We may share your data with third-party service providers who assist us in delivering our Service, such as hosting providers, payment processors, and customer support providers. These service providers are contractually bound to protect your data and only use it as necessary to perform their functions.
  • Legal Requirements: We may disclose your data if required by law, regulation, or legal process, or if we believe such disclosure is necessary to protect our rights, property, or safety.
  • Transfers: In the event of a merger, acquisition, or sale of our business, your data may be transferred as part of the transaction, subject to the same privacy protections outlined in this policy.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the United Kingdom and the European Economic Area (EEA). When transferring data outside these regions, we ensure that appropriate safeguards, such as standard contractual clauses, are in place to protect your data.

7. Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Once your data is no longer needed, we will securely delete or anonymise it.

8. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access:You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request the correction of any inaccurate or incomplete data.
  • Right to Erasure: You have the right to request the deletion of your personal data, subject to certain conditions.
  • Right to Restrict Processing: You have the right to request the restriction of processing your personal data under specific circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to have it transferred to another data controller.
  • Right to Object: You have the right to object to the processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.
  • Right to Withdraw Consent:If processing is based on your consent, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact us at support@caax.co.uk or +44 20 8238 5550.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data from unauthorised access, disclosure, alteration, and destruction. However, please note that no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee the absolute security of your data.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and Service. Cookies are small text files stored on your device that allow us to recognise you and collect information about your usage. You can manage cookies through your browser settings, though disabling cookies may affect the functionality of our Service.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal obligations. We will notify you of any significant changes by posting the updated Privacy Policy on our website and, if necessary, through other communication channels. Your continued use of our Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Caax Limited
Devonshire House
582 Honeypot Lane
Stanmore
Middlesex
HA7 1JS
United Kingdom

Email: support@caax.co.uk

Telephone: +44 20 8238 5550

13. Complaints

If you are not satisfied with our response to any complaint or believe our processing of your personal data is not in accordance with the law, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection authority.

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
United Kingdom

https://ico.org.uk/

Telephone: +44 303 123 1113

This Privacy Policy is effective as of 1 April 2024.