Date of last update: October 23rd
How we secure your Personal Data
, call us on 0330 100 7676 or write to our Data Protection Officer at gohenry Ltd, Abbey House, 282 Farnborough Road, Farnborough, GU14 7NA.
1. How do I consent to these terms?
By requesting access to or using our Services.
If You don’t agree to these policies and would rather stop using our Services, You can of course do so by writing us at email@example.com
or directly contacting our Member Services team by phone on 0330 100 7676.
2. Who controls my Personal Data?
For the purpose of the relevant European data protection regulations, including but not limited to the General Data Protection Regulation, the company in charge of Your Personal Data (also known as the data controller) is gohenry Ltd, registered with the UK Information Commissioner’s Office under the number Z2942623.
To any person, child or adult requesting access to or using our Services.
4. Am I still responsible for my child’s use of your Services?
As a parent or guardian of a child who has signed up to use our Services (“You”):
- You are responsible for Your child’s use of our Services, including any subscription fees incurred and purchases made;
5. What Personal Data do you collect and why?
We may collect Personal Data automatically, when You give it to us directly, or when we receive it from other sources. We do this to operate effectively and provide You with the best experience with our Services.
Personal Data means any information that can be used directly or indirectly to identify You or a member of Your family. We collect it to operate effectively and provide You with the best experience with our Services.
We may collect Personal Data automatically, when You give it to us directly, or when we receive it from other sources such as our partners (as set forth below) or social media accounts You choose to link to our Services.
The Personal Data we collect depends on the context of Your interactions with our Services, and the choices You make and may include the following:
- Contact and identification information such as Your name and Your child’s name, Your phone number, email address, postal address, date of birth, identification document numbers, copies of identification documents (for example passport, driving licence, utility bills), personal description, social handles, photographs and other similar contact information.
- Financial information such as the last four digits and expiry date of Your debit card number, bank account information, bank sort code, IBAN, payment reason, footprint of your credit history, and other similar financial information;
- Transaction information such as date, time, amount, currencies used, exchange rate, beneficiary details, details and location of the merchant or ATMs associated with the transaction, IP address of sender and receiver, senders and receivers names and registration information, as well as other similar transaction information;
- Demographic information such as Your or Your child’s age, gender, nationality, country and other similar demographic information;
- Security information such as passwords, password hints, security questions and answers and other similar security information;
- Device and technical information such as IP address, unique device identifiers (such as the IMEI number for phones, the MAC address of the device’s wireless network interface), device functionality (browser type and version, operating system and platform, hardware used, browser plug-in types and versions) and other similar device and technical information;
- Usage information such as the full uniform resource locators (URLs), information about page response times, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), error reports and performance data (ie: details of the software or hardware related to an error, content of files You were using when an error occurred), troubleshooting and help data plus other similar usage information;
- Location information such as Your device location which may include a street name and city or GPS- location, ISP or your mobile carrier, the URL of both the site You came from and the one you go to next and other similar location information. We use GPS technology and Your IP address to determine Your location - this may be used when the application is running in the foreground and the background of Your device. This is used to prevent fraud, for instance if your phone is saying that You are based in the UK but Your card is being used to enter into an ATM withdrawal or point of sale purchase in France, we may not allow that transaction to be processed. Please also know that most devices allow You to prevent location information from being sent to us;
- Any other information You directly provide to us when filling out forms, corresponding with us (ie: email, conversations with Member Services by phone or chat sessions), filling out surveys, providing us with feedback and product reviews and other similar information.
You have choices about the Personal Data we collect. So, when You are asked to provide us with Your Personal Data, You always have the right not to do so. Please note however that if You choose not to provide us with Your Personal Data when prompted, You may not be able to use our Services.
Yes we collect data through cookies and similar technologies.
When You visit our website, our website server sends and stores a unique identifier (called the cookie) on Your device and uses this unique identifier to recognise You when You return to the website or browse from page to page. Cookies allow us to distinguish You from other users of our website and allow us to tailor our content to You. The cookies we use do not hold any Personal Data about You.iii) What cookies do you use?
While the cookies that we use may change from time to time as we improve and update our Services, they generally fall into the below categories of use:Necessary cookies
These are cookies that are required for the operation of our Services such as cookies that enable You to log in to secure areas of our Services. Here is a list of the necessary cookies we collect, categorised by cookie domains:Cookie domain:
These are cookies that allow us to understand how people use our Services so that we can improve them such as cookies that help us see how visitors move around our website when they are using it. Here is a list of the analytical cookies we collect, categorised by cookie domains:Cookie domain:
- _ pk_ref
These are cookies that are used to recognise You when You return to our Services. This enables us to personalise our content for You (remember your preference settings for example). Here is a list of the cookies we collect, categorised by cookie domains:Cookie domain:
.ampbyexample.comCookie names:Cookie domain:
These are cookies that record Your visit to our Services, the pages You have visited and the links You have followed. We will use this information to make our website and the advertising displayed on it more relevant to Your interests. Here is a list of the targeting cookies we collect, categorised by cookie domains:Cookie domain:
.ads.linkedin.comCookie names:Cookie domain:
.doubleclick.netCookie names:Cookie domain:
bat.bing.comCookie names:iv) How can I block cookies?
It is possible to block/opt out of cookies via Your browser’s cookie settings. This allows You to refuse the setting of all or some cookies. You can find more information on: managing cookies
. Please note however that if You do this You will not be able to use our Services properly. For example, You may need to enter information repeatedly, or You might not get personalised content that is meaningful to You as many of our functions are dependent on cookies.v) What happens if I don’t block cookies?
If You continue using our website without changing your settings, we will assume that You are happy to receive all cookies on our website.vi) Do you use other technology similar to cookies?
Yes. We sometimes use third-party service providers to collect Your interaction with our Services in order to support our marketing, both on our website and elsewhere on the Internet. This information regarding Your interaction is collected in an anonymous format using what is called a pixel tag, which is industry standard technology. None of Your Personal Data will be collected or used during this process. We simply discover the preferences and choices of our customers, so that we can make decisions about where and how to let people know about gohenry. While the pixel tags we use may change from time to time as we improve and update our Services, they generally fall into the below categories of use:Category:
- All Response Media
- Google Ads
vii) Does your website include widgets?
- Google Analytics
- Google Tag Manager
No. While this may change as we update our Services, our website currently does not include widgets.viii) Do you respond to Do Not Track signals?
No. Some browsers have incorporated “Do Not Track” (DNT) features that can send a signal to the websites You visit, indicating You do not want to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, we do not currently respond to browser DNT signals. In the meantime, You can use the range of other tools we provide to control data collection and use.
7. How do you use my Personal Data?
We use Your Personal Data to provide You with safer and more reliable Services.
The Personal Data we collect from You is used for the following purposes:
- To provide You with our Services: we use Your data to process Your account application and authorize Your access to our Services, process Your payments and provide You with any other Services you request from us;
- To communicate with You: we use Your data to share important news relating to our Services. We offer regular emails including newsletters to let You know about our Services. From time to time we may also contact You to ask Your views on our Services, to fill out a survey, to send You marketing communications such as special offers and updates that we think will be of interest to You. We may contact You through email, notices posted on our website or app, text messages or push notifications. You may always change your communication preferences in your preference settings at any time and choose to hear a bit less or a bit more from us.
- To conduct research: we use Your data to conduct research for the further development and improvement of our Services. We also want to reassure You that should we sell Your data for research purposes, we will only do so if Your data is in aggregate format and we have a strong confidentiality agreement in place with the research entity (such as a university) that would allow us to have continuous oversight and approval of the use of Your aggregated data;
- To deliver relevant advertising to You;
- To help You: we use Your data to investigate and resolve complaints and services issues;
- To improve the Services offered on our website and make them more secure: we use Your data so we can provide You with the most user-friendly navigation experience we can, and if we think it’s necessary, for security purposes or to investigate possible fraud;
- To comply with legal and/or regulatory requirements; and
- To better understand our business: we use aggregate data to generate statistics about our users or the demographic distribution of visitors to our website. Note that aggregate is data combined from several measurements and doesn’t identify You.
8. Where do you store my Personal Data?
In Europe, but if we do transfer it outside of Europe we will make sure it is treated securely.
Your Personal Data is transferred to and stored at a destination inside the European Economic Area, and in accordance with strong European data protection regulations, including but not limited to the General Data Protection Regulation.
Please also know that Your Personal Data may also be transferred to, and stored at a destination outside of the European Economic Area. It may also be processed by staff operating outside of the European Economic Area who work for us or for one of our suppliers. Such staff may be engaged in the fulfilment of Your payment order, the processing of Your payment details and the provision of support services. By submitting Your Personal Data, You agree to this transfer, storing and processing at a location outside of the European Economic Area.
9. How long will You retain my Personal data?
Your Personal Data is yours, and it will not be retained by us for longer than necessary in relation to the purposes for which it was originally collected, or for which it was further processed.
If You choose to close Your account, Your Personal Data will generally stop being visible on our Services within 24h. Your Personal Data may continue to be displayed in the services of others until they refresh their cache.
We retain Your Personal Data after You have closed Your account for the purposes for which it was originally collected, or for which it was further processed. If You want us to delete Your Personal Data completely, You can ask us to do by writing us on firstname.lastname@example.org
or calling our Member Services Team on 0330 100 7676.
We will then strive to delete Your Personal Data as soon as reasonably possible. Please note however that we may be required, as a company providing financial services, to retain some of Your Personal Data for up to five years to comply with our legal obligations under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (SI 2017/692). For example we are legally obliged to retain Your Personal Data to resolve future disputes, maintain security, or prevent fraud and abuse. Also, under the E-Money Regulation 2011 You have the right to redeem Your e-money up to six years after termination of Your account. We therefore use this retention requirement as a benchmark for all Personal Data that we receive from You. In order to not hold Your Personal Data for longer than is strictly necessary we will not hold any of Your Personal Data for more than six years after the termination of our business relationship.
10. How do you protect my Personal Data?
Your security matters, this is why we have advanced security systems in place.
We know that security is a major concern for You and Your family. To give you peace of mind we have advanced security systems in place. Please know however that although we do our best to protect Your Personal Data we cannot guarantee the security of Your data during transmission of information via the internet, as any such transmission is at Your own risk. Once we have received Your Personal Data, we will use strict procedures and security features to do our best to prevent unauthorised access to Your data.
To protect Your and your family’s Personal Data we:
- Use secure server software to store Your Personal Data;
- EncryptYour payment transactions;
- Implement security safeguards designed to protect Your Personal Data such as HTTPS;
- Use full login and security question controls on our systems;
- Restrict access of Your Personal Data to those of our employees who need to know Your Personal Data to do their job, and ensure that all our employees sign a confidentiality and data security clause as part of their terms of employment;
- Follow tight security procedure, such as maintaining physical, electronic and procedural safeguards to protect Your Personal Data from unauthorised access as required under the European data protection laws;
- Continuously educate and train our employees about the importance of confidentiality and privacy of customer information;
- Continuously monitor our systems for possible vulnerabilities and attacks; and
- Regularly review and update our privacy controls and policy.
11. Can I also do something to protect my Personal Data?
Yes of course. Follow our quick tips below.
To keep Your information as secure as possible:
- Protect Your password:
- Choose a password that is strong and that Your child is unlikely to guess. The password should include a mix of letters, numbers, and symbols;
- Never reveal Your password to anyone else;
- Avoid using the same password for several internet sites;
- Reset Your password every couple of months;
- Sign out of Your account anytime You leave a shared or public computer
- Protect Your email: include Your personal contact information only in the designated fields of Your gohenry profile.
- Protect Yourself from fraudulent messages, scams and phishing:
- Don’t share Your personal information, such as government issued ID numbers, birth date, credit and debit card or bank numbers with people You don’t know;
- Use caution when clicking on links contained within messages.
- Protect Your devices: ensure that Your devices incorporate some form of malware protection.
- Explain the importance of online privacy to Your children: to help, we’ve drafted a short document explaining data privacy in a way that children may find more digestible. Here is a link to our blog post: data privacy explained to children
12. Will you share my Personal Data?
Yes, we may share Your Personal Data with Your consent or as necessary to provide You with the Services You have requested.
First of all, rest assured that we do not pass Your or Your family’s Personal Data to third parties for marketing purposes without Your permission.
We may however access and disclose Your Personal Data in the following circumstances:
- When the disclosure is requested by You;
- When working with our business partners (e.g., banking partners, card processor, issuing bank, payment services provider, risk and security system providers); our suppliers (e.g., maintenance, analysis, audit, payments, fraud detection, marketing and development); and/or our sub-contractors for the performance of any contract we enter into with them or You. For example, companies we have hired to assist in protecting and securing our system and services may need access to Personal Data to provide those functions. Note that such business partners, suppliers and subcontractors will only have access to Your Personal Data as reasonably necessary to perform these tasks on our behalf and will be obligated to not disclose or use it for other purposes;
- When required by law, subpoenas, court orders, or other legal process;
- When we have a good faith belief that such disclosure is reasonably necessary to:
- Investigate, prevent, or take action regarding suspected or actual illegal activities;
- Enforce our agreement with You;
- Investigate and defend ourselves against any third-party claims or allegations;
- Maintain the security and integrity of our Services;
- Protect the rights and security of gohenry user’s, personnel, or others.
- When we are under a legal duty to disclose or share Your Personal Data in order to comply with any legal or regulatory obligation or request such as subpoenas and court orders. We will use our best efforts to notify You about such legal demands when appropriate in our judgment, unless prohibited by law or court order or when the request is an emergency.
13. What are my rights regarding my Personal Data?
Your Personal Data is Yours and You can always access it, edit or delete it. Just contact us to request this.i) You can ask us to view, rectify or delete Your Personal Data
If You wish to exercise any of Your rights, as listed below, please contact us on via email@example.com
or call our Member Services Team on 0330 100 7676. We will be happy to help (unless we are prohibited by law from doing so). No administration fee will be charged for considering and/or complying with such a request unless the request is deemed to be excessive in nature. Here are Your rights:
- View Your Personal Data
- Object to the processing of Your Personal Data
- Object to automated decision making and profiling
- Restrict the processing of Your Personal Data
- Rectify Your Personal Data
- Erase Your Personal Data
Upon successful verification of Your identity, You are entitled to obtain the following information about Your own Personal Data:
- The purpose of the collection, processing, use and storage of Your Personal Data
- The categories of Personal Data stored about You
- The recipients or categories of recipients to whom Your Personal Data has been or may be transmitted, along with the location of those recipients
- The envisaged period of storage for Your Personal Data or the rationale for determining the storage period
- The use of any automated decision-making and/or profiling
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if Your request is particularly complex or You have made a number of requests. In this case, we will notify You and keep You updated.ii) You can close Your account
You can always choose to close Your account by writing us on firstname.lastname@example.org
or calling our Member Services Team on 0330 100 7676.
If You choose to close Your account with us, Your Personal data will generally stop being visible on our Services within 24h. Your Personal Data may continue to be displayed in the services of others until refresh their cache.
We retain Your Personal Data after You have closed Your account for the purposes for which it was originally collected, or for which it was further processed. If You want us to delete Your Personal Data completely, You can ask us to do by writing us via email@example.com
or calling our Member Services Team on 0330 100 7676.
We will then strive to delete Your Personal Data as soon as reasonably possible. Please note however that we may be required, as a company providing financial services, to retain some of Your Personal Data for up to five years to comply with our legal obligations under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations 2017 (SI 2017/692). For example we are legally obligated to retain Your Personal Data to resolve future disputes, maintain security, or prevent fraud and abuse. Also, under the E-Money Regulation 2011 You have the right to redeem Your e-money up to six years after termination of Your account. We therefore use this retention requirement as a benchmark for all Personal Data that we receive from You. In order to not hold Your Personal Data for longer than is strictly necessary we will not hold any of Your Personal Data for more than six years after the termination of our business relationship.iii) You can ask us to stop sending You promotional communications
We usually like to send our customers special promotional communications such as newsletters, offers and updates that we think will be of interest to them.
When You sign-up You will have the choice to choose to receive promotional communications from us by clicking the opt-in button. That opt-in covers both you and the children that you add to your gohenry account.
In line with the General Data Protection Regulations (GDPR) we store that consent for you and your children separately. Until your child reaches the age of 13, you can update his or her preferences. Once your child turns 13, he or she can also update their own preferences.
You (or your child if they are over 13) can always update Your preferences later by either logging into Your account or by contacting us at:
14. What happens if my Personal Data is compromised?
We always strive to be transparent with You. So if we notice that Your Personal Data is compromised, we will take the following responsive action:
- Notify You via email within 7 business days
- Notify the users via in-site notification within 7 business days
Take a look at our document explaining Data Privacy to children.
We believe that children should also understand the importance of online safety and privacy, so we’ve explained it more simply here.