Who we are
Voucher Express is a pre-paid Gift Card company that provides a range of physical Gift Cards, Digital Gift Cards and complimentary distribution services.
We and our joint data controller/third party data processor (Neptik LTD) use data to carry out direct B2B marketing and lead generation campaigns. The lawful basis we use for this processing is “Legitimate Interest” in accordance with recital 47 of the GDPR.
The United Kingdom’s Information Commissioner’s Office (ICO) recommends that companies using this basis conduct a “Legitimate Interests Assessment” (LIA) and we have to do this in regards to the data processing we undertake. Voucher Express and our joint data controller/third party data processor (Neptik LTD) fully complies with all key principles laid out in the GDPR legislation as outlined and enforced by the ICO. These are:
- Lawfulness, fairness and transparency
- Purpose limitation
- Data minimisation
- Storage limitation
- Integrity and confidentiality (security)
Who do Voucher Express, and our joint data controller/third party data processor (Neptik LTD) share data with?
We and our joint data controller/third party data processor (Neptik LTD) use a number of third party cloud based software platforms to process and store personal data in our daily business operations. We do not resell or share this data with any other party other than in the circumstances below:
1. Where we are legally required by law to disclose your personal information.
2. To further fraud protection and reduce the risk of fraud.
3. In the event that we sell any or all of our business to the buyer.
International transfer of data
Many of the third party cloud based software platforms we and our joint data controller/third party data processor (Neptik LTD) use to process and store personal data in our daily business operations are owned by companies based outside the UK and EEA. Therefore, in many cases we transfer personal data to cloud based software providers that operate outside of the UK and EEA in order for us to complete our business operations. We only transfer personal data to countries that have been identified as being able to provide an adequate level of data protection security by the UK and European Commission, and we only use cloud based software providers which deliver the same level of data protection security as required in the UK and the European Union.
Where does the data come from?
The data we, and our joint data controller/third party data processor (Neptik LTD) process is obtained from several sources. These include GDPR compliant data providers and online resources. Our processing is based principally on the use of publicly available data to identify sales prospects. As such your privacy is important to us, we take our responsibilities seriously and will always respond quickly and courteously to any request.
Our work, and that of our joint data controller/third party data processor (Neptik LTD) involves the continual updating of data based on interactions we have with customers and prospects to ensure accuracy. We, and our joint data controller/third party data processor (Neptik LTD) rectify and update information based on what we’re told by the people we communicate with about themselves and their businesses. If you believe that we hold information about you which is incorrect you can also contact us using firstname.lastname@example.org with the subject line “Right to Rectification”.
You have the right to object to our processing of your data, which will prevent data associated with your contact details from being processed. Please contact us to request this using email@example.com with the subject line “Right to Object”. We will require your phone number(s) in order to effect this.
As well the aforementioned, all data subjects have other rights with regards to data protection as outlined by the ICO in the below links:
- The right to be informed
- The right to access
- The right to erasure
- The right to restrict processing
- The right to data portability
- Rights related to automated decision-making including profiling
- The right to complain to a supervisory authority
- The right to withdraw consent
You may ask for the data specific to you in the form of a Data Subject Access Request. We will require you to prove your identity in order to release this information. Please contact us to request Access using firstname.lastname@example.org with the subject line – ‘Subject Access Request’.
We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
B2B data is only collected in relation to Voucher Express’s services. This information will be processed under either “Legitimate Interest” in accordance with recital 47 of the GDPR or on a consent basis depending on our clients GDPR policy.
In running and maintaining our website and during the course of our day to day business we may collect and process the following data about you:
- Information about your use of our site including details of your visits such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data.
- Information provided voluntarily by you. For example, when you download content or register for information.
- Information that you provide when you communicate with us by any means.
- Name and job title
- Professional contact information including business email address
Voucher Express protects client data in the same way it protects all sensitive and personal data, in accordance with the rules and regulations stated in the General Data Protection Act. The Information Commissioner’s Office registration number of the third party company (Neptik LTD) that we contract to source, store and manage our prospective customer data is: ZA795453.
In addition, to meet client requirements we comply with client policies and procedures for data protection and privacy.
For information collected on behalf of our clients this B2B data is only collected in relation to their business services or goods, this information will be processed under either “Legitimate Interest” in accordance with recital 47 of the GDPR or on a consent basis depending on our clients GDPR policy.
We and our joint controller/third party data processor (Neptik LTD) do our utmost to ensure that all reasonable steps are taken to make sure that your data is treated and stored securely.
Unfortunately the sending of information via the internet is not totally secure and on occasion such information can be intercepted. We cannot guarantee the security of data that you choose to send us electronically. Sending such information is entirely at your own risk.
- In the event that we sell any or all of our business to the buyer.
- Where we are legally required by law to disclose your personal information.
- To further fraud protection and reduce the risk of fraud.
To opt-out of receiving email marketing communications from us, please email us email@example.com