Just published: Supplier insight study on virtual card adoption trends.

Privacy Policy for Applications and Services

This “Privacy Policy for Applications and Services” is for customers applying, using or subscribing to any of Previse’s Applications and Services. If you are visiting our website, please see our Privacy Policy.

Version 4.1, Last updated: 20 June 2023

General

Previse Limited (“we” and “us“, and “our“) is committed to protecting the privacy of those users that access Previse’s Applications and Services and the individuals that Personal Data is processed about using Previse’s Applications and Services. This privacy policy (the “Privacy Policy“) governs our use of Personal Data as a controller as described in further detail below.

Please be sure to carefully read this Policy in its entirety before using or submitting information to Previse’s Applications and Services. You, which in the case of an individual user that is employed by or otherwise works on behalf of one or more organisation(s), includes those organisation(s) (together “you” and “your“) agree to be bound by this Privacy Policy on the date that the user first accepts the Privacy Policy by clicking on “Agree” on the acceptance of terms page, or on the date that the user first uses Previse’s Applications and Services, whichever occurs first (that date being the “Effective Date”). Whenever you submit Personal Data via Previse’s Applications and Services or otherwise provide us with or make Personal Data available to us in the circumstances described in this Privacy Policy, you acknowledge that it will be collected, used and disclosed in accordance with this Privacy Policy. If you object to the terms of the Privacy Policy, you cannot use Previse’s Applications and Services and you must cease using it immediately.

You warrant and undertake that: (i) you have full capacity and authority to agree to be bound by the Privacy Policy (including, in the case of an individual user, on behalf of the organisation(s) that the user works for); (ii) you have and will maintain all necessary licences, consents and permissions necessary for the performance of your obligations under this Privacy Policy; and (iii) you will comply with applicable laws and regulations with respect to your activities under this Privacy Policy.

We recommend that you read this Privacy Policy whenever you visit Previse’s Applications and Services as we may, without prior notice to you, amend this Privacy Policy to reflect any changes in Previse’s practices, services and legal obligations. If Previse makes any material changes to the way Previse collects, uses or shares Personal Data, Previse will notify you of those changes by posting an updated notice on Previse’s Applications and Services to which it relates or by an electronic communication to you, which will indicate the effective date of the proposed changes. Your continued use of Previse’s Applications and Services following the effective date of a change to this Privacy Policy signifies your acceptance and agreement to the terms of the revised notice. This Privacy Policy has been revised at the “Last Updated” date displayed at the top of this Privacy Policy. All changes will be effective when posted at https://previse.co/en-us/privacy-policy/apps-and-services/ and are binding on you from that date. The current version of the Privacy Policy will be displayed on that page.

Information about us and our role

Previse Limited is a company registered in England and Wales with number 09117429 with its registered address at Building 423 – Sky View (Ro) Argosy Road, East Midlands Airport, Derby, DE74 2SA, United Kingdom. We are the controller responsible for the processing of Personal Data described in this Privacy Policy under the Data Protection Legislation and other applicable law.

If you wish to contact us about this Privacy Policy or Previse’s Applications and Services or for any enquiries about how we use Personal Data, please contact us at help@previ.se.

The personal data we process as a controller

Purposes for processing

We will use and process Personal Data lawfully, fairly and in a transparent manner. We will collect and use Personal Data solely for the specified and legitimate purposes stated in this Privacy Policy. We use:

User Personal Data to:

make Previse’s Applications and Services available to you and to contact you concerning the administration of your access and that of the organisation that you are employed by or otherwise work for. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

send you service communications relating to the maintenance, support and updating of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

send you marketing communications including:

updates about new or improved functionality of Previse’s Applications and Services and services offered under it and events, promotions or competitions being offered by us; and

information from us about goods and services which may be of interest to you;

If you are a corporate subscriber, we will do this because it is in our legitimate interests to process Personal Data in this way. You are entitled to object to us contacting you or to amend your communication preferences by contacting us at help@previ.se.

If you are an individual subscriber, we will process Personal Data in this way where you have consented to receive these marketing communications from us. You are entitled at any time to withdraw your consent to receiving these marketing communications from us at any time.

If you subsequently decide that you do not want to receive marketing communications from us, please click the “unsubscribe” link provided in our marketing messages. Objecting to receiving marketing communications will not affect our use of the Personal Data prior to you objecting but it will mean that we will not be able to contact you about the offers we may run and other services we may be able to offer to you in the future. Objecting to receiving marketing communications will not affect our ability to send non-marketing messages to you as well (such as transactional messages relating to your account or your use of Previse’s Applications or Services).

contact you, if we receive a request to contact you or to send you any requested information. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with you, to respond to your request and develop the relationship between us. It may also be necessary for us to

use Personal Data to perform an agreement with you, where we would be unable to provide those services without that information (for example, if a particular service or information is to be provided to you, we would be unable to provide that service or information unless we were able to use Personal Data for that reason);

use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with you;

enable us to contact you for security reasons or in order to respond to or direct communications from third parties to the relevant recipient(s). We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

manage our relationship with you and collect any amounts due. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with you about amounts due and to develop the relationship between us. It may also be necessary for us to

use Personal Data to perform an agreement with you, where we would be unable to provide those services without that information;

use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with you;

verify your identity, onboard you as a customer, supplier and/or funder of Previse, conduct anti-money laundering checks, risk management, credit checks and other compliance related activities as well as to satisfy our internal operational requirements. We do this because it is in our legitimate interests to make sure that the identities of our counterparties are genuine and relationships are not being established for fraudulent or other illegal reasons. We may also do this because we may be subject to legal obligations which require us to confirm the details that you provide to us before entering into a relationship with you;

enable you to access various features of Previse’s Applications and Services and to configure and improve the quality, content and overall user experience of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

monitor and compile statistical and other information related to the performance, operation and use of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

to corroborate, match with or enrich personal data held by us for the purposes of identifying, establishing and managing business relationships. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

use data from Previse’s Applications and Services for security and operations management, to create statistical analyses (which may include analyses concerning the likelihood and speed of repayment by and other financial performance measures relating to certain organisations) and for research and development purposes. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes; and

address other business needs such as website administration, fraud prevention, legal compliance and business continuity. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes. We may also do this because we may be subject to legal obligations that require us to use Personal Data for these purposes.

Portal Personal Data to:

make Previse’s Applications and Services available. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

send service communications relating to the maintenance, support and updating of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

send marketing communications including:

updates about new or improved functionality of Previse’s Applications and Services and services offered under it and events, promotions or competitions being offered by us; and

information from us about goods and services which may be of interest to you;

Where the recipient is a corporate subscriber, we will do this because it is in our legitimate interests to process Personal Data in this way. The recipient is entitled to object to us contacting them and can amend their communication preferences by contacting us at help@Previ.se.

Where the recipient is an individual subscriber, we will process Personal Data in this way where that data subject has consented to receive these marketing communications from us. The data subject is entitled at any time to withdraw his or her consent to receiving these marketing communications from us at any time.

If the relevant data subject subsequently decides that they do not want to receive marketing communications from us, they can click the “unsubscribe” link provided in our marketing messages. Objecting to being contacted for marketing purposes will not affect our use of the Personal Data prior to that but it will mean that we will not be able to contact the relevant data subject about the offers we may run and other services we may be able to offer to them in the future. We may also continue to send the relevant data subject non-marketing messages (i.e., transactional messages).

contact you and/or the relevant data subject, if we receive a request to contact or to send you and/or the relevant data subject any requested information. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with you and/or the relevant data subject, to respond to requests and develop the relationship between us and/or them. It may also be necessary for us to

use Personal Data to perform an agreement with a counterparty, where we would be unable to provide those services without that information (for example, if a particular service or information is to be provided to you, we would be unable to provide that service or information unless we were able to use Personal Data for that reason);

use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with a counterparty;

enable us to make contact with you and/or the relevant data subject for security reasons or in order to respond to or direct communications from third parties to the relevant recipient(s). We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

manage our relationship with counterparties and collect any amounts due. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data to communicate with counterparties about amounts due and to develop the relationship between us and them. It may also be necessary for us to

use Personal Data to perform an agreement with a counterparty, where we would be unable to provide those services without that information;

use Personal Data to comply with a legal obligation relating to how we manage our business or our relationship with a counterparty;

verify identities, onboard customers, suppliers and/or funders of Previse, conduct anti-money laundering checks, risk management, credit checks and other compliance related activities as well as to satisfy our internal operational requirements. We do this because it is in our legitimate interests to make sure that the identities of our counterparties are genuine and relationships are not being established for fraudulent or other illegal reasons. We may also do this because we may be subject to legal obligations which require us to confirm the details that are provided to us before entering into a relationship with a counterparty;

enable access to various features of Previse’s Applications and Services and to configure and improve the quality, content and overall user experience of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

monitor and compile statistical and other information related to the performance, operation and use of Previse’s Applications and Services. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

to corroborate, match with or enrich personal data held by us for the purposes of identifying, establishing and managing business relationships. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes;

use data from Previse’s Applications and Services for security and operations management, to create statistical analyses (which may include analyses concerning the likelihood and speed of repayment by and other financial performance measures relating to certain organisations) and for research and development purposes. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes; and

address other business needs such as website administration, fraud prevention, legal compliance and business continuity. We will use the Personal Data in this way because it is in our legitimate interests to use Personal Data for these purposes. We may also do this because we may be subject to legal obligations that require us to use Personal Data for these purposes.

With respect to the User Personal Data and/or Portal Personal Data that you provide to us, you will be informed at each information collection point which information is required to be provided and what we will use it for. We will let you know where you must provide us with the Personal Data in order to perform an agreement or to comply with a legal obligation. You can choose not to enter any such Personal Data into Previse’s Applications and Services. However, if you choose not provide us with Personal Data in circumstances where we require it, we will be unable respond to enquiries, engage in further communications with you and/or make Previse’s Applications and Services available to you in circumstances where the Personal Data is required to do that.

Previse does not sell your Personal Data to non-affiliated third parties (including for their own direct marketing purposes) without your consent. In addition, Previse has not sold your Personal Data to non-affiliated third parties in the last 12 months. If you are entitled to any disclosure rights in your jurisdiction regarding our sale of your Personal Data to non-affiliated third parties or our disclosure of your Personal Data to third parties for their own direct marketing purposes, this disclosure satisfies those requirements. If you still wish to learn more about our compliance with this requirement, please contact us using the information provided in the “Contact Information” section below.

Information we collect from your browser and your device

As you navigate through Previse’s Applications and Services, we will automatically collect information about your interaction with Previse’s Applications and Services such as your IP address, traffic data, clickstream information, time stamp, location data, web logs, other communication data and the resources that you access when you visit Previse’s Applications and Services and your browser or other applications on your device interact with it. We automatically collect this data using various technologies such as cookies, web logs and beacons as described below. This information allows us to better tailor our content to users’ needs and is only gathered while you are on Previse’s Applications and Services.

We automatically receive and record such information on our server logs from your browser. As discussed below, we use this information to diagnose problems with our server, report aggregate information for statistical analysis, determine the fastest route for your computer to connect to Previse’s Applications and Services and administer and improve Previse’s Applications and Services.

To the extent this information constitutes User Personal Data, we use it as described in Clause 3.1.1, which includes to ensure that content from Previse’s Applications and Services is presented in the most effective manner for you and your device because it is in our legitimate interests to improve our users’ online experience in relation to Previse’s Applications and Services.

Cookies and other tracking technologies

Previse’s Applications and Services use “cookies” to enhance your use of Previse’s Applications and Services and/or services and to monitor your activity during your visit(s) to Previse’s Applications and Services. Cookies are small text files that are stored on your browser and the hard drive of your computer, mobile or other handheld device. The cookies store information about your visit to Previse’s Applications and Services and distinguish you from other users. Our use of cookies allows us to provide you with a better experience when you browse Previse’s Applications and Services. The use of cookies also helps us to display content on Previse’s Applications and Services and also allows us to obtain and analyse statistics about the use of Previse’s Applications and Services so that we can improve it.

The use of cookies allows us to personalize each application’s content for you and remember your preferences. It also allows you to participate in interactive features on our platforms, when you choose to do so.

By accepting and consenting to this Privacy Policy, you also consent to our use of cookies as explained in this Privacy Policy. You can withdraw your consent at any time by turning off the cookies as described below but withdrawing your consent will not affect our use of the User Personal Data processed using those cookies prior to you withdrawing that consent.

The following table sets out the types of cookies used on Previse’s Applications and Services and provides detail about what they are used for. When you use Previse’s Applications and Services for the first time, cookies which are essential to make Previse’s Applications and Services operate (see those identified as “essential cookies” below) will have been set but other cookies will not have been set unless you agreed to those cookies being set at that time. If you have agreed to accept cookies, then Previse’s Applications and Services will remember this and continue to set cookies each time you visit.

Some cookies are deleted when you close your browser. These are known as session cookies. Others remain on your device until they expire, or you delete them. These are known as persistent cookies and enable us to remember things about you as a returning visitor, particularly if you wish to be remembered so you do not have to click on a link on every time you visit Previse’s Applications and Services.

If you do not want cookies to be stored, then you may delete certain cookies listed below individually, or you can select the appropriate options on your web browser to delete some or all cookies. Please note, however, that if you block some or all cookies (including essential cookies) you may not be able to use or access all or parts of Previse’s Applications and Services, such as being able to access specific areas.

If you visit any of our public websites (https://previse.co, https://instantpay.co and any other website that is published by us and made accessible without access control such as a login), then your privacy is covered by a separate privacy policy found on those sites. This may include other cookie types and trackers, for example, for marketing purposes and different privacy management tools.

Strictly necessary

Strictly necessary cookies are required to operate our website or payment services and to protect the security of our services. They enable you to log into secure areas of our website or help us prevent and detect fraudulent transactions and other violations of our terms

SystemCookie names
Auth0
We use Auth0 as an authentication provider. These cookies are set in response to actions made by you, such as logging in or filling in forms.
https://auth0.com/privacy
connect.sid
auth0
auth0_compat
auth0l
OptanonConsentU
OptanonAlertBoxClosed
ajs_anonymous_id
ajs_user_id
did
did_compat
com.auth0.auth.[Unique ID]
ring-session
JSESSIONID
docs_current_tenant
WordPress
We use WordPress to manage content on our website and documentation sites. These cookies are used to manage your account and logged in status if you have registered as a user.
https://automattic.com/cookies/
https://automattic.com/privacy/
wordpress_[Unique ID] wordpress_[Unique ID] wordpress_logged_in_[Unique ID] wordpress_test_cookie

Functionality

Functionality cookies are used to recognise you when you return to our services, to remember your preferences, and to show you content based on your preferences.

SystemCookie names
Zoho Forms
We use Zoho forms to handle enquiries, complaints and applications for accounts. These forms and associated features will not function without cookies enabled.
https://www.zoho.com/privacy/cookie-policy.html
[Unique ID]
JSESSIONID
zfccn  

Analytics

Analytics cookies allow us to recognise and count the number of visitors and to see how visitors move around our website and interact with our payment interfaces. Some of the tools we use provide us only with information about trends and aggregate user behaviour.

SystemCookie names
Google Analytics
We use Google Analytics to understand the behaviour of visitors who interact with our site and content. Google provides us with a dedicated service (that is, they do not use this information for their own purposes) and it is used on an aggregated basis (that is, no individuals can be identified from the data)
https://support.google.com/ads/answer/2662922?hl=en-GB
https://policies.google.com/technologies/cookies
_ga
_gid
_ga
_gid_[Unique ID]
Lucky Orange
We use Lucky Orange to analyse behaviour on the website using either aggregate data to build (for example) heatmaps of where users typically click, or recordings to show how an anonymous user interacted with the site or a form. All data and information is scrambled and anonymised before leaving your computer. https://www.luckyorange.com/privacy.php

Note – you can also use their privacy management tool to block this feature.
__lotl
_lo_uid
_lo_uid
_lo_v
_lorid

Further analytics and advertising

Advertising and other analytics tools record your visit to our websites, the pages you visit and the links you follow. We use this information to improve the usefulness, usability and effectiveness of both our website and our advertising. We may also share information with third parties for this purpose.

You can directly control the use of these tools through the QuantCast Choice tool made available on our websites.

SystemCookie names
TCF Privacy Manager (QuantCast Choice)
The QuantCast Choice Privacy Manager is present on all our public sites. It is displayed on entry and available as a “Privacy” button in the bottom right corner of your browser window. This allows you to control (block) select which advertising, retargeting and analytics features are enabled (including trackers that do not use cookies).
At the time of publication, this includes: Lucky Orange, Facebook, SurveyMonkey, MailChimp, Google Ad Partners and Nextroll (and associated partners)
mc
euconsent-v2
__qca

Disabling cookies

If you would like to disable cookies, you can set your web browser to reject cookies. However, if you disable the cookie function, you may not be able to access or receive all the information contained on Previse’s Applications and Services.

Please note that Google and other third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies as a result of you visiting other websites, over which we have no control.

Sharing of Personal Data with third parties

We will share Personal Data with the following third parties:

Our Affiliates;

Our or any of our Affiliates’ accountants, insurers, auditors, partners and managers;

Our or any of our Affiliates’ legal advisers and representatives for the purposes of establishing, exercising and defending our legal rights and obligations and otherwise taking legal advice;

Our or any of our Affiliates’ service providers and sub-contractors;

Our or any of our Affiliates’ customers, suppliers and funders;

Potential purchasers of and/or successors in title to member(s) of the Previse Group and their Affiliates and representatives in connection with a sale, acquisition, reorganisation or other disposition of all or part of Previse Group’s business or assets, or the insolvency, bankruptcy or receivership of a member of the Previse Group;

Those third parties identified in the InstantPay terms and conditions you have executed with us;

Data analytic companies for the purposes of managing credit risk through the use of Delphi scoring;

Operators of publicly available and private databases of business and individuals for the purposes of verifying identities. For example, we may use databases such as those retained by LinkedIn for this purpose;

Third party service providers for the purpose of fraud protection and credit risk reduction such as industry associations (such as CIFAS) and their members and any agents, delegates, nominees, attorneys, trustees or custodians acting on our or any of our Affiliate’s behalf;

To those third parties where we are required to do so by law or court order or in response to reasonable enquiries from or as a result of cooperating with any governmental, banking, taxation, supervisory, industry association (such as CIFAS) or other similar body or by the rules of any stock exchange;

To law enforcement and fraud prevention agency.

Records of Personal Data

We will keep a record of the Personal Data for the purposes described in this Privacy Policy. We will keep a copy of Personal Data held for the specific purpose for which it was provided, until this has come to an end and we no longer need to comply with a legal obligation that requires us to retain Personal Data. We will delete our copy of Personal Data 24 months after the termination of the business relationship or after a longer period after the end of the purposes explained in the preceding sentence, although we may retain a record of the existence of the relationship, to the extent that and for so long as we are required to do so by law. For example, if you have contacted us to ask for the processing of User Personal Data to be erased, we will retain a record of your request in order to ensure that we comply with your wishes. Should we receive Personal Data about an individual who is not a user of Previse’s Applications and Services and has not agreed to the Privacy Policy, the Personal Data will be deleted or anonymised after a period of 6 months from the date it was first received.

International Personal Data Transfers

We store and process Personal Data:

in the UK and the European Economic Area (“EEA“) if you are located in the UK or in the EEA; and

in the UK, the EEA and/or the United States of America (“US”) if you are located in the US.

Do Not Track Disclosure; No Tracking Across Websites

Certain web browsers may provide a do-not-track (“DNT”) option. You may be able to ask your browser to inform websites that you do not wish your activities to be tracked, either with cookies or other persistent identifiers, commonly called “DNT signals”. Previse’s Applications and Services currently do not respond to DNT signals.

We do not utilise third parties that collect Personal Data about your online activities over time and across different websites when you use Previse’s Applications and Services.

Your relationship with us

Your obligations

You warrant, represent and undertake to us:

that you have, in all respects, complied with your obligations under applicable Data Protection Legislation with respect to the User Personal Data and Portal Personal Data to permit our Processing of it;

that the Personal Data that you provide or otherwise make available to us is true, complete and up-to-date;

that you are entitled to transfer the User Personal Data and Portal Personal Data to us so that we may lawfully use, process and transfer the User Personal Data in order to provide Previse’s Applications and Services and carry out our other rights and obligations under this Privacy Policy;

there is and will continue to be no prohibition or restriction in relation to our use of the Personal Data that would prevent or restrict the processing of the User Personal Data and Portal Personal Data for the purposes described in this Privacy Policy;

in respect of the Portal Personal Data, that you have the rights, have made all notifications and obtained all consents (including providing the fair processing notices required to be provided to the relevant data subjects under Articles 13 and 14 of the GDPR and obtaining the consents required to be obtained from the relevant data subjects as well as consents from individual subscribers to receive marketing communications from us under the Data Protection Legislation), authorisations, approvals and licences necessary to enable the Personal Data to be provided and/or made available and then used as described in this Privacy Policy and that these rights, notifications, consents, authorisations, approvals and licences are and will remain in full force and effect.

If any of the Personal Data that you have provided to or made available to us changes (for example if you change your contact details) then you will promptly notify us by sending an email to help@Previ.se.

You will defend, indemnify and will hold harmless us and the other members of the Previse Group (the “Indemnified Parties”) against all Liabilities sustained or incurred by the Indemnified Parties as a result of the occurrence of any of the following:

your failure to comply with any of your obligations under this Privacy Policy and our enforcement, exercise or protection of our rights under this Privacy Policy; and/or

any undertaking, representation or warranty made by you under this Privacy Policy that is or proves to have been incorrect or misleading.

Your rights

Depending on your applicable jurisdiction, including if your Personal Data is subject to the GDPR, you may have certain rights with respect to your Personal Data. Such rights may include the right to:

request access to that Personal Data;

receive a copy of that Personal Data which you have provided to Previse in a structured commonly used format so that you can share it with others;

where that Personal Data is inaccurate or incomplete, ask for Personal Data to be rectified or completed;

request the transfer of that Personal Data to another party;

ask for that Personal Data be erased;

object to us processing that Personal Data by asking for the processing of that Personal Data to be restricted or stopped. For example, if Previse uses Personal Data for marketing purposes; and

make a complaint to the applicable data protection supervisory authority about the manner in which Previse processes Personal Data, such as the UK Information Commissioner’s Office.

Please contact help@previ.se for additional information, or if these rights apply to you based on your jurisdiction, to exercise these rights. When you contact us to exercise the above rights, we may ask for further information from you, to confirm your identity and, if applicable, the jurisdiction to which you are subject. You may also be able to access and update the information you have provided to us via your weblink.

Miscellaneous

Contact information

If you have any questions, comments or concerns about this Privacy Policy, you may contact us at help@previ.se.

Security

We have implemented appropriate technical and organizational measures on our servers, which are designed to protect Personal Data from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.

You should keep in mind that internet transmissions (including emails) are never completely secure or error-free. As such, you should take steps to protect yourself, especially online and take special care in deciding what information you send to us via e-mail or other transmissions. Where you use weblinks, ID numbers, or other special access features on Previse’s Applications and Services, it is your responsibility to safeguard them. You should choose a strong password for your device, do not use the same password that you use elsewhere and do not share your password with anyone else. Also remember to sign out of Previse’s Applications and Services and close your browser window when you have finished to ensure that others who may have access to your computer cannot access Personal Data.

Whilst we may take any information provided by you into account, only we will determine the content of any related public statements and any required notices to the affected data subjects and/or the relevant supervisory authorities in connection with a personal data breach in relation to the Personal Data.

Links to other websites

Previse’s Applications and Services may contain links or references to other websites. Please be aware that we do not control other websites and, except as otherwise noted in the applicable website, this Privacy Policy does not apply to those websites. We encourage you to read the privacy and cookie policy of every website you visit. We are not responsible for the security or privacy of any information collected by these third parties.

We may offer certain “share”, “social media” or “email a friend” functionality on Previse’s Applications and Services. If you choose to use these functions, we may and/or the third party social media networks may collect certain information about you depending on the function or feature you use. With respect to the social media features (such as allowing you to post information about your activities or share your information with others on a social media site), the collection and use of information by and your interactions with the third party social media network will be governed by the privacy policy of the company providing those social media features. We are not responsible for the security or privacy of any information collected by these third parties.

No Collection of Children’s Data

Previse does not seek to, nor do we knowingly collect, information directly from children under the age of 16. If a child has directly provided us with Personal Data, a parent or guardian of that child may contact us to have the information deleted from our records. To do so, contact us through the information provided below in the “Contact Information” section.

Severability

If any provision of the Privacy Policy is deemed unlawful, void or for any other reason unenforceable then that provision will be deemed severed from the Privacy Policy and will not affect the validity and enforceability of any remaining provisions of the Privacy Policy.

No waivers

Our failure or delay to exercise or enforce any rights or any provision of the Privacy Policy will not constitute a waiver of such right or provision unless acknowledged and agreed to by us in writing.

Third party rights

Nothing in this Privacy Policy is intended or shall be deemed to confer any rights or benefits upon any person other than the parties thereto, or to make or render any such other person a third-party beneficiary of this Privacy Policy, except to the extent that an affiliate of either party, or any officer, director, or employee of a party or its Affiliate, has any rights, including a right to be indemnified, under this Privacy Policy.

No partnership

Nothing in this Privacy Policy is intended to or will operate to create a partnership between you and us or authorise either you or us to act as agent for the other. Neither party will have the authority to act in the name of, on behalf of or otherwise to bind the other in any way (including, but not limited to, the making of any representation or warranty, the assumption of any obligation or liability and the exercise of any right or power).

Entire agreement

The Privacy Policy represents the entire understanding between you and us in relation to its subject matter.

Amendment

We may, from time to time, change this Privacy Policy. When this happens, the new updated Privacy Policy will be displayed to you after you log in and you will be asked to accept or reject them. If you accept such Privacy Policy you will be granted access to Previse’s Applications and Services. If you reject such Privacy Policy you will no longer have access to Previse’s Applications and Services.

Term and termination

The Privacy Policy will commence on the Effective Date and will continue to apply to you until terminated by either you or us in accordance with the provisions of this Privacy Policy (the “Term”).

We may terminate the Privacy Policy in whole or in part and/or suspend your access to Previse’s Applications and Services with immediate effect, by giving written notice to you, if(i) you do not comply with the Privacy Policy, including, without limitation, in the event of your actual or suspected unauthorised use of Previse’s Applications and Services, (ii) you breach the terms of any other agreement you have with us or (iii) an Insolvency Event occurs in relation to you

We may terminate the Privacy Policy in whole or in part and/or suspend your access to Previse’s Applications and Services following the expiry of any agreement you have with us.

We may terminate this Privacy Policy in whole or in part with immediate effect by giving written notice if an Insolvency Event occurs in relation to you.

In the event that the Privacy Policy is terminated, or if we suspend your access to Previse’s Applications and Services, you agree that we will have no liability or responsibility to you and we will not refund any amounts that you have already paid, to the fullest extent permitted under applicable law.

Upon expiry of the Term or termination of this Privacy Policy in accordance with its terms:

the rights granted to you under this Privacy Policy will terminate and you will cease all use of Previse”’s Applications and Services either immediately;

nothing will affect any accrued rights or liabilities of either party at the date of the termination;

notwithstanding anything to the contrary in this Clause 6, any termination of this Privacy Policy by either party will not affect the rights of users under the applicable Data Protection Laws. You will continue to have the same rights and protections under the applicable Data Protection Laws, regardless of any changes or termination of this Privacy Policy;

nothing will affect the continuance in force of any provision of this Privacy Policy to the extent it is expressed or by implication intended to continue in force after termination. The following provisions will in any event survive expiry or termination: Clauses 1.3, 3.1 to 3.5, 4, 5, this Clause 6.6, Clauses 7 and 10; and

for the avoidance of doubt, nothing will affect your obligation to pay any charges due to be paid and any outstanding charges due but not yet paid will become immediately due and payable on expiry of the Privacy Policy or on the effective date of termination of the Privacy Policy, whichever occurs earlier.

Governing law and jurisdiction

The Privacy Policy and any non-contractual obligations arising out of or in connection with it are governed by English law. The courts of England have non-exclusive jurisdiction to settle any dispute arising out of or in connection with your use of Previse’s Applications and Services and/or the Privacy Policy (including a dispute relating to the existence, validity or termination of the Privacy Policy or any non-contractual obligation arising out of or in connection with the Privacy Policy) and the parties to this Privacy Policy agree that the courts of England are the most appropriate and convenient courts to settle disputes and accordingly no party will argue to the contrary.

Privacy Notice for California Residents

This “Privacy Notice for California Residents” section only applies to California residents. This notice describes how we collect, use and disclose your personal information (as defined in the CCPA), and your rights with respect to that personal information.

Information We Collect

Clauses 3.2 and 3.3 describe the personal information we may collect from you, including the categories of sources of that information. We collect the information for the purposes of described in Clause 3.1. We share this information as described in Clause 3.4. We will retain your personal information as set forth in Clause 3.5. For the purposes of this Clause 8, we may use the terms ‘personal information’ and ‘Personal Data’ interchangeably.

Your Rights

The CCPA provides California residents with specific rights to request information about Previse’s collection, use and disclosure of your personal information over the prior twelve (12) months, and ask that we provide you with the following information:

Access to Specific Information and Data Portability Rights

You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive and confirm your verifiable consumer request, we will disclose to you:

the categories of personal information we collected about you;

the categories of sources from which we collect personal information;

purpose for collecting, using or selling personal information;

the categories of third parties with whom we share that personal information; and

the specific pieces of personal information we collected about you (known as “data portability request”).

If applicable, categories of personal information sold about you and the categories of third parties to which the personal information was sold.

Deletion Request Rights

You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.

We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:

complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, fulfill the terms of a written warranty or product recall conducted in accordance with federal law, or otherwise perform our contract with you;

detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities;

debug products to identify and repair errors that impair existing intended functionality;

exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law;

comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. Seq.);

engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent;

enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; and

comply with a legal obligation.

Exercising Access, Data Portability, and Deletion Rights

To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us at: help@previ.se. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

The verifiable consumer request must:

provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include: First Name, Last Name, Email used to register with Previse, and Phone Number; and

describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. However, we do consider requests made through your password protected account sufficiently verified when the request relates to personal information associated with that specific account. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.

Sensitive personal information

We do not use or disclose sensitive personal information except for purposes for which you do not have a right to limit the use and disclosure of sensitive personal information under the CCPA. For example, we may use Sensitive personal information to provide you products or services you have requested. “Sensitive personal information” includes Social Security number, government-issued identification, bank account and routing numbers, credit and debit card information, voice identification and Photo IDs or Precise Geolocation (each capitalized terms have the meanings ascribed to them under the CCPA).

Privacy Notice for Residents of Certain Other U.S. States

This “Privacy Notice for Residents of Certain Other U.S. States” section applies to U.S. residents subject to the applicable U.S. Data Protection Laws, except the CCPA. Please refer to section 5 above to understand the categories of personal data that we process and disclose to third parties, the purposes for which we process personal data, and the categories of third parties that we disclose personal data. As residents in a State subject to the U.S. Data Protection Laws, you may be entitled to the same rights described in section 3.6 and section 8.2. However, these rights are not absolute, and we may decline your request as permitted by the applicable U.S. Data Protection Laws.

Definitions and interpretation

In this Privacy Policy:

Affiliates” means, with respect to any specified person or entity, any other person or entity that, directly or indirectly, controls, is under common control with or is controlled by such specified person or entity. The term “control” (including its correlative meanings “under common control with” and “controlled by”) as used in the preceding sentence means the possession, directly or indirectly, of the power to direct or cause the direction of the management or policies of a person or entity, whether through ownership of securities or partnership or other interests, by contract or otherwise;

Data Protection Legislation” means data protection and/or privacy laws, including, where applicable, U.S. Data Protection Laws and European Data Protection Laws;

European Data Protection Laws” means the GDPR and the Privacy and Electronic Communications Directive 2002/58/EC, as implemented into and supplemented by domestic legislation of each EU Member State and in the UK (such as by the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 in the UK) and as amended, replaced or superseded from time to time;

GDPR” means the EU General Data Protection Regulation 2016/679;

Indemnified Parties” has the meaning described in Clause 4.1.3;

Insolvency Event” means in relation to a party:

a receiver is appointed for a party or its property;

a party makes a general assignment for the benefit of its creditors;

a party commences, or has commenced against it, proceedings under any bankruptcy, insolvency or debtor’s relief law, if such proceedings are not dismissed within 60 days;

a party is liquidating, dissolving, or ceasing to do business in the ordinary course; or

any similar event occurs in any relevant jurisdiction;

Liabilities” means any sum (present, contingent or future) payable by you to us including, without limitation, any damages, claims, losses, costs and expenses (including legal expenses on a full indemnity basis);

Personal Data” means Portal Personal Data and User Personal Data;

Portal” means an application, website or tool through which Previse provides its product and services or other applications and services;

Portal Personal Data” means any personal data collected, derived or otherwise obtained by us or a Subprocessor (in each case, either directly or from any relevant Service Provider) relating to data subjects that are not users of Previse’s Applications and Services that are identified in invoices, lists of customer and/or supplier contacts and/or other information uploaded onto Previse’s Applications and Services or otherwise provided to or made available by you to us which we use for the purposes described in Clause 3.1.2;

Previse Group” means us and each of our Affiliates;

Previse’s Applications and Services” means the portals and tools associated with opening, running and managing your InstantPay, InstantAdvance or other account as well as other third party tools provided by Previse at https://instantpay.co, https://instantview.co, https://instantadvance.co, https://previ.se, https://previse.co, https://previsedigital.com and any sub-domains or other domain through which Previse provides such service or other applications, services and tools (including application forms for our products);

Privacy Policy” has the meaning described in Clause 1.1 above;

Service Provider” means any person or entity (but excluding any of our employees or any employee of our subcontractors or Subprocessors) engaged by us (or by any of our Affiliates) to provide services, including, without limitation, application programming interface functionality, services for identity verification, customer on-boarding, anti-money-laundering checks, risk management, credit checks, financial and data analysis, legal compliance and business continuity, in connection with any of Previse’s Applications and Services.

Subprocessor” means any person (including any third party but excluding any of our employees or any employee of our subcontractors) appointed by or on behalf of us to Process Personal Data in connection with this Privacy Policy;

User Personal Data” means any personal data collected, derived or otherwise obtained by us or a Subprocessor (in each case, either directly or from any relevant Service Provider) about you and about your other users of Previse’s Applications and Services which we use for the purposes described in Clauses 3.1.1, 3.2 and 3.3; and

U.S. Data Protection Laws” means the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA“), the Virginia Consumer Data Protection Act (“VCDPA“), the Colorado Privacy Act (“CPA“), the Connecticut Data Privacy Act (“CTDPA“), and the Utah Consumer Privacy Act (“UCPA“) but excluding, without limitation, consent decrees.

The terms, “Commission“, “controller“, “data subject“, “Member State“, “personal data“, “personal data breach“, “processor“, “processing” and “supervisory authority” will have the same meaning as in the GDPR (even if the GDPR does not apply to the applicable data) as implemented and/or supplemented by domestic data protection laws (such as by the Data Protection Act 2018 in the UK), and their cognate terms will be construed accordingly.

Unless a contrary indication appears, any reference to:

the “Privacy Policy” or other agreement is a reference to the Privacy Policy or that agreement as amended, novated, restated, supplemented, extended or replaced;

the singular will include the plural and vice versa;

a “Clause” is a reference to a Clause to these terms and conditions;

the word “including” (and its derivations) must be construed as being for illustration or emphasis only and not as limiting the generality of any preceding words;

the word “other” must not be construed as being limited by the context in which it appears or the words that precede it where a wider construction is possible;

any “person” includes any assignee, transferee, successor-in-title, delegate or appointee of that person (but, in the case of you or us, only permitted assignees or transferees). It also includes any individual, company or other body corporate, any state or state agency or any unincorporated body, association, trust, joint venture, consortium or partnership whether or not having separate legal personality);

regulation” includes any regulation, rule, official directive, request or guideline (whether or not having the force of law) of any governmental, intergovernmental or supranational body, agency, department or of any regulatory, self-regulatory or other authority or organisation;

a provision of law is a reference to that provision as amended or re-enacted;

a time of day is a reference to local time in London, United Kingdom; and

clause headings are for ease of reference only.