Website Privacy Notice

  1. Who are we

Inno Growth Limited is a limited company registered in England. We provide Smart Employment Solutions personalised to our Customer’s business needs.

At Inno Growth Limited (“we”, “us” and “our” or the “Company”) we value your privacy and the importance safeguarding your data. This Privacy Notice (the “Policy” or “Privacy Notice”) describes our privacy practices for the activities set out below. As per your rights, we inform you how we collect, store, access, and otherwise process information relating to individuals. In this Policy, Personal Data (“Personal Data”) refers to any information that on its own, or in combination with other available information, can identify an individual.

We are committed to protecting the privacy our Website visitors and our Customers as users of our Services in accordance with the highest level of privacy regulation. As such, we follow the obligations under the below regulations:

  • General Data Protection Regulation (GDPR)
  • Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)
  • UK GDPR: The UK GDPR maintains the same principles and obligations as the EU GDPR but includes adjustments to address UK-specific issues.
  1. Scope

This Privacy Notice applies to the Inno Growth Limited Websites, domains, applications, Services & Products and where we are acting as a data controller with respect to the Personal Data of our Website visitors and Inno Growth Limited Service &Products users.

In other words, this Privacy Notice applies where we determine the purposes and means of the processing of that Personal Data. It does not apply where we are acting as a data processor with respect to Personal Data. For information about the circumstances in which we act as a data processor, see Section 3 below.

This Policy does not apply to third-party applications, Websites, products, Services or platforms that may be accessed through non- Hospitality Growth Benefits LTD links that we may provide to you. These sites are owned and operated independently from us, and they have own separate privacy and data collection practices. Any Personal Data that you proved to these Websites will be governed by third-party’s own privacy policy. We cannot accept liability for the actions or policies of these independent sites, and we are not responsible for the content or privacy practices of such sites. 

  1. Acting as a Data Processor

In respect of some of the personal data that we handle, we do not act as a data controller; instead, we act as a data processor. Specifically, we act as a processor with respect to:

  • user account information of users acting on behalf of an IR35 Shield for Business customer; and
  • any other personal data that is expressly covered by a data processing agreement entered into between us, acting as data processor, and a relevant data controller.

Insofar as we act as a data processor rather than a data controller, this policy shall not apply. Our legal obligations as a data processor are instead set out in the contract between us and the relevant data controller.

  1. Personal Data We Collect

We will collect contact details from you and they will be used to respond to your queries as a Website User through using features in our Website or as a Customer using our Services & Products. This includes the following types of Personal Data:

  • Account information such as your name, email address and password
  • Payment information such as your billing address, phone number, credit card, debit card or other payment method

We may collect and process data about your use of our Website and our Services (“usage data”). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and Website navigation paths, as well as information about the timing, frequency and pattern of your service use. The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the Website and services. The legal basis for this processing is our legitimate interests, namely monitoring and improving our Website and services.

We may process information that you provide to us for the purpose of subscribing to our email newsletters and other marketing communications (“marketing data”). The marketing data may be processed for the purposes of sending you the relevant marketing communications. The legal basis for this processing is consent.

We may process information contained in or relating to any communication that you send to us, including enquiries that you make through our Website and support-related queries, as well as communications that we send to you (“communication data”). The communication data may include the communication content and metadata associated with the communication. Our Website will generate the metadata associated with communications made using the Website contact forms. The communication data may be processed for the purposes of communicating with you (including in relation to our services, our certified partner programme and our introducer programme), supporting your use of our services, improving our services and record-keeping. The legal basis for this processing is our legitimate interests, namely communications with our Website visitors and service users and the proper administration of our Website and business.

We may process your Website account and IR35 Shield service user account data, along with information about you stored in our customer relationship management system (“account data”). The account data may include your name and contact information. The source of the account data is you or your employer. The account data may be processed for the purposes of operating our Website, providing our Services (including providing services to relevant Company customers), ensuring the security of our Website and Services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is our legitimate interests, namely the proper administration of our Website and business operations.

We may process information relating to transactions, including purchases of our services, that you enter into with us and/or through our Website (“transaction data”). The transaction data may include your contact details, your card details and the transaction details. The source of the transaction data is you and/or our payment services provider. The transaction data may be processed for the purpose of supplying the services and keeping proper records of transactions. The legal basis for this processing is our legitimate interests, namely the proper administration of our Website and business operations.

We may process any of your Personal Data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

We may process any of your Personal Data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage (including our dedicated insurance coverage for eligible contractors), handling insurance claims, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper provision of our services and the protection of our business against risks.

In addition to the specific purposes for which we may process your Personal Data set out in this Section, we may also process any of your Personal Data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

  1. How We Collect Your Personal Data

From YOU.

You may give us your Account Information, Payment Information, Demographic Data, Feedback, Services & Products Information, by filing in forms, using our Services & Products, entering information online or by corresponding with us by post, phone, email or otherwise.

This includes Personal Data you provide, for example, when you:

  • Create an account on our Website;
  • Use or express interest in our Services & Products;
  • Downloading software and/or our mobile application;
  • Subscribe to our Newsletter;
  • Complete a voluntary market research survey;
  • Contact Us with an inquiry or report a problem;
  • When you log in to our Website via social media platforms.

Automated technologies & Interactions.

As you interact with our Website, we may automatically collect the following types of data:

  • Device Data about your equipment
  • Usage Data about you browsing actions and patterns
  • Contact Data

Third-Parties.

We may receive Personal Data about you from various third parties including analytics providers such as Google.

Devises.

When you visit our Website, we automatically collect and store information about your visit using browser cookies (files which are sent by us to your computer), or similar technology. You can instruct your browser to refuse all Cookies or to indicate when a Cookie is being sent. For more information, please see our Cookies Policy .

  1. Sharing your data

When sharing information, we will provide the minimum information required and only if there is a legal basis for that. We will generally obtain your consent prior to sharing your data and this will generally be for the purposes of ensuring that you receive ongoing care.

In very unusual situations it may be necessary to share information without your consent to protect you or others from harm or if there is a court order. If we share information in this way we will always ensure that we have a legal basis for sharing information about you and the information shared will be limited to that which is appropriate, relevant and proportionate. 

  1. Retention & Deletion

We only retain your Personal Data for as long as necessary for the purpose for which that data was collected and to the extent required by applicable law. When we no longer need Personal Data, we will remove it from our systems and/or take steps to anonymise it.

  1. International Data Transfer & Storage

Where possible, we will store and process your Personal Data in the United Kingdom or on servers within the general geographical region where you reside. Your Personal Data may also be transferred to, or maintained on, servers residing outside of your governmental jurisdiction where the data laws may differ from those in your jurisdiction.

We will ensure that all such transfers: (i) are to jurisdictions that offer adequate safeguards for Personal Data, or (ii) are protected by appropriate safeguards, such as the standard contractual clauses approved by the European Commission.

We will take appropriate steps to ensure that your Personal Data is treated securely and in accordance with this Policy as well as applicable data protection law.

  1. Your Data Protection Rights

In this Section, we have summarised the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

  • Your principal rights under data protection law are:
  1. Right to Access - You have the right to learn whether we are processing your Personal Data and to request for copies of the Personal Data we are processing about you.
  2. Right to Rectification – You have the right to have incomplete or inaccurate Personal Data that we process about you rectified.
  3. Right to be Forgotten (Right to erasure) – You have the right to request that we delete Personal Data that we process about you, unless we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.
  4. Right to Restrict Processing - You have the right to restrict our processing of your Personal Data under certain circumstances. In this case, we will not process your Data for any purpose other than storing it.
  5. Right to Object – You have the right to object to the processing of your Personal Data in certain circumstances. Where the legal justification for our processing of your Personal Data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the Personal data for the establishment, exercise or defence of a legal claim. You have the absolute right to object to our processing of your Personal Data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your Personal Data for this purpose.
  6. Right to Data Portability - You have the right to obtain Personal Data we hold about you, in a structured, commonly used and machine-readable/electronic format, and to transmit such Personal Data to another data controller, where this is (a) Personal Data which you have provided to us, and (b) if we are processing that data on the basis of your consent or to perform a contract with you or the third party that subscribes to services.
  7. Right to Complain to a Supervisory Authority - You can complain about our processing of your Personal Data.
  8. Right to Opt out (right to withdraw consent) - To the extent that the legal basis of our processing of your Personal Data is consent, you can withdraw that consent. If you have consented to our processing of your Personal Data, you have the right to withdraw your consent at any time, free of charge, such as where you wish to opt out from marketing messages that you receive from us. If you wish to withdraw your consent, please contact us using the information found at the bottom of this page.

To the extent that the legal basis for our processing of your Personal Data is:

  • consent; or
  • that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract,

and such processing is carried out by automated means, you have the right to receive your Personal Data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.

If you consider that our processing of your Personal Data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection.

To the extent that the legal basis for our processing of your Personal Data is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.

You may exercise any of your rights in relation to your Personal Data by written notice to us.

There is no charge for exercising these rights unless your request is manifestly unfounded or excessive. If it is, we will charge a reasonable fee or refuse to comply with your request.

Once a request is made, it will be acknowledged and we may ask for confirmation of identification from you and/or seek clarification of your request.

We will do our best to respond without undue delay and within one month of receiving your request. However, if the request is complex, we can extend that by another two months but if we do need more time, we will let you know why. 

  1. Security of personal data

We will take appropriate technical and organisational precautions to secure your personal data and to prevent the loss, misuse or alteration of your personal data.

We will store all your personal data on secure servers, personal computers and mobile devices, and in secure manual record-keeping systems.

We will encrypt the personal data that we store on our servers using a range of different encryption techniques.

Data that is sent from your web browser to our web server, or from our web server to your web browser, will also be protected using encryption technology.

For more information about the security measures, we use to protection personal data, see our Data Policies.

You should ensure that your password is not susceptible to being guessed, whether by a person or a computer program. You are responsible for keeping the password you use for accessing our Website confidential and we will not ask you for your password (except when you log in to our Website). 

  1. How to complain

If you have any concerns about the way that we collect and use your data then please contact us and we will do our best to address these concerns. 

However, you can also complain to the ICO if you If you remain dissatisfied or unhappy with how we have used your data, you can make a complaint about the way we process your personal information to the Information Commissioner’s Office (the ICO) as the UK supervisory authority. Please follow this link to see how to do that:  ico.org.uk/make-a-complaint.

  1. Changes to our Privacy Notice

We keep our Privacy Notice under review and will require to make changes from time to time. We will highlight any substantial updates on our Website. 

This Privacy Notice was last updated on 30 July 2024.

  1. Data Protection Registration

We are registered as a data controller with the UK Information Commissioner's Office.

Our Data Protection Registration number is ZB711694.

  1. Our Details

This Website is owned and operated by Inno Growth Limited.

We are registered in England and Wales under registration number 15010052, and our registered office is at Suite 2 34 Market Street, Atherton, Manchester, England, M46 0DN.

You can contact us:

  • by post, to the registered address given above;
  • using our Website contact forms;
  • by telephone, on the contact numbers published on our Website; or
  • by email, using the email addresses published on our Website.

Questions, comments, complaints and requests regarding this Policy are welcomed and should be addressed to our registered address given above or to our Legal Compliance Department at legal@innogrowth.co.uk. In addition, please do not hesitate to contact us if you suspect any privacy or security breaches.