We are Zerdalab Limited (registered company number: 13566076) of Saffery Champness LLP 4th Floor St Catherine’s Court, Berkeley Place, Clifton, Bristol, United Kingdom, BS8 1BQ, and we are the creators of “PDC Dull Grade” app (referred to below as the ‘app’).

We take your privacy very seriously. Please read this privacy policy carefully as it contains important information on who we are and how and why we collect, store, use and share any information relating to you (your information).

It also explains your rights in relation to your information and how to contact us or the relevant regulator in the event you have a complaint. Our collection, storage, use and sharing of your information is regulated by law, including under the UK General Data Protection Regulation (UK GDPR).

We are the controller of your information obtained via the app, meaning we are the organisation legally responsible for deciding how and for what purposes it is used.

If you are aged under   (or under the age of the majority or minimum working age in your jurisdiction) you must not use the app as it is not designed for you.

What this policy applies to

This privacy policy relates to your use of the app only.

The app may link to other apps, websites or services owned and operated by certain third parties. These other apps, websites or services may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other apps, websites or services, please consult their privacy policies as appropriate.

Information we collect about you

The information we collect about you depends on the particular activities carried out through the app. We will collect and use the following information about you:

You must provide this information to use the app and its services unless we tell you that you have a choice. Sometimes you can choose if you want to give us your information and let us use it. Where that is the case we will tell you and give you the choice before you give the information to us. We will also tell you whether declining to share the information will have any effect on your use of the app or our services.

Location services/data

The app will request your consent to use location services to precisely identify your location each session (i.e. each time the app is opened or has been placed in the background). We require access to that data in order to set your location in your app profile.

If you do not provide your consent, you may use the app but that will mean that feature on the app will not be available. To withdraw your consent at any time (that will not affect the lawfulness of our use of that data in reliance on the consent before it was withdrawn) by contacting us (see ‘How to contact us’ below).

The location services in the app will not operate unless location services/data are generally enabled on your device. You may disable such functionality at any time.

How and why we use your information

Under data protection law, we can only use your information if we have a proper reason, e.g.:

• where you have given consent
• to comply with our legal and regulatory obligations
• for the performance of a contract with you or to take steps at your request before entering into a contract, or
• for our legitimate interests or those of a third party. A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

Our main processing activities for personal data, and the legal basis on which we perform those activities are:

Prospective customers/marketing recipients:

We may process your personal data in order to contact you in relation to our products and services and keep a record of our communications (e.g. sales telephone calls, quotations and offers).

Our legal basis for doing so is our legitimate interests, which allows us to market our products and services to individuals provided there is a business case for doing so and our interests do not override the rights of the individuals in question. If you wish to object to direct marketing, you may do so by contacting us.

Customer/users:

We will process your personal data in order to provide our app, as well as our products/services, to you and to provide you with information and updates regarding the same. Our legal basis for doing so is that the processing is necessary for the performance of a contract. We will also keep a record of your data and use it for related purposes, including account management, customer support, and audit purposes, on the basis that we have a legitimate interest in doing so.

We may also contact you in relation to our products and services. Our legal basis for doing so will be the same as for prospective customers, as set out above.

Our other processing activities are:

• Monitoring and recording communications – We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of training, fraud prevention, and/or quality assurance. We may also retain copies of communications and details provided to us by you, for example support requests, account queries, complaints, for internal account management and auditing purposes. This is done on the basis of legitimate interests.
• Credit checking – We may do a credit check on you:
  • so that we can make credit decisions about you and members of your household/business; and
  • to prevent and detect fraud and money laundering.

Our search will be recorded on the files of the credit reference agency. We may also disclose information about how you conduct your account to credit reference agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked. Other credit businesses may use your information to:

• make credit decisions about you and the people with whom you are financially associated
• trace debtors, and
• prevent and detect fraud and money laundering.

If you provide false or inaccurate information to us and we suspect fraud, we will record this.

Who do we share your information with

We routinely share your information with:

• our agents and service providers, to the extent that they require access to the data in order to help us run our business or provide the services or functionalities in the app, in which case they will be bound by a contract and confidentiality obligations requiring them to process personal data in accordance with the requirements prescribed by data protection law. These may include hosts of the systems that deliver the app’s functionalities and services and analytics providers;
• other companies within our group to the extent that there is a legitimate interest in doing so to support our business aims;
• our or their professional advisors (such as lawyers and other advisors);
• law enforcement agencies, courts or tribunals and regulatory bodies to comply with legal and regulatory obligations; and
• other parties that have or may acquire control or ownership of our business (and our or their professional advisers) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency—usually, information will be anonymised but this may not always be possible. The recipient of any of your information will be bound by confidentiality obligations.

We only allow the companies referred to above to handle your information if we are satisfied they take appropriate measures to protect your information. We also impose contractual obligations on service providers to ensure they can only use your information to provide services to us and to you.

How long your information will be kept

We keep your personal information for as long as we need to for the purposes for which it was collected or (if longer) for any period for which we are required to keep personal information to comply with our legal and regulatory requirements.

Storage and transfer your information out of the UK

Countries outside the UK have differing data protection laws, some of which may provide lower levels of protection of privacy. It is sometimes necessary for us to transfer your information to countries outside the UK. In those cases, we will comply with applicable UK laws designed to ensure the privacy of your information.

We store your personal data on cloud-based servers based in the [].

Under data protection laws, we will only transfer your information to a country outside the UK where:

• the UK government has decided the particular country ensures an adequate level of protection of your information (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR
• there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
• a specific exception applies under relevant data protection law

Your rights

You are responsible for ensuring that information you provide to us is accurate, complete and up-to-date. You can review and change your information by contacting us.

You have a number of rights in relation to your personal data, these include the right to:

• find out how we process your data;
• request that your personal data is corrected if you believe it is incorrect or inaccurate;
• obtain restriction on our, or object to, processing of your personal data;
• if we are relying on consent, you can withdraw your consent to our processing of your personal data (including any direct marketing);
• if we are relying on legitimate interests for direct marketing, you can object to receiving such direct marketing;
• obtain a copy of the personal data we process concerning you. We will take steps to verify your identity before responding to your request. Once we have verified your identity we will respond as soon as possible and in any event within one month.
• lodge a complaint with the UK supervisory body, the Information Commissioner’s Office (the ICO) at https://ico.org.uk/make-a-complaint or by telephone: 0303 123 1113. If you have a concern or complaint about the way we handle your data, we ask that you contact us in the first instance to allow us to investigate and resolve the matter as appropriate.

If you would like to exercise any of your rights or find out more, please contact us.

Keeping your information secure

We will use technical and organisational measures to safeguard your personal data, for example:

• access to your account is controlled by a password and user name that are unique to you;
• we store your personal data on secure servers; and
• payment details are encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology).

While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How to contact us’ below).

Changes to this privacy policy

We may change this privacy policy from time to time. When we make significant changes we will take steps to inform you, for example via the app or by other means, such as email. If you continue to access or use our services after notified changes have come into effect, you will have agreed to the revised policy.

How to contact us

Please contact us via our support pages at [LINK] or by email to [insert email address] or via  if you have any questions about this privacy policy or the information we hold about you.

Policy version: Jan 2023