FANZO Privacy Policy

What this policy covers?

FANZO recognises the importance of personal privacy and security. This privacy statement reflects our commitment to safeguarding your personal information. To comply with the General Data Protection Regulation (EU) 2016/679 and the Privacy and Electronic Communications (EC Directive) Regulations (and any applicable amendments), this policy provides a clear explanation of how your data is used, shared, and protected. It also outlines the tools available to you to manage your privacy and your rights, as well as how to contact FANZO.

FANZO is a trading name of MatchPint Limited, a company registered in England (Company Number: 07168721), with its registered address at 3A Westbourne Road, Islington, London, N7 8AR.

Scope of this policy

By using our website, subscribing to our services, or submitting any online forms on websites owned by FANZO, you agree that we may process, store, and use your personal data in accordance with this policy. Your rights are outlined in the “Your Rights” section.

FANZO may act as either the Data Controller or the Data Processor depending on how you engage with our services. Where FANZO is the Data Controller, we ensure any Data Processors we work with are fully compliant and operate under the terms of this policy.

Information We Collect

We collect information about you when you provide it to us, when you use our products, or when other services provide it to us.

Account information: When you register for an account on FANZO, or submit information to us, you may provide personal details such as your name, email address, gender, Facebook ID, and date of birth.

Website visitors (Consumers): When visiting any FANZO-owned domain, we may collect non-personally identifying data such as your browser type, referring website, and timestamps of your visits. We also collect information when you sign up a pub, subscribe to our newsletter, or complete a form.

Automatically collected information: When you use our services, we may automatically collect data such as features you use, pages you visit, your approximate location, and frequency of platform use. This is used in aggregate form for statistical purposes only.

Pub Clients (Customers): We collect your email address, venue information, phone number and your name to register for the service. In addition you have the ability to add other users to the service. For payment processing, we use “GoCardless for Xero by Directli,” which sets up a Direct Debit authorisation. FANZO does not store any payment information. You may revoke this access at any time via your Directli account. We may also collect bank account details and VAT numbers for reimbursement purposes.

Cookies: FANZO and trusted partners, including Google Analytics, use cookies and similar technologies (such as pixels and tags) to recognise you and deliver personalised content. See our Cookie Policy for more information.

Information Usage

We process data (whether personally identifiable or not), provided directly or indirectly by you, or collected automatically, for legitimate business purposes. These may include:

•   Personalising your experience by using your preferences to deliver relevant content
•   Improving our website and services through user feedback and behaviour analysis
•   Enhancing customer service and support
•   Processing payments and reimbursements for pub clients
•   Sending relevant push notifications (opt-in/out available)
•   Managing contests, promotions, surveys, and site features
•   Sending email updates about promotions, offers, and content of interest (opt-out available via signup email or email footer)
•   Providing aggregated, anonymised data to clients for insights and improvements

We conduct Legitimate Interest Assessments to ensure your rights and privacy are respected when relying on legitimate interest as our legal basis. We regularly review and update these assessments.

Data Storage and Protection

We use a range of technical and organisational security measures, including authentication protocols, to ensure the safety of your data.

Technical security

FANZO’s database is accessible only via SSH using authorised keys. Servers are secured, dedicated to FANZO, and actively monitored. Passwords are securely hashed and cannot be retrieved. You are responsible for protecting your devices and browsers from unauthorised access. For any third-party websites we link to, we recommend reviewing their privacy policies.

Staff training & internal security measures

All staff receive ongoing training on data protection. New employees undergo induction on our internal protocols. Our office uses key card access to minimise the risk of internal data breaches.

Storage Duration

How long we keep information we collect about you depends on the type of account and information that we hold. We will only retain your personal information for as long as necessary to fulfil the reasons that we collected it for, including satisfying legal requirements, reporting purposes, and accounting requirements. We always consider the type of information that we hold, the amount collected, and how sensitive it may be. We will always minimise the risk from anyone using or sharing this information without your permission. After the time period is exceeded all data will either be securely deleted or some may be retained in non-personally identifiable aggregated form, in these instances we will be able to use this information without further notice to you.

• Consumers: As long as your account is active your account information will be retained. We may keep some of your data for 18 months after you de-activate your account (this is diferent to having your account deleted) in case you want to re-activate it in this period. We also may retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, support business operations, and to continue to develop and improve our Services.
• For marketing and communication purposes: Unless you have otherwise opted out, we may retain any of your information for marketing and updating communications for a period of 18 months after you deactivate your account. If you opt out of marketing communications your email address will be kept securely on file only for the purposes to ensure that you never receive communications from us again.
• Customers: We will hold your account information for as long as your account remains active. We may retain your information for up to 3 years from the financial year end in the year that you deactivate your account in order to comply with the HMRC’s recommended guidelines

If you delete, or request to have your account deleted, then your personal information (other than what is required to be kept by law) will be securely and irreversibly deleted, and your remaining information made anonymous and we will be able to use this information without further notice to you. Please note some information is required to be kept for legal and accounting reasons (see above).

Cookies and similar technology

We use cookies on our services (Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser) to enable our systems to recognise your browser and capture and remember certain information. We may use cookies to understand and save your preferences for future visits and social media cookies in order to tailor advertising, this includes trusted third parties with whom we grant access to selected information to perform specific tasks on our behalf. You can view our full cookie policy here.

Further information

We do not rent, sell, or trade your personal information. Trusted partners may access data only to perform specific services under confidentiality agreements. We will never share your information for marketing without your consent or as specified in our Cookie Policy.

We may share aggregate, non-identifiable data for analytics or marketing purposes.

Your Rights

You have the right to request:

• Access to your personal data
• Electronic copies of your personal data
• Have your data corrected if it is incorrect or has changed
• Deletion or restriction in certain circumstances by applicable law
• Where we have asked for consent, you have the right to withdraw at any time.

Children’s Online Privacy Protection Act Compliance

We are fully compliant with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. To the best of our ability all of our website, products and services are all directed to people who are at least 18 years old or older.

Third Party Data Processors

We partner with commercial and non-commercial organisations, some of which act as Data Processors. You may receive information from us on their behalf if you’ve consented. We may also engage third parties for hosting or services, but they are bound by contract to only process data as instructed, in accordance with GDPR. FANZO remains the Data Controller in these cases.

Below you can find a list of our sub-processors and the reason for using them:

Sub Processors

• Stripe, GoCardless (for collecting customer payments)
• Xero (for managing our accounting processes)
• Intercom (for customer service)
• Batch (for in-app messaging and notifications)
• Google Inc. (for anonymised analytics, for sending email)
• Dotdigital (for sending email and newsletters)
• Wootric (for collecting net promoter score)
• SurveyMonkey (for collectingcustomer feedback)
• Synalabs, DigitalOcean (for cloud infrastructure)

In some circumstances, we may decide to buy or sell business assets. In the unlikely event that FANZO ceases to trade, is acquired by another business or enters bankruptcy, this privacy policy in relation to this data would become in the purchaser’s control. However, it would only be for the purposes and uses as laid out in this policy.

Google Analytics

This website uses Google Analytics as a Data Processor for FANZO, a web analytics service provided by Google to track and evaluate web and app performance. Google Analytics uses the aforementioned cookies in order for FANZO to evaluate how users interact with our platforms. You can find out more about Google Analytics and its practices here.

Remarketing

We may use Google’s remarketing products in order to display you ads across the Google Display Network (GDN). This enables us to let Google deliver our ads on sites across the web which are relevant to your behaviour on our website. This is done by creating visitors lists based on stored cookies in your browser. This is produced and conducted by Google and is not linked to your personal information in relation to the ads served. You can opt out of Google's use of Google Ads across the Google by modifying you “Ads Preferences Manager” to not serve you relevant ads.

Alternatively, there are other ways of not receiving targeted advertising by either surfing the web anonymously (via private browsing) or by visiting the Network Advertising Initiative and opting-out of these types of adverts.

Changes to our Privacy Policy

FANZO may change this policy periodically and will carefully monitor industry or government mandated changes and their impacts on this policy. We will always inform you of any amendments made to our policies.

Contacting Us

Data Protection Registration Number: ZA788261 Data Protection Officer: Robert Stewart

For all other queries regarding this policy and your personal data, or to get in touch with the Data Protection Officer please get in touch with us at [email protected].

If you would like to remove all of your personally-identifiable information from our servers, please get in touch with the addresses above and FANZO will respond within 30 days

Your information is controlled by MatchPint Ltd t/a FANZO.