Our Service Privacy Notice

Purpose of this Service Privacy Notice

SaleCycle is a Data Processor that processes personal data on behalf of our clients as part of the services that we offer. We take our obligations to protect your privacy seriously. This privacy notice applies to the processing of information that we do on behalf of our clients. For any processing that relates to us as a Data Controller, e.g. via our website then please see our Website Privacy Notice.

This privacy notice explains what information we collect, how we use it, and how you can control your privacy settings.

What information do we collect

  • We collect information about you when you visit our clients’ websites or interact with our services. This information may include:
  • Your salutation, name, email address, and phone number
  • Your IP address and device information
  • Information about the products and services you are interested in (for example Basket ID / Order ID, Subtotal, Title, Currency, Discounts, Shipping, Items, Product ID, Client Product ID, URL, Single Item Price, Category, Tax etc.)

We use data centres and cloud-based data storage based within the EU and the UK and ensure we have appropriate contractual controls in place with our suppliers and conduct due diligence upon their security controls. In addition, we maintain our own security controls in accordance with ISO/IEC 27001:2013 security standards.

The information we collect varies from client to client depending on the setup of our services. Therefore, at the request of our clients we may capture additional information. To understand this fully, we recommend you get in touch with the Data Controller directly.

It is also possible that through our services we may be able to determine additional personal data, including special category data, however this is rare and where identified we work with our clients to implement additional safeguards.

How we get your information

We obtain your information directly from our client’s websites when you approve the use of cookies and similar technologies. Our solutions use local storage that you agree to on your device, and this allows us to understand your activity on our client’s websites.

We may also receive your data directly from our clients in order to manage our services, for example unsubscribe records.

How do we use your information?

We use your information to:

  • Send marketing communications on behalf of our clients via email, SMS and alternative messaging channels.
  • Personalise your experience on our clients’ websites by on-site content display.
  • Generate reports for our clients about the effectiveness of our services.
  • Upon the request from our client we may use partner services to combine data that we capture from our client’s website to provide you with a display advertisement within a third party website or third party email, related to your journey on our client website.
  • Depending on the services our clients procure from us it may be that either SaleCycle or our Partners create customer profiles to tailor marketing you receive based on your activity on our clients website.

Please note that we do not use the personal information collected for our own purposes. We only use it as instructed by our clients to provide our services. Our clients are the “Data Controllers” in relation to the personal information collected and used via our service. Please see the privacy notice of our clients whose websites you have visited to find more information about how they will use your personal information.

We may use aggregated anonymous non-personal (statistical) information for reporting purposes to demonstrate the value of our services, to monitor and present the effectiveness of our services and to detect anomalies in the data we receive from our clients’ websites.

Who we share your information with:

We do not sell or otherwise disclose personal data collected, except as described. You can find a list of our sub-processors that we use to deliver our services here. We require all sub-processors to have sufficient technical and organisation measures to ensure the security of all information they process on our behalf.

We may transfer your personal data outside of the European Union to our sub-processors, but where we do so, we ensure this is done in compliance with GDPR restrictions and with a sufficient level of protection.

How do we protect your information?

We have in place appropriate policies, rules, and technical and organisational measures to protect your personal data from unauthorised or unlawful processing, and against accidental loss, destruction or damage.

We also have procedures in place to deal with any data security breach. We will notify our clients and any applicable regulator of a data security breach where we are legally required to do so. Our clients, as Data Controllers, are responsible for notifying you of any breaches.

How long do we keep your information?

Your personal data will be kept as long as necessary, as defined by our clients in our contractual agreements with them.

Lawful Basis

Our clients are contractually bound to ensure that they obtain a sufficient lawful basis for the processing of your personal data.

SaleCycle operates on the lawful basis they determine as Data Controller. Where SaleCycle as a Data Processor identifies any potential breach of legislation or regulation in relation to lawful basis, we are obliged to inform the Data Controller of such breaches.

Withdrawing Consent or Opting Out?

You can withdraw your consent for the processing of the information referred to above by activating the settings on your browser that allow you to refuse the setting of all or some cookies or similar technologies.

Our clients may control the setting of cookies upon your device through their own cookie management platforms. However, if you use your browser settings to block all cookies or similar technologies (including essential cookies) you may not be able to access all or parts of our client’s website.

You can also choose to opt-out from receiving the types of communications referred to above, by following the ‘unsubscribe’ link in each such communication.

How can you exercise your rights?

Should you wish to exercise your rights under GDPR then you should contact our client as Data Controller and under our obligations to our client, we will implement appropriate processes to assist our clients in the response to your rights request.

If you wish to raise a complaint in respect of the personal data that we process on behalf of our client then again this should be raised with our client as the Data Controller and under our obligations to them we will assist our client in respect of any complaint or query raised.

For information, our HQ is in the United Kingdom and our independent data regulator is the Information Commissioners Office. We also have an office in Paris, France where the independent data regulator is CNIL.

Contact information

If you have any questions or concerns about this privacy notice, please contact us at:

Registered Company Number: 07148309

Registered Office Address: Office 2.01, PROTO Building, Baltic Business Quarter, Abbotts Hill, Gateshead, Tyne and Wear, NE8 3DF

For more information, please contact privacy@salecycle.com.

This Service Privacy Notice was last updated on 30 November 2023