Privacy policy

We are committed to protecting and respecting your privacy. This policy sets out the basis on which we process personal data provided by you. Please read the following carefully.

For the purpose of the General Data Protection Act, May 2018, the data controller is Cowomoma Ltd Trading as Society1 of 9-10 Cross Street, Preston, PR1 3LT.

This Privacy Policy describes how Society1 collects, uses and discloses information, and what choices you have with respect to the information. This policy is split into the following sections:

1) Information we collect and receive from you 2) How we use information 3) Data Retention 4) How We Share And Disclose Information 5) Security 6) ChangesToThisPrivacyPolicy 7) Contact Us

Updates in this version of the Privacy Policy reflect changes in data protection law, effective 25th May 2018. When we refer to “Society1”, we mean the Society1 entity that acts as the controller or processor of your information. 1 Information we collect and receive from you We may collect and process the following data about you in the following ways: • Information that you provide by filling in forms on our site or at Society1. This includes information provided at the time of registering to use our site and members portal or so as to enable you to make purchases of goods or services offered by us via the site. If you contact us, we may keep a record of the details provided by you and any subsequent correspondence. This information will be kept in a secure manner and can be made available to you on request. • Membership and Account Information. To create or update a membership account, you or your Customer (e.g., your employer) supply Society1 with an email address, phone number, password, domain and/or similar account details, such as billing address and telephone number. In addition, Customers that purchase a Membership or Service provided by Society1 (or its payment processors) will provide billing details such as credit card information, banking information and/or a billing address will be taken. • Log data. As with most websites and technology services delivered over the Internet, our servers automatically collect information when you access or use our Websites or Services and record it in log files. This log data may include the Internet Protocol (IP) address, the address of the web page visited before using the Website or Services, browser type and settings, the date and time the Services were used, information about browser configuration and plugins, language preferences and cookie data. • Internet usage. When you are using the Wifi and Internet provision at Society1 we monitor and store information about who is using the network. This is held on a secure server provided by IronWiFi as part of our Nexudus Members System. This information is held for security purposes and to allow us to meet the demands of our members with regards to speed, coverage and service of our internet. • Location information. Kisi our door control system requires you to have your Location information switched on to activate your entry. If a Member does not wish to use this service via their phone, we can issue a card option in its place. • Third Party Services. Society1 does use Third Party Services in the provision of their service to Customers and Members. Typically, Third Party Services are software that integrate with our Services. These Services facilitate to provision of Memberships, Door Access, Payment Functions, Customer Relationship Management and Wifi provision and management. All these Third Party services fully intergrate with our internal systems and no passwords or private information is shared. Society1 endeavours to only use Third Party Organisations that meet the requirements of the GDPR legislation. • Cookies. Our website uses cookies to distinguish you as a unique user of our website. This helps us to improve your experience as a user and to identify ways in which the site might be improved. • CCTV. We operate and record Closed Circuit Television Cameras inside and outside the property of Society1. This is for the safety of the personnel and members of the organisation. This information is kept securely for 30 days before being deleted.

2 - How we use information Customer Data will be used by Society1 in accordance with Customer’s instructions. Society1 is a processor of Customer Data and a Customer/Member is the controller. Members may, for example, use the Services to sign up, change or cancel their Membership at Society1, book meeting rooms and add additional extras to their Memberships as required. Society1 uses Customer Data and Information in the provision of their service, we use this information to improve our services and information provision. Society1 may use this information in the following ways: • We use Customer data to provide, update, maintain and protect our Services, Websites and business. This includes use of Customer Information to support delivery of the Services under a Customer Agreement. • To allow Customers to participate in interactive features of our site and members portal. • We may contact Customers with regards to special offers, events and news about our Services. We will only contact Customers that have expressly signed up to this service. • We may conduct surveys from time to time, completion of which is entirely optional, and use any information so provided for research purposes. • For billing, account management and other administrative matters. We may contact Customers regarding monthly payment schedules, your membership and changes to our terms and conditions and membership plans. We will provide sufficient notice in the event of any changes to these. • Details of visits made by you to both our physical premises and website and pages viewed or resources accessed, and information comprising (but not limited to), traffic data, location data, weblogs and other communication data, whether for our own billing purposes or otherwise. • If you request to receive information from us, we may contact you from time to time in connection with offers, promotions or competitions, or if you wish to report a problem to us. If you do not expressly ask to be contacted, we will not send you information. • As required by applicable law, legal process or regulation. • To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Other Information to respond. • To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security and fraud notices. These communications are considered part of the Services and you may not opt out of them. • To investigate and help prevent security issues and abuse.

3 - Data Retention Society1 will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. We will retain details of transactions carried out by you on this site and via our members portal, for accounting and internal processing purposes. This is held on a secure system in line with GDPR legislation. Depending on the Customers Membership and Usage, the Customer may be able to change their Membership settings. If a Customer wishes to cancel their membership this can be done by contacting Society1 at work@society1.co.uk. In the event of a membership cancelation of deletion of customer files. Society1 may retain Customer Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping your Information after you have deactivated your account for the period of time needed for Society1 to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

4 - How We Share and Disclose Information This section describes how Society1 may share and disclose Information. Customer’s Instructions. Society1 will solely share and disclose Customer Data in accordance with a Customer’s instructions in compliance with applicable law and legal process. Third Party Service Providers and Partners. We may engage third party companies or individuals as service providers or business partners to process Customer Information and support our business. These third parties may, for example, provide

virtual computing and storage services. Society1 can provide details of all Third party service providers on request. Corporate Affiliates. Slack may share Customer Information with its corporate affiliates, parents and/or subsidiaries. During a Change to Society1’s Business. If Society1 engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Society1’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all Customer Information may be shared or transferred, subject to standard confidentiality arrangements. To Comply with Laws. If we receive a request for information, we may disclose Customer Information if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process. This may be a request disclose data from government agencies and other sources. To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property or safety of Society1 or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues. With Consent. Society1 may share Customer Information with third parties when we have consent to do so.

5 - Security Society1 takes security of data very seriously. Society1 works hard to protect Customer Information you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the Customer Information we collect, process and store, and the current state of technology. Society1 is registered with ISO data Controller inline with its legal obligation to do so.

6 - Changes to this Privacy Policy Society1 may change this Privacy Policy from time to time. We will provide Customers with a copy of this updated Policy. If we make changes that materially alter your privacy rights, Society1 will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Privacy Policy, you should deactivate your Membership account.

7 - Contact Us Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to us by post or email and marked for the attention of the Data Controller work@society1.co.uk or Society1, 9-10 Cross Street, Preston, PR1 3LT.