Privacy Policy Overview
Introduction
Saturn Fintech Limited is dedicated to protecting the privacy of those using our website heysaturn.com and associated services. This policy outlines how we handle personal information in accordance with the UK GDPR, EU GDPR 2016, the Privacy and Electronic Communications Regulations (PECR) 2003, and other relevant data protection legislation.
Company Information
- Registered Office: Flat 15 Edward Heylyn House, 15 Thomas Fyre Drive, London, England, E3 2ZL
- Contact Email: hello@heysaturn.com
- Data Protection Officer (DPO) Email: dpo@heysaturn.com
- ICO Registration Number: ZB616647
Basis of Legitimate Processing
In accordance with data protection laws, Saturn is bound to legitimise our reasons for data processing. These legal grounds as a data controller are enumerated below along with instances where they may be applicable:
| Legal Grounds for Processing | Examples of Use |
|---|---|
| Consent | Opting in for marketing communication, subscriptions to newsletters, participation in contests, etc. |
| Contractual Need | Engaging in preliminary discussions and concluding employment contracts |
| Legal Requirements | Compliance with fiscal obligations, such as those to HMRC |
| Genuine Interest | Responding to inquiries from parties with whom we might not have a pre-existing relationship |
On occasions where we process special categories of personal data (for instance, health, racial, and ethnic information), we vow to observe and document any pertinent special conditions that are required.
As a data processor, we abide by the legal ground established by the data controller, frequently operating under the basis of genuine interest for software and AI-driven services.
Data Collection
Data You Provide: Upon creating an account, we collect your name, email address, username, profile photo, and any additional information you opt to provide. This data enables us to create and manage your Saturn account.
For transactions, we collect payment details, securely processed by third-party payment processors.
Your submissions, like content, comments, and messages, are collected based on the information you choose to provide within our services.
Automatic Data Collection: We automatically gather technical data from your device, such as IP address, device type, and operating system, to enhance our services.
Data From Third Parties: Data may be obtained from third-party services, like Google, for authentication purposes.
Data Use
We use your data to offer, maintain, and improve Saturn. This includes:
- Account management
- Payment processing
- Service enhancement
- Personalised content
- Communication regarding Saturn
- Support and troubleshooting
We pledge not to sell or rent your personal data without your explicit permission.
Use of Large Language Models
For certain Saturn features, we may use large language models (LLMs). These models are pre-trained and we don't directly train them on user-provided data.
Limited samples of user data may be sent to LLMs for specific service functionalities, without retention for training or other purposes. All of the LLMs are processed and used in the UK and no data is stored
Data Sharing and Disclosure
We share your data only in these instances:
- With your explicit consent.
- With third-party service providers under strict privacy compliance.
- As required by law or during company structural changes, subject to existing agreements.
User Consent and Control
Explicit consent is obtained before sharing your data with third-party tools. You have the right to access, amend, or delete your personal data by contacting dpo@heysaturn.com.
Data Security and Retention
We implement rigorous safeguards for data protection, though no system is entirely secure. We store your data only as necessary and regularly purge redundant data.
We continually revise our data retention methods, ensuring that personal data is held only for periods essential to our processing activities. We have instituted data retention guidelines and schedules to underpin such practices.
As a data controller, data is kept if it aligns with prevailing best practices (e.g., ICO guidelines), advisors' suggestions (e.g., ACAS guidance), or as necessitated by law (e.g., HMRC stipulations). Our legitimate interests also guide our decision on retention periods.
As a data processor, we adhere to retention timeframes established by the controlling clients.
When it becomes indispensable to expunge data, we proceed with either manual deletion or anonymisation.
International Data Transfers
Cross-border data transfers are conducted under approved mechanisms to comply with data protection laws.
Do Not Track Signals
We adhere to "Do Not Track" signals by not collecting non-essential activity data.
Third-Party Services
We use third-party APIs and platforms under their respective privacy policies, minimising unnecessary data sharing.
Data Protection Rights
UK residents benefit from several rights concerning personal data processing:
- The right to be informed
- The right to access data
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to object
- The right to data portability
- The right not to be subject to automated decision-making and profiling
To invoke any of these rights, we welcome written requests sent to our provided email addresses.
When functioning as a data processor, any rights requests we receive are relayed to the client controller, who may subsequently interact directly with you to gather additional details or confirm rights application.
Data Security Measures
We employ pertinent security safeguards to curb accidental loss, unsanctioned access, use, alteration, or exposure of your personal data. Furthermore, we restrict personal data access to those staff members, agents, contractors, and third parties with legitimate operational requisites. These parties are also bound to maintain data confidentiality.
In the event of a data security incident, we are primed to coordinate with our IT team and relevant entities to investigate, confine, and notify when necessary.
Complaints and Policy Updates
Concerns or complaints can be addressed to us or the Information Commissioner's Office (ICO). This policy will be periodically reviewed and updated, with the last revision on January 22, 2024.
For privacy-related queries, please contact us at dpo@heysaturn.com
Addressing Concerns and Registering Complaints
We recognise that you may hold concerns or grievances related to this Policy. We invite you to engage us directly to discuss or lodge a complaint using our contact details provided near the beginning of this document.
Alternatively, complaints can be directed to the Information Commissioner's Office (ICO), the UK's regulatory body for data protection, through this link: https://ico.org.uk/make-a-complaint/.
This Privacy Policy was last revised on January 30, 2024.
Contact Us
For any queries about our privacy practices, please contact us at dpo@heysaturn.com
