Privacy Policy

Envelo (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services or visit our website at https://envelo.solutions.

 

Information We Collect

We collect information that you provide directly to us, as well as data generated from your use of our services:

Personal Information:

  • Name, email address, phone number.
  • Company name and job title
  • Billing and payment information

 

Usage Data:

  • IP address and device information
  • Browser type and version
  • Pages visited and interaction with our website.
  • Time and date of your visit

 

IoT Device Data:

  • Air quality measurements
  • Occupancy data
  • Energy consumption data

 

How We Use Your Information

We use the collected information for various purposes, including:

  • Providing and maintaining our services
  • Improving and personalising user experience
  • Processing transactions and sending related information
  • Sending administrative information and service updates
  • Responding to inquiries and providing customer support
  • Conducting research and analysis to enhance our offerings.
  • Complying with legal obligations

 

Legal Basis for Processing

We process your data on the following bases:

  • Contractual necessity: To provide you with our services and fulfil our obligations, such as processing transactions and delivering updates.
  • Legitimate interests: To improve and personalise our services, including enhancing security and conducting research to make our offerings more efficient.
  • Consent: Where required by law, we will seek your consent for specific processing activities, such as marketing communications, and you can withdraw your consent at any time.

 

Data Minimisation

We only collect data that is necessary for the specified purposes. We ensure the data we collect is relevant, adequate, and limited to what is needed for delivering our services or meeting legal obligations.

 

Data Sharing and Transfers

We may share your information with:

  • Service providers and business partners who assist in operating our business (e.g., cloud providers, payment processors).
  • Legal authorities when required by law or to protect our rights.
  • In the event of a merger, acquisition, or sale of all or part of our assets.

 

International Data Transfers

We may transfer your data to countries outside the UK and European Economic Area (EEA). When doing so, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK Information Commissioner’s Office.
  • Binding Corporate Rules for transfers within our corporate group.
  • Adequacy decisions issued by the UK government or European Commission.

These mechanisms ensure your data receives the same level of protection as it would within the UK and EEA. We regularly review these safeguards to ensure your data is handled securely, regardless of where it’s processed.

 

Your Rights

Under applicable data protection laws, you have the following rights:

  • Access: Request a copy of your data.
  • Rectify: Correct inaccurate or incomplete data.
  • Erase: Request the deletion of your data (“right to be forgotten”).
  • Restrict: Limit certain types of data processing.
  • Object: Object to specific processing activities, such as direct marketing.
  • Data portability: Request data in a structured, commonly used format.
  • Withdraw consent: Where processing is based on consent, you can withdraw it anytime.

 

To exercise any of these rights, please get in touch with us using the information provided at the end of this policy. We aim to respond within one month, which aligns with legal requirements.

 

Cookies and Similar Technologies

We use cookies and similar tracking technologies to enhance the browsing experience and analyse website traffic. You can manage your cookie preferences through browser settings or our cookie consent tool. For more information, please refer to our Cookie Policy.

 

Data Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection and security practices

 

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay.

 

Retention of Data

We retain your data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or to meet our legal obligations. Specific retention periods may vary depending on the type of data and services provided. For instance:

  • Personal data linked to your account is retained for as long as your account is active and typically for up to six years after account closure to comply with legal obligations.
  • IoT device data is typically retained for the duration of the service agreement.

If you have any questions about our retention periods, please get in touch with us.

 

Children’s Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please get in touch with us to have it removed.

 

Automated Decision-Making

Our services do not currently involve automated decision-making with legal or similarly significant effects on you. Automated decision-making refers to decisions made by automated means (e.g., algorithms) without human intervention. Should this change, we will update this policy and provide further information on how your rights apply.

 

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last updated” date.

 

Contact Us

If you have any questions about this Privacy Policy or our data practices, please get in touch with us at:

Envelo

Email: privacy@envelo.solutions

Address: Spirit House, 8 High Street, West Molesey, England, KT8 2NA

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we have not handled your data in accordance with data protection laws.