This Privacy Policy is for the Revoke app and services. 

Revoke’s Privacy Policy

V1.8 Last Updated:  30th May 2023 

Data Protection General Statement:  

This Data Protection Policy outlines Revoke’s commitment to its customers, suppliers and other individuals to operate its business activities in a manner that meets the compliance obligations of the Data Protection (Jersey) 2018 Law (“DPJL”), the Data Protection (Bailiwick of Guernsey) Law 2017, Data Protection Act 2018, (UK) and the General Data Protection Regulation (EU) 2016/679 and all other global Data Protection Laws in force. 

Revoke understands and respects your right to privacy, and we are committed to ensuring the confidentiality and security of your personal data and the personal data processing activities within our organisation by applying the appropriate technical and organisational measures required to achieve this objective.  

This document covers the policies and procedures for processing personal data in a compliant manner and outlines the rights of the data subjects in respect of that data. The Privacy Notice below explains how we may use, process, and store your personal data.  

When you use our Services, you enter into an agreement with us and are directed to this Privacy Policy and the Terms and Conditions which form part of that agreement. 

Each time you use our Services, or provide us with information, the processing of your Personal Data will be governed by the current version of this Privacy Policy and Terms and Conditions.  

If you do not agree with the terms of this Privacy Policy or the Terms and Conditions, please refrain from using our Services.  

Data Controller:  

Revoke Limited trading as Revoke is the data controller of all personal data and data processing activities of its data protection app business. The company runs the “Revoke” app and associated services. It also operates the www.revoke.com website. The company’s head office and Registered Office is located at 2nd Floor, Conway House, 7-9 Conway Street, St Helier, Jersey, JE2 3NT.  

Revoke Limited is registered as a data controller with the Jersey Office of the Information Commissioner and its number is 61116.  

Reference documents:  

• Data Protection (Jersey) Law 2018  
• Data Protection (Registration and Charges) (Jersey) Regulations 2018  
• Data Protection (Bailiwick of Guernsey) Law 2017  
• Data Protection Act 2018, (UK)  
• EU General Data Protection Regulation 2016/679    

Privacy Policy:  

Scope of application:  

This policy applies to our business activities and the personal data processing of the data subjects within the European Economic Area (EEA), UK, Jersey, and Guernsey in the Channel Islands and the rest of the World.  

Personal data:  

Personal data means any information relating to an identified or identifiable natural person. Revoke collects the following categories of personal information;  

From Customers: 

• Name, address, email address, telephone and mobile number plus other contact information, but only when you choose to give it to us in aid of customer support services 
• Country where the App is being used 
• IP address, and version, operating system, device identifier  

Purposes of data processing;
Revoke uses the personal data noted above for the following range of activities;              

Services provided to our customers:
The main services we offer to our customers are as follows;  

1. Templates for DSAR (Data Subject Access Requests)
2. Contact information for Company Data Protection Officers 

We have designed our services to comply with the requirements of data protection law in the areas of Privacy By Design and Default.  

Data collection methods:
We collect personal data in the following ways:  

• When you download the Revoke app from Apple or Google Play app stores and agree to the terms and conditions for its use  
• When you email us using one or all of our dedicated customer support, data protection and business email addresses  
• When you contact our in-house team who can support and guide you with your queries in relation to our Revoke services  
• When you visit our Revoke website (www.revoke.com), we use only essential and analytical cookie features which may track your usage of our website and uploading of information to the website to help us improve our services to you  
• When you contact us by telephone and/or leave a voicemail message or text messages or use of the online chat facility or posting messages on our social media platforms  
• From third party channels such as public registers, social media and any other public open forums  
• Directly from you as a member of the public, staff member, business partner, supplier or intermediary when engaging with us directly  

Information collected:
Customer personal data will only be used by us where you are using our Revoke app and associated services.  

The personal data collected is used to;  

• Provide uninterrupted access to Revoke and maintain the service level expected and outlined in our Terms of Business  
• Assist us in the delivery and operation of secure business communications via email, our website and other relevant means  
• Assist Revoke in compiling relevant aggregated statistical data for statistical or public relation purposes. This aggregated information is not tied to personal information,  
• Meet any legal obligations in relation to the establishment, exercise or defence of a legal claim or where we received a court order for the disclosure of personal data  
• Meet any other legal obligations from relevant local laws  

Personal data may be used for the legitimate business interest of Revoke as indicated in this Privacy Policy.  

Only personal data that is necessary for the purposes of assisting our customers with the provision of products or services as outlined above are actively collected.  

Recipients of data:
Personal data collected may be disclosed or transferred to;  

• Revoke’s business partners who may provide professional services in relation to additional expert services  
• Revoke’s data processors who provide services in relation to the secure and safe running of its business systems and processes
• Professional agents in the provision of required services (e.g. lawyers, bankers, accountants, auditors)  
• Law Enforcement and Competent Authorities as required by the respective laws where such disclosure is necessary for compliance with a legal obligation  
• Other third parties when requested by you and when relevant consent has been obtained from you  
• Any new owner of Revoke should it be acquired or merged with another company or as part of the re-organisation of the company  

Social media platforms:  

When we use social media platforms e.g. Facebook, Twitter, Instagram, we only operate it so as to promote our own business and we would not knowingly engage in activities that go beyond this scope. Customers (and other data subjects) are advised to refer to the respective privacy notices of these social media platforms to check their data protection and privacy rights. Revoke cannot be held responsible for third-party social media platforms or website activities.  

Any data that is held by us will be stored on our servers which are located in the European Union, Netherlands and Ireland. 

Revoke engages the services of those vendors who are operating under the respective data protection compliant agreements and where they are using Standard Contractual Clauses or other approved data transfer mechanisms, where appropriate.  

Any transfer of data is done in a secure way and in compliance with Data Protection Laws. 

Retention of data:  

Revoke will only retain your personal data for as long as is necessary to fulfil the purpose for which it was collected.  

Summary of the important data retention periods are as follows;  

• If you use the Revoke App, we will retain your Personal Data for as long as use the service.
• We will only retain and use your Personal Data to the extent necessary to comply with our legal obligations (if we are required to retain your data to comply with applicable laws), detect and prevent fraud, resolve disputes and enforce our legal agreements and policies.
• Revoke will retain personal data in relation to customer, supplier, other data subjects’ transactions for 10 years from the date of the transaction where they are deemed to be part of the financial records of the business.

This is subject to the exception where the data cannot be deleted for legal or regulatory reasons.  

Data subject rights:  

Where a data subject in the European Union (or any “adequate/equivalent” status country) wishes to exercise their rights under applicable data protection laws, they should contact Revoke’s data protection manager at dpo@revoke.com.

Data subjects have a number of rights available to them;  

• Access to their personal data  

You can assert this right by accessing your personal data or by contacting us directly via our website www.revoke.com or email dpo@revoke.com. We would request that any request to access personal data must be made to Revoke in writing and provide sufficient detail to identify the Personal Data that you are seeking.  

Where you have identified that we have recorded your data incorrectly, you can contact us directly to update your information. 

• Restriction on the processing of their data  

This right applies in certain specific circumstances; where the accuracy of personal data is contested and the data controller needs time to verify details; where processing is deemed unlawful but the data subject opposes erasure and requests restriction instead; where there is an objection to data processing under legitimate interest legal bases and pending verification that the legitimate interest overrides the data subjects rights; the purpose of processing is no longer valid but it is required by the data subject for the establishment, exercise or defence of legal claims.  

• To object to the processing of their data  

This right is available to data subjects to request exclusion from any direct marketing activities or communications, including profiling to the extent that it is related to such direct marketing activities, and to any automated means using technical specifications in the context of information society services  

• To be forgotten (erasure of your data)  

You can delete or uninstall the Revoke app at any time. Revoke will not however be able to delete all our personal data to the extent that it is necessary to meet its legal obligations  

• Right to data portability  

This is a new right and only applies to those processing activities that are conducted under the legal basis of Consent or on Contract and the processing is carried out by automated means. Your data can be transferred to another data controller or to you directly where technically feasible  

• Right to object to automated decision making and profiling  

The data subject can object to automated decision-making and profiling in certain circumstances and request human intervention in the decision-making process. Revoke does not make any decisions based on purely automated means, but if we do, you have a right to object  

• Right to withdraw consent for those data processing activities based on consent  

Where the processing of personal data is conducted with Consent as the legal basis, the data subject can withdraw consent at anytime.  

Each data subject request to exercise the rights noted above will be reviewed against the requirements of the Data Protection (Jersey) Law 2018 and other relevant data protection laws, and in certain circumstances (e.g. restriction, erasure, objection, data portability) these rights may not be exercisable by the company. Full explanations will be given in such cases.  

Making a complaint:  

The Jersey Office of the Information Commissioner (“JOIC”), Channel Islands, is an independent statutory authority where you can make a complaint or learn more about data protection in Jersey. Their office is located at 2nd Floor, 5 Castle Street, St. Helier, Jersey, JE2 3BT. Their website is www.jerseyoic.org and their telephone number is  01534 716530.  

Security features:  

Revoke is committed to ensuring the security of your personal data and has implemented appropriate commercially reasonable technical, physical, and organisational measures to prevent unauthorised or unlawful processing of your personal data or accidental loss or destruction of your personal data.  

Our Security Policy is available on our website here.  

Email communications are scanned using the latest version of anti-virus and malware software deployed by our business. Personal data held by Revoke is only available to authorised members of staff.  

Our computer systems have secure audit trails and we have robust backup capabilities in place to ensure that our services can continue uninterrupted for our customers.  

Management and employees are trained in their data protection responsibilities and obligation to handle personal data in a confidential manner.  

Change to this notice:  

Revoke may update this Privacy Notice at any time. The updated notice will appear on our website www.revoke.com and in our Terms of Business.   

This Privacy Policy was last updated on 30th May 2023. 

Contact details:   

EU Representative:  

Revoke has appointed Formiti Data International, The Black Church, St. Mary’s Place, Dublin, Ireland 7, as its EU Representative. They can be contacted on +353 1 485 3752 or by email using info@formiti.com. 

UK Representative:  

Revoke has appointed Formiti Data International, Suite 2a, Blackthorn House, St. Paul’s Square, Birmingham, Warwickshire, England, as its UK Representative. They can be contacted on +44 121 582 0192 or by email using info@formiti.com.     

Revoke:  

If you have any questions, concerns, or complaints with respect to this Privacy Policy or the handling of your privacy or personal information, please contact our data protection manager at dpo@revoke.com.