Who are we?
Everledger has its legal entities registered at the following addresses:
Everledger Ltd (Company Number 09536102)
71-75 Shelton Street Covent Garden, London, WC2H 9JQ
Everledger Australia Pty Ltd (ABN 44 615 338 344)
84a Brunswick St, Fortitude Valley, QLD 4006, Australia
Foreverhold Ltd (Company Number 1038291671)
75 Shelton Street, Covent Garden, London, WC2H 9JQ
Everledger Ltd (Company Number 61187124)
Lower Baggot Street, Dublin, D02 EW26
Everledger Inc. (Delaware File Number: 6394132)
270 Lafayette St, NO1301, New York, NY, 1001
What data is collected?
- First and last name, your address & your company details
If you contact us, we will need to make sure we know who we are dealing with as is the case if you apply for a job with us. We will keep this information in our database for as long as you do not object to us keeping it. If you no longer want us to keep this information, you can always let us know.
Please do note that for as long as we have an ongoing contract we are not be able to remove this information from our databases as we will need it to complete the contract.
Even after our contract has ended, we may be under a legal obligation to hold on to some of this information for a bit longer. For example: under accounting legislation we must keep copies of our invoices which may mention your name or address.
- Phone number & email address
This is so we can easily contact you. In principle, we will never contact you unless it is to answer a question, in relation to a contract or project or if you have applied for employment with us. As is the case for your name and address, we will also keep your email address and your phone number in our customer or candidate database for as long as you do not object to us keeping it. If you no longer want us to keep this information, you can also always let us know.
Please do note that for as long as we have an ongoing contract we are not able to remove this information from our databases as we will need it to complete the contract. And even after our contract has ended, we may be under a legal obligation to hold on to some of this information for a bit longer.
- Payment information
If you enter into an agreement with us and payments are exchanged, we may become aware of personal data such as your account number or credit card information. This information will be safely processed by the payment providers we work with.
- Data for solutions and services
If you enter into an agreement with us to provide a software solution or other service, we may collect personal data to support or be consumed by that service. We may also collect personal information from third parties including other technology companies, premium partners or public sources in support of this service.
If you stop using our services, we will only keep this data for the contractual period and then we will delete this data.
- Recruitment details
If you apply for a position with us, your will probably provide us with personal data in your cover letter and your CV. We save the details of every job applicant in our candidate database and may contact you in the future regarding job openings that may be of interest to you. We will delete this information from our candidate database if you don’t want us holding on to it. If you only want us to contact you about the specific job openings you applied for and you do not want us to keep you in our database afterwards, you can also let us know when applying for the position. In that case, we will only hold on to your personal data for as long as the selection procedure for that specific position is ongoing.
- Browsing data
- Email data
When we send you emails or other electronic messages, we may record where you open the message and click on the links. This helps us to better understand what information is of interest to you. If you are considering sending us any other personal information through our Website or other electronic means, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). We are subject to laws requiring us to protect the security of personal information once it comes into our possession. The Website may contain links to other sites. We are not responsible for the privacy practices or policies of those sites.
What is the basis for processing personal data?
The data is processed based on our legitimate interests or in fulfilment of a contract.
We may also need to process your data to comply with a legal obligation.
We do not use your personal data for automated decision-making such as profiling.
Do we share the data with others?
Everledger may share personal data with its third-party vendors and hosting partners. These sub-processors provide the necessary solutions, hardware, software, networking, storage, and other technology required to operate and maintain our services.
We share personal data with the following categories of recipients:
- Host providers
- Payment and accounts providers
- Email service providers
- Authentication providers
- Legal providers
For a list of our current sub-processors, follow this link.
You may get a copy of the respective safeguards on request from email@example.com
You should know that in exceptional circumstances we may be under a legal obligation to share your data with the authorities to comply with an enforceable government request.
How will the information be used?
- Provide, administer, improve and personalise our services and goods
- Process financial transactions
- Identification verification
- Maintain and update our existing records
- Assess applications for services, support or assistance
- Assess employee or volunteer applications
- Conduct surveys and research
- Protect our lawful interests and respond to your queries or concerns
Is the data protected?
Everledger has security measures in place to protect your information from loss, destruction, misuse, unauthorized access or disclosure. These measures help ensure that your data is safe, secure, and only available to you and to those you provided authorized access. Everledger has had its ICT defences assessed and certified for CyberEssentials certification and is certified to the ISO27001 security standard.
How long will the data be stored for?
We retain your personal data only for as long as is necessary for the processing purposes stated above. We might process your personal data longer than stated above if it is necessary because of legal requirements or decisions made by authorities.
What are my rights?
Please note that some of the following rights may not be applicable to your situation:
- Right of access: You have the right to gain access to information about the personal data that we process about you. Should you have any questions regarding the processing or want more insight into the personal data we process from you, you are always welcome to contact us, and we will provide you with further information.
- Right to rectification: You can request us to correct information inaccurately stored by us without undue delay. You also have the right to have your incomplete personal data completed, including by means of providing a supplementary statement.
- Right to erasure/right to be forgotten: You have the right to request of us to permanently delete your personal information. You can make such a request if you for example believe that the personal data are no longer necessary in relation to the purpose for which the personal data was collected or otherwise processed.
- Right to restrict the processing activities: You have the right to restrict our processing activities. If you choose to restrict our processing activities regarding certain personal data, this may affect the services provided.
How do I exercise my rights?
You may request us to send you a summary of the personal data processed about you. If you feel that your personal data has been processed incorrectly or incompletely, or if you feel that such processing was unnecessary, then you also can also ask us to edit, supplement or erase your personal data from our databases. Under the applicable privacy legislation, you also have the right to restrict processing, the right to data portability and the right to object to processing.
You can exercise your rights or send a request to Everledger’s Data Protection Officer by completing the form via this link: https://everledger.gdprform.io
If you have any further privacy concerns or if you want to exercise your rights by post you can contact us:
- by letter at Data Protection Officer, Everledger, 71-75 Shelton Street Covent Garden, London, WC2H 9JQ
- by e-mail on firstname.lastname@example.org
We will answer all your queries within 30 days.
If you are unsatisfied with the way we treat your personal data or queries, you may lodge a complaint with the relevant supervisory authority:
What if this policy changes?
- Amazon Web Services
- Silicon Valley Bank
[Last updated: 21 November 2019]