We are SW2 LLC (we or us), a limited liability company registered in the State of Colorado, USA with registration number 20181403120 and whose registered address is at 5231 S Quebec St, Greenwood Village, CO 80111.
We provide software services to our customers, who are primarily businesses. We do not collect any personal information about our customers unless it is voluntarily provided to us. Our customers, and their authorized users, are permitted to upload details of specific projects being undertaken into our software, in order to assist with the management of those projects. These details may include information on individuals connected with those projects, including contact details, which could constitute ‘personal data’ under the relevant UK laws.
It is important that you read the following carefully so that you are fully aware of how and why we are using your data.
This privacy notice was last updated on March 23, 2023.
If you need to contact us about anything relating to our processing of your personal data, including any requests to exercise your legal rights described in section 13 below, please do so by e-mailing us at email@example.com.
What is our role?
You have the right to make a complaint at any time to the ICO. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
What is personal data?
Personal data, or personal information, means any information about an individual from which that person can be identified, either alone or in combination with other data. It does not include data from which your identity has been removed (anonymised data).
How do we collect your data?
You may give us information about yourself by filling in forms on our website or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our service, and when you report a problem with our site.
We may also be provided with your personal data when such information is uploaded into our software in respect of a project by one of our customers or their authorized users. In this case we rely on that customer or authorized user having the permission of the relevant data subject to upload such personal data into our software.
What personal data do we collect?
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data – includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data – includes billing address, email address and telephone numbers.
- Financial Data – includes bank account and payment card details.
- Transaction Data – includes details of products and services you have purchased from us.
- Technical Data – includes internet protocol (IP) address, your login data, browser type and version, time zone setting and approximate location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data – includes your username and password, bookings or other product purchases made by you, your interests, preferences, feedback, and survey responses.
- Usage Data – includes information about how you use our website (including the length of your visit to it and the number of page views), products and services. If you call us, we will record the time, date and day of the week and length of your call and whether the call was answered or not.
- Marketing and Communications Data – includes your preferences in receiving marketing from us and our third parties and your communication preferences.
Special categories. We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. There is no reason why any such special category data should be uploaded to our software by our customers or their authorized users.
Children. Our website is not intended for use by anyone under the age of 16. We do not collect the names, dates of birth or any other personal data of anyone under the age of 16.
What other data do we collect?
We collect, use, and share aggregated data such as statistical or demographic data for various purposes. Aggregated data may be derived from your personal data but is not considered personal data in law as it does not directly or indirectly reveal your identity, as the data has been anonymised. This can help us to share audience information with platforms such as Facebook and Google, for the purpose of such platforms displaying our adverts to our existing customers or audiences similar to our existing customers.
If we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.
We may receive data about users interactions with our website from various third parties, including analytics providers such as Google. However, this data is anonymised.
How do we use your personal data?
If you are a customer then we may need to use your, or your representatives, personal data in the process of administering the services for which you have contracted us to provide.
If your personal data has been uploaded into our software by a customer or their authorized users in connection with a project being managed by that customer through our software then such personal data will only be used in accordance with the instructions of that customer. This may, for example, be in the preparation of reports relating to the project, for use only by our customer, which may contain such personal data.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following permitted circumstances:
- Where we need to perform a contract we are about to enter into or have entered into with you.
- Where the processing of your personal data is necessary to comply with a legal obligation to which we are subject.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests.
Examples of legitimate interests include: the administration and improvement of our website (including its security), fraud prevention, notifying you about changes to our services, and providing you with information about offers or other services that may be of interest to you.
To whom do we disclose your information?
We do not pass any of your personal data to third parties.
In the event that we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer. Similarly, if we ourselves are the target of an acquisition by a third party, personal data held by us about our customers will be one of the assets transferred to that third party. We will notify you in writing if any such circumstance occurs.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Do we transfer your personal data abroad?
Our servers on which information provided by our UK based customers is stored are hosted by Amazon Web Services located in London, United Kingdom.
Although we are based in the US, we do not transfer this data back to the US or to any other jurisdiction. Access to such data is restricted. In the event that access is required, for example to fix an issue with our systems, we ensure that the data remains in the UK.
How do we keep your data secure?
We are committed to ensuring that your information is secure. While the transmission of information via the internet is never completely secure, we do our best to protect your personal data.
We have put in place suitable physical, electronic, and managerial procedures to safeguard and secure your personal information. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Links to other websites
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. However, in general any data collected through these mechanisms will be anonymised.
We use local storage for Authentication, to remember which user is logged in;
- Local Storage Name: “Token”
Expiry Period: 120 Days
Purpose: To authenticate user using JWT
More Information: See here
Please refer to your device’s help material to learn what controls you can use to remove or block cookies, or other similar technologies; or block or remove other data stored. Please remember that if you do this, it may affect the functionality of our website and/or your ability to use our services.
How can you control your personal information?
You are in control of the information you provide to us, or that is provided to us by our customers or their authorized users. You may choose to restrict the collection or use of your personal information in a number of ways. Please see the ‘What are your rights?’ section below for a more detailed description of your various rights.
A link enabling you to unsubscribe from direct marketing will be included in every direct marketing communication that is sent to you.
Please note that if you choose not to share some of your information, you may not be able to access or use some areas of the site.
What are your rights?
You have rights under data protection laws in relation to your personal data. These rights are set out in the box below. If you wish to exercise any of these rights set out above please contact us.
You have the following rights:
- Request access to your personal data (a “data subject access request”). This enables you to receive a copy of the personal data we hold about you.
- Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data corrected. We may need to verify the accuracy of any new data you provide to us.
- Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. In some circumstances we may not be able to comply with an erasure request for specific legal reasons which will be notified to you, if applicable, at the time of your request.
- Object to processing of your personal data. You have a right to object where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which you believe causes such processing to adversely impact on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
- Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in certain scenarios, for example if you want us to establish the data’s accuracy or where our use of the data is unlawful but you do not want us to erase it.
- Request the transfer of your personal data to you or to a third party. We will provide your personal data in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
- Withdraw consent at any time where we are relying on consent to process your personal data. The lawfulness of any processing carried out before you withdraw your consent will not be affected. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time.
You will not have to pay a fee to access your personal data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity before you can exercise any of these rights. This is a security measure to ensure that your personal data is not disclosed to someone who does not have a right to receive it. We may also need to ask you for further information in relation to your request to help speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will let you know and keep you updated.
How long do we keep your data?
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collect it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Please contact us if you would like further information about our data retention policies.
Changes to this policy
We may update this policy from time to time. Any changes we may make will be posted on this page and, where appropriate, notified to you by email. Please regularly check this policy to ensure that you are aware of its current terms.