Jellyfish Connect takes its responsibilities under data protection legislation very seriously and respects the privacy of our customers. This Policy aims to clearly tell you how we use your personal data, how we ensure it is kept secure and your choices.

Jellyfish Connect Ltd (‘Jellyfish’ or ‘we’, ‘our’ or ‘us’) has registered offices at 31 London Road, Reigate, Surrey, RH2 9SS, UK and the company number 6889858.

Jellyfish Connect Ltd consists of the following products and complimentary services (‘Services’):

• Pocketmags.com website and its associated digital magazine applications and digital publishing services.
• magazine.co.uk website and its associated magazine subscription websites.
• uOpen.com website and its associated subscription box services.

Jellyfish Connect Ltd is registered with the Information Commissioner’s Office (with the registration number ZA192111), and abides by the requirements of the Data Protection Act 2018, the Privacy and Electronic Communications Regulations 2003, and following May 25th 2018, that of the General Data Protection Regulation (EU) 2016/ 679 (GDPR).

Jellyfish Connect Ltd are the controller of your personal data provided to, or collected by or for, or processed in connection with the above Services. Each Service has its own Terms & Conditions which are entered into when making a purchase or creating an account. This Privacy Policy aims to inform you of how we collect and use your personal data, and to provide you with details about your choices.

In certain circumstances we will need to share your data with the owner of a product (‘Product Owner’) you have purchased from us to facilitate its fulfilment, in this case the Product Owner will be a data controller. In these circumstances, the Product Owner will handle your data according to their own Privacy Policy and may use your data for the purposes of sending occasional email communications relating to similar products and services if you have agreed to receive these. Should you subsequently wish to opt out of their email communications, you will need to unsubscribe from their emails directly. Further details will be included in the individual Service’s Terms & Conditions and at point of purchase.

We are committed to respecting and protecting the personal data gathered via our websites and applications whilst it is in our care, using it only in accordance with this Privacy Policy and our Cookie Policy. We collect your personal data because it helps us to understand your needs, improves our Services and guides the way in which we interact and communicate with you about our products and services now and in the future.

Please note that our Services may contain links to products and websites that are owned and operated by third parties. These products will have their own privacy policies which you should review if you choose to visit these products or websites. We are not responsible for the privacy practices of third parties.

Types of information we may collect about you

We collect both personal and anonymous data when you send us information or use one of our Services. Personal data is that which can personally identify you, such as name and email address. Anonymous data is that which cannot identify you and which is typically used in aggregate to better understand our customers.

How we collect your personal data

We collect data when you interact with one of our Services, for example when you browse our websites or applications, when you register with us, when you purchase a product or subscription and when you engage with us and our email correspondence.

Specific details of the information we may collect:

Information you provide - in completing forms on our websites and applications, such as registering for an account, or carrying out a transaction, we will receive various pieces of personal data such as your name and other information such as your postal address, e-mail address, telephone number, your debit/credit card number and expiry date or bank account details etc to process your request. Only relevant information will be used by us, or those data processors (such as our payment processors) and Product Owners necessary to fulfil the service requested and potentially communicate with you on any concerns arising to the provision of the service in general.

Information about your use of our websites and applications - we may collect your IP address and use cookies and similar technologies (e.g. web beacons, pixels, ad tags and device identifiers) to enhance your experience and improve our products and Services. Further details can be found in our Cookie Policy. We also collect data on how you interact with our digital products, such as if you have read and interacted with a digital magazine in an app or online. To understand how our websites, products and apps are used and performing we may use analytics services to provide us and Product Owners with statistical information.

Information about your device or system - in using one of our Services we may collect information about the device you are using, such as the operating system, your browser type, the URL of the previous website you visited, your ISP and unique device identifiers which allow us to recognise you next time you visit to provide you with a personal experience. We use analytic and reporting technologies to record and collect data from you. This information, such as your browser type, the URL of the previous website you visited, your ISP, operating system, cannot be easily used to personally identify you. We may use partners to help manage, monitor and optimise our Services to help us measure the effectiveness of our advertising, communications and how visitors use the Services. To learn more please see our Cookie Policy.

Information about transactions - if you make any purchase from us, such as a print subscription, a digital magazine or a subscription box, we will record details of that transaction for book-keeping and performance analysis.

How we use your personal data and lawful bases for processing

We use your personal data for the following purposes:

To provide a service to you, for example to:

• To respond to your queries about our products and services.
• To fulfil your requests for our products and services.
• To send you service communications (for example, a welcome/registration email, forgotten password email, a receipt or availability notification related to your purchase(s), support correspondence or a notification regarding changes to your service).
• To keep records up to date and to ensure the provision of purchases you have made.

We rely on the lawful basis of performance of a contract for the above purposes.

We rely on our legitimate business interests for the following purposes:

• To send you email marketing communications. We will always inform, when you provide your details to us, of our intention to send you such messages. You will have a clear opportunity to opt-out at this point and in every subsequent communication.
• To determine the effectiveness of promotional campaigns and advertising.
• To personalise or improve the way that our product or advertising is presented to you on our Services and that of third parties, such as based on location, gender (if known) and interests (based on browsing and purchase habits). To learn more please see our Cookie Policy.
• To keep records up to date and to ensure the provision of purchases you have made.
• To learn from and improve how customers interact with our Services to improve their experience over time.
• We may use your IP address to identify your location, for example to display prices in your local currency, to understand the number of visits from certain countries, and to block disruptive or abusive use of our Services.
• To enhance the security of our network and information systems.
• For reporting and audit purposes.

We have balanced our legitimate interests with those of our customers. If you would like further information or to object to us using your data for such purposes, please contact [email protected].

In specific circumstances we rely on the lawful basis of consent (i.e. where you actively agree to a specific use of your personal data) and legal obligation (i.e. where we are legally obliged to hold your personal data or disclose it by law).

How do we keep your data safe and secure?

The security of your personal data is important to us. When you enter sensitive information such as a debit/credit card number on our registration or order forms, we encrypt that information. We follow generally accepted industry standards to protect the personal data submitted to us, both during transmission and once we receive it. When you give your personal data to Jellyfish we will process that data in accordance with our responsibilities.

We will keep your data safe and secure. To prevent unauthorised access, to maintain data accuracy and to ensure the correct usage of information, we monitor and adjust our physical, electronic and managerial procedures to safeguard and secure your personal data while in our care, or in the care of any outside suppliers with whom we may contract to process your data on our behalf. Any outside suppliers are under strict contractual terms to mirror the security policies that we currently have in place.

All credit and debit card information you provide is encrypted using the latest Secure Socket Layer (SSL) technology, ensuring your credit or debit card details are safe and secure. The Services also meet the requirements of the Payment Card Industry Data Security Standard (PCI) which was created to ensure organisations that process card payments prevent fraud. All personal data processed by Jellyfish is processed within the European Economic Area (“EEA”).

Data retention

We will keep personal data only for as long as we need it to maintain our relationship with our contacts, provide them with the products, services or information they have requested, to inform our research into the preferences of our customers /clients, to comply with the law, and to ensure we do not communicate with individuals that have asked us not to. When we no longer need the information, we will dispose of it securely, using specialist companies to do this work for us if necessary. Further details can be found in our Retention Policy which is available on request.

Sharing information with others

Primarily we use your information within Jellyfish in order to provide you with the service or product you have selected.

We will only disclose your information to specific third parties in the following circumstances:

• To facilitate the service of a physical product, for example providing appropriate details to the Product Owner of a print magazine subscription or subscription box.
• We may transfer your personal data to a Product Owner based outside the European Economic Area (EEA). Where we do so we take the necessary steps to ensure your personal data is treated securely and have appropriate contractual arrangements in place.
• If you have provided consent to receive marketing correspondence from the Product Owner of a product you have purchased through one of our Services, your data will be shared with them and/or the data processor authorised to operate on their behalf for the specific purposes to which you consented. In each of the above cases, the Product Owner will have their own privacy policy which will cover their use of your personal data.
• Where we need to do so in order to provide a service you have requested. For example online transactions with us are secured using the SSL encryption method and hosted with our third party payment providers including MPP Global Solutions Ltd, SagePay Europe Ltd, Stripe Payments UK Limited and PayPal. This is to provide immense security and protection to our customers. All our payments processed via Paypal are processed via PayPal References Transactions.
• We may use certain third party services to verify your identity in certain circumstances, such as that your postcode is valid for delivery, age for age restricted products and company checks.
• It may be necessary to share information with certain third parties, such as the ABC or BPA, for audit and accreditation purposes, to confirm that sales have taken place.
• To improve the service and advertising that you receive (on our Services and third party websites and apps). These activities may involve the use of cookies or similar technologies. For more information please read our Cookie Policy.
• If disclosure is required or permitted by law. We will always ensure that those requesting the information have the legal right to do so.

If another company should purchase any of our companies or assets, including our database, that company will have the right of possession of the personal data collected by us and will assume the rights and obligations formerly attributable to us.

Your rights and further information

Under data protection law you have a number of rights. To request any of these rights outlined below please contact [email protected] or write to us at Data Protection Officer, Jellyfish Connect Ltd, 31 London Road, Reigate, Surrey, RH2 9SS UK.

Direct Marketing: You have the right to object to receiving direct marketing from us. There will always be an easy way of unsubscribing on any marketing email you receive from us.

Access: You have the right to be provided with the information information we hold for you. This is known as a ‘Subject Access Request’.

Rectification: If the information we hold for you is incorrect or needs amending, please let us know and we will update our records. Where available, you may view and amend these yourself in the My Account area of the relevant Service’s website.

Delete Data/Right to erasure and Account Closure - you can ask us to erase or delete all of your personal data and record with us. If at any time you would like to close and delete an account please contact [email protected]. Your personal data will be removed from our active user database and will be deleted assuming that you are current with all payment obligations, that Jellyfish does not believe it reasonably necessary to keep such information for any pending legal action, and that we are under no other legal obligation to retain such information. Please be aware that any unfulfilled subscriptions may be cancelled without refund, you will have to re-register in order to use the respective Service again, and any existing purchases will be forfeited. It is your responsibility to request a refund from Jellyfish or the appropriate merchant or Product Owner.

Questions

If you have any questions or complaints regarding this Privacy Policy please email [email protected] or write to our Data Protection Officer at Jellyfish Connect Ltd, 31 London Road, Reigate, Surrey, RH2 9SS, UK.

If contacting us does not resolve your complaint, we are registered with the Information Commissioner’s Office who can be contacted if you have concerns about our practices and do not feel we are able to satisfactorily answer your concerns.

Changes to this Privacy Policy

This Privacy Policy may change from time to time. In the case of significant changes we will endeavour to notify you, where possible, for example via an email address registered with us. Sending of this email will constitute notification and all changes will be apparent immediately unless otherwise stated.

Last updated: 1st May 2018