Please note that this policy does not apply to any company or person outside Pay Academy Limited
Personal data collected
You may submit your information to us for a number of reasons:
- When you contract with us for services we will request your name, business name, address, email, telephone number, business registered number, IP address and payment details.
- When you contact us with a query: this will primarily include your name and contact details.
- When you sign-up to our mailing list, submit an online query, submit new employee information, complete any surveys, or provide testimonials. Details gathered may include your name, business name, address, email and telephone number.
- When you apply for a job posting: this may include your curriculum vitae, details of qualifications and experience or any other application forms completed.
We will not process special categories of personal data such as race, ethnicity, religious or political opinion.
Should you give us personal data about someone else, you are responsible for ensuring that you comply with all data protection laws. In advance of submitting any information to us you should have notified them that data is shared and clarified how we collect, use and retain their personal information.
How we use your data
We undertake to design our services and systems in such a way as to minimise the use of personal data. Where data is required, the purpose for which you are invited to give us information is clear. We will not use your information for purposes that are not clear when you provide your details. Should we intend to use your data for any other purpose, we will not do so without first notifying you in writing.
We use your information to:
- process your payment,
- meet the requirements of the contract,
- provide information and services that you have requested,
- provide payroll support to you and mange our relationship with you,
- monitor, measure, improve and protect our services,
- comply with regulatory requirements,
- request your participation in any customer research, for example when we research possible new products / features or feedback on existing products or services. Where testimonials or feedback have been provided, this information may be used in marketing material in an anonymous format, only with specific agreement from you will your details be associated with any comments,
- assist in our sales cycle and the onboarding of new customers,
- market new products, features or services only where you have specifically opted-in to receive marketing emails.
We do not employ automated decision making methods in relation to any of your personal data stored.
Software Users’ information will be held and used for as long as permitted for legal, regulatory, fraud prevention and legitimate business purposes.
Your information we use for marketing purposes will be kept with us until you notify us that you no longer wish to receive this information.
To ensure continuity and transparency in our recruitment campaigns, all applicant details will be kept for no longer than 14 months after the end of the recruitment process.
Emails from us
We will send users email notifications regarding purchases (such as invoices and renewal notifications) as well as emails relating to essential software changes, legislation changes, including product upgrades and releases.
Only if you have specifically requested will we contact you with additional information such as free webinars, CPD events, special offers and newsletters. We may wish to contact you for this purpose by telephone, post, SMS or email. You have the ability to unsubscribe from opted-in communications at any time. Alternatively, you can let us know your preferences by:
Disclosure and sharing of your data
In the following circumstances, we may send your personally identifiable information to others.
- We have obtained your express consent to share the information.
- We need to share your information to provide the service or product you have requested, paid or unpaid.
- We need to send the information to others who work on behalf of Pay Academy Limited to provide a service or product to you.
- We find that your actions violate the terms of our Terms and Conditions or any of our usage guidelines.
- Our company is subject to a take-over or merger in which case the information will be disclosed to the new owners on the understanding that they will protect the information and only use the information in substantially the same way as previously.
- We must respond to court orders and any other legitimate request by authorities with which we must comply.
- We undertake not to sell, trade, or rent any personally identifiable information to others.
Internally, we limit access to personal information about you to those Pay Academy Limited employees who we believe reasonably need to come into contact with that information to provide products or services to you or in order to do their job.
Third party service providers
In providing you with the product or service you request, we may occasionally use third party companies to manage collation, processing and storage of your personal information on our behalf. These companies are carefully selected and screened to ensure maximum protection of your security and privacy and are permitted to use the information only in accordance with our instructions.
These third party providers are not permitted to further transfer your personal data nor are they permitted to use your personal data for their own business purposes.
International data transfers
We only process your information within the European Economic Area (EEA). If in the future, we are required to process data outside the EEA we will take steps to ensure that where your information is transferred outside of the EEA to our service providers and hosting providers, appropriate measures and controls are in place to protect that information in accordance with applicable data protection laws and regulations.
Measuring our visitors
We measure visitors to our website using Google Analytics. This records what pages you view on our site, how you arrived at our site and some basic information about your computer. All of that information is anonymous. We don’t know who you are – just that somebody visited our site.
The information we collect from analytics helps us understand what parts of our website are doing well, how people arrive at our site, and so on. Like most websites, we use this information to make our website better.
You can learn more about Google Analytics or opt out if you wish.
Cookies are small text files that are placed on your computer by websites you visit. Cookies help make this website work and provide information to us about how users interact with our site. We use this information to improve our website.
By using our website, you agree that we can place these types of cookies on your device.
We use two providers to process payments. These companies will have access to your personal and payment information. We use Ardohr Limited, trading name Credec, to submit payment files to BACS or to customers’ bank accounts in order to pay employees and to make payments to HMRC. We use Eazypay Limited for collecting monies due to us via the direct debit agreement.
We share information with these companies only to the extent necessary for the purposes of processing payments on your behalf. Pay Academy Limited has carried out due diligence on the privacy policies of both Ardohr Limited and Eazypay Limited and to the best of our knowledge they are fully compliant with Data Protection legislation.
Pay Academy Limited only has access to personal data transferred by your nominated payroll administrators. We have no control over the authority, the quality or safety of the data input. You, and you alone are responsible for the accuracy and completeness of your records.
Whilst we have security measures in place to protect your data once received, it remains your responsibility to ensure that it is passed to us in a secure manner, it is complete and accurate and not excessive for the purposes required. Where applicable, you are responsible for keeping your password and user details confidential.
From time-to-time, in order to resolve a customer query, it may be necessary for us to send a backup or snapshot of your data to our payroll provider; Thesaurus Software Limited (trading as Bright Pay). We have an undertaking from Thesaurus Software Limited that as this information contains sensitive personal data, they take numerous steps to ensure security. Data passed to them by us is processed only for the purposes of resolving our query as advised in writing by us, and is done so by trained Thesaurus staff. Our backup of your data will never be shared externally without prior approval from us. Customer backups are retained for the minimum amount of time necessary, usually no longer than one week.
Every effort has been taken to maintain the highest possible levels of security, however we would draw your attention to the section “Security” below.
We are committed to compliance data protection law and where necessary will make available to customers any information necessary to demonstrate compliance with their processing obligations.
Emailing of payroll documentation
Should you select to use our software’s emailing feature, your employees’ payslips/P60s will be sent through our secure server. Every effort has been taken to maintain the highest possible levels of security and all emails are automatically deleted from our server once sent. To enhance the security of emailed files, we highly recommend that Customers utilise the password feature contained within the software. Finally, we would draw your attention to the section “Security” below.
We take the security of your data very seriously. Pay Academy Limited take technical and organisational measures to prevent the loss, misuse or alteration of your personal information. These precautions include:
- Use of SSL encryption for sensitive data
- Hardware stored in secured data centres behind firewalls
- All access to information restricted by password and/or secure key
- Restrictions to what information can be accessed via any location
Whilst we undertake to maintain the highest possible levels of security practicable to protect data it should be realised that no data transmission over the Internet or information storage technology can be guaranteed to be 100% secure, and there is always some risk of unauthorised access. Pay Academy Limited cannot be held liable for any breach of security. Any information submitted to us is done so at your own risk.
For more detailed information about our data protection and security arrangements please request a copy of our data Protection and Security Policy.
You may contact us if you have any questions about this policy, if you would like to see a copy of the information that we hold on you, if you would like that information to be corrected or even request for it to be deleted.
If you wish to raise a complaint on how we have handled your personal data, please contact us and we will investigate the matter.
Please email us at . Alternatively, send a signed letter to Pay Academy Limited, Prosperity House, 121 Green Lane, Derby, DE1 1RZ. If you are not satisfied with our response or believe our processing of your personal data is not in accordance with the law you can complain to the Information Commissioner’s Office.