Skip to Main Content

Appointedd's annual data report 2024 now live   Download now

Privacy Policy

Saloca Ltd – Privacy Policy

How we protect your privacy

At Saloca Ltd (trading as Appointedd) we pride ourselves on our commitment to protecting your privacy. We want you to know how we will collect, use and disclose the personal data you provide to us. We respect the privacy of everyone who visits this website (www.appointedd.com) (“this website” or “our site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law. Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is deemed to occur upon your first use of our site and you will be required to read and accept this Privacy Policy when you sign up for our products and/or services. If you do not accept and agree with this Privacy Policy, you must stop using our site immediately.

This website is not intended for children under the age of 16 and we do not knowingly collect data relating to children.

About us:

This website is owned and operated by Saloca Ltd., a company registered in Scotland with Company Registration Number SC392223 and having its registered address at Suite 2, Ground Floor Orchard Brae House, 30 Queensferry Road, Edinburgh, United Kingdom, EH4 2HS (the “Company”).

Our Data Protection Officer is DataCo International UK Limited.

If you have any questions about our cookies or this cookies policy, please contact us by:

(a) email to privacy@appointedd.com.

(b) post to Saloca Ltd., Appointedd Suite 2, Ground Floor Orchard Brae House, 30 Queensferry Road, Edinburgh, United Kingdom, EH4 2HS

Headings

Headings are included in this Policy for convenience only and shall not affect the construction or interpretation of this Policy.

What does this policy cover?

This Privacy Policy applies only to your use of our Site and our related product. Our site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

What is personal data

Personal data is defined in the UK GDPR and the EU GDPR (later referred to as the “GDPR”, unless specified) as “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier”.  The California Consumer Privacy Act (CCPA) also known as AAB-375, defines “Personal information” as “information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household”.  When referring to Personal data in this policy we are referencing both definitions.

Personal data is, in simpler terms, any information that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

What are your rights?

Under the GDPR, you have the following rights, which we will always work to uphold:

  • The right to be informed about our collection and use of your personal data. This Privacy Policy (and our accompanying Data Protection Policy) should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using privacy@appointedd.com.
  • The right to access the personal data we hold about you. Please see the section entitled “How Can You Access Your Personal Data” below.
  • The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details provided in the About Us section above.
  • The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details provided in the About Us section above to find out more.
  • The right to restrict (i.e. prevent) the processing of your personal data.
  • The right to object to our using of your personal data for a particular purpose or purposes.
  • The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.

Rights relating to automated decision-making and profiling.

Under CCPA, you have the following rights, which we will uphold:

  • The right to opt out.  Please note Appointedd does not sell any personal information to third parties.
  • The right to notice.  Please see the “Cookies” section of this policy, and note you will have been informed of our use of cookies upon your first visit to our website.  You will have been informed of our Privacy Policy ahead of signing up for our software.
  • The right disclosure.  Please see the sections entitled “How Can You Access Your Personal Data” and “Data Portability”.
  • The right to deletion.  Please see the section entitled “Data Portability”.
  • The right to equal services and prices.  Please see the section entitled  “Using Your Data”. We will not discriminate against consumers for exercising their rights under the CCPA.

In addition to the specific sections highlighted above information about how we comply with CCPA is detailed throughout the Privacy Policy.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in the About Us section above by emailing privacy@appointedd.com.

Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

Collecting your data

As noted above, personal data is any data that can be used to identify you as an individual. Depending upon your use of our site, the Company may collect some or all of the following personal and non-personal data.

  • Name;
  • Address;
  • Email address;
  • Telephone number;
  • Company name;
  • Website;
  • IP Address;

This information may be gathered by us in connection with the following:

  • A product or service purchase.
  • A booking placed via our booking tools.
  • Registration of a purchased product or service.
  • A request for information.
  • A request for any trial products or services that the Company may offer.

For the purposes of CCPA the information we collect falls into the following enumerated categories; (a) identifiers, (b) customer records information, (c) commercial information, (d) internet or other electronic network activity information and (e) geolocation data.  Categories (a) and (b) are sourced from an individual submitting the information.  Categories (c),(d) and (e) are sourced from business observation and recording the information.   The purpose for collecting this information is as described above.

The Company shall endeavour at all times to comply with GDPR, CCPA and all applicable data protection & privacy legislation. The Company will only process personal data in accordance with the applicable rules and this privacy policy. All personal data you submit will be controlled and stored securely by the Company.

If you require further information on your rights under the Data Protection Act please contact the Information Commissioner. Further details can be found by visiting https://ico.org.uk.

Using your data

Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you or because you have consented to our use of your personal data.

It is the Company’s policy that you should know exactly what personal data we collect from you and how we will use it. We operate in accordance with the Saloca Ltd Data Protection Policy. We collect personal data from you for the purpose of processing your order or enquiry. We may use your personal data to supply products and services to you that you have requested, carry out any agreement with you or take any steps that you have requested. In particular, we may:

  • Update you as to the status of your order or booking;
  • Alert you to important product revisions or updates;
  • Inform you about upgrades to your purchases, bookings or Company offerings;
  • Facilitate your transactions with third parties providing goods and services though our site;
  • Ensure that you are properly registered to receive technical support.
  • Personalise and tailor our services to you.
  • Communicate with you, which may include email or phone calls.
  • Analyse your use of our site and gather feedback to enable us to continually improve our site and your user experience.

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and text message with information, news, and offers on our services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out and you will not be discriminated against if you choose to do so.

Where you have given us appropriate permission or where we are permitted  by law, we may use your personal data for the following purposes and direct marketing (‘Additional Purposes’):

  • To tell you about special discounts on additional Company products and services;
  • To tell you about new Company products and services;
  • To tell you about new products from other carefully screened companies that the Company feels may be of interest to you (we carefully screen and then select such companies only when we are satisfied that their products and/or services are likely to be of interest to you).

In the event that you wish to be removed from this process you can opt out from the footer of all marketing emails or please contact our team on privacy@appointedd.com .

Aggregate data is general data about groups of customers and does not identify individual customers. The Company may combine your data with that of other individuals to create aggregate data that we will use to improve our products & services and develop new ones. For example, we may tell a third party how many people purchased a certain product, but not that you personally purchased a specific item.

You should also be aware that we may occasionally provide links from our website to other sites that we think will interest you. If you click on a banner advertisement or any other link, the ‘click’ will take you off the Company site. Once you leave the Company website, any information that you may have provided remains with us and is not forwarded to the next site to which you have linked. Personal data that you may choose to provide to a third party website linked to from the Company website will be subject to the privacy policy of the operators of the third party website. The Company is not responsible for the use or protection of personal data you disclose to a third party website operator, even if reached from the Company website.

How long will we keep your data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Cookies

The Company uses a variety of Web technologies on our websites. Among these are cookies, which are pieces of information that our websites provide to your browser. Cookies allow us to track overall site usage and determine areas users prefer. Cookies also allow us to customise your visit to our websites by recognising you when you return. Cookies cannot be used to see any other data on your computer, nor can they determine your e-mail address or identity. Full details of how we use cookies can be found in our Cookie Policy.

Disclosing and sharing your data

The Company may also transfer personal data to the Company-affiliated companies in other countries. These may be outside the European Economic Area (“EEA”). By supplying personal data to the Company, you consent to any such transfer.

Many of our external third parties are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is adhered to by ensuring at least one of the following safeguards is implemented:

We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
Where we use certain service providers. We may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.

For the purposes of CCPA a list of categories of personal information disclosed to our external third parties in the last twelve months is included below.  This information was disclosed to perform services on behalf of the business, i.e. to provide you with online booking services.  Categories disclosed include: (a) identifiers, (b) customer records information, (c) commercial information and (d) internet or other electronic network activity information.

Please contact us at privacy@appointedd.com if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

It is the Company’s policy that you are kept in control of the ways in which we use your personal data for the Additional Purposes. All Company communications, in whatever medium, that involve the recording of personal data for these Additional Purposes include a short section that allows you to indicate your preferences with respect to the use of that personal data. You can choose whether or not you wish to receive additional information or promotional offers from the Company.

Security of your data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

How can you access your personal data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”

All subject access requests should be made in writing and sent to privacy@appointedd.com.

We will respond to your subject access request within one month of receiving it, unless otherwise specified by law. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months (90 days) from the date we receive your request. You will be kept fully informed of our progress.  Under the CCPA a consumer can make this request twice in a 12 month period.

How can you contact us?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

Email address: privacy@appointedd.com
Telephone number: +44 (0) 131 6779777
Address: Saloca Ltd., Appointedd Suite 2, Ground Floor Orchard Brae House, 30 Queensferry Road, Edinburgh, United Kingdom, EH4 2HS

EU – Ireland Representative

The Company has appointed and authorised Instant EU GDPR Representative Ltd. to represent us in the EU.

EU GDPR Representative Ltd.
Name: Adam Brogden
Email: contact@gdprlocal.com
Tel: +353 015 549 700
Address: INSTANT EU GDPR REPRESENTATIVE LTD, Office 2, 12A Lower Main Street, Lucan, Co. Dublin, K78 X5P8, Rep. of Ireland.

Data collected by telephone

In the event that you submit your personal details by telephone, please note that the Company may monitor or record your call for one or more of the following purposes:

  • To provide evidence of your order or transaction with us
  • To ensure that we comply with relevant regulatory procedures
  • To see that quality standards or targets are being met
  • In the interests of national security to prevent or detect crime or to investigate the unauthorised use of a telecommunications system
  • To secure the effective operation of our telecommunications system

Third Party Processors

Our carefully selected partners and service providers may process personal information about you on our behalf as described below. A list of approved sub-processors can be found here.

Additional information

Any information that you choose to provide us with will be used to personalise and improve our customer service operations. All information is collected and stored in a secure manner and is used strictly in relation to this policy and your stated preference. The Company shall not be responsible or liable for loss of privacy, disclosure of information, harm, damage or loss that may result from your transmission of any information to us. In addition, under the law, we must cooperate fully with any law enforcement agency should a situation arise where our information about customers could be of assistance.

From time to time, the Company may introduce new products and services to our customers that may require modifications to this policy. We reserve the right to modify this policy at any time by notifying our customers, via the Company website, of a new or revised policy. These modifications will only apply to personal data that you then provide to us after the date of the modification.

Data portability

In the event that you decide to terminate your Appointedd account or otherwise wish to obtain the personal data we hold about you, we provide the facility to export all information in the form of a CSV file. Further information regarding your right to Data Portability is contained in our Data Protection Policy.  If you require assistance in exporting data please contact our customer service team privacy@appointedd.com. In the event that our clients request their information to be deleted, we endeavour to do so within 6 months. All cancelled accounts will have personal information deleted no more than 6 months, as routine, after the last date of billing. Account information is then stored for a further 30 days as a backup. This information is encrypted with access granted to a limited number of authorised personnel.

Contact preferences

As a Company customer, we may also use your contact information to inform you of other products or services we think might interest you. However, if you do not wish to be contacted for promotional purposes, you can “opt out” when the Company collects your information. Alternatively, you can update or correct your personal or business information relating to your Company account by contacting us by post or e-mail.

Please note that your contact preferences only apply to the Company contacting you for marketing purposes. We may still need to communicate with you regarding the usability of your product or critical messages relating to your service or software. These communications may include service messages, subscription renewal notices, critical notices or legally mandated notices.

CCTV on premises

We use CCTV systems to capture images that help create a safe and secure environment for everyone who works at and visits our office, as well as to protect our property. Monitoring these systems allows us to:

  • Improve public safety
  • Keep our property secure
  • Help prevent crime
  • Reduce fear of crime and reassure our staff
  • Support the identification and prosecution of offenders

We believe that processing personal data for these reasons is in our legitimate interest to maintain a safe workplace. Access to our CCTV systems and any recorded images that include personal information is strictly controlled and only allowed for investigating crimes or security incidents. Our NVR records for 30 days and automatically overwrites the oldest footage once full. If you have any questions please contact us via privacy@appointedd.com.

Openness

In the future, we may make changes to our privacy policies or practices. If we make material changes regarding personal information, we will update our statement and post a notice on the Company website and, if relevant,  inform you of the changes by email.  When  we change this Privacy Policy in a material way we will update the “last modified” date at the end of this policy. Changes to this Privacy Policy are effective when they are posted on this page.

Contact us for more Information

You may provide us with your feedback, ask us questions about this policy, view the information collected from you to date, or obtain a printed copy of our policy statement and/or the name of the individual in charge of our privacy policy by writing to or emailing us at the addresses above (see: How you can contact us)

Please be sure to include your mailing address if you would like us to send you any written materials. The Company reserves the right to take reasonable steps to verify any requests for personal information it receives. Where the timeframe is not specified by law, we endeavour to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Last modified date 17th October 2024