Privacy Policy – In Touch Group: Empowering Ecosystems

About Us

In-Touch respects your privacy and is committed to protecting your Personal Data. We want to be transparent with you about how we collect and use your Personal Data.

In this Privacy Notice, “we” “us” and “our” refers to I-TG International Services Ltd, trading as In-Touch (www.In-Touch-Group.com/about-us). For the purposes of the personal data protection laws, we are responsible for the personal data about you that we collect and use.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed, stored and disclosed by us. Please read the following carefully to understand our practices regarding your personal data and how we treat it.

The Privacy Policy is intended to meet our duties of Transparency under the General Data Protection Regulation or GDPR.

We will post any modifications or changes to this Privacy Policy on this page.

Unless otherwise stated in this policy, by visiting www.In-Touch-Group.com (our Site) or using the mobile applications we operate (our Apps), or using the In–Touch related online and mobile services as described in the In-Touch Terms of Use available at www.In-Touch-Group.com you are deemed to have accepted the practices described in this policy.

The Site and App are owned and operated by I-TG International Services Ltd (Company No. 12038010).

We process personal data from our merchants as well as personal data from their end users on their behalf, In-Touch processes personal data as both a Data Controller and a Data Processor, as defined in the Directive and the General Data Protection Regulation (GDPR).

The Site or App may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates or to websites shared by other users. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites

Information we process about you

Before you read any further, it might be useful to explain what Personal Data is. The GDPR definition of Personal Data can be found here. Essentially, it boils down to: information about an individual, from which that individual is either directly or indirectly identified.

It does not include ‘anonymous data’ (i.e., information where the identity of individual has been permanently removed).

We collect and process personal information so we can provide our service to you. It’s important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Please note that we do not collect any Special Categories of personal data about you (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, political opinions, trade union membership, information about your health and genetic and biometric data), and we do not collect any information about criminal convictions and offences.

Information you give us

You provide information to us when you fill in forms on our Site or App, register to use our Site or App, subscribe to our service or marketing database, post material, search for a product or service, use our mobile app at a merchant’s store, request further services, enter a competition or promotion, report a problem with our Site or App, complete a survey, or correspond with us (by phone, email or otherwise).

The information you give us includes your name, email address or login details, phone number, payment information (such as bank information or credit card information), purchase history and details of transactions carried out through our Site or App and our merchants and spatial data.

We ask for your explicit consent to use and process the data described above. However, some of this data is necessary for the provision of our services and the fulfilment of our contractual obligations to you, and we may rely on this as a legal basis for using the data described above if necessary.

Information we automatically collect

Each time you visit or use our Site or App, we automatically collect the following information:

Device information: We may collect information about the device you use to access the Services, including your browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, mobile network information, telephone number and other technology on the devices you use to access our Services.
Location information: When you use one of our location-enabled Apps or Services, we may collect and process data about your actual location.
Log information: We may automatically collect and store certain information about your use of the Services in server logs, including but not limited to internet protocol (IP) addresses, internet service provider, clickstream data, browser type and language, viewed and exited pages and date or time stamps.
Unique application numbers: When you install or uninstall an App containing a unique application number or when such an App searches for automatic updates, that number and information about your installation, for example the type of operating system, may be sent to us.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your Personal Data, but once in aggregated form it will not constitute considered Personal Data for the purposes of the GDPR as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Behavioural Data to calculate the percentage of users accessing a specific Services feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this Privacy Policy.

Information we receive from third parties

In addition to the Personal Data that we collect directly from you (as described in the section immediately above this one), we also collect certain of your Personal Data from third party sources. These sources are broken down in the table below, together with a description of whether they are publicly available or not.

Third party data source	Publicly available?	Category(ies) or other types of personal data received.
Social Media	Yes	Identity Data Contact Data
Our Affiliates	No	Identity Data Contact Data
Analytics Providers	No	Technical Data Behavioural Data
Credit Reference Agencies	No	Identity Data Contact Data Transaction Data

How we use your personal data and why

We will only use your Personal Data for the purposes for which we collected it as listed below, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

If we need to use your Personal Data for an unrelated purpose, we will update this Privacy Policy and we will explain the legal basis which allows us to do so.

Legitimate bases

We will ensure that your personal data is processed lawfully, fairly, and transparently and that it will only be processed if at least one of the following bases applies:

Where we need to perform a contract we are about to enter into or have entered into with you (Contractual Necessity).
Where we need to perform a service as part of the contract including but not limited to the provision of relevant coupons and offers based from previous transaction history.
Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests (Legitimate Interests). Examples of this are:
- allowing us to effectively and efficiently manage and administer the operation of our business;
- maintaining compliance with internal policies and procedures;
- monitoring the use of our copyrighted materials;
- offering optimal, up-to-date security solutions for mobile devices and IT systems; and
- obtaining further knowledge of current threats to network security in order to update our security solutions and provide these to the market.
Where we need to comply with a legal or regulatory obligation (Compliance with Law).
Where we have your specific consent to carry out the processing for the Purpose in question (Consent).

Cookies

We may collect information using cookies. Cookies are small data files stored on the hard drive of your computer or mobile device by a website. We may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them) to provide you with a more personal and interactive experience on our Sites. Other than our Sites, our Services do not use cookies.

We use two broad categories of cookies:

first party cookies, served directly by us to your computer or mobile device; and
third party cookies, which are served by our partners or service providers on our Sites.

We use the following cookies:

Strictly necessary cookies. These cookies are required to save your session and to carry out other activities that are strictly necessary for the operation of the Site or App. They include, by way of general example, cookies that enable you to log into secure areas of the Site or App, use a shopping cart, or make use of e-billing services. These cookies are session cookies, which means they’re temporary and will expire when you close your browser.
Analytical/performance cookies. These cookies are used to collect information about traffic to our Sites and how users use our Sites. The information gathered via these cookies does not “directly” identify any individual visitor. However, it may render such visitors “indirectly identifiable”. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access our Sites. The information collected is aggregated and anonymous. It includes the number of visitors to our Sites, the websites that referred them to our Sites, the pages they visited on our Sites, what time of day they visited our Sites, whether they have visited our Sites before, and other similar information. We use this information to help operate our Sites more efficiently, for example, by ensuring that users are finding what they are looking for easily, as well as to gather broad demographic information and to monitor the level of activity on our Sites. We also use these cookies to obtain information about your visit, including the full Uniform Resource Locators (URL) clickstream data, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from webpages.

We use Google Analytics for this purpose. Google Analytics uses its own cookies. It is only used to improve how our Sites work. You can find out more information about Google Analytics cookies here: https://developers.google.com/analytics/resources/concepts/gaConceptsCookies

You can find out more about how Google protects your data here: www.google.com/analytics/learn/privacy.html

Functionality cookies. These cookies are used to recognise you when you return to the Site or App. They enable us to personalise our content for you, greet you by name and remember your preferences.
Targeting cookies. These cookies record your visit to the Site or App, the pages you visit, and the links you follow. We use this information to make the Site and App more relevant to your interests.
Social Media cookies. These cookies work together with social media plug-ins. For example, when we embed photos, video and other content from social media websites, the embedded pages contain cookies from these websites. Similarly, if you choose to share our content on social media, a cookie may be set by the service you have chosen to share content through.
Third Party cookies. (including, for example, advertising networks and providers of external services like web traffic analysis services). As these are third party cookies In-Touch may have limited or no control over them. If you would like to disable these “third party” cookies generated by advertisers or providers of targeted advertising services, you can turn them off by going to that third party’s website and setting your cookie preferences to stop any further cookies being written to your device.

Your Personal Data

How we keep your Personal Data secure

We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

We limit access to your Personal Data to those employees and other staff who have a business need to have such access. All such people are subject to a contractual duty of confidentiality.

We have put in place procedures to deal with any actual or suspected Personal Data breach. In the event of any such breach, we have systems in place to work with applicable regulators. In addition, in certain circumstances (e.g., where we are legally required to do so) we may notify you of breaches affecting your Personal Data.

How long we store your Personal Data

We will only retain your Personal Data for so long as we reasonably need to use it for the purposes set out above How we use your Personal Data and why, unless a longer retention period is required by law (for example for regulatory purposes). The table below shows our standard retention practices:

Category of Personal Data	Retention period
Identity Data	For so long as retention is necessary to fulfil the Purposes/Use for which it is used (see How we use your Personal Data and why)
Contact Data	For so long as you remain a customer of ours.
Financial Data	For so long as you remain a customer of ours.
Transactional Data	For so long as retention is necessary to fulfil the Purposes/Use for which it is used (see How we use your Personal Data and why)
Service Data	For so long as you remain a customer of ours.
Technical Data	For so long as retention is necessary to fulfil the Purposes/Use for which it is used (see How we use your Personal Data and why)

Who we share your personal data with

The table below describes who we share your Personal Data with, what we share and why we share it.

Recipients	Category(ies) of Personal Data we share.	Why we share it	Location(s)
Our Affiliates	Identity Data Contact Data	Our affiliates help us provide our service and help manage our customer relationships (including providing customer support, customer liaison etc).	Within Europe
Service Providers	Identity Data Contact Data Technical Data	Our service providers provide us with IT and system administration services and KYC services.	Within Europe
Professional advisers	Identity Data Contact Data	Our lawyers, bankers, auditors and insurers provide consultancy, banking, legal, insurance and accounting services.	Within Europe
Regulators and other authorities	Identity Data Contact Data	Authorities may require reporting of processing activities in certain circumstances	Within Europe
Analytics Providers	Behavioural Data Technical Data	Our analytics providers will use this information for the purpose of evaluating your use of our Sites, compiling reports on Site activity and providing other services relating to Site activity and internet usage. Our analytics providers may also transfer this information to third parties where required to do so by law, or where such third parties process the information on our analytics providers’ behalf.	Within Europe The United States

Transfer of Data

As you can see from the above, we share your Personal Data with certain external third parties who are based outside the European Economic Area (Europe). Any processing of your Personal Data by these parties will involve an export of your Personal data outside of Europe.

We endeavour to ensure that people to whom we provide Personal Data hold it subject to appropriate safeguards and controls. Whenever we transfer your Personal Data out of Europe, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

We may transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission. For further details, see European Commission: Adequacy of the protection of Personal Data in non-EU countries.
Where we use service providers outside Europe, we may use specific contracts approved by the European Commission, which give Personal Data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of Personal Data to third countries.
Where we use service providers based in the U.S., we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to Personal Data shared between Europe and the U.S. For further details, see European Commission: EU-U.S. Privacy Shield.

Uses made of the information

We use information held about you in the following ways:

To administer and manage your account, provide you with information, products or services you request from us, and to carry out any other obligations arising from any contracts entered into between you and us.
To ensure that content from our Site and App is presented in the most effective manner for you and for your device.
To allow you to participate in interactive features of our service, when you choose to do so.
To respond to communications from you and to provide you with information about other products or services we offer that are similar to those you have already enquired about.
To administer the Site and App and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
As part of our efforts to keep the Site and App safe and secure, e.g. by conducting analysis required to detect malicious data and understand how this may affect your IT system.
To notify you about changes to our service.

With your express opt-in consent and where permitted by law, we also use your information to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. We will not send you any unsolicited marketing or spam, and we will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under applicable Data Protection Laws, meaning:

the General Data Protection Regulation (EU 2016/679) (GDPR) (unless and until it is no longer directly applicable in the UK) and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK, and
any successor legislation to the GDPR or the Data Protection Act 1998.

If you’re an existing customer, we will only contact you by electronic means (email or SMS) with information about services similar to those which were the subject of a previous enquiry by you. If you’re a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have expressly consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please notify us in writing or by email at marketing@in-touch-group.com .

You can ask us or third parties (merchants) to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at marketing@in-touch-group.com .

Your rights

Under the GDPR, you have the right to:

Withdraw your consent to the processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason for doing so (such as to comply with a legal obligation).
Be informed of what data we hold and the purpose for processing the data, as a whole or in parts.
Be forgotten and, in some circumstances, have your data erased by ourselves and our affiliates (although this is not an absolute right and there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it).
Correct or supplement any information we hold about you that is incorrect or incomplete.
Restrict processing of the information we hold about you (for example, so that inaccuracies may be corrected—but again, there may be circumstances where you ask us to restrict processing of your personal data but we are legally entitled to refuse that request).
Object to the processing of your data.
Obtain your data in a portable manner and reuse the information we hold about you.
Challenge any data we use for the purposes of automated decision-making and profiling (in certain circumstances—as above, there may be circumstances where you ask us to restrict our processing of your personal data but we are legally entitled to refuse that request).
Complain to a supervisory authority (e.g. the Information Commissioner’s Office (ICO) in the UK) if you think any of your rights have been infringed by us. (We would, however, appreciate the chance to address your concerns, so please contact us prior to taking this step).

You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

You have the right to ask us not to process your personal data for marketing purposes. We will get your express opt-in consent before we use your data for such purposes or share your personal data with any third parties for such purposes. You can exercise your right to prevent such processing by contacting us at the Company Address, via email at marketing@in-touch-group.com , or by unsubscribing using the links contained in the marketing emails.

You may revoke your consent for us to use your personal data as described in this privacy policy at any time by emailing us at marketing@in-touch-group.com, and we will delete your data from our systems. To enforce any of the above rights, please contact us at our Company Address or via email at marketing@in-touch-group.com. If you wish to enquire about the personal data any of our merchants hold about you, please contact that merchant.

We will notify you and any applicable regulator of a breach of your personal data when we are legally required to do so.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. You will be deemed to have accepted the terms of the updated Privacy & Cookie Policy on your first use of the Site or App following the alterations. Please check back frequently to see any updates or changes to our Privacy Policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to our Company Address or to our email at marketing@in-touch-group.com .