Leap Privacy Policy

Last Updated: 15 October 2024

This Privacy Policy describes the current policies and practices of Anything is Possible Media Ltd (aip) with regard to Personal Data collected through the use of our software platform Leap. The term “Personal Data” refers to personally identifiable information about you, such as your name, email address, job title, or other contact details provided when using our platform.

By submitting data to us and/or using our platform, you give your consent that all personal data you submit may be processed by us for the purposes described in this Privacy Policy.

1. Lawful Basis for Processing

We process your personal data based on the following lawful grounds under the UK GDPR:

  • 1.1. Contractual necessity: To provide you with access to the platform and fulfil our obligations under the contract. For example, processing your information to allow you to use the platform’s features.
  • 1.2. Legitimate interests: To improve and personalise the platform, ensure security, and for internal analytics. We rely on legitimate interests to monitor usage and improve the product.
  • 1.3. Consent: For sending marketing communications or newsletters where you have explicitly opted in. You can withdraw consent at any time.

2. Data Subject Rights

Under the UK GDPR, you have several rights in relation to your Personal Data. These include:

  • 2.1. Right to Access: You can request information about the Personal Data we hold about you, including what data we have, how it is being used, and why.
  • 2.2. Right to Rectification: If any of the Personal Data we hold about you is inaccurate, you have the right to request corrections.
  • 2.3. Right to Erasure: You may request that we delete your Personal Data if it is no longer necessary for the purposes for which it was collected, or if you withdraw consent (where applicable).
  • 2.4. Right to Restrict Processing: You have the right to ask us to limit the processing of your Personal Data in certain circumstances, such as when the accuracy of the data is contested.
  • 2.5. Right to Data Portability: You can request a copy of the Personal Data you have provided to us in a commonly used, machine-readable format to transfer it to another service provider.
  • 2.6. Right to Object: You can object to the processing of your Personal Data, including for marketing purposes or based on our legitimate interests.
  • 2.7. Right not to be subject to automated decision-making: You have the right to not be subject to decisions based solely on automated processing that significantly affects you, including profiling.

To exercise any of these rights, please contact us at [email protected]. We will respond within one month of receiving your request.

3. Collection of Personal Data

We collect and store Personal Data that you provide when using our platform, including:

  • 3.1. Contact details (such as name, email, job title, and telephone number) submitted when creating an account
  • 3.2. Information related to your activity on the platform, such as uploaded briefs, interactions with features, and tracking data
  • 3.3. Any other data required for the use of the platform as specified by your agency or organisation

We do not collect personal data from individuals under the age of 16, and our platform is not intended for use by children.

4. Use of Personal Data

The purposes for which we process Personal Data include:

  • 4.1. Service provision: Enabling you to access and use the platform for briefing and tracking marketing campaigns.
  • 4.2. Platform improvements: Monitoring and analysing platform usage to improve performance, functionality, and user experience.
  • 4.3. Communications: Contacting you in relation to your account, including updates, security notifications, and support requests.
  • 4.4. Compliance: Ensuring compliance with legal requirements, regulatory obligations, or contractual commitments.

5. Data Tracking and Analytics

We collect and track usage data, including Personal Data, to understand product use and enhance its features. This data may include:

  • 5.1. Pages or features accessed within the platform
  • 5.2. Time spent on the platform
  • 5.3. IP addresses, device information, and browser information

This tracking helps us identify areas for improvement, optimise platform performance, and ensure security. All Personal Data collected for these purposes is processed in compliance with the UK GDPR.

6. Data Retention

We retain Personal Data for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The specific retention periods may vary depending on the type of data:

  • 6.1. Account-related information: Retained for the duration of your account usage and up to six months after account closure to meet legal or contractual obligations.
  • 6.2. Usage data: Retained for [specify time period] for analytics and product improvement purposes.
  • 6.3. Marketing data: Retained until you opt out or withdraw consent.

7. International Data Transfers

If any Personal Data is transferred outside the UK or EEA, we will ensure that appropriate safeguards are in place to protect your data, such as:

  • 7.1. Standard Contractual Clauses (SCCs): Contracts that ensure your data receives an equivalent level of protection as required under UK/EEA law.
  • 7.2. Adequacy decisions: Where data is transferred to countries deemed by the UK Government or European Commission to offer an adequate level of data protection.

8. Data Sharing and Disclosure

We do not sell or distribute your Personal Data to unrelated third parties, except under the following circumstances:

  • 8.1. Service providers: Personal Data may be transferred to third-party service providers acting on our behalf (e.g., hosting services, analytics providers) for further processing in accordance with the purposes for which the data was originally collected.
  • 8.2. Legal obligations: We may disclose your data to comply with legal requirements, to protect your vital interests, or to ensure the security of the platform.
  • 8.3. Business transfers: In the event of a business sale, merger, or reorganisation, your Personal Data may be transferred as part of the transaction.

9. Data Breach Procedures

In the event of a data breach that may pose a risk to your rights and freedoms, we will notify you and the relevant supervisory authority (the ICO in the UK) within 72 hours, in line with GDPR requirements.

10. Data Integrity and Security

We are committed to maintaining the accuracy and security of your Personal Data. We use appropriate technical and organisational measures to protect your data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. We retain your Personal Data only for as long as necessary to fulfil the purposes for which it was collected or as required by law.

11. Data Protection Officer (DPO)

If you have any questions or concerns about how your data is processed, or if you wish to exercise any of your rights, please contact our Data Protection Officer (DPO) at [email protected].

12. Supervisory Authority

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe that your data protection rights have been violated.

ICO Contact Information:
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time in line with legal or operational changes. Any significant updates will be communicated to you via the platform, and continued use of the platform constitutes acceptance of the updated policy.

14. Contact Information

If you have any questions or concerns regarding this Privacy Policy, or if you wish to exercise your data rights, please contact us at [email protected].