Order

Legal

Privacy Policy and GDPR Notice

This Privacy Policy describes how SUPEROPTIMISED LTD ("we", "our", or "us") collects, uses, and protects your personal data when you use the OCR Trace website and services. This policy complies with both the UK General Data Protection Regulation (UK GDPR) and the European Union General Data Protection Regulation (EU GDPR).

1. Data Controller Identity

The entity responsible for processing your personal data is:

  • Company Name: SUPEROPTIMISED LTD
  • Company Number: 15168419
  • Registered Office: Flat 5, Passmore House, 234-236 Kingsland Road, London, United Kingdom, E2 8AD
  • Contact Email: info@ocrtrace.com

2. The Data We Collect

We may collect, use, store, and transfer different kinds of personal data to provide our OCR, software publishing, and IT consultancy services. This includes:

  • Identity Data: First name and last name.
  • Contact Data: Business email address, telephone number, and company/billing address details.
  • Transaction Data: Details about payments and subscriptions you have purchased from us.
  • Usage & Technical Data: Service usage details, IP addresses, or notes you submit regarding archive requirements.

3. How We Use Your Data and Legal Basis

We will only use your personal data when the law allows us to. We rely on the following legal bases:

  • Contract Performance (Art. 6(1)(b) GDPR): To process your orders, manage your subscription, and deliver the promised services.
  • Legitimate Interests (Art. 6(1)(f) GDPR): To keep our records updated, study how customers use our products/services, and ensure network security.
  • Legal Obligation (Art. 6(1)(c) GDPR): To comply with legal or regulatory requirements, such as UK corporate tax, invoicing, and accounting compliance.
  • Consent (Art. 6(1)(a) GDPR): Where you have explicitly opted in for specific communications or marketing.

4. International Data Transfers

As a UK-based company, your data will primarily be stored and processed in the United Kingdom. If you are located in the European Economic Area (EEA), please note that the UK benefits from an "adequacy decision" from the European Commission. This means that data transfers between the EEA and the UK are legally safeguarded and fully compliant with EU GDPR standards. Where we use third-party service providers outside the UK/EEA, we ensure suitable safeguards (such as Standard Contractual Clauses) are firmly in place.

5. Data Security

We have instituted appropriate technical and organizational security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed.

6. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. By UK law, we are required to keep basic information about our customers for tax purposes for a specific number of years after they cease being customers.

7. Your Legal Rights

Under the UK and EU GDPR, you have the right to:

  • Request access to your personal data.
  • Request correction of the personal data that we hold about you.
  • Request erasure of your personal data (the "Right to be forgotten").
  • Object to processing of your personal data where we are relying on a legitimate interest.
  • Request restriction of processing of your personal data.
  • Request the transfer of your personal data to you or a third party.
  • Withdraw consent at any time where we are relying on consent to process your data.

8. Contact and Complaints

If you wish to exercise any of the rights set out above, or if you have any questions about this privacy policy, please contact us at info@ocrtrace.com.

You also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, or your relevant local EU data protection authority.