Privacy Policy

1. Our Policy’s Aims

1.1 This Policy applies to this website for the Doubtfire Fund and Manhandle Press Limited.

1.2 Our Privacy Policy explains the processing of your personal data by us and establishes what information we collect, or which is provided to us, and how we use and protect your personal data in compliance with applicable law.

1.3 Personal data refers to any information relating to an identified or identifiable natural person (“data subject”), where this identification can be made directly or indirectly, by means of identifiers such as your name, identification number, email address, phone number, online identifiers such as cookies in some circumstances, your location, your genetic, economic, cultural or social identity or other information that is specific to you.

1.4 We do not mean information that only refers to a business corporation or organization. We also do not mean information that has been "anonymized," either by removing or de-identifying all specific identifiers. Anonymous data is not personal data when the anonymization is irreversible. When we refer to anonymous data, we mean data that cannot be reversed into personal data.

1.5 As a data controller, we commit ourselves to protecting the privacy of our website visitors and users of our products and services with respect to the processing of your personal data.

Where we collect and process your personal data, we will limit the collection and retention to what is adequate, relevant and necessary for our purposes and it will be kept in a form which allows for your identification no longer than necessary for the purpose for which we process your personal data. We refer to this as data minimisation.

1.7 Where we store your personal data for longer periods for statistical purposes, as permitted, we will use appropriate safeguards. Applicable law defines ‘statistical purpose’ as any collection of personal data, where the result of processing is for aggregate data, so the personal data we collect from you is anonymized or pseud-anonymized. For example, the processing of your personal data may be for the business-related process of counting users, products, sales and various metrics. We may also share statistical data that has been anonymized and aggregated geographically and so, cannot be used to identify individuals, with third parties for trend analytics.

1.8 Our policy provides you with the legal bases for the collection of your personal data, lets you know how long personal data is stored and the reasons why, and how in some circumstances, they are necessary to retain. 

1.9 Some of the legal bases we rely on are contractual and service necessity, consent, legitimate interests and compliance with legal obligations. 

1.10 We want you to have the necessary and relevant understanding of how and why we process your personal data so that you can make fully informed decisions on whether to allow us to retain your personal data or delete them. Section 2 explains your rights under applicable law  and section 3 lets you know when the Privacy Policy applies.

1.11 We strive to keep the policy easy to understand and transparent, and so we refrain from technical information overload. If you wish to have further details on how we process your personal data, please contact us.

2. Talk to Us about Your Data

2.1 We try to ensure that the users of our products and services always have an open line of communication with us. You can contact us at any time if you have any questions, queries or requests about your personal data and, if European law applies to the processing of your data, about your right to request access to, modify, remove or export your data, or object to our processing of your data. You have the right to complain to supervisory authorities in your Country should you feel your privacy has been breached, however we would appreciate it if you reach out to us first before you approach any supervisory authorities or courts. You may submit requests to us at admin@doubtfirefund.co.uk. We will action your request within one month of receiving a request from you concerning any one of your rights as a data subject. Should we be inundated with requests or particularly complicated requests, the time limit may be extended to a maximum of another two months. If we fail to meet these deadlines, we would, of course, prefer that you contact us to settle the matter informally.

2.2 We process your personal data where it is lawful and fair for us to do so. The legal bases we rely for processing your personal data are contractual necessity, consent, legitimate interests and compliance with legal obligations.

2.3 There could be instances where you are using our products or services, but we do not have your personal data, even though you have purchased our products or services. These include situations where you purchase our products from our service provider, a reseller, or an app store. Because your relationship in these cases is with that service provider, reseller or an app store, we do not actually have your personal data and will not be able to perform your request to access or delete your information. In such circumstances, please contact your service provider, reseller, or app store where you purchased the products or services, as this person is the primary controller of your personal data.

3. When Our Privacy Policy Applies

You should know that our Privacy Policy applies to the following situations and activities:

3.1 Online activities
Any personal data collected from you when you visit our websites or use our products or services

3.2 Phone contacts
Any personal data collected from you when you call us for sales, service, or customer support.

3.3 Offline contacts
Any personal data collected from you at a "live" or in-person event such as a trade show or promotion.

3.4 Reseller information
Any personal data, including contact information such as telephone number and email address, collected from our resellers or sub-resellers.

3.5 Other circumstances
Any personal data collected from you when you contact us by email .

4. When Our Privacy Policy Does Not Apply

4.1 Third Party Sites

Clicking on a thumbnail or profile link will take you to the third-party site from which the thumbnail or link was imported. By using a user ID from a third-party site, you agree to be governed by the terms and conditions, privacy policy, and data security policy of the third party. You also agree that we are not responsible for any loss or damage you may suffer from your dealings with the third party, or your use of or reliance on any of that party's content.Third parties may also provide links to other websites and mobile applications (apps). Any sharing of data with third parties through access to and use of third party advertisements, their linked websites or mobile apps is not governed by this privacy policy, but instead is governed by the privacy policies of those third parties. We are not responsible for the privacy practices of third parties. Your use of a third-party site will be governed by the terms and conditions, privacy policy, and data security policy of the third-party site.

5. Disclosing Your Personal Data to Third Parties

5.1 Disclosure to third parties
We are required to disclose your personal data to unrelated third parties in limited circumstances:

where necessary to satisfy a legitimate government request or order; in compliance to a legal requirement by a court of law or in the public interest; in response to a third-party subpoena, if we believe on the advice of our attorneys that we are required to respond; where we hire a contractor to perform a service for us, such as product development or market research (but not if doing so would violate the terms of our privacy policy, or laws governing personal data); If we obtain your permission; or if necessary to defend ourselves or our users (for example, in a lawsuit).

5.2 We are also required in a few limited situations to share our users' personal information with third parties. For example, if you request a specific service or product from us, and if that product or service is administered by a third party working for us, we may share your personal information with the third party to respond to your request. This third party may also transmit back to us any new information obtained from you in connection with providing the service or product.

5.3 When you contact us or a third-party service provider working on our behalf, our service provider may suggest upgrades to our products or services. Our service provider may also suggest products or service that the service provider offers which are not our products or services. In this case, you will be clearly advised that the product or service is offered by the third party and not by, the Doubtfire Fund or Manhandle Press Ltd and you will be subject to the terms and conditions, end user license agreement (EULA), and privacy policy of the third-party service provider.

6. International Transfers of Your Personal Data

6.1 Our website is shown globally and products we sell are available around the world. In order to reach all of our users and provide all of them with our software, we operate on an infrastructure that spans the globe. The servers that are part of this infrastructure may therefore be located in a country different than the one where you live. In some instances, these may be countries outside of the European Economic Area (“EEA”), where the level of protection provided by the laws of these countries may be different than the high standard enshrined in the GDPR. Regardless, we provides the same GDPR-level of protection to all personal data it processes.
At the same time, when we transfer personal data outside of the EEA, we always make sure to put in place appropriate and suitable safeguards, such as standardized contracts approved by the European Commission, which legally bind the receiving party to adhere to a high level of protection, and to ensure that your data remains safe and secure at all times and that your rights are protected.

7. Sharing of Information 

7.1 Our data collection and management practices do not vary by location. We follow the same “data minimisation” procedure with respect to all personal data in our possession, regardless of the jurisdiction from which it was collected.

7.2 We reserve the right to store and use the information collected by our software to improve our current and future products and services, to help us develop new products and services, and to better understand the behaviour of our users.

8. Storage, Retention, and Deletion of Your Personal Data

8.1 Storage of Information
We store information that we collect on our servers or on the servers of our subsidiaries, affiliates, contractors, representatives, contractors, agents, or resellers who are working on our behalf.
The data on our servers can only be accessed from our physical premises, or via an encrypted virtual private network (“VPN”). Access is limited to authorised personnel only, and company networks are password protected, and subject to additional policies and procedures for security.

8.2 Access by our contractors
We or our contractors, subsidiaries, affiliates, representatives, agents, or resellers who are working on our behalf undertake regular maintenance of your personal data. All third parties must agree to observe the privacy of our users, and to protect the confidentiality of their personal information. This means your personal data cannot be shared with others, and there must be no direct marketing by the third parties.

8.3 Retention and Deletion of Your Personal Data
We retain and delete the various types of personal data we collect in compliance with the legal requirement that personal data be kept in a form that permits identification of our data subjects for no longer than is necessary for the purposes for which the personal data is being processed.
We will not keep your personal data in a form that allows you to be identified for longer than reasonably necessary with regards to the purpose for which the information was collected. We will also anonymize and aggregate data to the extent possible.
In general, we strive to delete or obfuscate Internet Protocol (IP) addresses within 60 days when the purpose for which they were collected has been fulfilled. We may retain online identifiers, location data and other personal data for statistical purposes as permitted under applicable law.
We may also amend the personal data we keep in such a way that you cannot be identified, for example, by hashing. We may retain a “key” to the hashing, but we will securely store it separately from the hashed data.
We will only keep your personal data for additional periods following the expiration of the purpose for which we collected it when permitted as compatible for our legitimate interests or required by law, for example tax, contract, secrecy or criminal laws. Otherwise, your personal data will be automatically deleted from our system once the legal basis for the collection and processing has been fulfilled.
If you participate in a giveaway or promotion that we offer, we will retain your data long enough to administer the promotion, plus any additional time that is permitted or required by law.
For the purpose of licensing products that are registered on a periodic basis, we will keep your personal data on the legal basis of contractual necessity for as long as you are actively using the product and thereafter for legal compliance. Thereafter, your personal data will be deleted.

9. How You Can Request Deletion

For our paid customers of products and services for your personal computer, you will be able to email us to request deletion of your personal data.

In some circumstances and to the extent permitted by law, for example, to provision the service or contract, for compatible use for our legitimate interests, under national tax, contract, criminal, or secrecy laws, we may retain your personal data despite your requests for erasure.

10. Effects of Request – How Long Before Deletion and Consequences of Deletion

10.1 Depending on what you request and how many requests we receive, it is possible for your requests to be actioned from within a day to three months.

10.2 If you request the erasure of your data (“right to be forgotten”), we will generally action this within 30 days, which may only include a record in our system that once the legal basis for processing your personal data has been fulfilled, your personal data needs to be promptly deleted.

11. Data Security

11.1 Safeguards for protection of personal information We maintain administrative, technical, and physical safeguards for the protection of your personal data.

11.2 Administrative safeguards
Access to the personal data of our users is limited to authorized personnel who have a legitimate need to know based on their job descriptions, for example, employees who provide technical support to end users, or who service user accounts. In the case of third-party contractors who process personal information on our behalf, similar requirements are imposed. These third parties are contractually bound by confidentiality clauses, even when they leave. Where an individual employee no longer requires access, that individual's credentials are revoked.

11.3 Technical safeguards
We store your personal information in our database using the protections described above. 

11.4 Physical safeguards

Access to user information in our database by Internet is not permitted except using an encrypted virtual private network (VPN). Otherwise, access is limited to our physical premises. Physical removal of personal data from our location is forbidden. Third-party contractors who process personal data on our behalf agree to provide reasonable physical safeguards.

11.5 Proportionality
We strive to collect no more personal data from you than is required by the purpose for which we collect it. This, in turn, helps reduce the total risk of harm should data loss or a breach in security occur: the less data we collect, the smaller the overall risk.

11.6 Notification in the event of breach
In the unlikely event of a breach in the security of personal data, we will notify all users who are actually or potentially affected.

We may tailor the method of notice depending on the circumstances. We reserve the right to delay notification if we are asked to do so by law enforcement or other authorities, or if we believe that giving notice immediately will increase the risk of harm to our user body overall.

12. Other Jurisdictions

We comply with the laws of countries outside the EU to the extent required by any country based in the UK.

13. Policy Changes

13.1 Updates to our Privacy Policy will occur from time to time and we will publish these changes on our website.

13.2 We suggest that you check our Privacy Policy every so often to keep yourself informed.

13.3 Where the changes are major, we will notify you by email if you have an account or through posts on our website.

14. Contacting Us

14.1 Both Manhandle Press Limited and The Doubtfire Fund are registered at: Timberleys, Littlehampton, West Sussex, UK.

14.2 Dispute resolution

We make every effort to conduct our business in a fair and responsible manner. In the unlikely event of a disagreement or complaint about the way that your personal data is handled, please contact us.

15. Data Protection Officer

15.1 As required under the GDPR, we have a data protection officer (DPO) to monitor our compliance with the GDPR, provide advice where requested and cooperate with supervisory authorities. You can contact our data protection officer via Admin@doubtfire.co.uk