How we use your data, keep it private and you can exercise your rights
How Monadd Ltd uses data
Monadd is a limited company registered in London, England. We run this website (monadd.io) and its subdomains.
Monadd Ltd facilitates postal address updating when moving to a new location.
We will not use this personal data for other purposes without asking your permission. We will not keep this information for longer than necessary.
We use third party services to publish updates, log our code, keep in touch with people and understand how we can do all of these things better. Here you can find out what these services are and how we handle data for user research and improving Monadd Ltd core service.
This page was last updated on October 5, 2019
"Personal Data” is information that can be used to identify you, directly or indirectly, alone or together with other information. This includes things such as your full name, email address, phone number and utility bills.
We use the following services to run our website and subdomains to publish updates, log code, keep in touch with people, and understand how people are using them.
Google API Services
We use Google API Services to validate that (1) you are a legitimate Gmail email user, and (2) accurately identify service providers. We use minimal and technically feasible permissions from Google API Services to only collect the information about service providers associated with your email address. We do not store, collect or transfer any information for any other purpose other than to identify your service providers and notify them about your move. You can read Google's API Services user data policy here.
We track visitors to Monadd’s websites using Google Analytics, which collects information about how people are using our sites to allow us to improve their experience. This may include information such as aggregated information from computers' Internet Protocol (“IP”) address, browser versions, pages of our websites that people visit, the time and date of your visit, the time spent on those pages, and other statistics. Data is stored indefinitely, so we can see how use of our website changes over time.
We use Metomic to allow all users and visitors to manage their cookie consent, which allows us to keep our website and services GDPR-friendly. Find out more about how they use data in their privacy statement.
Amazon Web Services
Our API runs on AWS lambda served by AWS API gateway, we do this so it can be as efficient as possible providing you with the best experience. We also handle API routing using AWS cloud-front and route 53. You can read more about privacy on Amazon AWS in their Data Privacy FAQ.
Our social media accounts
We use various social media accounts to share our work. We occasionally use the analytics tools provided by these platforms to understand how we can use these services better. Our social media accounts include:
Beta programme and research participants
Research is an important part of our work: it helps us understand people’s needs and build better products and services.
Asking for consent
All pilot participants are asked for consent to use the following details to understand more about their process of moving to a new location. If the participant is happy to proceed we ask them to sign a consent form to confirm this. Your signed consent forms are stored in Notion (project management system) and kept for 3 years.
Using information from the beta programme and user research
Beta programme and user research data is separated from any identifiable information to best understand the aggregated details from the programme.
Any notes we gather during research sessions are stored securely. Any digital files (like audio, photos and videos) are stored on Notion and are only accessed by Monadd members involved in the research. We may work with user researchers to distill insights. We review the privacy notices of the companies we use for this and ask for explicit consent from participants in our consent forms.
All notes and digital files are destroyed or deleted 2 years after the beta programme.
Sometimes we may publish quotes gathered from user research. We only do this if we have specific consent from the participant and any personally identifiable information has been removed. We will only publish audio, photos and video from a research session if a participant has given consent and has signed a model release form.
Withdrawing your consent
Participants are able to withdraw their information from the beta programme or research projects at any time. To do this, contact firstname.lastname@example.org
How we collect and use personal data
We collect the data volunteered by you in the legitimate interest of using our services and signing to communications, including:
When you enroll you will be requested to provide us with details which can include your name, telephone number, email address, old and new postal address, and where applicable, ID card and utility bills.
We collect billing and payment information you provide when you access our paid services.
We collect Personal Data when you communicate with us or if you sign up to receive promotional information via email – including full name and email address.
We may also receive information about you from publicly and commercially available sources and to match your information to your service providers as permitted by law.
We use the personal information that we collect as necessary and appropriate for the following purposes
To provide our products and services. We use your personal information to provide you with the products, services, and features that you or your company have requested; to respond to inquiries we receive from you; to verify your identity and in connection with a transaction that you have initiated.
To improve our products and services and to analyse how members navigate and use our products and services and individual features.
For audit and reporting purposes, to perform accounting and administrative tasks, and to enforce or manage legal claims.
How we share the information we collect
We share information to provide the service to you, to comply with your requests, or with our vendors. We do not host advertising on Monadd and we do not sell your personal information. You are the agent who can choose from a list of the service providers whom you want to inform about information changes. We will not notify any service providers without your request.
It may be necessary to transfer your data to suppliers/service providers from outside the European Economic Area therefore the processing of your data may involve a transfer of data to countries outside of the United Kingdom.
We take all reasonable steps to ensure that your personal data is processed securely. We will only transfer personal information outside the EEA where it is compliant with applicable data protection legislation.
Processing your requests
In certain cases, separate consent is not required, including:
For the performance of a contract: To perform our contractual obligations to you where we need to provide your Personal Data to our service providers, where we need to collect Personal Data from third party sources and when you access third party products and services, where we collect data from third parties or publicly-available sources.
To meet legal obligations.
For Legitimate Interests: to send you communications about the status of your order and any processing results from Monadd.
How long we keep it
We keep your pseudonymised information for up to 12 years. We expect that you will move again within that time period and would want to keep track of the updates you previously made with Monadd. You always have the option to remove your data anytime and can do so by requesting data removal at email@example.com
We don't store nor access any information, including identifying service providers, without the users' explicit consent and with the legitimate purpose of using our service.
Things we don't do
Monadd Ltd doesn’t participate in the following data processing activities:
Buying or selling email address lists
We don’t use “soft opt-in”, meaning you won’t receive any marketing communication from us unless you’ve specifically agreed to it and signed up to receive our updates.
Keeping data secure
We follow best security practices, like HTTPS, VPC (Virtual Private Cloud) and we pseudonymise collected data as much as possible.
We maintain our technical infrastructure and only specific members of the team can access these servers. for more on our security measures visit our Security page.
In the event of a data breach, we are required to notify the Information Commissioner’s Office. We will do so following their guidance.
Our ICO registration number is: ZA516677
Reviewing how we use data
Every quarter, we review our documentation of the data we handle and third party services we use. This helps us continuously improve our processes and hold ourselves to account. We will update this document as necessary.
How to control cookies
You can opt out of our analytics by turning on Do Not Track in your browser. We also employ Metomic to manage the cookies available on the website and gather your consent on cookie use. Metomic appears on the left bottom corner of the screen when you first visit our website.
Your rights and getting in touch
The General Data Protection Regulation gives EU citizens the following rights:
To exercise any of these rights, please contact us at firstname.lastname@example.org and we'll respond. We work to high standards when it comes to processing your personal information. You can find information specific to the services we use or our activities in the relevant sections of this document.
Our postal address is Monadd Ltd, 33 Foley Street, Work.Life, London, UK W1W 7TL
If you aren’t satisfied by our response, you can contact the Information Commissioner’s Office.