Privacy Policy

Last Updated: April 2nd 2020

This Privacy Policy describes how UTP Merchant Services Ltd, Universal Transaction Processing Ltd and any other company owned by Universal Transaction Processing Ltd (referred to collectively as “UTP”) is committed to ensuring the privacy and security of your personal data and how UTP acts as a data controller. In this Privacy Policy, when we refer to “personal data”, we mean information which could directly identify you (for example, your name or national insurance number) and information which could indirectly identify you, meaning that it could identify you when combined with other information which we hold about you (for example, your gender or date of birth). “Process” or “processing” means just about any conceivable use of personal data, including recording, storing, viewing or disclosing personal data.

Who does this Privacy Policy apply to?

This Privacy Policy applies to both individuals and companies who are customers of UTP and any other individual or company that has any interaction with UTP (including, for example, suppliers, partners and employees, potential customer and former customers).

Our lawful basis for processing your data

UTP processes personal data as part of its legitimate business interests.

How we collect your personal data

Information provided by you; we collect your personal data to give you the best possible experience as a user of our products and services. In general, we collect information from you when you open up an account, visit our website (refer to the section below relating to cookies) or contact us with an enquiry. This covers all channels of communication with us, including over the telephone, email, website, social media and in person.

A full review of the data we collect has taken place. All information held on an employee, customer, supplier or any other stakeholder has a legitimate reason for its use and is obtained to fulfil our contractual commitment to you and any other legal obligations.

Where is your personal data stored?

UTP is based in the European Economic Area. However, we may have to share personal data with third parties located outside of the EEA or process your data ourselves outside of the EEA in countries. Your personal data may be processed by staff operating outside the EEA working for us, other members of our group or third party data processors for the purposes set out in this Privacy Policy. When we do send personal data outside the EEA, we will ensure that appropriate safeguards are in place to protect your data in accordance with European data protection requirements, such as the General Data Protection Regulation (GDPR).

Security

UTP has implemented appropriate technical and organisational measures to protect the confidentiality of the personal data that you entrust us with. We update and test our physical, logical and procedural security controls on an ongoing basis. These include limiting access to your personal data to those who need it and training our employees about the importance of maintaining the privacy and security of your personal data.

Use of cookies

Cookies are small files that a site or service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enable the site’s or service provider’s systems to recognise your browser and capture and remember certain information. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.

How long do we keep this information?

We’ll only store your personal data for as long as is necessary to fulfil the purposes outlined in this Privacy Policy or for as long as we reasonably consider necessary to establish, exercise or defend our legal rights. Your data will be retained in line with statutory and regulatory requirements. The criteria used to determine these retention periods includes:

  • To comply with the statutory retention periods for accounting records, as set by the Companies Act and HM Revenue & Customs (HMRC).
  • To comply with the retention periods set by the TRAS Fraud Prevention Agency.
  • Where our retention periods are not governed by legislation, our retention policy is based on commercial justifications, which have been set in accordance with the principle of retaining personal data for no longer than is necessary for the purposes for which it is processed. These include:
    • To comply with our customer, supplier and partner obligations;
    • To enable us to provide you with our products and services;
    • To allow us to resolve any disputes or complaints;
    • For the detection and prevention of fraud.

Changes to the Privacy Policy

This Privacy Policy does not form part of any customer, employee, supplier or any other contract with us and we may amend it from time to time. Any changes we make to our Privacy Policy in the future will be posted on our website (universaltp.wpengine.com) and, where appropriate, notified to you by email.

Use of the UTP website

By using the UTP website, you consent to our privacy policy.

How to contact us

If you have any questions about your personal data which are not answered by this Policy, please contact our Data Protection Officer at the following address:

The Data Protection Officer, UTP Merchant Services Ltd, Sapphire Plaza, Watlington Street, Reading, Berks, RG1 4RE

Or by email:

gdpr@universaltp.com

UTP will investigate and attempt to resolve complaints and disputes regarding the use of personal data by referencing the privacy policies stated in this policy.