This TABBit privacy statement was published on the 19th of December 2023.
This Privacy & Cookie Policy is provided by TabbX Limited (Company Number: 15060167) being a company incorporated in England and Wales with registered offices located at 124 City Road, London, England, EC1V 2NX, (TABBx, we, us, our) the creators of the TABBit app (App) for use of our products and services including our App and website www.tabbit.uk (Services).
This Privacy & Cookie Policy relates to your use of the Services only.
The Services may link to or rely on other apps, websites, APIs or services owned and operated by us or by certain trusted third parties to enable us to provide you with Services. These other apps, websites, APIs or services may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other apps, websites or services, please consult their privacy policies as appropriate. For more information see the section ‘Who we share your personal data with’ below.
Privacy & Cookie Policy
Definitions
Those defined in our Terms and Conditions available here https://tabbit.uk/terms-n-conditions/
Introduction
We are committed to protecting and respecting your privacy and to providing transparent information regarding the use of your data.
We are in registered with the Information Commissioner's Office (the ICO), with the registration number being "ZB604773".
We act as the Data Controller and Processor for our Services as defined in UK GDPR.
Use of Our Online Services.
Your use of TABBx Services is governed by our Terms and Conditions availability here: https://tabbit.uk/terms-n-conditions/
Personal Data we collect about you
When you engage with our Services, we process personal identifying information (“PII”) that you provide to us. PII is that information as defined by UK GDPR but excluding data in special categories. We do not process data in special categories. PII may include Cookies.
As well as PII we process your financial data and information from our Third Parties and Open Banking Partners to which you give us access (“Financial Data”), this may include but is not limited to:
This Privacy Policy applies to both your PII and your Financial Data, which we refer to in this policy as “Your Data”.
We will collect and use the following personal data about you:
Category of personal data | Further information about the type of personal data we collect |
Identity and contact information. When you request information from us e.g. when you fill out a contact form or otherwise contact us to express an interest in the Services, we may ask you to provide identity and contact information. | Your name, email address and phone number. |
Account, personal and financial information: When you use our Services, such as by downloading our App, creating an Account, or making a Payment |
|
Analytics. With your consent, when you use our Services | With your consent, we may use cookies and other analytical tools to identify your preferences. |
Usage data. When you access our Services, we automatically collect certain information about your device and usage. | Usage data may include information about how you access and use our Services, including device information, browser information, information about your network connection, online identifiers such as cookie data and your IP addresses, your preferences, interests, time of use and other usage and technical information regarding your interaction with the Services (while such data may not always be personal data as defined at law in all cases we will assume it is and treat it in accordance with this policy as if it were). |
Social media information. When you engage with us via social media. | Your username, name, and any other personal data which is publicly available or which you share with us. |
Customer feedback and comments. When you engage with us via any comment or forum functionality on our website. | Your name and any views, opinions, suggestions or other information you choose to share with us when sending a message through the Services. |
If you do not provide personal data we ask for where it is required, it may prevent us from providing services and/or the Services to you.
We collect and use Your Data for the purposes described in the section ‘How and why we use your personal data’ below.
Agreement
As per our Terms of Use you grant us and our Open Banking Partners and Third Parties a non-exclusive licence to process Your Data for the sole purpose of using our Services.
How and why we use your personal data
We process PII data to:
We process your PII and Financial Data to provide the functionality described in our Terms of Use, including but not limited to:
When using the App, the following categories of Personal Data are processed by us:
Under data protection law, we can only use your PII if we have a proper reason, e.g.:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own. You can obtain details of this assessment by contacting us (see ‘How to contact us’ below).
The table below explains additional reasons for when and why we use your PII.
To enforce legal rights or defend or undertake legal proceedings | Depending on the circumstances: to comply with our legal and regulatory obligations in other cases, for our legitimate interests or those of a third party, i.e. to protect our business, interests and rights or those of others |
Communications with you not related to marketing, including about changes to our terms or policies or changes to the Services or service or other important notices | Depending on the circumstances: to comply with our legal and regulatory obligations in other cases, for our legitimate interests or those of a third party, i.e., to provide the best service to you |
Protect the security of systems and data | To comply with our legal and regulatory obligations we may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests or those of a third party, i.e., to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us |
Operational reasons, such as improving efficiency, training, and quality control or to provide support to you | For our legitimate interests or those of a third party, i.e., to be as efficient as we can so we can deliver the best service to you |
Statistical analysis to help us manage our business, e.g., in relation to our performance, customer base, app and functionalities and offerings or other efficiency measures | For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service to you and improve and develop our app |
Updating and enhancing user records
| Depending on the circumstances: to perform our contract with you or to take steps at your request before entering into a contract (in this case, the contract means the Terms and Conditions of Use which apply to the Services) to comply with our legal and regulatory obligations where neither of the above apply, for our legitimate interests or those owf a third party, eg making sure that we can keep in touch with our customers about their accounts and new products or functionalities related to the Services and our services |
To comply with our legal and regulatory obligations
| Depending on the circumstances: to perform our contract with you or to take steps at your request before entering into a contract (in this case, the contract means the Terms and Conditions of Use which apply to the Services) to comply with our legal and regulatory obligations where neither of the above apply, for our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about their accounts and new products or functionalities related to the Services and our services |
To share your personal data with members of our group and third parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. In such cases information will be anonymised where possible and only shared where necessary | Depending on the circumstances: to comply with our legal and regulatory obligations in other cases, for our legitimate interests or those of a third party, i.e., to protect, realise or grow the value in our business and assets |
Location services/data
The Services will request your consent to use location services to precisely identify your location each session (i.e. each time the Services is opened or has been placed in the background for more than 30 seconds). We require access to that data in order to provide you with location specific Services and for security purposes.
If you do not provide your consent, you may use the Services but that some features of the Services will not be available. To withdraw your consent at any time you can turn off the localisation permissions for our app on your device.
The location services in the Services will not operate unless location services/data are generally enabled on your device. You may disable such functionality at any time by turning your device’s location on “off” using the device’s settings app. When you allow your device to use location services/data, data will also be collected by Google in accordance with their Privacy Policy, as this is the map service we integrate to our app.
We exert no control over Google’s Privacy Policy and we therefore recommend that you consult their privacy policy for further information on how Google protect personal data please visit their site - https://policies.google.com/privacy?hl=en-US. For more information see the section ‘Who we share your personal data with’ below.
Marketing
We intend to send you email marketing to inform you of our services such as promotions.
We will always ask you for your consent before sending you marketing communications, except where you have explicitly opted-in to receiving email marketing from us in the past or except where you were given the option to opt-out of email marketing when you initially signed up for your account with us and you did not do so.
You will have the right to opt out of receiving marketing communications at any time by:
We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.
For more information on your right to object at any time to your personal data being used for marketing purposes, see ‘Your rights’ below.
Who we share your personal data with
We routinely share personal data with service providers we use to help us run our business or provide the services or functionalities in the Services, including developers, cloud storage providers and Google, Inc. for Google Maps location functionality. We exert no control over Google’s Privacy Policy and we therefore recommend that you consult their privacy policy for further information on how Google protect personal data - https://policies.google.com/privacy?hl=en-US
We only allow service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We also impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.
We or the third parties mentioned above may occasionally also need to share your personal data with:
If you would like more information about who we share our data with and why, please contact us (see ‘How to contact us’ below).
We will not share your personal data with any other third party.
Transferring your personal data out of the UK
At this point in time, we do not transfer your personal data outside of the UK. If this changes, we would comply with applicable UK laws designed to ensure the continued protection and privacy of your personal data. Any updated destinations to which we send your personal data, would be indicated in the present section and notified to you in accordance with the section on ‘Change to this privacy policy’ below.
Furthermore, under UK data protection laws, we can only transfer your personal data to a country outside the UK where: the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR; there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you; or a specific exception applies under relevant data protection law. Accordingly, if we were to start transferring your personal data from the UK to:
In the event we could not or choose not to continue to rely on either of those mechanisms at any time we would not transfer your personal data outside the UK unless we could do so on the basis of an alternative mechanism or exception provided by UK data protection law.
Cookies
A cookie is a small text file which is placed onto your device (e.g. your smartphone or other electronic device) when you use our Services. When we use cookies on our Services, you will always be informed by a pop-up within the Services.
Cookies help us to recognise you and your device and allow us to store some information about your preferences or past actions, including your location data (for more information, please see our Privacy Policy).
For example, we may monitor how many times you use our Services, which parts of the Services you go to, location data. This information helps us to understand use of the Services by our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually.
For further information on our use of cookies, including a detailed list of your information which we and others may collect through cookies, please see below.
For further information on cookies generally, including how to control and manage them, visit the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.
Consent to use cookies
We will ask for your consent to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested (e.g. to allow you to remain logged-in to the Services as you navigate within the Services and use the Services functionalities).
You can withdraw any consent to the use of cookies or manage any other cookie preferences by using the tool made available to you within the Services itself. You can then adjust sliders or untick boxes as appropriate to reflect your choice. It may be necessary to refresh or restart the Services for the updated settings to take effect.
Our use of cookies
The table below provides more information about the cookies we use and why:
The cookies we use | Name | Purpose | Whether cookie is essential for us to provide you with a service that you have requested and whether we will seek your consent before we place the cookie |
CookieYes | cookieyes-consent | CookieYes sets this cookie to remember users' consent preferences so that their preferences are respected on subsequent visits to this site. It does not collect or store any personal information about the site visitors. | Yes essential |
Universal Analytics (Google) | _ga_* | Google Analytics sets this cookie to store and count page views. | No, will therefore request your consent before placing this cookie. |
Universal Analytics (Google) | _ga | Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors. | No, will therefore request your consent before placing this cookie. |
How to turn off all cookies and consequences of doing so
If you do not want to accept any cookies, you may be able to change your device settings so that cookies (including those which are essential to the services requested) are not accepted. If you do this, please be aware that you may lose some of the functionality of our Services and of other Services you use on your device. For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.
Consent
We can access your Financial Information (including any Personal Data) with your explicit consent.
How Can I Withdraw My Consent?
If you change your mind after granting consent, you can revoke it by contacting us at the address or email address indicated in the contact information above.
Deletion of Personal Data
We are committed to retaining your Personal Data only for the necessary duration. Your Personal Data will be deleted promptly when it is no longer required for the provision of our Services to you or upon the conclusion of the Terms of Service. To request the deletion of your data, please contact us via the live chat feature within the app, utilize the delete function available in your profile settings page, or send us an email at support@tabbit.uk. Your data will be deleted within 30 days of your request.
Please be aware that, as a services provider, we must retain certain customer personal data even if you request its deletion. If you have closed your TABBit account, it may not be possible to delete your entire file due to these regulatory obligations, which take precedence. Typically, we will retain your personal data for seven years following the termination of our business relationship with you or for any period required by applicable local laws.
Securing Your Personal Information
We prioritize the security of your personal information and have implemented suitable physical, technical, and administrative protocols to safeguard your personal data from unauthorized access, use, or disclosure, as mandated by the laws of England.
Upon receipt of your User Information, we employ stringent measures and security mechanisms to prevent unauthorized access, including encryption of any Personal Information transmitted to our banking partner. Additionally, we have a contractual agreement with our banking partner that mandates them to implement appropriate measures for safeguarding the security of the Personal Information we share with them.
Your Rights
Subject Access Requests
You have the right to request access to any personal data we have collected about you. To do so, please email us at privacy@tabbit.uk and provide the following details in your subject access request:
Making a Complaint to a Regulatory Authority
If you are unhappy with our service and wish to make a formal complaint, you have the right to contact the Information Commissioner's Office at www.ico.org.uk.
Changes to this privacy policy
We may change this privacy policy from time to time. When we make significant changes we will take steps to inform you, for example via the Services or by other means, such as email.
How to contact us
You can contact us by email if you have any questions about this privacy policy or the information we hold about you, to exercise a right under data protection law or to make a complaint.
Our contact details are shown below:
© 2023 All rights reserved
TABBit is brought to you by TABBx Ltd and powered by Moneyhub Financial Technology Ltd (Company No. 06909772) is authorised and regulated by the Financial Conduct Authority (FCA) as a Payments Initiation Service Provider, reference no. 809360. All logos and trademarks are property of their respective owners.