Overview
Honeypot Dating Limited takes data privacy seriously and we are committed to protecting and respecting your privacy. This privacy notice describes how and why we, as data controller, obtain, store and process personal data. For the purpose of this privacy notice, we’ll just call them our “Services”. Personal data is information relating to you that enables us to identify you, for example, your name, email address, payment details and information about your access to our website(s) or mobile app. We will process your personal data fairly, lawfully and transparently. This privacy notice describes the personal data we are collecting about you and how it is used. We will only collect and use your personal data for the following purposes, to:
• provide our services
• improve our services
• make our marketing more relevant to you and your interests
• meet our legal responsibilities
This privacy notice is intended to meet our duties of Transparency. The protection of your personal data is our top priority. That is why we process your information exclusively on the basis of the applicable legislation, including the GDPR and the Data Protection Act 2018. We may update this notice from time to time and we will notify you of any changes. Please do not hesitate to contact us if you have questions in addition to the information provided in this notice – hello@getthursday.com.
Who are we
When we refer to ‘we’ (or ‘our’ or ‘us’), that means Honeypot Dating Limited trading as Thursday. Our headquarters are at Thursday HQ, Old Sessions House, London, United Kingdom. For more information about who we are and what we do, visit us at www.getthursday.com.
Your Rights & Our Commitment to You
You have several rights under the data privacy legislation and Honeypot Dating Limited is committed to you being able to freely exercise your Rights. Where possible, we have incorporated automated tools on our website(s) or mobile app that enable you to facilitate your Rights in real-time. Your Rights include, under certain circumstances, the right to: Be informed: you have the right to be informed if and how your personal data is being processed. Access, rectification or erasure: you have the right of access to personal data we hold about you in our records. You are also entitled to have your personal data corrected if it is inaccurate, or to have it erased if we do not have a legitimate reason for retaining your data. We may have legitimate reasons for retaining your data, such as:
• exercising the right of freedom of expression and information;
• for compliance with a legal obligation which requires processing by law to which we and/or our processors are subject;
• for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) in so far as the right to erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
• establishing, exercising or defending legal claims.
To request data portability: for personal data which you have provided to a controller, where processing was based on your consent, or where processing is done by automated means, you have the right to obtain a digital copy of your personal data, request the transfer of your personal data to another company or request to move your data from one IT system to another in a safe and secure way.
To request restriction of processing: you have the right to restrict the processing of your personal data where you are contesting the accuracy of that information, you have objected to processing (as described below), you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims, or where the processing is unlawful. Where processing is restricted, we may need to retain sufficient information about you to ensure that the restriction is respected in future.
To object to automated decision-making including profiling: you have the right not to be the subject of any automated decision-making or profiling by us.
To withdraw consent: in cases where we are relying on your consent for the processing of your personal data, you have the right to withdraw your consent at any time. In respect of the e-marketing we conduct, an unsubscribe (withdraw consent) option is included with every e-marketing communication we send.
To object to processing: where your personal data is being processed based on the legitimate interests of a data controller or third party, you have the right to object to that processing. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
If you want to exercise any of the rights described above, please contact us at hello@getthursday.com. Typically, you will not have to pay a fee to access your personal data (or to exercise any of the other rights outlined above). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or we may simply refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
To complain to the relevant supervisory authority: should you have any concerns or complaints regarding the way in which we process your data, please email us directly at hello@getthursday.com. We will reply to your complaint as soon as we can. You also have the right to make a complaint to the Information Commissioner’s Office (ICO) in the UK. We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance.
Cookies Preferences: You can manage cookies by adjusting your web browser controls. Please consult our Cookie Policy for more information about our use of cookies on our website(s) and how to accept and reject them.
The Personal Data We Collect
Personal data means any information about an individual from which that person can be identified. It does not include anonymised data, where the identity and identifying information has been removed. However, it does include ‘indirect identifiers’ or ‘pseudonymous data’ (i.e. information which alone doesn’t identify an individual but, when combined with certain additional and reasonably accessible information, could be attributed to a particular person). Depending on the type and level of engagement you have with us, we may collect the following categories of personal data: From the Services: We receive and store information you provide directly to us. For example, when setting up new users, we collect Personal Information such as ID, name and e-mail address, to provide them with the Services. The types of information we may collect directly from our customers and their users include: drivers licence or other ID, contact details, hobbies and interests, photos, marital status, gender, interested in, transactional information (including Services purchased), as well as any other contact or other information they choose to provide us or upload to our systems in connection with the Services.
From our Website(s) or mobile app(s): We may collect any Personal Information that you choose to send to us or provide to us, for example, on our “Sign Up” online form. If you contact us through the our website(s) or mobile app, we will keep a record of our correspondence.
Information We Automatically Collect when you use our Services:
Usage information – we keep track of user activity in relation to the types of Services our customers and their users use, the configuration of their computers, and performance metrics related to their use of our Services.
Log information – we log information about our customers and their users when you use one of our Services including Internet Protocol (“IP”) address.
Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.
Customer Feedback – While using our Services, you may be asked to provide feedback (e.g. in the software directly or after receiving help from our support team). Providing this feedback is entirely optional.
When you use our website(s) or mobile app: When you visit our website(s) or mobile app, we collect certain information related to your device, such as your device’s IP address, referring website, what pages your device visited, and the time that your device visited our website(s) or mobile app.
From the events: if you attend a Thursday event, we may take photographs and videos (Imagery) of the event and of people who attend the event. Imagery in which you can be identified is classed as personal data.
Financial data when signing up to Thursday events or making a purchase through our website(s) – your bank account and payment card details, including your bank account number, sort code, IBAN, BIC, and bank address. Payment card details will be collected directly by our payment processor and we won’t receive them. However, in certain limited cases, we may receive bank account details in the context of administering refunds.
Marketing and communications data: while using out Services, we may collect data about your preferences concerning receiving marketing from us and your communication preferences.
Behavioural data: we may collect inferred or assumed information relating to your behaviour and interest, based on your online activity. This is typically aggregated and grouped into “segments”.
We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity. For example, we may aggregate personal data to understand and improve our Services. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
How We Collect Your Data
We may collect your personal data in one of the following ways: • when you visit our website or mobile app; • when you create an account; • when you engage with us on social media;
• when you contact us with queries;
• when you review our services;
• when you apply for an employment vacancy with Honeypot Dating Limited;
• when you request marketing to be sent to you; or
• when you sign up to and/or attend one of our events.
Data from Third parties
We may also receive personal data about you from various third parties, including:
• Technical Data from third parties, including analytics providers such as Google. Please see further information in the section entitled ‘Marketing preferences, adverts and cookies’ below.
• Technical Data from affiliate networks through whom you have accessed our website(s) or mobile app.
• Identity and Contact Data from social media platforms when you log in to our website(s) or mobile app using such social media platforms.
• Contact, Financial and Transaction Data from providers of technical, payment and delivery services.
How We Use Your Personal Data
The legal basis for processing your personal data:
We will only collect and process your personal data where we have a legal basis to do so. As a data controller, the legal basis for our collection and use of your personal data varies depending on the manner and purpose for which we collected it. We will only collect personal data from you when:
• we have your consent to do so, or
• we need your personal data to perform a contract with you. For example, to provide you with our service to you, or
• pursuing our legitimate interests in a way that you might reasonably expect to be a part of running our business and that does not significantly impact your interests, rights and freedoms, for example, showing Honeypot Dating Limited advertisements to you as you browse the internet.
• we have a legal obligation to collect or disclose personal data from you (e.g. in suspected instances of fraud where we need to give personal data to the National Crime Agency (NCA) or a government body). This is why we process your personal data:
A. To provide the Services
This processing is necessary to perform the contract governing our provision of the Services to you, including:
• managing subscriptions on the Services, for ID and KYC verification purposes and providing access to the Services and its functionality;
• ensuring that your device(s) are secured and you have the requisite protection;
• scanning your emails and device(s) to ensure we can carry out the Services and secure your device(s);
• communicating with you through the Thursday chat function;
• providing customer support;
• setting up and managing your account when using the Services;
• to process and complete transactions, and send related information, including transaction confirmations and invoices;
• keeping you up to date with our Services and any new features, technical alerts, security notifications and administrative communications (including by email);
• providing any other elements of the services to you; and
• for any other purposes about which we notify customers and users.
We carry out this processing on the following legal bases:
• Contractual Necessity – to provide the Services, in particular securing your device(s).
• Legitimate interests – we have a legitimate interest in processing the personal data for the purposes of performing the agreement we made with you and for the functioning of the Services, particularly in relation to the capture of statistics and ensuring your devices are secured.
B. Insights
We record a small percentage of users’ interactions when using our products and services to identify issues with the user journeys to ensure the quality of service.
We carry out this processing on the following legal bases:
• Legitimate Interests. It is in our legitimate interests that we are able to monitor certain user journeys to ensure that we can develop and improve the features and functionalities of our services and products we offer.
C. Aggregated Data creation
We may also create, use and share “Aggregated Data” (such as statistical or demographic data) for any purpose. Aggregated Data may be derived from your Personal Data, but once in aggregated form it will not constitute personal data for the purposes of the GDPR as this data does not directly or indirectly reveal your identity. For example, we may aggregate technical data and behavioural data to calculate the percentage of users accessing a specific features of our Services. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with this privacy notice.
We carry out this processing on the following legal bases:
• Legitimate Interests. We have a legitimate interest in creating Aggregated Data to use and share for our own business purposes.
D. Troubleshooting
To track technical issues that might be occurring on our products and services.
We carry out this processing on the following legal bases:
• Legitimate Interests – it is in the legitimate interests that we are able to monitor and ensure the proper operation of our products and associated systems and services.
E. Security
To keep our Services, together with associated systems, operational and secure.
We carry out this processing on the following legal bases:
• Contractual Necessity.
• Legitimate Interests. We have a legitimate interest in ensuring the ongoing security and proper operation of our products and services, together with associated IT services and networks. This may include ensuring that we are protected from automated spamming, crawling, scraping, denial-of-service attacks and similar operations.
F. Use of Imagery
We may show Imagery of you on our website(s), our mobile app, our social media pages and/or in marketing. You may withdraw your consent by telling us that you do not want us to use any Imagery taken of you. We may use any Imagery of you (provided there is a lawful basis for us doing so) until such point as you decide to withdraw your consent for us to use such Imagery or we no longer retain such Imagery.
We carry out this processing on the following legal basis:
• Consent – if you have given your consent by signing up to, and attending a Thursday event. You have the right to opt-out at any time and will be given an opportunity to do so by contacting Thursday directly. We will seek to remove all images of you within 3 working days from point of complaint.
G. Marketing
We use this information to prepare and send you electronic marketing communications relating to events and Services that we think you might be interested in. We also use your personal information, in particular, Imagery of you attending one of our events, for marketing purposes, for example, on our website, social media page(s) and/or with our marketing partners.
We carry out this processing on the following legal bases:
• Consent – if you have subscribed to our mailing list, you have provided consent to us sending you marketing communications. You have the right to opt-out of such marketing at any time.
• Consent -if you have given your consent
• Legitimate Interest – if you provided your email address in the course of signing up to our Service or purchasing any goods, we may send you marketing communications about similar products and/or services unless you have optedout of receiving them. We do this on the basis that it is in our legitimate interests to do so. You have the right to opt-out of such marketing at any time.
• Legitimate Interest – we have a legitimate interest in collecting and using information about your engagement with our marketing emails (e.g., whether you open and/or forward those emails) to make sure that the products and offers that we inform you of are relevant to you.
How We Share Your Data
We sometimes share your personal data with our trusted categories of third parties we use to conduct our business, for example, to handle feedback and complaints; and to help us understand your behaviour in order to customise and maximise our services, advertising, marketing, competitions and offers to you.
Our trusted categories of third parties include website hosts, ID and KYC verification providers, cloud service providers, social media providers, professional services providers, customer survey service providers and advertising partners. As part of our user registration process, we may perform ID verification steps to verify your age and use liveness detection to confirm that you are a real person. We may partner with third party services to provide this service to protect you and the Thursday community. To do this, we may collect a selfie from you during your account registration along with a photo of your ID. Information that may be stored includes the following: picture; verification ID; issuing country; jurisdiction within the country; document type; name of the user on the document; nationality; date of birth; issue and expiry; gender; and driving licence class.
As part of our e-marketing methods and on the basis of our legitimate business interests, we use some Google services and some Facebook products in accordance with the practices explained in the Google and Facebook terms and privacy notices. In order to protect your personal data by pseudonymising it, Google and Facebook ensure that a hashing algorithm is applied automatically at the point of sharing personal data with Google and Facebook. Please consult their relevant terms and privacy notices for further information and your options. If we can help you in any way please do not hesitate to contact us at hello@getthursday.com.
As part of our fraud monitoring, detection and prevention methods and on the basis of our legitimate business interests, we may use third-party fraud monitoring, detection and prevention service providers for all website/mobile app sales. As part of this service, we may share personal data that is required to make identity checks and personal data that we obtain from making identity checks (including data relating to your age, name and location), together with account information, with third party organisations (including law enforcement agencies), involved in fraud prevention and detection and credit risk reduction. Please note that these third parties may retain a record of the information that we provide to them for this purpose.
We may share your personal data with government bodies and law enforcement.
We may also share your personal data with our professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Marketing Preferences, Adverts and Cookies
Marketing – Your Preferences
We may send you marketing communications and promotional offers: if you have created an account with us or subscribed to our services, and you have not opted out of receiving marketing (in accordance with your preferences, as explained below); by email if you have signed up for email newsletters; We may use your personal data (as outlined in the ‘Personal Data We Collect’ section) to form a view on what we think you may like, or what may be of interest to you, and to send you details of services which may be relevant for you. We will ask you for your preferences in relation to receiving marketing communications by email, and other communication channels. You will always have full control of your marketing preferences. If you do not wish to continue receiving marketing information from us (or any third party, if applicable) at any time:you can unsubscribe or ‘opt-out’ by using the unsubscribe button and following the link included in the footer of any marketing email. We will process all opt-out requests as soon as possible, but please note that due to the nature of our IT systems and servers it may take a few days for any opt-out request to be implemented.
Cookies
Our website(s) use cookies to distinguish you from other users of our website(s) and to keep track of your visits. They help us to provide you with the very best experience when you browse our website(s) and to make improvements to our website(s). They also help us and our advertising networks to make advertising relevant to you and your interests. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website(s) may become inaccessible or not function properly. For detailed information on the cookies which we and our third-party providers use and the reasons why we use them, please refer to our Cookie Policy.
Our Use of Analytics and Targeted Advertising Tools
We use a range of analytics and targeted advertising tools to display relevant content on our website(s) or mobile app and online advertisements on other websites and apps to you. We use these tools to deliver relevant content to you in marketing communications (where applicable), and to measure the effectiveness of the advertising provided. For example, we use tools such as Google Analytics to target and improve our marketing campaigns, marketing strategies and website(s) content. We may also use tools provided by other third parties to perform similar tasks. If you would like any further information about the data collected by these third parties or the way in which the data is used, please contact us on hello@getthursday.com.
Links to Other Websites and Third Parties
Our website(s) may include links to and from the websites of our partner networks, advertisers and affiliates, or to social media platforms. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to their websites.
Transferring Your Data Outside the UK and EEA
The personal data we collect from you may be transferred to, and stored at, destinations outside the UK and European Economic Area (“EEA”) using legally-provided mechanisms to lawfully transfer data across borders. It may also be processed by staff operating outside the UK and EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of our services to you. We will take all steps necessary to ensure that your data is treated securely and in accordance with this privacy notice. If we share your personal data outside of the UK or European Economic Area, we ensure that there is an appropriate transfer mechanism in place to protect your personal data and comply with our data protection obligations. Please contact us at hello@getthursday.com if you want further information on the countries to which we may transfer personal data and the specific mechanism used by us when transferring your personal data outside the EEA.
Storing, Securing and Retaining Your Data
Storing your data
We need to retain your personal data to satisfy our legal obligations, to deal with complaints and queries, in order to resolve, litigate or defend a dispute and to prevent fraud and abuse. Having obtained your consent (or other legal basis) to contact you, we will retain your personal data for marketing and analysis purposes until you withdraw your consent. If you choose to withdraw your consent to marketing, we will delete your personal data from our systems, unless we have another legal basis to retain it, which may include performance of our contract with you.
Securing your data
The communication between your browser and our website(s) or mobile app uses a secure encrypted connection wherever your personal data is involved. We have put in place physical, electronic and managerial security procedures in the storage and disclosure of your personal data to protect it against accidental loss, destruction or damage. Nevertheless, any data transmission over the internet or by any other means can never be fully secure, such is the character of the internet, and provision of personal data by you to us is at your own risk. We take all reasonable measures to protect your personal data by putting appropriate technical and operational security measures in place. When we disclose your personal data to trusted third parties (for the purposes set out in this notice), we require all third parties to have appropriate technical and operational security measures in place to protect your personal data, and we work with them to ensure that your data protection and privacy rights are respected. Where your personal data is shared with a third party, it must only be used for the purposes for which it was supplied. In the unfortunate event of a personal data breach, we will notify you and any applicable regulator when we are legally required to do so.
Retaining your data
Your personal data will be deleted when it is no longer reasonably required for the provision of the Services described above or when you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data. The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal or regulatory requirements). We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. For example, where you ask to be unsubscribed from marketing communications, we may keep a record of your email address and the fact that you have unsubscribed to ensure that you are not sent any further emails in the future.
Children
While our website(s) and mobile app is designed for a general audience, we will not knowingly collect any data from children under the age of 18 or sell products to children. Please do not attempt to sign up to our services, create an account or send any Personal Information about yourself to us. If we learn that we have collected Personal Information from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Information, please email hello@getthursday.com. Our privacy team will act upon this information as quickly as possible.
The California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act (“CCPA”) provides consumers with specific rights regarding their Personal Information. You have the right to request that businesses subject to the CCPA (which may include our Merchants with whom you have a relationship) disclose certain information to you about their collection and use of your Personal Information over the past 12 months. In addition, you have the right to ask such businesses to delete Personal Information collected from you, subject to certain exceptions. If the business sells Personal Information, you have a right to opt-out of that sale. Finally, a business cannot discriminate against you for exercising a CCPA right.
When ofering services to its Merchants, Honeypot Dating Limited acts as a “service provider” under the CCPA and our receipt and collection of any consumer Personal Information is completed on behalf of our Merchants in order for us to provide the Service. Please direct any requests for access or deletion of your Personal Information under the CCPA to the Member with whom you have a direct relationship.
Consistent with California law, if you choose to exercise your applicable CCPA rights, we won’t charge you diferent prices or provide you a diferent quality of services. If we ever ofer a financial incentive or product enhancement that is contingent upon you providing your Personal Information, we will not do so unless the benefits to you are reasonably related to the value of the Personal Information that you provide to us.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Changes to This Privacy Notice
From time to time we may change this privacy notice. If there are any significant changes we will post updates on our website(s) or mobile app, applications or let you know by email at hello@getthursday.com.
How to Contact Us
We welcome feedback and are happy to answer any questions you may have about your data.
You can contact us at:
Email: hello@getthursday.com
This notice was most recently updated: [ ] September 2024