For visitors to Legado’s websites

Home Policies Privacy Policy For visitors to Legado’s websites

When you visit our website or become a registered end-user of Legado’s Platform, we will collect certain personal information about you in order to provide you with relevant information or services, or to fulfil our legal obligations. Below you can read more about what information we collect and how.

How do we collect personal information about you?

When visiting joinlegado.com and any associated websites owned by Legado Technologies Ltd, there are several points of interaction through which we will collect certain personal information about you. These include, but are not limited to, when you engage with:

  • Our request to obtain more information about Legado contact form
  • All contact forms through which you opt to send feedback about our products or services
  • All automated technologies or interactions when visiting our website, such as chatbots or chatrooms

All personal information about you is provided by you voluntarily; with your consent, or as a result of your choice to interact with our website.

You can request to exercise your data rights at any time. For more information about your data rights, please refer to our main privacy policy or to the impartial Information Commissioner’s Office.

What kind of personal information do we collect?

Usage data

We may process data about your use of our website and services (“usage data“). Usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. The legal basis for this processing is our legitimate interests, namely monitoring and improving our website and services. You cannot be identified from this information and it is only used to assist us in providing an effective service.

Account data

We may process your account data (“account data“). The account data may include your name and email address. The source of the account data is you. The account data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business, as well as the performance of any contract between you and us and/or taking steps, at your request, to enter into such a contract.

Service data

We may process your certain personal information provided by you in the course of the use of our services (“service data“). Service data may include name, address and email address. Service data may be processed for the purposes of operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business OR the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

Enquiry data

We may process information contained in any enquiry you submit to us regarding products and/or services (“enquiry data“). The enquiry data may be processed for the purposes of offering, marketing and selling relevant products and/or services to you. The legal basis for this processing is consent.

Transaction data

We may process information relating to transactions, including purchases of subscription fees and credits, that you enter into with us and/or through our website (“transaction data“). The transaction data may include your contact details, your payment card details and the transaction details. Transaction data may be processed for the purpose of supplying purchased goods or services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.

Notification data

We may process information that you provide to us for the purpose of subscribing to our email notifications (“notification data“). The notification data may be processed for the purposes of sending you the relevant notifications. The legal basis for this processing is  consent.

Correspondence data

We may process information contained in or relating to any communication that you send to us (“correspondence data“). The correspondence data may include the communication content and metadata associated with the communication. Our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.

Other circumstances

We may process any of your personal information identified in the other provisions of this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

In addition to the specific purposes for which we may process your personal information set out in this section, we may also process any of your personal information where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. Please do not supply any other person’s personal information to us, unless we request that you do so.

Who has access to your personal information?

We may disclose your personal information to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.
In addition to these specific disclosures of personal information, we may also disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We will never sell your information to third parties for marketing purposes.

Please note that, operationally, Legado has no internal access to client data due to mandatory encryption of files resting on our servers which may only ever be visible following authorisation by our clients (the Corporate Partner). If access to personal information is authorised it is tightly restricted to specific personnel who are under a duty to maintain the confidentiality and security of such information.

How long is your information kept for?

Who has access to your personal information?

We may disclose your personal information to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

In addition to these specific disclosures of personal information, we may also disclose your personal information where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We will never sell your information to third parties for marketing purposes.

How long is your information kept for?

This section sets out our data retention policies and procedures, which help to ensure that we comply with our legal obligations in relation to the retention and deletion of personal information. Any personal information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain and delete your personal information as follows:

  • All personal information will be retained for a maximum of seven years following the date it was submitted, at the end of which period it will be deleted from our systems, unless requested by users.
  • Notwithstanding the other provisions of this section, we may retain your personal information where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

Third party websites

Our website includes hyperlinks to, and details of, third party websites. This privacy policy only governs our websites and we are not responsible for the privacy policies that govern third party websites even where we have provided links to them. If you use any link on our website we recommend you read the privacy policy of the website in question before sharing any personal or financial data.

Social media

We operate a number of social media pages including LinkedIn, Twitter and Instagram. Although this policy covers how we will use any data collected from those pages it does not cover how the providers of social media websites will use your information. Please ensure you read the privacy policy of the social media website before sharing data and make use of the privacy settings and reporting mechanisms to control how your data is used.

How are you keeping my personal information secure?

We are an award-winning tech for good company selling software as a service and you can learn more about our team and our values on our website. Privacy is one of our core business values and we take protecting your data very seriously, so if you have any concerns about how we use your data, do not hesitate to contact us at the details below.

Handling your personal information with respect and transparency is an essential part of upholding your data privacy. At Legado, we therefore work to exceed the minimum requirements set by the UK government’s cyber security accreditation scheme Cyber Essentials Plus; we are voluntarily certified by Alcumus ISOQAR to the ISO/IEC 27001:2013 standard and we are a member of Cisp, the National Cyber Security Centre cyber threat-sharing platform, which provides ongoing analysis, reporting and monitoring of online activity at national level.

When you provide us with personally identifying information, we take steps to ensure that appropriate cybersecurity and organisational controls are in place to protect it. These include:

Data encryption

We encrypt data using industry standard algorithms throughout all verification steps. This means that any data input to our systems for verification is securely sent and received. Data is also encrypted at rest when on our servers.

Access controls

Access to user data is tightly restricted to only the authorised requesting firm with enforced password standards, activity reporting and account throttling. All passwords are hashed using SHA-512 with over 10,000 rounds, and a 32-byte salt of random data.

Please note that you are responsible for keeping any password which enables you to access Amiqus confidential and we recommend that you use the added security of two-factor authentication when accessing any Amiqus account.

As mentioned above, operationally, Amiqus have no internal access to client data due to mandatory encryption of files resting on our servers which may only ever be visible following authorisation by our clients. If access to personal information is authorised it is tightly restricted to specific personnel who are under a duty to maintain the confidentiality and security of such information.

Will I be sent information that I did not ask for?

We may send you an unprompted email to:

  • Keep you informed about any services relevant to the content or our website
  • Keep you informed of relevant changes to the service
  • Inform you of planned outages and operational changes to the website

If you do not wish to receive such communications, you may unsubscribe to our emails using the link provided in the footer of the email, or you can contact us requesting that you be omitted from future communications using the contact details below, at any time.

If you have any questions regarding service-related communication please contact us at:

helpdesk@joinlegado.com