Privacy policy
Effective Date: 19 March 2024
Thank you for choosing SumFin, the mobile application and online platform operated by SumFin Ltd, a company incorporated under the laws of England and Wales (number: 14766412).
We are dedicated to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your data when you use our app and is also intended to meet our duties of transparency under the UK and EU General Data Protection Regulations. By using our app, you consent to the practices described in this Privacy Policy.
1. Information We Collect
a. Personal Information:
Access to SumFin is granted through various means of your choice: your Facebook, Apple, Google account, email or telephone number. If you connect through Apple or Google, we collect information about you from Apple or Google (as applicable), including an email address, full name, and a unique ID (which allows Apple or Google to identify you as a legitimate user of the account).
This information is necessary to provide you with personalized services and improve your experience.
b. Device and Location Information:
We collect technical information about the device you use to access our app, including your IP address, device type, operating system, and browser. This information helps us optimize our app for your device, diagnose technical issues, and ensure a smooth user experience. You will be asked to turn on location services on your device. If you turn these features on, we may collect your device's geolocation data and save your device's coordinates to offer certain features to you. We may also use your device's geolocation information to personalise the app. You can control (and turn off) your location information settings in your device settings. Even if you have disabled location services, we may still determine your city, state, and country location based on your IP address (but not your exact location).
c. Usage Data:
We collect data about how you use our app, such as the features you interact with, the pages you visit, and the actions you take. This data helps us analyse user behaviour, understand user preferences, and improve our app's functionality.
d. Marketing Data:
We collect information on your preferences in receiving marketing from us and your communication preferences.
e. Aggregated Data
We collect, utilize, and disclose "aggregated data," including statistical or demographic information, for various purposes. Aggregated data may be generated from your personal data; however, once it is aggregated, it no longer qualifies as personal data under the GDPR and other relevant data protection laws. Aggregated data does not directly or indirectly disclose your identity. Nevertheless, if we combine or link aggregated data with your personal data in a way that enables direct or indirect identification, we treat the merged data as personal data, and it will be handled in accordance with this Policy.
f. Payment Data
We collect financial information: e.g. bank details, debit and credit card information, overview of the transactions, transactional history, and information related to invoices that we have issued.
g. No Special Categories of Personal Data
We do not collect any “Special Categories of Personal Data” about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, information about your health and genetic and biometric data). However, you have the option of providing such information in your profile or in any information you publish on our App, for instance by sharing your sexual orientation with other users. Please do not submit any Special Categories of Personal Data if you are not happy for such information to be shared publicly on your SumFin account.
2. How We Use Your Information
a. Service Provision:
We use your personal information to provide you with financial news summaries, deliver personalized content, and tailor our app's features to your preferences.
b. Improvement of Services:
We analyse the data we collect to understand user needs, identify areas for improvement, and enhance the overall performance and usability of our app.
c. Communication:
With your consent where required, we may use your email address or phone number to send you important updates, newsletters, marketing communications, and promotional offers that may be of interest to you. You can opt-out of receiving such communications at any time.
3. Legal Basis For Collection
In respect of each of the purposes for which we use your personal data, the GDPR requires us to ensure that we have a “legal basis” for that use. Most commonly, we will rely on one of the following legal bases:
a. Contractual Necessity:
Where we need to perform a contract we are about to enter into or have entered into with you.
b. Legitimate Interests:
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests. More detail about the specific legitimate interests pursued in respect of each purpose we use your personal data for is set out in the table below.
c. Compliance With Law:
Where we need to comply with a legal or regulatory obligation.
d. Consent:
Where we have your specific consent to carry out the processing for the purpose in question.
Generally, we do not rely on your consent as a legal basis for using your personal data other than in the context of direct marketing communications.
4. If You Do Not Provide Data
Where we need to process your personal data either to comply with law, or to perform the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with access to the app). In this case, we may have to stop you from using our app but we will notify you if this is the case at the time.
5. Data Sharing
a. Third-Party Service Providers:
We may share your personal information with trusted third-party service providers who assist us in operating our app, delivering our services, and enhancing our functionality. These service providers are bound by contractual obligations to handle your data securely and confidentially.
b. Legal Compliance and Protection:
We may disclose your data if required by law, legal processes, or regulatory authorities to comply with applicable legal obligations, protect our rights, and investigate or prevent fraudulent activities or security threats.
6. International Data Transfers
a. Cross-Border Data Transfers:
As part of our global operations, your personal information may be transferred to and processed in countries outside of your own. We take measures to ensure that any international data transfers comply with relevant data protection laws and provide adequate safeguards for your information.
b. Data Protection Safeguards:
Where required, we establish appropriate safeguards for international data transfers, such as entering into standard contractual clauses approved by the European Commission or relying on other lawful mechanisms for data transfer.
7. Data Security
a. Security Measures:
We implement technical and organizational measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include encryption, access controls, firewalls, and regular security assessments.
b. Data Breach Response:
In the event of a data breach that compromises your personal information and poses a risk to your rights and freedoms, we have procedures in place to detect, respond to, and mitigate the impact of such incidents. We will promptly notify you and the relevant authorities as required by applicable laws.
8. Your Rights
a. Access and Correction:
You have the right to access the personal information we hold about you. If any of your information is inaccurate or incomplete, you can request us to correct or update it.
b. Data Erasure:
You can request the deletion of your personal information, subject to any legal obligations or legitimate interests that require us to retain certain data.
c. Data Portability:
Upon request, we can provide you with a copy of your personal information in a structured, commonly used, and machine-readable format to facilitate its transfer to another service provider.
d. Withdrawal of Consent:
If we rely on your consent as the legal basis for processing your personal information, you have the right to withdraw your consent at any time. However, this will not affect the lawfulness of processing based on consent before its withdrawal.
9. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience, gather usage information, and improve our app. You can manage your cookie preferences through your browser settings.
10. Usage By Under 18s Not Permitted
You have to be at least 18 years old to use our app. We don’t market to anyone under the age of 18 either. If you believe that we have unintentionally collected information about any one under 18, please contact us immediately.
11. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes through our app or via email before the updated Privacy Policy becomes effective.
12. Complaints
If you would like to make a complaint regarding this Privacy Policy or our practices in relation to your personal data, please contact us at admin@sumfin.com. We will reply to your complaint as soon as we can.
If you feel that your complaint has not been adequately resolved, please note that the GDPR gives you the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.
13. Contact Us
SumFin Ltd is the controller (for the purposes of GDPR) of your personal information. If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, please contact us at admin@sumfin.com.
Please take the time to read and understand this Privacy Policy. By using our app, you acknowledge and agree to the collection, use, and disclosure of your personal information as described herein.