our terms and conditions

Terms and Conditions

personal data

Regulation: Company has a list types of personal information it holds, the source of that information, with whom it is shared, and how long it will be kept.

The list of all types of personal information WINC Ltd holds includes:

  • Employee personal data
  • Business associates personal data
  • Users/customers of our online services personal data; including but not limited to WINC Ltd (https://winc.global)
  • The source of that information comes from users opting for our services on our websites or handwritten forms.

We share this information with third-party services in every day running of the business including but not limited to:

  • Xero (accounting and payroll software)
  • Trello (project management software)
  • Amazon (web and server hosting services)
  • Optin Monster (affiliate marketing software)
  • Paypal (payment gateway and billing software)
  • Google (data processing, marketing, analytics and statistics)
  • Atlassian (chat and development tools)
  • MailChimp (newsletter campaigns and transactional emails)
  • CRM (newsletter campaigns and transactional emails)

Regulation: Company has a list of places where it keeps personal information and the ways data flows between them.

Personal data is kept online in third-party software as described above, on a NAS server and on employee computers and laptops. All computers are secured with up to date virus protection (McAfee Secure) and have passwords to login. We use a secure business software programs including FaceBook Workplace, Trello and Skype for data flow. The data flow may also be managed online by users and employees using our services.

Regulation: Company has a publicly accessible privacy policy that outlines all processes related to personal data.

We have a Privacy Policy.

Regulation: Privacy policy should include a lawful basis to explain why the company needs to process personal information.

Please see: Information Collection And Use in our Privacy Policy.

excerpt

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you and/or your users. Personally, identifiable information may include but is not limited to, email addresses, names, phone numbers, addresses, other information (“Personal Information”). The purpose for which we collect personal information is to provide you with the best service experience possible on the Service and for our internal business purposes that form part of normal business practices. Some provision of personal information is optional. However, if you do not provide us with certain types of personal information, you may be unable to enjoy the full functionality of the Service.

accountability & management

Regulation: Company has appointed a Data Protection Officer (DPO).

Our DPO is provided at the bottom of this document.

Regulation: Create awareness among decision makers about GDPR guidelines.

A meeting took place on the 15th May 2018 with all decision makers in attendance and we thoroughly and thoughtfully discussed the GDPR guidelines and what was required for compliance with our Software Development Team. Those actions are currently taking place and should be implemented by the 25th May 2018.

Regulation: Make sure your technical security is up to date.

Please see our Security & Data Policy.

Regulation: Train staff to be aware of data protection.

Staff have been informed and provided with information about the GDPR and we have discussed their part in our user’s, business associates and other employee’s privacy.

Regulation: Have a list of sub-processors and your privacy policy mentions your use of this sub-processor.

Please contact us for a list of our Private Contractors if you are a user or employee of any of WINC Ltd’s services and we will provide them to you confidentially. We only use legitimate, well-known third-party data processors with their own privacy policies. We ensure that contracts are in place before utilizing any sub-contractors.

new rights

Regulation: Customers can request access to their personal information.

Customers can request to access their personal information held on our online software by submitting a support ticket through our website or software.

Regulation: Customers can update their own personal information to keep it accurate

Customers can easily update their own personal information in the software by logging into their account and updating their profiles.

Regulation: Automatically delete data that the business no longer has any use for.

When customer information is no longer required for legal or accounting purposes, we delete the data from our software and employee computers. Unless a customer or employee has specifically requested that the information is deleted, the usual time frame for information kept is 7 years from the date that customer or employee left our service.

Regulation: Customers can request deletion of their personal data.

Customers can request deletion of their personal data at any time, by submitting a support ticket through our website or software.

Regulation: Customers can request that processing their data is stopped.

Customers can cancel accounts from within their profile while logged into software or submit a support ticket through our website or software to request that we stop processing their data at any time.

Regulation: Customers can request that their data be delivered to themselves or a 3rd party.

Customers can contact support through our website or software and request a copy of all of their held private data in a machine-readable format.

Regulation: Customers can object to profiling or automated decision making that could impact them.

Customers can object to profiling or automated decision making by submitting a support ticket through our website or software.

consent

Regulation: Ask consent when you start processing a person’s information.

We ask for users consent before processing their information. This includes checkboxes on registration pages with information about our privacy policy.

Regulation: Privacy policy is to be written in clear and understandable terms.

We believe our privacy policy is easy to read and understand.

Regulation: It should be as easy for your customers to withdraw consent as it was to give it in the first place.

Users can withdraw consent by cancelling their account and requesting that their data be deleted through a support ticket on our website or software.

Regulation: If you process children’s personal data, verify their age and ask consent from their legal guardian.

We do not process children’s personal data.

Regulation: When updating the privacy policy, inform existing customers.

When we make changes to our privacy policy, we send an email to all affected users.

follow-up

Regulation: Regularly review policies for changes, effectiveness, changes in the handling of data and changes to the state of affairs of other countries your data flows to.

We will ensure that we stay up to date with the applicable laws and policy changes of any company that our data flows to.

special cases

Regulation: The business understands when you must conduct a DPIA for high-risk processing of sensitive data.

We have conducted and will continue to conduct Data Protection Impact Assessments during our planning phase regardless if required when designing or redesigning our software. We will be proactive in our approach to data privacy.

Regulation: Only transfer data outside of the EU to countries that offer an appropriate level of protection.

We only transfer data outside of the EU to countries that offer an appropriate level of protection such as Australia and the United States.

This GDPR Notice (hereinafter referred to as ‘GDPR Notice’) is intended to regulate rights and obligations under the General Data Protection Regulation as of 14 April 2016. This GDPR Notice describes the use of personal data by the data processor on behalf of its treatment officers, including collection, registration, assembly, storage, extradition or combinations of these.

By registering in the WINC Ltd system/application you as a user enters into the user agreement with WINC Ltd (the Company) who are responsible for the personal data provided by you and collected according to the purposes stated herein. All personal data we collect is solely for the purpose of providing the service to you or required to legally run our business. We safely and securely host all data on Amazon US Servers. We use authorized SSL certificates that allow our clients to send and receive data in an encrypted format (HTTPS protocol). This is leading industry practice to prevent MITM attacks and attackers from capturing unencrypted traffic data (like passwords, usernames, or other confidential information).

No critical payment information is stored on our system, such as credit card numbers. All sensitive data is handled directly by our industry-leading payment providers, PayPal. Connections to our servers are regulated. Although all clients are allowed to upload files to our server, our server configuration prevents the uploading and execution of backdoors or malicious programs.

Our software was built with a focus on security, as such, we are protected from common attacks such as XSS, CSRF and SQL injections. Although we follow industry best practices in regards to secure software development and deployment and backing up data, it is important to note that no system is 100% infallible and we cannot be held liable if confidential information is breached or loss of data occurs.

If your WINC Ltd account is cancelled, we continue to securely keep your data. This is purposefully done for the benefit of our users, in particular for cases where missed payments cause cancellations to occur automatically and users want to reinstate the account by making payment or users choose to re-sign up for the account at a later stage. Should you wish for your account data to be permanently deleted from our service, please email info@winc.global and we will delete all account data we hold. Some private data may also be transferred to third-party software that we use to run our business like our accounting software, Xero, and our Affiliate Marketing software, CRM. We only choose to use reputable third-party software providers that have their own clear privacy policies and security/data policies. A full list of software providers we use is provided below.

We may be legally required to keep some of your private data, for example, your company name, address and company business registration ID, for tax purposes. We also keep a record of all correspondence for legal requirements which may include email addresses, names and other personal data that you have submitted to us during your use of our software or when contacting us through our website. In these cases, it’s not unreasonable that we do not delete the private data held. It should be noted that it is the sole responsibility of the user to login and keep their user data up to date. We provide the appropriate tools for users to do so.

contact details of the controller

Name of the controller: WINC Ltd
Name of the controller representative and Data Protection Officer (DPO): Karl Wood
Address of the controller: 167 – 169 Great Portland Street | 5ft Floor | London | W1W 5PF 
Email of the controller: karl@winchr.uk
Phone of the controller: +44 7599 848 489

the purposes of the processing of the personal data

The data provided by the user during registration and as a user of our service is subject to collection, processing, and storage with the purpose to provide the user with the list of services conducted by WINC Ltd, such as:

  • Developing and improving our products and services
  • Administration and billing services
  • System correspondence: eg payment reminders, updates and changes
  • Other correspondence such as support tickets, emails and newsletters
  • Running the day to day operations of the Company
  • Personal Data Recipients or Categories of Recipients

With the aim of providing services stated above the Company may disclose the personal data collected from the user to such recipients as:

  • Google
  • PayPal
  • Amazon Web Services AWS
  • Xero
  • CRM
  • Atlassian
  • MailChimp
  • Optin Monster
  • Trello
  • Personal Data Transfer to the Third Parties

use of subcontractor

If the data processor makes use of a subcontractor or other person who is not normally employed by the data processor, this should be agreed upon in writing with the processing officer before processing personal data.

private contractors

Anyone who, on behalf of the data processor, performs assignments, where the use of the relevant personal information is included, shall be familiar with the contractor’s contractual and statutory obligations and fulfil the terms thereof.

user rights

According to the Privacy Policy, the user has the following rights related to the personal data collection and processing:

  • right to request a rectification or erasure of personal data
  • right to restrict personal data processing
  • right to object such personal data processing
  • right to lodge a complaint with a supervisory authority
  • right to withdraw a given consent
  • right to request a personal data under processing in a structured format
  • right to request to send the data under processing to the third party

personal data storage period

The criteria that are used to determine a period of data storage. For example, as long as the person is a member/subscriber/contact of the Company or unless he or she required to stop data processing.

user’s consent

Having read the conditions mentioned above the user agrees to the following if they wish to use our application. I agree that my personal data captured during registration and use of the application will be used by WINC Ltd for the following purposes:

  • To create a user account in the system
  • To provide me with a possibility of creating, managing and deploying electronic email signatures for myself and for users and I have the authority to provide such information on their behalf
  • To issue and pay my invoices
  • To send me the reminders on important events, newsletters, emails with opt-out links included
  • To run the day to day operations of WINC Ltd

Jurisdiction

The laws of England and Wales govern these Terms and Conditions.

Any dispute relating to these Terms and Conditions shall fall within that jurisdiction.

Indemnity in relation to documents, templates and forms (known as documents or products) purchased by clients

The client does hereby expressly agree to indemnify and hold harmless WINC Ltd, and its officials, in case of any legal actions arising from their actions or inactions while providing the client’s documents.

The client hereby waives any and all claims which, but for this waiver, it may have, or which it may hereafter acquire, against WINC Ltd, its MD, and its principals, officers, employees and contractors arising or resulting at any time or place from anything done or omitted to be done by them in connection with this paid or freely provided documents.

WINC Ltd is not a law firm, and the documents sold on this website do not constitute legal or any other type of advice.
WINC Ltd makes reasonable efforts to ensure the information in documents sold from this website is accurate and current.

However, WINC Ltd reserves the right to modify, add, replace or remove any form, document, template or other item without prior notice.

The information, forms and document templates provided are intended for general guidance only and are offered in good faith.

WINC Ltd provides information on its website, including document templates and other documents, without any explicit or implicit representation, warranty, term, or condition.

If you have any questions about using our forms or information, you must seek independent legal advice.

Refunds

WINC Ltd values customer satisfaction. To ensure that we provide the highest level of service, refunds will be given at the discretion of our management. However, it is unlikely that once one or more documents are downloaded, any refund would be possible. Refunds are reviewed on a case-by-case basis, and our management decision in each case will be final.

Fees, Payment and Purchases

Stripe handles all transactions processed through this website and includes UK VAT. No payment details are collected or processed by WINC Ltd. We do not accept responsibility for any problems you may have paying through Stripe.

Upon the successful completion of payment, the fee period of one year shall commence. The client shall have access to the documents purchased during the fee period. The subscription will automatically re-charge after one year unless it is cancelled from within the client’s online account before renewal.

Liability related to products sold

We will use reasonable endeavours to promptly correct any defect in any product item where we are made aware of such defect.

We will not be liable for any loss of any kind, including lost profits or other consequential losses arising from your use or inability to use the product or from errors or deficiencies in any product.

You should ensure that any product (or part thereof) acquired from WINC Ltd is appropriate and complete in all respects for its intended purpose. We give no representation or warranty that such material will be fit for its intended purpose, useful to you or of satisfactory quality.

Document templates and other items are only made available by us to you as a starting point for you to prepare documents for your purposes. Before you use any item selected, you should edit and customise it as necessary to ensure that it is appropriate and complete to meet your requirements and circumstances or arrange for a suitable person to do so for you.

We are not a legal practice, and our product is not intended to replace legal or other professional advice.

Neither we nor our employees or consultants prepare any document for you or provide you with any legal advice. If you need help to prepare any document, or if you need advice on the suitability of any item for any purposes or any changes that you do or might need to make to any product item, you should consult a suitably qualified legal or other professional adviser.

You acknowledge that any product (or part thereof) purchased may, in the future, need to be amended in response to changes in the law or commercial practice. We are not responsible for advising you of any such changes or amendments.

No liability shall attach to WINC Ltd, our directors or officers, our employees, or retained consultants for loss or damage of any nature suffered as a result of the use of any of the products or for any errors or omissions in the contents of any document templates, information or other items.