Privacy Policy

Sign In App is a product of All Things Code Ltd. This privacy statement describes how All Things Code Ltd protects and makes use of the information you give the company when you use our website, apps and services. This privacy policy does not apply to information our customers may process when using these services.

If you are asked to provide information, it will only be used in the ways described in this privacy policy.

We are committed to ensuring that your personal data is kept confidential, and that it is only collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

We confirm our compliance with The Data Protection Act 1998 and the new legislative conditions as required by The General Data Protection Regulation (“the Regulation”).

We recommend that you read this Privacy Policy in full to ensure you are fully informed. If you have any questions about this Privacy Policy or Sign In App’s data collection, use, and disclosure practices, please contact us at privacy@signinapp.co.uk.

What Information will we collect?

Personal data may be collected, stored and used when visiting our website, registering for a trial, or placing an order. The personal information that you are asked to provide, and the reasons why you are asked to provide it, will be made clear to you at the point we ask you to provide your personal information.

1) Information you provide

a) When visiting our website or using our apps

If you choose to contact us through either of these sources, information you provide such as your name, email address or telephone number and any other information you choose to provide us with will also be stored.

b) Account Registration

When registering for an account/trial, details that you provide us with to create a user and provide you with access to the applications. The registration requires you to provide us with personal contact information, such as your name, company name and email address.

c) Payment Information

When paying for your order online, your financial information is directed to our third-party payment processor. We do not store your financial data on our systems.

d) Sign In App Visitors

If you are a visitor that has signed into our application, the information provided, such as your name, your company, who you are visiting and other information that the customer you are visiting requires, i.e. the number plate of your vehicle.

2) Information we collect

When visiting our website or using our apps

Information gathered by the use of cookies in your web browser, such as your IP address, geographical location, operating system and browser.

We use cookies to analyse our web traffic using an analytics package. Aggregated usage data helps us improve the website structure, design, content and functions.

Cookies do not provide us with access to your computer or any information about you, other than that which you choose to share with us.

You can use your web browser’s cookie settings to determine how our website uses cookies. If you do not want our website to store cookies on your computer or device, you should set your web browser to refuse cookies.

However, please note that doing this may affect how our website functions. Some pages and services may become unavailable to you.

For what purpose will we process your data?

Your data will be processed for Specified, Explicit and Legitimate Purposes. We collect and process the personal data detailed above, and the purposes for which we process personal data will be informed to data subjects at the time that their personal data is collected.

We may, from time to time, use your personal data for reporting and for making improvements to our services; in such instances we will always ensure an individual cannot be identified.

Your personal data may be transferred to our trusted third party processors, this will be for purposes such as: Enabling payments, hosting of our servers, project management tools and customer relationship management system.

Our trusted third party processors are contractually bound by us to keep your information confidential and used only for specified, explicit, and legitimate purposes.

Some messages from us are service-related and necessary for customers. You agree that we can send you non-marketing emails or messages, such as those related to transactions, your account, security, or product changes/updates.

If we intend to use any data provided by yourself for marketing purposes, such as sending updates or information relating to the product, we will always make this clear and offer an ‘opt out’ should you wish not to receive such information.

If you have agreed that we can use your information for marketing purposes, you can change your mind easily, via one of these methods:

  • Send an email to: unsubscribe@signinapp.co.uk
  • Write to us at: All Things Code Ltd, 3A Green Lodge Barn, Roman Road, Northampton, NN7 4HD.

We will never lease, distribute or sell your personal data to a third party without requesting your prior permission. We will only transfer your data to other third parties without informing you separately beforehand in the exceptional cases where we are either legally required on important public interest grounds, or for the establishment, exercise or defence of legal claims.

Legal Basis for processing personal data

Our legal basis for collecting and using the personal data described above will depend on the personal information concerned and the specific context in which we collect it. However, we will generally only collect personal information from you where either;

  • We need the personal information to perform a contract with you
  • The processing is in our legitimate interest and not overridden by your rights
  • You have given your consent to do so

We have a legitimate interest in operating our services, for example when responding to your queries, improving our services, undertaking marketing.

If we ask you to provide personal information to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not.

Security of your data

Protecting personal data from access, loss or alteration is of the utmost importance to us. All visitor records, account data, configuration data and contact information is stored in data centres within the EU. Photos and images are stored anonymously in a separate secure cloud platform also based in the EU. Servers are updated with the latest security patches during scheduled routine maintenance.

The app and online portal both access data using our secure API. The API exclusively uses SSL (2048bit) to encrypt data in transit, and every request must include a time-limited authentication token generated by the authentication system. For support purposes, a limited number of senior engineers can access client data via a secure tunnel, controlled by private key-based secrets.

The app must be authenticated using a token generated from the devices section of your online portal. Portal users log in with an email address and password, managed from within the portal. User passwords are hashed at all times and can not be accessed.

There are two user levels that can be set, controlling access to user management and configuration options. For accounts with multiple sites, there is also the option to restrict individual users to only view data for a single site.

Where will your personal data be processed?

Visitor data collected via Sign In App will never be transferred out of the EEA, this data will always be securely stored within data centres within the EEA.

Sometimes we will need to share your personal data with third parties and suppliers outside the European Economic Area (EEA), this will be for purposes such as: Enabling payments, project management tools and our customer relationship management system.

Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data, where approved transfer mechanisms are in place to protect your personal data, i.e., by ensuring the entity is Privacy Shield certified (for transfers to US-based third parties). If you wish for more information about this please contact privacy@signinapp.co.uk.

Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Policy.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How long will we hold your data?

The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it - for example, to provide you with a service or to comply with applicable legal, tax or accounting requirements.

Data will be retained for as long as your account is active and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policy. Following that period, we’ll make sure it’s deleted or anonymised.

Sign In App Visitors

Please note that we are acting as a ‘data processor’, our customer will be the ‘data controller’ and will assume responsibility for the processing of personal data and how long that is held for. We have to act upon our customer’s instructions regarding data retention. Data will be stored in encrypted backups for 14 days after the retention period.

Data subject rights

It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to unsubscribe@signinapp.co.uk.

You also have rights to:

  • know what personal data we hold about you, and to make sure it’s correct and up to date
  • request a copy of your personal data, or ask us to restrict processing your personal data or delete it
  • object to our continued processing of your personal data

You can exercise these rights at any time by sending an email to privacy@signinapp.co.uk.

If you’re not happy with how we are processing your personal data, please let us know by sending an email to privacy@signinapp.co.uk. We will review and investigate your complaint, and get back to you within a reasonable time frame. You can also contact the Information Commissioner’s Office on 0303 123 1113. They will be able to advise you how to submit a complaint.

This privacy statement was last updated: May 2018

If you have any questions about this privacy statement, or would like any further information regarding your data, please email privacy@signinapp.co.uk or write to:

All Things Code Ltd, 3A Green Lodge Barn, Roman Road, Northampton, NN7 4HD.