1.2. As a data processor we collect information you provide when you
Personal data collected for Sokin’s own direct marketing purposes. For information about our use of your
personal data as collected on our websites and services apps and as used for our own direct marketing
1.3.1. Third-party websites, plug-ins, and apps linked to from this website.
2.1. We may hold the following categories of your personal data:
We collect information you provide which includes
2.1.2. Information from your device whenever you use our website or the Sokin mobile app, we may collect the following information:
3.1. The primary purposes for which Sokin will use your personal data is
3.1.1. To analyse, develop, and improve the use, function, and performance of our products
and services. For example, we may process personal data for our own research and development purposes
in support of our products and services, such as to enhance the quality of our products, to develop new
features and support new functions of our services, and for internal statistical analyses of our products’
and services’ performance.
3.1.2. To manage the security of our sites, networks, and systems, and to operate our business. We may collect usage and systems operations data from our website(s) and/or services platform(s) in order to better manage our operations and/or to help keep our products and services secure (including your information), as well as to investigate and help prevent cyber-attacks or potential fraud, including ad fraud and to detect bots. We may also process personal data in the operation of our day-to-day and overall business, such as when we conduct audits and investigations, as well as for finance, accounting, archiving, and/or insurance purposes.
3.1.3. To comply with applicable laws and regulations. We process personal information as part of our compliance with applicable laws and regulations, in the provision of our products and services.
4.1. We must have a legal basis (a valid legal reason) for using your personal data. Our legal basis will be one of the following.
4.1.1. We need certain personal data to provide our services and cannot provide them without this personal data.
4.1.2. In some cases, we have a legal responsibility to collect and store your personal data (for example, under anti-money laundering laws we must hold certain information about our customers).
4.1.3 We sometimes collect and use your personal data, or share it with other organisations, because we have a legitimate reason to use it and this is reasonable when balanced against your right to privacy.
4.1.4. Where you've agreed to us collecting your personal data, for example when you have ticked a box to indicate you are happy for us to use your personal data in a certain way.
4.2. You can always object to the use of your data for marketing or for any further use under the grounds of legitimate interests. You can also withdraw your consent at any time. Please refer to Section 5 (Your Choices And Rights Regarding Your Personal Data) below.
5.1. Sokin respects that you have the right to have control over your data, so we provide you with multiple choices for managing that control with us.
The rights and choices set out below are applicable only in relation to your personal data which we process as a data controller, and, except for Opt-Outs, do not apply where we process personal data as a data processor on behalf of our clients.
5.2. Marketing opt outs
You can ask us to stop using your personal data for marketing purposes at any time.
5.2.2. In order to exercise your right to opt-out of having your data collected by us through our website, please email us at firstname.lastname@example.org
5.3. Sokin cookies opt outs
5.3.1. Cookies are small text files that are downloaded onto your computer and/or other devices you use to browse the internet and visit a website. Cookies allow us to recognise your device and gather some information about your preferences and past actions, which is then stored in connection with your cookie. The cookies and associated information are used to provide you with a more tailored experience on webpages, including remembering your previous activities on the website, providing you with tailored content based on your previous interactions on that website, and remembering your log-in information (where you choose to allow that).
5.3.2. You can change your default browser settings to be notified whenever a new cookie is dropped on your browser, or even to block cookies all together. Please refer to the Website and Marketing page for further details.
5.4. Accessing Information about You
5.4.1. You have the right to request details about the personal data that we process about you as a data controller. You can obtain this by making a Subject Access Request. To do so, please contact us via email to email@example.com and stating “Subject Access Request” in the subject line and/or in the email body. Please ensure that you provide us with the correct information about you in the email body so we can identify you in our systems.
5.4.2. When you make a Subject Access Request to Sokin, you are entitled to all the information that we may hold on you that we process as a data controller. The information that we provide back to you includes:
Please be aware that we may need you to confirm your identity to ensure that we do not provide your information to someone that may not be you.
5.5. Requesting Information about You to be Rectified
5.5.1. If you feel that we may have processed information about you that is incorrect, or if you wish for us to amend any information about you that may have changed or is out of date in anyway (i.e. you now have a different email address than what you believe we have in our system for you), then please contact us via email to firstname.lastname@example.org and stating “Other Privacy Inquiries or Application of Rights” in the subject line and/or in the email body. Please indicate in the body of the email what information you would like us to correct. When doing this, please state what information we may have in the system for you, and what you would like us to change it to.
5.6. Deleting Information about You
5.6.1. You can request that we delete all personal information that we may have collected about you by contacting us via email to email@example.com and stating “Erasure Request” in the subject line and/or body of the email. Please ensure that you provide us with the accurate email address which the erasure request is linked to in the email body.
Please be aware that Sokin will be required to continue to retain your information in the event that you continue to receive any Sokin products or services.
Please also be aware that Sokin reserves the right to store some information about you in compliance with applicable law (for example, we may retain the information you provide with your request for erasure in order to maintain our suppression lists).
6.1. Providing our products and services sometimes results in the need to disclose personal data to our counterparties for example Banking Partners, Card Issuers and other third-party service provides who help us to deliver the products and services you have signed up to receive. Please see below examples of suppliers we normally share your personal data with
6.2. We do not disclose the personal data stored to any counterparties unless it is strictly necessary. We do not allow our third-party service providers to use your personal data for their own purposes, and we only permit them to process your personal data per our instructions for specified purposes in accordance with GDPR.
6.3. Sokin requires all third parties to whom we distribute your personal data to respect the security of your personal data and to treat it in accordance with the law. We make efforts to ensure that the recipients of your data are reputable entities, including by conducting appropriate checks on them. Please be aware that we may also be required to disclose personal data to comply with legal obligations (such as subject to a subpoena or other legal processes), in order to protect both your and our rights, and to ensure your safety, as also discussed in Section 3 (Purposes For Which Sokin May Use Your Personal Data) above. Such instances can include situations where we must respond to government requests, investigate fraud, and even where we respond to public and government authorities outside your country of residence for national security and/or law enforcement purposes.
7.1. Sokin is a global organisation, which means that in the performance of our services we may transfer your data outside the European Economic Area (‘EEA’).
7.2. The UK left the EU on 31 January 2020 and entered a transition period, which will end on 31 June 2021, till end of transition period transfers between UK to EEA remain unrestricted. After Transition period, restricted transfers from the UK to other countries, including to the sea, will be subject to transfer rules under the UK regime. These UK transfer rules broadly mirror the EU GDPR rules, but the UK has the independence to keep the framework under review.
7.3. Whenever we transfer your personal data out of the EEA, we require that a degree of protection similar to the protection that we provide ourselves is afforded to your data. We do this by requiring that at least one of the following safeguards is implemented:
Transferring your personal data to countries that have been deemed to provide an adequate level of
protection for personal data by the European Commission.
7.3.2. Where we use certain service providers or transfer personal data we may use standard contractual clauses approved by the European Commission that give personal data the same protection it has in Europe.
Should you have any further questions or require further information on the specific mechanism(s) used by us when transferring your personal data out of the EEA, then please contact us via email at firstname.lastname@example.org.
8.1. Sokin takes protection of your data seriously, and we have implemented appropriate technical, organisational, and physical measures to prevent your personal data from being accidentally lost, altered, disclosed, or used or accessed in an unauthorised way. In addition, we limit internal access to your personal data to our employees, agents, contractors, and other third parties who have a legitimate business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
8.2. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How Long Sokin Will Use Your Personal Data
9.1. We take various factors into consideration to determine the appropriate retention period for your personal data, including:
9.2. We will generally keep your personal data for six years after our business relationship with you ends or such period as may be required by applicable local laws. We are required to keep your personal data for this long by anti-money laundering and e-money regulatory laws. We may keep your personal data for longer because of a potential or ongoing court claim or another legal reason.
9.3. We will not store your personal data for longer than necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements. We may, however, retain your personal data for a longer period as reasonably necessary for us to deal with a complaint or if we reasonably believe that litigation may be likely with respect to our relationship with you or our use or retention of your personal data.
10.1. If you have any questions about any of our privacy practices, please contact us or our data protection officer in any of the following ways:
By email to Sokin:
By post to Sokin:
Plata Capital Limited t/a Sokin, 1st Floor 90 Chancery Lane, London, United Kingdom, WC2A 1EU
10.2. You have the right to make a complaint at any time by contacting the Information Commissioner’s Office (‘ICO’), who is the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to address your concerns directly with you before you approach the ICO and ask that you please contact us first.
1 March 2021, updated and revised to more clearly address your rights and our obligations under GDPR.