At The Gap, we take privacy very seriously. This Privacy Notice is drafted with reference to the General Data Protection Regulation (EU) 2016/679 (GDPR) and describes how The Gap collects and uses the personal information you provide when using our website and services. This Privacy Notice applies across all websites that we own and operate, and all services we provide, including The Gap Portal, educational webinars, masterclasses, implementation programmes, and general support (“our Services”).
We’ve created this Privacy Notice to ensure our users understand how we treat Personal Data that we gather or process when you are using our Services. This Privacy Notice sets out the rights you have in relation to your Personal Data. Our Services are not intended for children and we do not knowingly collect data relating to children.
This Policy’s defined terms have the same meaning as in our Licence Agreement, which should be read together with this Privacy Notice.
‘We’, ‘our’ or ‘us’ refers to The Gap 2014 Limited. Our headquarters are in Mount Maunganui, New Zealand. We provide a web application (which we call a portal) for accountants and bookkeepers to deliver a wide range of Business Development services to their clients.
We act as a ‘Controller’ as defined in the GDPR which means we are responsible for your Personal Data. We act as a ‘Processor’ as defined in the GDPR of your clients’ Personal Data. You have the responsibility for ensuring that the Personal Data you collect about your clients is being processed in a lawful manner.
Information you provide to us:
Information we collect automatically:
Whenever you interact with our website or use our Services, we automatically receive and record information from your browser. We use cookies and similar tracking technology to record information such as your device, your IP address, browser type, website you were visiting before you landed on our website, the pages you visit on our website and the time you spend on each page. We use this information to monitor and analyse use of our website and our Services so that we understand how our website and our Services are being used and to improve functionality so as to provide the best client experience possible.
Information we receive from third parties:
Most of the information we collect is collected directly from you. Sometimes we might collect Personal Data about you from other sources, such as publicly available materials or from trusted third parties (e.g. our marketing partners). We use this information to supplement the Personal Data we already hold about you, in order to better inform, personalise and improve our Services, and to validate the Personal Data you provide.
Where we collect Personal Data, we’ll only process it:
To provide you with our Services.
We need your name and email address in order to provide you with our Services and allow you to log in to our portal.
To support you.
We need your Personal Data to assist with the resolution of technical support issues or other issues relating to our Services, whether by email, phone or support ticket.
To communicate with you.
We may use your Personal Data to send you various communications. This may include:
To enhance our Services.
We track and monitor the use of our Services to determine which are most popular and which may need improvement. We also track and monitor the use of our website so we can optimise your user experience.
To market to you.
We use your Personal Data to send you marketing communications. We may obtain your Personal Data, such as name, email address, and place of employment from publicly available information and send you marketing communications where we have a legitimate interest to do so. You can unsubscribe from these at any time.
To monitor usage.
We monitor the usage of our product to ensure users are utilising our Member Support services, to ensure the protection of our Intellectual Property and to identify product priority from a user perspective.
Your Personal Data is processed on Amazon Web Service (AWS) servers based in the United Kingdom and Sydney, Australia.
We use various online systems and tools, including certain customer relationship management, marketing automation and email delivery services (‘Tools’) to allow us to communicate with our users. As part of our use of these Tools, certain Personal Data is sent to the providers of the Tools. We ensure that providers of these Tools comply with the requirements of the GDPR.
There are times when we need to share your Personal Data with third parties. We’ll only share your Personal Data to:
The length of time we keep your Personal Data depends on whether we have an ongoing business need to retain it, e.g. to provide you with a service you’ve requested or to comply with applicable legal requirements. We’ll retain your Personal Data for as long as we have a relationship with you, and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. We’ll make sure it’s deleted after this period.
You have a number of rights in relation to the processing of your Personal Data. Requests can be made verbally or in writing to the contact details available at the bottom of this document. We will respond to all requests within 30 days of receipt of the request. We won’t charge you for this unless the request is manifestly unfounded or excessive. We may require you to verify your identity before we can disclose any Personal Data to you.
Right of access.
You have the right to request a copy of the Personal Data we hold about you. We will provide you with the following information:
Right to rectification.
You have the right to have inaccurate Personal Data rectified, and to have any incomplete data completed.
Members of The Gap can edit or delete some of their Personal Data within the portal, including their name and email address. Some of this data may be restricted to your firm’s Portal Administrator.
Right to erasure.
You have the right to have the Personal Data we hold about you deleted from our systems.
Right to restrict processing.
You have the right to request that we restrict or block the processing of your Personal Data in certain circumstances. We will continue to store your Personal Data, but we won’t use it in any other way.
Right to data portability.
You have the right to obtain the Personal Data we hold about you and reuse it for your own purposes, across different services. We will provide your Personal Data in a format that is structured, commonly used, and machine readable.
Right to erasure.
You have the right to have the Personal Data we hold about you deleted from our systems.
Right to restrict processing.
You have the right to request that we restrict or block the processing of your Personal Data in certain circumstances. We will continue to store your Personal Data, but we won’t use it in any other way.
Right to data portability.
You have the right to obtain the Personal Data we hold about you and reuse it for your own purposes, across different services. We will provide your Personal Data in a format that is structured, commonly used, and machine readable.
Right to object.
You have the right to object to us processing your Personal Data, where the processing is based on legitimate interests or direct marketing. If you request that we stop using your Personal Data for direct marketing purposes, we will suppress your details from our marketing lists to ensure your preference not to receive direct marketing is respected in the future. All of our direct marketing emails will contain a link for you to unsubscribe if you no longer wish to receive them.
We’re committed to protecting your Personal Data and have appropriate technical and organisational measures in place to make sure your Personal Data is kept secure. We will take all reasonable steps to protect our Services from unauthorised access, modification or disclosure. Your Personal Data is stored on secure servers that have SSL Certificates.
We may amend or update this Privacy Notice from time to time. The date of the last update is shown at the top of this document. Use of Personal Data we collect is subject to the Privacy Notice in effect at the time such Personal Data is collected.
We will notify you of changes to this Privacy Notice and changes to the way we use Personal Data by sending you an email and posting an announcement in The Gap Portal and/or on our website prior to the changes becoming effective. You are bound by any changes when you use our website or our Services after such changes have been announced.
If you have any questions or concerns regarding this Privacy Notice, or the way we use your Personal Data, please send us a detailed message to hello@thegaphq.com. We will make every effort to resolve your concerns.
You also have the right to complain to your local Data Protection Authority. If you’re based in New Zealand, you have the right to complain to the Office of the Privacy Commissioner. If you’re based in the European Union, you have the right to complain to the Information Commissioner’s Office. If you’re based outside of New Zealand and the European Union, you have the right to make a complaint at any time to the supervisory authority for data protection issues of the country in which you are based, or to the New Zealand Office of the Privacy Commissioner.
You can contact us in the following ways:
Members of The Gap can also contact us by submitting a Support Ticket.