Darabase – Privacy Policy

Privacy Policy

LAST UPDATED: 15th July 2022 

1. INTRODUCTION

Welcome to Darabase. Darabase Limited (weusour or Darabase Limited), the owner and operator of Darabase, Darabase.io and MonitAR.org, are committed to protecting and respecting your privacy.

This Privacy Policy explains:

  • why and how we may use the personal information that we have obtained from interactions you (or others) may have with us as a business, including when you visit and use our websites currently located at www.darabase.com , www.darabase.io and/or www.monitar.org and/or daraba.se (Sites), and/or the platform we operate from the Sites (Darabase Platform and MonitAR Platform) or when you contact us;
  • with whom we share your personal information; and
  • the rights you have in connection with the information we use.

Please read the following carefully.

Darabase Limited is the controller of your personal information. This means that Darabase Limited decides why and how your personal information is processed. Please see the section at the end of this Privacy Policy for our contact and legal information.

This Privacy Policy may change from time to time so please check this Privacy Policy occasionally to ensure that you are happy with any changes. For more information on changes to our Privacy Policy, please see paragraph 11 (Changes to this Privacy Policy).

This Privacy Policy was last updated on the date set out at the top of this Privacy Policy.

2. PERSONAL INFORMATION WE COLLECT ABOUT YOU

We collect personal information from you in the following ways:

Personal information you give to us:

This is personal information you give to us when you:

  • create an account on the Darabase, Darabase.io and MonitAR Platforms;
  • register permissions with us (including via the Darabase, Darabase.io and MonitAR Platforms);
  • make any payments to us;
  • verify your or another person’s eligibility to register permissions on the Darabase, Darabase.io and MonitAR Platforms;
  • interact with us on social media; and
  • contact us or correspond with us via the Darabase, Darabase.io and MonitAR Platforms, a form available on the Sites, by email, or in another way.

This personal information is provided by you entirely voluntarily and includes personal information you submit on the Sites, the Darabase, Darabase.io and MonitAR Platforms or on social media. We may also ask you for information when you report a problem with the Database, Darabase.io and MonitAR Platforms.

If you register with the Darabase, Darabase.io and MonitAR Platforms, the personal information we collect includes your registration information (contact details, whether you are a property owner or owner’s representative, your home/billing address, details of the property owner (if that person is an individual that is not you), business information relating to you if you are a sole trader (e.g. VAT registration number), your personal bank details and any personal information included in any correspondence between us. If we do not receive this information, you may be unable to use or interact with certain parts of the Darabase, Darabase.io and MonitAR Platforms or the Sites or communicate with us effectively. We may also collect information about your company, but as this will not be personal information about you, it is not covered in this privacy policy.

Personal information we collect about you:

We may automatically collect personal information about your use of the Darabase, Darabase.io and MonitAR Platforms, such as the number and duration of your visits to the Darabase, Darabase.io and MonitAR Platforms, your interactions with the Darabase, Darabase.io and MonitAR Platforms, your user behaviour and details of which particular pages you have visited. We will anonymise this information so that it is not attributable to you (Anonymised Information).

We may however automatically collect information relating to your activity on the Darabase, Darabase.io and MonitAR Platforms (i.e. an audit log) that is attributable to you. This information includes a log of your activities relating to any updates to your property registration details, any challenges and objections to existing registrations you may make, any changes to property permissions you may make, any changes to related interested parties you may make and other associated data, and any changes to your profile information (Audit Log Records).

We also automatically collect technical information, including anonymous data collected by the hosting server for statistical purposes, the Internet protocol (IP) address used to connect your device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform as well as cookie information, including tracking pixel and beacon identification information (Technical Information). Please see our Cookies Policy for further information.

We will also hold a record of the transactions between us made via the Darabase, Darabase.io and MonitAR Platforms.

Information we collect about you from other sources:

We may obtain the following personal information about you from the following sources, which we use in the ways described in the section below:

Third Party Name Categories of Data Collected
Your representative (where you are an owner) Your contact details and your home or business address
Owners and occupants of a registered property Your contact details and your written permission where you have provided this to an owner or representative (as applicable) to allow them to register a property on the Darabase, Darabase.io and MonitAR Platforms.
Credit reference agencies Your credit score, credit status and other credit reference information.
HM Land Registry Details relating to the ownership of your property or properties.

3. HOW AND WHY WE USE YOUR PERSONAL INFORMATION

In relation to your personal information that we process as a controller, data protection law requires us to have a valid reason to process it for each of the different purposes for which we use that information. The law refers to each reason as a ‘lawful basis’. The purposes for which we use your personal information and the lawful basis on which we rely to process it for each purpose is as follows:

Where you have provided CONSENT

We may use and process your personal information where you have consented for us to do so for the following purposes:

  • contact you via email with marketing information about us, our events and products and services (including the Darabase, Darabase.io and MonitAR Platforms) and about our third party partners; and
  • when you refresh your marketing preferences when responding to a request from us to do so.

You may withdraw your consent for us to use your information in any of these ways at any time. Please see paragraph 10. (Your Rights) for further details.

Where necessary to comply with our LEGAL OBLIGATIONS

We will use your personal information to comply with our legal obligations:

  • to keep a record relating to the exercise of any of your rights relating to our processing of your personal information;
  • to comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
  • to anonymise or delete your personal information when it is no longer required for the purposes described in this Privacy Policy;
  • to comply with court orders or other notices where failure to do so would result in us breaking the law; and
  • to handle and resolve any complaints we receive relating to our processing of your personal information as described in this Privacy Policy.

Where there is a LEGITIMATE INTEREST

We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, or that of a third party, for the following purposes:

Processing necessary for us to promote our business and measure the reach and effectiveness of our campaigns

  • to contact you with marketing information by post or by phone (if you are not registered with the Telephone Preference Service);
  • for analysis and insight conducted to inform our marketing and business strategies, and to enhance your user experience;
  • to identify and record when you have received, opened, forwarded or engaged with the Darabase, Darabase.io and MonitAR Platforms or our electronic communications (please see our Cookies Policy for more information);

Processing necessary for us to respond to changing market conditions and the needs of our users

  • to analyse, evaluate and improve the Darabase, Darabase.io and MonitAR Platforms so that your visit and use of the Darabase, Darabase.io and MonitAR Platforms, the Sites and our social media pages are more useful and enjoyable (we will generally use data amalgamated from many people so that it does not identify you personally);
  • to undertake market analysis and research (including contacting you with surveys) so that we can better understand your use of the Darabase, Darabase.io and MonitAR Platforms or the Sites or your opinion of us or our business;

Processing necessary for us to operate the administrative and technical aspects of our business efficiently and effectively

  • to verify your authority to register permissions on behalf of property owners;
  • to administer the Darabase, Darabase.io and MonitAR Platforms, the Sites and our social media pages and for internal operations, including troubleshooting, testing, statistical purposes;
  • for the prevention of fraud and other criminal activities;
  • for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
  • for the purposes of corporate restructure or reorganisation or sale of our business or assets;
  • for efficiency, accuracy or other improvements of our databases and systems, for example, by combining systems or consolidating records we hold about you;
  • to enforce or protect our contractual or other legal rights or to bring or defend legal proceedings;
  • to inform you of updates to our terms and conditions and policies; and
  • for other general administration including managing any reports you make, your queries, complaints, or claims, and to send service messages to you.

Where necessary for us to carry out PRE-CONTRACT STEPS you have requested or for the performance of our CONTRACT

We will use your personal information where this is necessary for us to perform our contract with you or to carry out any pre-contract steps you’ve asked us to so that you can enter into that contract, for the following purposes:

  • to publish and display permissions for the property you register on the Darabase Platform;
  • to record the permissions you register on the Darabase Platform;
  • to use your business name and logo where these are your personal information and you are a sole trader in connection with your permissions; and
  • to pay to you any share of revenue due to you and to receive payment of any fees due to us.

4. DISCLOSURE OF YOUR PERSONAL INFORMATION BY US

We will only publish (so that it is visible to other users) the address of the property that you register on the Darabase, Darabase.io and MonitAR Platforms and any related permissions. We will never publish your name or other personal information on the Darabase, Darabase.io and MonitAR Platforms unless required to do so by law.

We may disclose your information to our third party service providers, agents and subcontractors (Suppliers) for the purposes set out above. Our Suppliers can be categorised as follows:

Recipient / relationship to us Industry sector (& sub-sector)
Advertising, PR, digital and creative agencies Media (Advertising & PR)
Cloud software system providers, including database, email distribution and document management providers IT (Cloud Services)
Customer service/help desk platform providers IT (Customer Services)
Facilities and technology service providers including scanning and data destruction providers IT (Data Management)
Insurers and insurance brokers Insurance (Underwriting & Broking)
Legal, security and other professional advisers and consultants Professional Services (Legal & Accounting)
Market and customer research providers Media (Market Research)
Social media platforms Media (Social Media)
Website and data analytics platform providers IT (Data Analytics)
Website and app developers IT (Software Development)
Website hosting services providers Website hosting services providers IT (Hosting)

When sending your information to Suppliers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.

When we share your personal information with any third parties that are controllers of that information, they may disclose or transfer it to other organisations in accordance with their data protection policies. This does not affect any of your data subject rights as detailed below. In particular, where you ask us to rectify, erase or restrict the processing of your information, we take reasonable steps to pass this request on to any such third parties with whom we have shared your personal information.

We may disclose your personal information to other third parties as follows:

  • any third party who is restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event; and
  • if we are under a duty to disclose or share your information in order to comply with any legal or regulatory obligation or request, including by the police, tribunals, regulators, the government or related agencies.

5. WHERE WE STORE YOUR PERSONAL INFORMATION

All information you provide to us may be transferred to countries outside the UK and EEA. By way of example, this may happen where any of our servers or those of our third party service providers are from time to time located in a country outside of the UK and EEA. These countries may not have similar data protection laws to the UK and so may not protect the use of your personal information to the same standard.

If we transfer your information outside of the UK and EEA in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this Privacy Policy. These steps include:

  • ensuring the non-UK/EEA countries to which transfers are made have been deemed adequately protective of your personal information for the purposes of data protection law by the relevant bodies;
  • imposing contractual obligations on the recipient of your personal information using provisions formally issued by relevant bodies for this purpose. We use these provisions to ensure that your information is protected when transferred your personal information to our Suppliers outside the UK and EEA; or
  • ensuring that the recipients are subscribed to ‘international frameworks’, such as the EU-US Privacy Shield that aim to ensure adequate protection.

Please contact us using the details at the end of this Privacy Policy for more information about the protections that we put in place and to obtain a copy of the relevant documents.

If you use our services whilst you are outside the UK and EEA, your information may be transferred outside those territories in order to receive those services.

6. THE PERIOD FOR WHICH WE KEEP YOUR PERSONAL INFORMATION

If we collect your personal information, the length of time for which we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.

We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under paragraph 3. (How and why we use your personal information) above. The only exceptions to this are where:

  • the law requires us to hold your personal information for a longer period, or delete it sooner;
  • you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see paragraph 10. (Your Rights) below);
  • you exercise your right to require us to retain your personal information for a period longer than our stated retention period (see paragraph 10. (Your Rights) below); or
  • you close your account and we require that the address of the property you register and any related permissions remain published on the Darabase, Darabase.io and MonitAR Platforms (please see our Permissions Registration Terms and Conditions for more information).

7. SECURITY AND LINKS TO OTHER SITES

We employ security measures to protect the personal information you provide to us, to prevent access by unauthorised persons and unlawful processing, accidental loss, destruction and damage. When we have provided (or you have chosen) a password allowing you access to certain parts of the Darabase, Darabase.io and MonitAR Platforms and Sites, you are responsible for safeguarding it and keeping it confidential and you promise not to allow it to be used by third parties.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do everything possible to protect your personal information, we cannot guarantee the security of any personal information during its transmission to us online. You accept the inherent security implications of using the internet and will not hold us responsible for any breach of security unless we are at fault.

If you are using a computer or terminal in a public location, we recommend that you always log out and close the website browser when you complete an online session for your security. In addition, we recommend that you take the following security measures to enhance your online safety: we recommend you frequently change your password. Keep your passwords private. Remember, anyone you knows your password may access your account. Avoid using the same password for multiple online accounts. We will never ask you to confirm any account or credit card details via email. If you receive an email claiming to be from darabase.com asking you to do so, please ignore it and do not respond.

The Darabase, Darabase.io and MonitAR Platforms, the Sites and social media pages may contain links to other websites run by other organisations which we do not control. This Privacy Policy does not apply to those other websites‚ so we encourage you to read their privacy policies. We are not responsible for the privacy policies and practices of other websites (even if you access them using links that we provide) and we provide links to those websites solely for your information and convenience. We specifically disclaim responsibility for their content, privacy practices and terms of use, and we make no endorsements, representations or promises about their accuracy, content or thoroughness. Your disclosure of personal information to third party websites is at your own risk.

In addition, if you linked to the Darabase, Darabase.io and MonitAR Platforms from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.

8. COOKIES

‘Cookies’ are small pieces of information sent to your computer or device and stored on its hard drive to allow our Sites to recognise you when you visit.

If you are using the Sites, it is possible to switch off cookies by setting your browser preferences. For more information on how we use cookies and how to switch them off on your device, please visit our Cookies Policy.

9. AUTOMATED DECISION MAKING

We do not envisage that any decisions that have a legal or significant effect on you will be taken about you using purely automated means, however we will update this Privacy Policy and inform you if this position changes.

10. YOUR RIGHTS

You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within 1 calendar month from either:

  • the date that we have confirmed your identity; or
  • where we do not need to do this because we already have this information, from the date we received your request.

You have the following rights, some of which may only apply in certain circumstances:

Your Rights Further Information
To have your information corrected if it is inaccurate and to have incomplete personal information completed If you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us in any of the details described at the end of this Privacy Policy.
To object to processing of your personal information Where we rely on our legitimate interests as the lawful basis for processing your personal information for particular purposes, you may object to us using your personal information for these purposes by emailing or writing to us at the address at the end of this Privacy Policy. Except for the purposes for which we are sure we can continue to process your personal information, we will temporarily stop processing your personal information in line with your objection until we have investigated the matter. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data.
To withdraw your consent to processing your personal information Where we rely on your consent as the lawful basis for processing your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this Privacy Policy. If you would like to withdraw your consent to receiving any direct marketing to which you previously opted-in, you can also do so using our unsubscribe tool. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
To restrict processing of your personal information

You may ask us to restrict the processing of your personal information in the following situations:

  • where you believe it is unlawful for us to do so,
  • you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings.

In these situations, we may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
To have your personal information erased In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this Privacy Policy. Unless there is a reason that the law allows us to use your personal information for longer, we will make reasonable efforts to comply with your request.
To request access to your personal information and how we process it You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this Privacy Policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
To electronically move, copy or destroy your personal information in a standard, machine-readable form

Where we rely on your consent as the lawful basis for processing your personal information or need to process it in connection with a contract in place directly with you, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.

You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Rights relating to automated decision making, including profiling You may also contest a decision made about you based purely on automated processing by contacting us using the information at the bottom of this Privacy Policy.
To complain to a data protection regulator You have the right to complain to a data protection regulation (which in the UK is the Information Commissioner’s Office (ICO)) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.

 

11. CHANGES TO THIS PRIVACY POLICY

We may review this Privacy Policy from time to time and any changes will be notified to you by posting an updated version on the Darabase, Darabase.io and MonitAR Platforms and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on the Darabase, Darabase.io and MonitAR Platforms, whichever is the earlier. We recommend you regularly check for changes and review this Privacy Policy whenever you visit or use the Darabase, Darabase.io and MonitAR Platforms. If you do not agree with any aspect of the updated Privacy Policy you should immediately notify us and cease using the Darabase, Darabase.io and MonitAR Platforms, our Sites  or our services.

12. CONTACT US

Please direct any queries about this Privacy Policy or about the way we process your personal information to our Privacy Manager using our contact details below.

If you wish to write to us, please write to Darabase Limited, Bourne House Queen Street, Gomshall, Guildford, GU5 9LY, United Kingdom.

Our email address for data protection queries is support@darabase.com alternatively you can contact us via the Darabase, Darabase.io and MonitAR Platforms.

Please see our Term of Use for legal information relating to Darabase Limited.