Version 1.1
Issued on February, 2022
1. Scope. Regulation
1.1. This privacy policy (the “Policy”) governs the privacy terms of our service (the “Service”)
we provide via our website https://certificateofsponsorshipuk.co.uk/ (the “Website”). The Service is
offered by Betternations Ltd, who is trading under the name “Nation.better” (“we”, “us”), is
a company registered in England and Wales with company number 12066785 and its
registered office address at 160 Kemp House City Road, London, United Kingdom, EC1V
2NX.
1.2. The Policy is a legal statement which explains how we collect, retain, process, and
transfer the Personal Data which is any information relating to an identified or identifiable
living individual (“you”) we receive.
1.3. We receive the Personal Data from various sources to provide our clients (the “Clients”)
with the Service. The Clients are (1) legal entities; and (2) individuals who pay for the
Service to use it on their own; and (3) individuals who use free features of the Service. So,
you may be a visitor of the Website, the Client, the Client’s representative (the
“Representative”), or a prospective employee (the “Employee”), or the officer responsible
for compliance with immigration rules (the “Key Personnel”).
1.4. Please, read the Policy carefully as it will help you to make informed decisions about
sharing your Personal Data with us.
2. Personal Data We Collect
2.1. We collect several types of the Personal Data for various purposes to provide the Clients
with the Service and to improve it. The scope of your Personal Data we collect depends
on how you interact with us.
2.2. If you provide us with the Personal Data when you create an account to use the Service or
pay for the Service, you provide us with the Submitted Data:
2.2.1. if you are the Employee, or the Client, you may provide us with the Clients’/Employees’
Data:
2.2.1.1. about yourself: first and last name, date and place of birth, age, gender, citizenship,
country of residence, full or partial home address, email address, account username
and password, phone number, bank account details (if you pay for the Service via bank
transfer), date, time and amount of payment for the Service, level of education, diploma
number and date, employment history, position, salary, immigration status and history,
travel history, visa type (if any), job duties, as well as documents containing this
Personal Data;
2.2.1.2. about your parents and dependants: same to clause 2.2.1.1, except account username
and password, bank account details and job duties;
2.2.2. if you are the Key Personnel, you provide us with Key Personnel Data: first and last
name, email, account username and password, phone number, employment history,
position, date of birth, citizenship, passport or other ID number, visa type (if any);
2.2.3. if you are the Representative, you provide us with Representatives’ Data: the first and
last name, email address, phone number, position at the Client’s company, account
username and password.

1
128 City Road, London, United Kingdom, EC1V 2NX.

2.0
August, 2022

2.3. We automatically collect the Usage Data when you visit, use or navigate the Service. We
need this information to operate the Service, to maintain its security, and for our analytics
purposes. The Usage Data may include:
2.3.1.1. the information about computer or mobile device. The examples of such information
are device information, internet protocol (IP) address, browser type and version,
operating system, language settings, mobile network information, mobile operating
system, type of mobile browser and version, URL-links;
2.3.1.2. information about how you use the Service, such as account settings and preferences,
the time you enter and exit the Website, which pages you visit and which features you
use, technical information, such as Internet speed.
2.4. We may receive the Personal Data from other sources, including third parties and publicly
available sources which help us to update, expand, and analyze our records; prevent or
detect fraud; process payments; or analyze how you use the Services (the “Third-Party
Data”). The Third-Party Data may include without limitation the data from analytics
providers (e.g., Google), identity and contact data from the Companies House.
2.5. We do not process the Personal Data relating to your racial or ethnic origin, political
opinions, religious or philosophical beliefs, trade union membership, genetic and/or
biometric data, data concerning health or sex life and/or sexual orientation.
2.6. We may anonymize the Personal Data, or use the anonymous information we receive (the
“Anonymous Information”). The Anonymous Information shall not be considered to be
the Personal Data, as it does not identify you as an individual. We may use the
Anonymous Information to administer the Service, for analytics, advertising and
promotional purposes. We may share the Anonymous Information with other entities (e.g.,
service providers, business partners) for such purposes. The Anonymous Information
includes without limitation aggregated data which allows us to conduct analytics and
research.
3. How We Use Personal Data
3.1. To use the Personal Data, we must rely on one or more legal bases. The bases we rely on
are:
3.1.1. contract performance. If you are the Client, we process the Personal Data to perform the
agreement with you or to take steps at your request before entering into the agreement;
3.1.2. consent. This will apply when you agree that we process the Personal Data, for
example, when you set up your Service account;
3.1.3. legitimate interest. We may process the Personal Data when we have a legitimate
business interest to do so: for example, to ensure that the Service is secure and safe to
use;
3.1.4. to comply with our legal obligations. Sometimes we cannot comply with law without
processing the Personal Data: for example, when the court or a public authority requests
it.
3.2. Please find a description of how we use the Personal Data and which legal bases we rely
on. We have also identified our legitimate interests where appropriate:
Type of the Personal
Data

Purposes Legal Basis

3.2.1. the Clients’/
Employees’
Data

3.2.1.1. to create and maintain your account;
3.2.1.2. to ensure that only you may access your
account;
3.2.1.3. to provide you with the Service features

contract
performance if
you are the Client

2

3.2.2. the Clients’/
Employees’
Data

Same to clause 3.2.1 your consent if
you are not the
Client

3.2.3. the Key
Personnel
Data, the
Representati
ves’ Data

3.2.3.1. to create and maintain the Client’s
account;
3.2.3.2. to ensure that only authorized users may
access the Client’s account;
3.2.3.3. to provide the Client with the Service
features

your consent

3.2.4. the Usage
Data, the
Third-Party
Data

3.2.4.1. to prevent fraud, deception and other
illegal activities;
3.2.4.2. to improve our counter-fraud practices;
3.2.4.3. to keep the Service and the Website safe
and secure;
3.2.4.4. to analyze how the Service works, to
evaluate and improve it;
3.2.4.5. to detect, prevent and address technical
issues of the Website and of the Service;
3.2.4.6. to administer the Website for internal
operations, including troubleshooting, data
analysis, testing, research, statistical and
survey purposes;
3.2.4.7. to ensure that we present the content of
the Website to our users in the most
effective manner

legitimate interest
which is to
ensure that the
Service is safe
and comfortable
to use

3.2.5. the Usage
Data

3.2.5.1. to optimize advertising based on your use
of the Website;
3.2.5.2. to optimize and serve advertising for you
based on your past use of Google,
Facebook, Linkedin, Twitter

your consent

3.2.6. All types 3.2.6.1. to respond in the course of legal,
regulatory, arbitration procedures;
3.2.6.2. to respond the mandatory requests for
information issued by public authorities or
other third parties;
3.2.6.3. prevent harm as legally required.
If we receive a subpoena or other legal request we
may need to inspect the Personal Data we
store to determine how to respond.

complying with
our legal
obligations

4. When We Disclose Personal Data to Third Parties
4.1. We only share the Personal Data:
4.1.1. to comply with laws;
4.1.2. to fulfill the business obligations (for example, if it is necessary to fill in the Personal Data
to apply to the Home Office for the immigration sponsor licence);
4.1.3. if you agreed that we may do so.
4.2. We may disclose the Personal Data only:
4.2.1. to comply with laws. We may disclose the Personal Data where we are legally required
to do so to comply with the applicable law, governmental requests, a judicial proceeding,
court order, or legal process. For example, we may disclose the information in response
to a court order, a subpoena, a public authorities’ request to meet national security or
law enforcement requirements. We may also disclose your information when we conduct
3

or cooperate in investigations of fraud or other illegal activity, to prevent and detect fraud
or crime;
4.2.2. to allow third parties to render the services. We may share your data with our
business partners, service providers, contractors or agents performing the services for
us or on our behalf and require access to such information to perform their obligations.
The examples of such third parties’ services are payment processing, data analysis,
email delivery, hosting, customer service, providing us with access to anti-fraud
databases, screening. We may allow selected third parties to use tracking technology on
the Website, which will enable them to collect the data about how you interact with the
Website over time;
4.2.3. to transfer our business. We may share or transfer the Personal Data in connection
with, or during negotiations of, any merger, sale of company assets, financing, or
acquisition of all or a portion of our business to another company. We will provide you
with the notice before your Personal Data are transferred and become subject to a
different privacy policy;
4.2.4. if you agreed. We may disclose the Personal Data for other purposes if you granted us
consent to do so.
5. COOKIES
We use cookies as specified in our Cookie Policy.
6. With Whom We Share Personal Data
6.1. We may share (1) the Clients’/Employees’ Data; (2) the Key Personnel Data; (3) the
Representative’s first and last name, email address, phone number, position at the Client’s
company to comply with the agreement with you (if you are the Client) or with the Client to
make available features of the Service:
With whom we share the information Where can you read the privacy policy (if any)
6.1.1. the Home Office https://www.gov.uk/help/privacy-notice
6.1.2. Office of the Immigration Service
Commissioner (OISC)

https://www.gov.uk/help/privacy-notice

6.2. We may share your cookies and the Usage Data for analytics purposes and to personalize
the content of the Service: for example, to offer you not all our services but the ones in
which you might be interested:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.2.1. Google Analytics
operated by
Google: Google
Inc., 1600
Amphitheatre
Parkway,
Mountain View,
CA 94043, USA

https://policies.google.com/privac
y

by installing the add-on for
your browser
https://chrome.google.com/we
bstore/detail/google-analytics-o
pt-out/fllaojicojecljbmefodhfap
mkghcbnh?hl=en

6.2.2. Google Ads
operated by
Google

https://policies.google.com/privac
y

as described at
https://policies.google.com/tec
hnologies/ads, in the section
How you can control
advertising cookies

4

6.2.3. Facebook Ads
operated by
Facebook:
(1) Facebook
Inc., 1601 Willow
Road, Menlo
Park, CA 94025,
USA, – if you live
outside the EU;
or (2) Facebook
Ireland Ltd., 4
Grand Canal
Square, Grand
Canal Harbour,
Dublin 2, Ireland,
– if you live in the
EU

https://www.facebook.com/about/
privacy/

via your Facebook account
settings

6.2.4. Hotjar operated
by Hotjar: Hotjar
Ltd, Dragonara
Business Centre,
5th Floor,
Dragonara Road,
Paceville St
Julian’s STJ
3141, Malta

https://www.hotjar.com/privacy/ as described at

https://www.hotjar.com/legal/po
licies/do-not-track/

6.2.5. Hubspot
operated by
Hubspot,
HubSpot, Inc., 25
First Street, 2nd
Floor.
Cambridge,
Massachusetts
02141

https://legal.hubspot.com/privacy-
policy?_ga=2.264354376.639788

336.1614076925-89810856.1614
076925

as described at
https://legal.hubspot.com/priva
cy-policy, in the section How to
Access & Control Your
Personal Data

6.2.6. Linkedin
operated by
Linkedin:
(1) LinkedIn
Corporation,
1000 W. Maude
Avenue,
Sunnyvale, CA
94085, USA if
you live outside
the EU, EEA, and
Switzerland, or
(2) LinkedIn
Ireland Unlimited
Company, Wilton
Plaza, Wilton
Place, Dublin 2,
Ireland if you live

https://www.linkedin.com/legal/pri
vacy-policy?trk=homepage-basic_
footer-privacy-policy

as described at
https://www.linkedin.com/help/li
nkedin/answer/62931?trk=micr

osites-frontend_legal_privacy-
policy&lang=en

5

in the EU, EEA or
Switzerland
6.3. We may share your cookies, the Usage Data (clauses 6.3.1, 6.3.2), and sometimes
unique device identifiers (clause 6.3.3) for advertising purposes: for example, to optimize
advertising based on your use of the Website:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.3.1. Microsoft
Advertising
operated by
Microsoft:
Microsoft
Corporation, One
Microsoft Way,
Redmond,
Washington
98052-6399

https://privacy.microsoft.com/priva
cystatement

as described at
https://privacy.microsoft.com/pr
ivacystatement, in the section
Cookies and similar
technologies

6.3.2. Google AdSense
operated by
Google

https://policies.google.com/privac
y

by installing the add-on for
your browser
https://chrome.google.com/we
bstore/detail/iba-opt-out-by-go
ogle/gbiekjoijknlhijdjbaadobpkd
hmoebb

6.3.3. Facebook
Audience
Network
operated by
Facebook

https://www.facebook.com/about/
privacy/

via your Facebook account
settings

6.4. We may share your cookies and the Usage Data to test content performance and features
(A/B testing): for example, to analyze how your web-traffic or behavior changes in
response to changes of the structure, text, or any other component of the Website:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.4.1. Google Optimize
operated by
Google

https://policies.google.com/privac
y

as described at
https://support.google.com/acc
ounts/answer/61416?co=GENI
E.Platform%3DDesktop&hl=en

6.4.2. Sentry operated
by Functional
Software, Inc.,
dba Sentry, 45
Fremont Street,
8th Floor, San
Francisco, CA
94105

https://sentry.io/privacy/ as described at

https://sentry.io/privacy/, in the
section Do we use cookies?

6

6.5. We may share your cookies and the Usage Data to display content from external
platforms:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

Google Enterprise
Search operated by
Google

https://policies.google.com/privac
y

as described at
https://support.google.com/acc
ounts/answer/61416?co=GENI
E.Platform%3DDesktop&hl=en
6.6. We may share the Personal Data specified in Stripe’s privacy policy to handle payments:
for example, to process payments by credit card, bank transfer or other means:
With whom we share the information Where can you read the privacy policy
Stripe operated by Stripe, Inc., 510
Townsend Street San Francisco, CA
94103 United States

https://stripe.com/privacy

6.7. We may share your cookies, Usage Data and the Personal Data specified in Hotjar’s
privacy policy to create heat maps which represents data using colours and to record
sessions, for example: to understand the areas of Service you interact with most
frequently:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

Hotjar Heat Maps &
Recordings operated by
Hotjar

https://www.hotjar.com/legal/polici
es/privacy/

as described at
https://www.hotjar.com/legal/po
licies/do-not-track/

6.8. We may share the Personal Data specified in Amazon’s Web Services and Heroku’s
privacy policies to host data and files:
With whom we share the information Where can you read the privacy policy
6.8.1. Amazon Web Services
operated by Amazon Web
Services Inc., 410 Terry
Avenue North Seattle WA
98109. United States or its
affiliates

https://aws.amazon.com/ru/privacy/

6.8.2. Heroku operated by
Salesforce.com, Inc., 650 7th
Street San Francisco, CA
94103 United States

https://www.salesforce.com/company/privacy/full_pri
vacy/

6.9. We may share your cookies, Usage Data and the Personal Data specified in Hotjar’s
privacy policy to ensure your interaction with us via online survey platforms, for example,
to conduct surveys among users of the Service and receive their feedback:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

Hotjar Poll & Survey
widgets, operated by
Hotjar

https://www.hotjar.com/legal/polici
es/privacy/

as described at
https://www.hotjar.com/legal/po
licies/do-not-track/

7

6.10. We may share the Usage Data, email address and the Personal Data specified in
WordPress’s privacy policy to manage landing and invitation pages, for example to create,
publish and use webpages for some of our services:
With whom we share the information Where can you read the privacy policy
WordPress Landing Page, operated by
WordPress, Automattic Inc., 60 29th
Street #343, San Francisco, CA 94110
USA

6.11. We may share your cookies and the Usage Data (for the services specified in
clauses 6.11.1–6.11.5), as well as cookies and email address (for the services specified in
clauses 6.11.6–6.11.7) to optimize and serve advertising for you based on your past use
of these services:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.11.1. Google Ads
Remarketing
operated by
Google

https://policies.google.com/privac
y

as described at
https://policies.google.com/tec
hnologies/ads, in the section
How you can control
advertising cookies

6.11.2. Remarketing with
Google Analytics
operated by
Google

https://policies.google.com/privac
y

by installing the add-on for
your browser:
https://chrome.google.com/we
bstore/detail/google-analytics-o
pt-out/fllaojicojecljbmefodhfap
mkghcbnh?hl=en

6.11.3. Facebook
Remarketing
operated by
Facebook

https://www.facebook.com/about/
privacy/

via your Facebook account
settings

6.11.4. Linkedin
operated by
Linkedin

https://www.linkedin.com/legal/pri
vacy-policy?trk=homepage-basic_
footer-privacy-policy

as described at
https://www.linkedin.com/help/li
nkedin/answer/62931?trk=micr

osites-frontend_legal_privacy-
policy&lang=en

6.11.5. Twitter
Remarketing,
operated by
Twitter: Twitter
Inc., 1355 Market
Street, Suite 900,
San Francisco,
CA 94103 USA

https://privacy.twitter.com via your Twitter account

settings

6.11.6. Twitter Tailored
Audiences,
operated by
Twitter

https://privacy.twitter.com via your Twitter account

settings

6.11.7. Facebook
Custom
Audience,

https://www.facebook.com/about/
privacy/

via your Facebook account
settings

8

operated by
Facebook
6.12. We may share your cookies and the Usage Data (for Twilio Segment, clause 6.12.1), or
the Usage Data only (for Google Tag Manager, clause 6.12.2) to manage tags we use in
the Service:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.12.1. Twilio Segment
operated by
Segment.io, Inc.
100 California
Street, Suite 700
San Francisco,
CA 94111 USA

https://segment.com/legal/privacy/ as described at

https://segment.com/legal/priva
cy/, in the section Advertising
Choices

6.12.2. Google Tag
Manager
operated by
Google

https://policies.google.com/privac
y

Not applicable

6.13. We may share your email address, phone number and the Personal Data specified in
Hubspot’s or Intercom’s privacy policy to manage user database, for example, to build,
manage and analyze your profiles we create based on the Personal Data you provide us
with:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.13.1. HubSpot Lead
Management,
operated by
HubSpot

https://legal.hubspot.com/privacy-
policy

as described at
https://legal.hubspot.com/priva
cy-policy, in the section How to
Access & Control Your
Personal Data

6.13.2. HubSpot CRM,
operated by
HubSpot

https://legal.hubspot.com/privacy-
policy

as described at
https://legal.hubspot.com/priva
cy-policy, in the section How to
Access & Control Your
Personal Data

6.13.3. Intercom,
operated by
Intercom:
(1) R&D
Unlimited
Company, 2nd
Floor, Stephen
Court, 18-21
Saint Stephen’s
Green, Dublin 2;
(2) Intercom, Inc.,
55 2nd Street,
4th Fl., San

https://www.intercom.com/legal/pr
ivacy

as described at
https://www.intercom.com/legal
/privacy, in the section Your
privacy rights and choices.

9

Francisco, CA
94105, USA
6.14. We may share your cookies and the Personal Data specified in clauses 6.14.1–6.14.2 to
ensure your interaction with us via live chat platforms:
With whom we share the
information

Where can you read the privacy
policy

How can you opt out
transmitting and processing
the data generated by third
party provider’s cookies

6.14.1. Facebook
Messenger
Customer Chat
operated by
Facebook

https://www.facebook.com/about/
privacy/

via your Facebook account
settings

6.14.2. Intercom
operated by
Intercom

https://www.intercom.com/legal/pr
ivacy

as described at
https://www.intercom.com/legal
/privacy, in the section Your
privacy rights and choices.

6.15. To ensure you can communicate with us:
6.15.1. via Facebook Messenger Customer Chat, we may share the data at your About Me page
in Facebook, data communicated while using the Service, and the Usage Data;
6.15.2. via Intercom, we may share your email address, the Usage Data, the Personal Data
specified in Intercom’s privacy policy.
7. Transfer of Personal Data
7.1. The countries to which we or the third parties we engage transfer the Personal Data may
not have the same data protection laws as your jurisdiction. In these cases, we take
reasonable security measures which the applicable laws prescribe to ensure that the
Personal Data are properly protected when they are transferred outside your jurisdiction.
7.2. You agree to such transfers pursuant to the consent for processing of the Personal Data
you grant. If you do not agree to such transfers, you will no longer be able to use the
Service. When we make such transfers, we: (1) comply with our legal and regulatory
obligations; (2) estimate if the country to which we intend to transfer the Personal Data
provides for sufficient level of data protection; (3) implement the appropriate safeguards
such as executing standard data protection clauses. We will take all the steps to ensure
that your data are treated securely and in accordance with the Policy.
7.3. The Policy applies regardless of the location in which we store or process the Personal
Data.
8. Retention Of Personal Data
8.1. We retain the Personal Data as long as we provide you with the Service. We retain the
Personal Data after we cease directly or indirectly providing you with Service:
8.1.1. if it is reasonably necessary to comply with our legal and regulatory obligations. Legal
and regulatory obligations may include, without limitation, handling your complaint or a
potential litigation with you;
8.1.2. a longer retention period is required or permitted by law. For example, if PrimeVisa
represents you in front of the Home Office we retain the Personal Data within 6 years
after your case is closed.
8.2. In any other circumstances, we will retain the Personal Data for no longer than necessary,
taking into account the following:

10

8.2.1. the purpose(s) and use of the Personal Data both now and in the future (such as
whether it is necessary to continue to store the Personal Data in order to continue to
perform our obligations under a contract with you or to contact you in the future);
8.2.2. whether we have any legal obligation to continue to process the Personal Data (such as
any record-keeping obligations imposed by relevant law or regulation);
8.2.3. whether we have any legal basis to continue to process the Personal Data (such as your
consent);
8.2.4. how valuable the Personal Data is (both now and in the future);
8.2.5. any relevant agreed industry practices on how long the Personal Data should be
retained;
8.2.6. the levels of risk, cost and liability involved with us continuing to hold the Personal Data;
8.2.7. how hard it is to ensure that the Personal Data can be kept up to date and accurate;
8.2.8. any relevant surrounding circumstances (such as the nature and status of our
relationship with you).
8.3. After the retention period ends, we will either delete, or anonymize the Personal Data. If
we anonymize it, we may use such anonymized data for research or statistical purposes
or to improve the Service. We may use it indefinitely without further notice to you.
9. Use by Minors
9.1. The Service is not directed to individuals under the age of 18 years old. Please, do not
provide us with your Personal Data if you are younger.
9.2. If you provide us with the Personal Data from minors via the Service (e.g., in relation to
dependants), you undertake to provide us with such Personal Data:
9.2.1. only if a parent or a guardian consented to such transfer and further processing of this
information by us. You also undertake to notify us immediately if a parent or a guardian
withdraws his/her consent or limits the processing to which he or she consents;
9.2.2. you received documents confirming a minor’s emancipation.
9.3. We collect, process, store and disclose the minors’ data as described in the Policy.
10. Security of Personal Data
10.1. Where we have given you (or where you have chosen) a password, which enables you to
access our Website, you are responsible for keeping this password confidential. Please,
do not share a password with anyone.
10.2. We adopt appropriate physical, electronic, management and technical measures to
protect security of the Personal Data we process. However, please also remember that we
cannot ensure or warrant security of the Personal Data which you transmit to the Service.
Although we will do our best to protect the Personal Data, their transmission to and from
our Service is at your own risk. Please, access the Service only in a secure environment:
for example, use firewalls, choose the provider which encrypts the traffic, etc. After we
receive the Personal Data, we use strict procedures and security features to try to prevent
unauthorized access. However, we will not be liable for any damages which relate to
unauthorized access to the Personal Data.
10.3. The Personal Data we collect is only accessible by a limited number of employees. Any of
them have special access rights to the systems where we store the Personal Data. They
are all bound by obligations of confidentiality. If we use subcontractors to store the
Personal Data, we will ensure the same level of data protection as if we stored them on
our own.

11

10.4. If you have reason to believe that your interaction with us is no longer secure (for
example, if you feel that security of your account has been compromised), please contact
us immediately as specified in clause 11.3.
10.5. You may restrict access of your employer (if any) to your Service account.
11. Your Data Protection Rights
11.1. We are your data controller, and we are responsible for your Personal Data. We are
registered as a data controller with the Information Commissioner’s Office (ICO) with the
registration number ZA795311 and determine the purposes and methods of the
processing of your Personal Data, including the security measures concerning the
operation and use of the Service.
11.2. Your data protection rights are:
11.2.1. to access the Personal Data which means you may obtain a confirmation if we process
your Personal Data, and / or to access your Personal Data and the information, how we
use your Personal Data;
11.2.2. to rectify inaccurate Personal Data which means you may request that we correct any
incomplete or inaccurate Personal Data about you;
11.2.3. to object to processing which means that you may object to processing your Personal
Data if we process them based on the legitimate interests (please, see the examples of
our legitimate interests in clause 3.2.4), use them for statistical purposes;
11.2.4. to make your Personal Data portable which means that you may request that in certain
circumstances we provide you with a copy of your Personal Data in structured,
commonly used and machine-readable format. If you wish to have a copy of your
Personal Data, we will aim to provide you with them within 14 days;
11.2.5. to have your Personal Data erased which means that you may request that we delete
your Personal Data in some circumstances: for example, we no longer need them, or
you withdraw your consent which was the basis for processing;
11.2.6. to withdraw consent to processing your Personal Data which means that you may
withdraw your consent for processing your Personal Data. Such withdrawal will only
affect processing of your Personal Data after it is given;
11.2.7. to restrict processing which means that you may ask us to restrict or stop collection, use,
processing and/or disclosure of your Personal Data;
11.2.8. to be informed about the safeguards which we arrange to transfer your Personal Data
transfer to a third country or an international organization which means that you may ask
us about these safeguards;
11.2.9. to file complaints which means that you may complain to a data protection authority
(ICO) about our collection and use of your Personal Data.
11.3. If you wish to exercise any of the rights specified in clause 11.2, or have any questions
concerning the Policy and / or your Personal Data, please contact our Data Protection
Officer (“DPO”), who is responsible for overseeing this Privacy Policy, at
support@nationbetter.uk. DPO will review your request and offer a resolution or help to
begin a dialogue to find a way out.
11.4. If you would like to file a complaint to a data protection authority (clause 11.2.9), please
contact the data protection authority (ICO) at www.ico.org.uk. Anyway, we will always aim
to help you if you wish to exercise your rights, so, we would appreciate you contact us
first.
11.5. Please keep in mind that there may be exceptions to these rights under the English data
protection law, with which we must comply, or under the legislation, with which a data
processor we engage must comply. Thus, we may reject the request about execution of
your rights where permitted or required by these laws.

12

11.6. If we reject your request, we will describe the grounds for it in our response. In any case,
you may file a complaint for our refusal to the supervisory authority.
11.7. Please, note that we may ask you to verify your identity before we respond to the request
and, in certain circumstances, charge a fee to cover our costs. Our time limit to respond is
one month after we receive the request. If it takes longer to process your request, we will
notify you. In any case, we cannot extend the response timeframe for more than two
months after the first month for response passes.
12. Automated Decision Making
We do not apply automated decision making based only on automated Personal Data
processing, including creating user profiles.
13. Third Party Links
We may post links to our partners’ websites from time to time. Please note that we are not liable
for data protection at such websites; please refer to privacy policies of these websites to
understand how the Personal Data are processed there.
14. Changes to Policy
Although most changes are likely to be minor, we may modify the Policy at any time. If we make
material changes to the Policy, we may notify you via the Service or email. We will also
change the version number and issue date at the beginning of the Policy. Any changes
we make to the Policy are effective on or after the issue date and replace any prior
versions of the Policy. We encourage you to review the Policy frequently to be informed
of how we protect your Personal Data.