Privacy policy

Tenovus Cancer Care - our promise to you

Tenovus Cancer Care promises to respect and look after all personal data you share with us, or that we get from other organisations. We will always keep it safe. We aim to be clear when we collect your data about what we’ll use it for, and not do anything you wouldn’t reasonably expect. We will never sell your personal data to other organisations, and will only ever share it in appropriate, legal or exceptional circumstances. See Section 4 to find out more. 

Developing a better understanding of our supporters through their personal data means we can make better decisions, fundraise more efficiently and, ultimately, helps us to reach our goal of supporting cancer patients and their loved ones.

We work to a ‘opt-in only’ communication policy. This means that we will only send marketing communications to you if you’ve explicitly stated that you want us to. We’ll also ask you how you want us to contact you.

Our marketing communications include information about our services, research, volunteering, campaigns and fundraising activities. If you’d like to receive this information, but haven’t yet opted in, please contact us on 029 2076 8850, email us at preferences@tenovuscancercare.org.uk or click here.

1. Where we collect information about you from

We collect information in the following ways:

When you give it to us DIRECTLY
You may give us your information in order to sign up for one of our events, tell us your story, make a donation, buy our products or volunteer with us. Sometimes when you support us your information is collected by an organisation working for us (e.g. a professional fundraising agency), but we are responsible for your data at all times.

When you give it to us INDIRECTLY
Your information may be shared with us by independent event organisers, for example the London Marathon or fundraising sites like JustGiving or Virgin Money Giving. These independent third parties will only do this if you’ve indicated you’re happy for them to do so. You should check their Privacy Policy when you provide your information to understand fully how they will process your data.

When you give permission to OTHER ORGANISATIONS to share it
You may have provided permission for a company or other organisation to share your data with third parties, including charities. This could be when you buy a product or service, register for an online competition or sign up with a comparison site.

Depending on your settings or the privacy policies for social media and messaging services like Facebook, WhatsApp or Twitter, you might give us permission to access information from those accounts or services

The information we get from other organisations may depend on your privacy settings or the responses you give, so you should regularly check them.

When is it PUBLICLY AVAILABLE
This may include information found in places such as Companies House and information that has been published in articles/ newspapers.

We may combine information you provide to us with information available from external sources in order to gain a better understanding of our supporters to improve our fundraising methods, products and services.

When we collect it as you use our WEBSITES OR APPS (our Cookies policy)
Like most websites, we use “cookies” to help us make our site, and the way you use it better. Cookies mean that a website will remember you. They’re small text files that sites transfer to your computer (or phone or tablet). They make interacting with a website faster and easier – for example by automatically filling your name and address in text fields. They also help us make sure you see the most relevant content across our channels, and help us measure how effective our communications are. 

On our website we use Google Analytics tracking code to support Google Advertising, specifically Remarketing and Google Analytics Demographics Reporting.

You can opt-out of Google Analytics for Display Advertising Interest Reporting using Google's Ads Settings here.

We also use Facebook’s custom audience code which helps us make any Facebook advertising you might see from us, as relevant as possible. This does not provide us with any information which could identify you.

As well as this, cookies can tell us the type of device you’re using to access our website or apps and the settings on that device may provide us with information including what type of device it is, what operating system you’re using, what your device settings are, and why a crash has happened. This information helps us understand how people are using our website and how to make it better.

Your device manufacturer or operating system provider will have more details about what information your device makes available to us.

Using cookies does not give us access to your computer, and they can't be used to identify an individual person.

2. What personal data we collect

The type and quantity of information we collect depends on why you are providing it. If you support us, for example make a donation, volunteer, fundraise, sign up for an event or buy something from our online shop, we will usually collect:

  • Your name
  • Your contact details
  • Your date of birth 

Where it is appropriate we may also ask for:

  • Information relating to your health
  • Information relating to support services you want to use
  • Your bank or credit card details
  • Why you have decided to support to us. We will never make this question mandatory, and only want to know the answer if you’re comfortable telling us
  • Parental consent if you’re under 16
  • Next of kin details
  • Security checks

We will only ever ask for information that is needed to provide the service, information or administration you have requested.

Children’s data
If and when we collect and manage information from children, we aim to manage it in a way which is appropriate to the age of the child. 

If a child is under 16 we will seek consent from a parent or guardian before collecting their information. Our events have specific rules about whether children can participate, and we’ll make sure advertising for those events is age appropriate.

3. How we use the personal data we collect

What we use your information for, depends on why you are providing it. We will mainly use your data to:

To provide you with the services, products or information you’ve asked for
We run services to support people affected by cancer, and health and health and wellbeing initiatives. The information we collect in order to provide these may be sensitive such as health, lifestyle, financial circumstances or family history.

Access to this data will always be limited to appropriate individuals with a legitimate interest in providing our services.

We also collect data in order for you to participate in an event or fundraising activity, volunteer, work with or donate to us.

If you enter your details onto one of our online forms, and you don’t ‘send’ or ‘submit’ the form, we may contact you to see if we can help with any problems you may be experiencing with the form or our websites

To administer your donation or support your fundraising, including processing Gift Aid
We will collect personal data from you in order to take donations and process Gift Aid.

Legally we are obliged to keep this information for seven years. If you are happy for us to claim Gift Aid on goods you’ve donated, and they raise over £100 in one tax year, we have to contact you quarterly to let you know what Gift Aid we’re claiming.

We may also use your personal information to detect and reduce fraud and credit risk.

To make sure we know how you prefer to be contacted
We record communication preferences so we only contact you in the ways you want to hear from us. We don’t want to waste your time, or the precious funds that amazing supporters, have so kindly raised and donated.

To send you Direct Marketing

We will only ever contact you with direct marketing about our work, activities and campaigns with your explicit consent, or under a lawful legitimate interest.

Legitimate Interest is where we have taken into account your rights and interests, and will only process your data if we feel it is in your interest, as well as our own.

For example, we might have a legitimate interest to process your personal information if you have enquired about one of our cancer support services, and we know there are other support services available which might help you. Or for legal purposes like dealing with complaints, or for complying with guidance from the Charity Commission. We may also process your personal information to contact you about events or campaigns similar to those you’ve supported in the past, and in some instances those you’ve expressed an interest in.

We make it easy for you to tell us how you want us to communicate, and what interests you. We also include information on how to opt out when we send you marketing. We do not sell or share personal details to third parties for the purposes of marketing. But occasionally, we may include information in our communications from partner organisations or organisations who support us.

If you change your mind at any time, and no longer want to hear from us, that’s fine. Just let us know when you provide your data or contact us on 029 2076 8850 or preferences@tenovuscancercare.org.uk.

To keep a record of your relationship with us
It’s important for us to have clear records on how you’ve supported us, or have been supported by us in the past. This helps us see the bigger picture makes sure your experiences of Tenovus Cancer Care are the best they can be.

We may also collect and retain your information if you send feedback about our services, give us a compliment or make a complaint.

To understand how we can improve our services, products or information
We believe it’s important to make sure that all of our services and health and well-being initiatives are the very best they can be. That’s why we evaluate them.

Once you’ve used one of our services or had health advice, we may get in touch to ask you about your experiences. There’s no obligation to take part, but it really helps highlight ways we can make things better in future.

To understand our supporters and work more effectively
We use profiling and screening techniques to make sure communications are relevant and timely, and to provide an improved experience for our supporters. Profiling also allows us to target our resources effectively, which our supporters always tell us is a priority.

When building a profile we may analyse geographic, demographic and other information relating to you in order to better understand your interests and preferences in order to contact you with the most relevant communications.

In doing this, we may use additional information from third party sources when it is available. Such information is compiled using publicly available data about you, for example addresses, listed Directorships or typical earnings in a given area. 

We do this because it allows us to understand the background of the people who support us and helps us to make the right requests. Importantly, it helps us to raise more funds, sooner, and more cost-effectively, than we otherwise would.

To share your story or experience
Some people choose to tell us about their experiences to help further our work. This might include information about their health, finances and family, as well as photos and/or video. We will always make sure we have explicit and informed consent from the individuals, or their parent or guardian if they are under 16. We will always keep this information safe and secure.

This information may be shared at events, in promotional materials or fundraising campaigns, or in documents such as our annual report.

4. Sharing your data

We do not sell or share personal details to third parties for the purposes of marketing. We will only share your details with third party organisations when it’s necessary to;

Provide you with the services you’ve asked for

  • We will make sure you’re happy for us to do this before anything happens and will explain who we are sharing the data with e.g. the Department of Work & Pensions, your local council etc.
  • Administer your participation in an event or fundraising activity
  • Comply with Health & Safety regulation

If we ever need to share data for these purposes, we will always take the utmost care, will make sure only essential data is transferred, and that it’s done so securely and safely.

Exceptional circumstances

Tenovus Cancer Care may also be required to share your details in exceptional circumstances. For example, to comply with the nurses’ code of professional conduct or where legally required by the police, regulatory bodies or legal advisors.

We will only ever share your data in other circumstances if we have your explicit and informed consent.

5. How we keep your data safe and who has access

We make sure that there are appropriate measures and controls in place to protect your personal details. For example our online forms are always encrypted and our network is protected and routinely monitored. We undertake regular reviews of who has access to information that we hold, to make sure that your information is only accessible by appropriately trained staff, volunteers and partners.

Before we use any external companies to collect or process personal data on our behalf, we will do comprehensive checks. We will always put a contract in place that sets out our expectations and requirements, especially how they manage the personal data they have collect or have access to.

Suppliers who run their operations outside the European Economic Area (EEA) are not subject to the same data protection laws as companies based in the UK. However, if we ever choose to use a supplier based outside of the EEA, we will make sure they provide an adequate level of protection in accordance with UK data protection law.

We may need to disclose your details if required to the police, regulatory bodies or legal advisors.

We will only ever share your data in other circumstances if we have your explicit and informed consent.

6. Keeping your information up-to-date

We try and keep our records up-to-date so we send you the most relevant information, using the correct contact details.

If your personal details change, we’d really appreciate it if you let us know.

Where possible we use publicly available sources to keep your records up to date; for example, the Post Office’s National Change of Address database and information provided to us by other organisations as described above.

Your ‘Right to Know’ what we know about you, make changes or ask us to stop using your data.

You have a right to ask us to stop processing your personal data, and if it’s not necessary for the purpose you provided it to us for (e.g. processing your donation or registering you for an event) we will do so.

You have a right to ask for a copy of the information we hold about you. In which case, we can provide you with a subject access request form which will include guidance on how you can make a request and will help us respond as quickly as possible. You can contact us on 029 2076 8850 for this.

If you have any further questions please send these to preferences@tenovuscancercare.org.uk, and for further information see the Information Commissioner’s guidance here (link is external).

7. How long we store information

We will only use and store information for so long as it is required for the purposes it was collected for. How long information will be stored for depends on the information in question and what it is being used for.

For example, if you ask us not to send you marketing emails, we will stop storing your emails for marketing purposes (though we’ll keep a record of your preference not to be emailed).

We continually review what information we hold and delete what is no longer required.

Changes to the Policy

We review this policy annually and may update it from time to time. If we make any significant changes in the way we treat your personal information we will make this clear on our website or by contacting you directly.

Updated May 2018.

Privacy Policy

Latest update: 23rd May 2018

What this policy covers

Capen Ltd, trading as Zaffo, manages raffles and lotteries on behalf of Societies (the Services).


The protection of personal data is of paramount importance. When you entrust your personal data to a Society through us, we go to great lengths to ensure that personal data is held securely and used only for the purposes which you have agreed to.


In this Privacy Policy we explain the things which we think are important for you to know about the personal data we collect from you, the purposes for which we use your information and how we protect your data. This policy is intended to help you understand:


  1. What information we collect about you

  2. How we use information we collect

  3. How we share information we collect

  4. How we store and secure information we collect

  5. How to access and control your information

  6. Other important privacy information



If you do not agree with this policy, please do not access or use our Society sites and services. If you have any questions relating to how we handle your personal data, please email support@zaffo.com.


1. What information we collect about you

We collect information about you when you input it into our raffle or lottery websites or otherwise provide it directly to us.

Your use of the Services: We collect information about you when you register for an account, sign-up for or make purchases through the Services. For example, you provide your contact information and, in some cases, billing information when you register for the Services. We keep track of your preferences when you select settings within the Services. The Services include the Raffle/Lottery products you subscribe to, including websites owned or operated by us, where we collect and store information that you supply during the sign-up process, and any content that you publish.

Information you provide through our support channels: The Services also include our customer support, where you may choose to submit information regarding a question you have about a Service. Whether you designate yourself as a technical contact, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of any problem you might be experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.

Payment Information: We collect certain payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.

Information we collect automatically when you use the Services

We collect information about you when you use our Services, including browsing our websites and taking certain actions within the Services.

Your use of the Services: We keep track of certain information about you when you visit and interact with any of our Services. This information includes the features you use; the links you click on; the type, size and filenames of attachments you upload to the Services.

Device and Connection Information: We collect information about your computer, phone, tablet, or other devices you use to access the Services. This device information includes your connection type and settings when you access or use our Services. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data. We use your IP address and/or country preference in order to approximate your location to provide you with a better Service experience.

Cookies and Other Tracking Technologies: We use cookies and other tracking technologies to provide functionality and to recognize you across different Services and devices.

What is a cookie? It’s a text string of information that a website transfers to the cookie file of the browser on your computer’s hard disk (or the memory of your mobile device) so that the website can remember who you are. A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a value, usually a randomly generated unique number.


We may use cookies to help us recognise you when you - for example when you return to complete a form on our website. We may also use cookies to record information about how you access our website for statistics solely for us.


The only personally identifying data used by cookies is your IP addresses. You can choose not to accept cookies by setting the preferences on your internet browser. If you do not accept cookies from us this may impair or prevent some or all of the services which we provide to you.


To find out more about cookies, what they are used for and how to remove them, please visit the Interactive Advertising Bureau Europe’s website at www.allaboutcookies.org/cookies/.


Tracking pixels: A tracking pixel is a piece of code, which contains a small image that is loaded when a user visits a website or opens an email, and is used to track certain user activities. Some societies also use tracking pixels to understand how you found out about their fundraising activity and measure the success of their marketing campaigns. For example, if they have invested budget in an online advertising campaign, tracking pixels can tell them whether you arrived at one of our websites from the advert they published, and whether you went on to make a purchase.


2. How we use information we collect

How we use the information we collect depends in part on which Services you use, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.

To provide the Services and personalise your experience: We use information about you to provide the Services to you, including to process transactions with you, authenticate you when you log in, provide customer support, and operate and maintain the Services. For example, we use your personal data for the following purposes:

To communicate with you about the Services: We use your contact information to send transactional communications via email, including confirming a purchase, reminding you of subscription expirations, responding to questions and requests, providing customer support, and sending you technical notices, updates and administrative messages.

We also send you communications when you sign up to a particular Service to help you use that Service. These communications are part of the Services and in most cases you cannot opt out of them. If an opt out is available, you will find that option within the communication itself.

To market, promote and drive engagement: We may use your contact information and information about how you use our Services to send promotional communications that may be of specific interest to you, including by email. These communications are aimed at driving engagement and helping you get the most out of our Services, including information about new campaigns or features, survey requests, newsletters, and events we think may be of interest to you. You can control whether you receive these communications by contacting support@zaffo.com to confirm your preferences.

Customer support: We use your information to resolve technical issues, to respond to your requests for support, and to repair and improve the Services.

For safety and security and to protect our legitimate business interests and legal rights: We use information about you and your Service use to verify activity across our platform, to monitor suspicious or fraudulent activity and to identify violations of Service policies.

Where required by law, or where we believe it is necessary to protect our legal rights, interests and the interests of others, we will disclose your personal data to law enforcement agencies or regulatory bodies. For example to:

(i) comply with the law or with legal process;

(ii) protect and defend our rights and property or that of our customers;

(iii) prevent fraud;

(iv) protect against abuse, misuse or unauthorised use of our website;

(v) protect the personal safety or property of our customers or the public;


Third Party processors: We may employ other companies to provide services for us, including for example, processing of payments in order for us to be able to provide our services to you. These companies have access to the personal information needed to perform their functions and not for any other purposes and are bound by confidentiality agreements not to disclose any information for any other purpose.


If at any time we wish to disclose your personal data in circumstances other than those above, we will always obtain your consent before doing so.


With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above.For example, we may send you information about new services or events where you have consented to be contacted.

Legal basis for processing (for EEA users):

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal basis for doing so under applicable EU laws. The legal basis depend on the Services you use and how you use them. This means we collect and use your information only where:

We need it to provide you the Services, including to operate the Services, provide customer support and to protect the safety and security of the Services;

It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;

You give us consent to do so for a specific purpose; or

We need to process your data to comply with a legal obligation.

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use, though, in some cases, this may mean no longer using the Services.


3. How we share information we collect

We want our services to be the best that they can be. This means sharing information with certain third parties, who are experts in their fields. We share information we collect about you in the ways discussed below. We never sell information about you to advertisers or other third parties.

Managed accounts and administrators: If you register or access the Services using an email address with a domain that is owned by your organization, we may, at the request of your employer, share certain information that you have supplied in registering for our Services.

Sharing with third parties

We share information with third parties that help us operate, provide, improve, integrate, customize, support and market our Services:

Service Providers: We work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.

Third party service providers we use to provide our services to you

Sendinblue: Email service provider. Uses include sending automated transactional emails when a raffle/lottery ticket is purchased by card through one of our Society Sites. https://www.sendinblue.com/gdpr/ https://www.sendinblue.com/blog/privacypolicy/

Docmail: bulk mailing service used to post Advance Notification Letters following a Direct Debit Lottery purchase. http://www.cfhdocmail.com/Downloads/Docmail_PP_2018.pdf#view=FitVPrivacy policy

AWS (Amazon Web Services): our web host. https://aws.amazon.com/compliance/gdpr-center/ https://aws.amazon.com/privacy/

RSM2000. Our payment service provider and BACS bureau, processing card and Direct Debit transactions. https://www.rsm2000.co.uk/page/privacy-policy

Credorax. Our acquiring bank: the link between our payment service provider and your card issuing bank. https://www.credorax.com/privacy

Hubspot. Our Customer Relationship Management tool. For example, information submitted via our web forms is stored here. https://www.hubspot.com/data-privacy/gdpr/product-readiness https://legal.hubspot.com/privacy-policy

Society Clients and their partners: Where we are managing a raffle or lottery on behalf of a society, that society is the data controller, and all data captured through our services is shared with them. In some cases, a society may ask us to share data with a third party that helps them run a fundraising initiative. For example, where a Society recruits lottery players through a recruitment company, we may be asked by the Society to share information with that company about successful and failed payments.

Links to Third Party Sites: The Services may include links that direct you to other websites or services whose privacy practices may differ from ours (for example, clients may include links to their own or partner websites). If you submit information to any of those third party sites, your information is governed by their privacy policies, not this one. We encourage you to carefully read the privacy policy of any website you visit.

Third-Party Widgets: Some of our Services contain widgets and social media features, such as the Twitter "tweet" button. These widgets and features collect your IP address, which page you are visiting on the Services, and may set a cookie to enable the feature to function properly. Widgets and social media features are either hosted by a third party or hosted directly on our Services. Your interactions with these features are governed by the privacy policy of the company providing it.

With your consent: We share information about you with third parties when you give us consent to do so. For example, where a Society is partnering with a corporate partner to run a raffle, you may be invited to opt-in to marketing communications from that corporate partner.

Compliance with Enforcement Requests and Applicable Laws; Enforcement of Our Rights: In exceptional circumstances, we may share information about you with a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect Capen Ltd, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Business Transfers: We may share or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the Services if a transaction takes place, as well as any choices you may have regarding your information.


4. How we store and secure information we collect

Information storage and security:

We use data hosting service providers in the London to host the information we collect, and we use technical measures to secure your data. For more information on where we store your information, please contact support@zaffo.com to request our system architecture diagrams.

While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others or from accidental loss or corruption

If you use our Services, responsibility for securing access to the information you put into the Services rests with you and not Capen Ltd. Whilst all of our sites are issued an SSL certificate as part of our website service, we strongly recommend that Society administrators restrict access to their Zaffo Secure dashboard. Please note that our storage of your information is incidental to our provision of our services to you and does not absolve you of your responsibility to back-up your important information

How long we keep information:

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Account information: We retain your account information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Services. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our Services. Where we retain information for Service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our Services, not to specifically analyze personal characteristics about you.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences in our Customer Relationship Management tool for a reasonable period of time from the date you last expressed interest in our Services, such as when you last opened an email from us or ceased using your Zaffo account. Unless we are required by law to contact you (for example, to send a ticket email if you purchase raffle/lottery tickets, you will always be given the option to opt-out of marketing communications. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created. See section 5 below for more details on how to control your information.


5. How to access and control your information

You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.

Your Choices:

You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. You may contact us at support@zaffo.com to request assistance.

Your request and choices may be limited in certain cases: for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.

Update your information: If you believe the information we hold on you is inaccurate, or your information has changed, please contact support@zaffo.com and advise us of any amendments you wish to be made.

Deactivate your account: If you no longer wish to use our Services, please contact us. Please be aware that deactivating your account does not delete your information. For more information on how to delete your information, see below.

Request that we stop using your information: In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so. For example, if you are no longer an active user, you can request that we delete your account as provided in this policy. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honored or the dispute is resolved, provided your employer does not object (where applicable).

Opt out of communications: You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, or by contacting us as provided below to have your contact information removed from our promotional email list or marketing/CRM database. Even after you opt out from receiving promotional messages from us, you will continue to receive legal and transactional messages from us regarding our Services. For example, if you purchase a raffle/lottery ticket from a website managed by us, it is our legal obligation to send you your ticket information.

Turn off Cookie Controls: To find out more about cookies, what they are used for and how to remove them, please visit the Managing Cookies section of Interactive Advertising Bureau Europe’s website at www.allaboutcookies.org/cookies/.

Send "Do Not Track" Signals: Some browsers have incorporated "Do Not Track" (DNT) features that can send a signal to the websites you visit indicating you do not wish to be tracked. Because there is not yet a common understanding of how to interpret the DNT signal, our Services do not currently respond to browser DNT signals. You can use the range of other tools we provide to control data collection and use, including the ability to opt out of receiving marketing from us as described above.

Data portability: Data portability is the ability to obtain some of your information in a format you can move from one service provider to another (for instance, when you transfer your mobile phone number to another carrier). Depending on the context, this applies to some of your information, but not to all of your information. Should you request it, we will provide you with an electronic file of your basic account information and the information you create on the Zaffo services under your control, such as that added to your Zaffo website through the Content Management System.


6. Other important privacy information

Changes to our Privacy Policy

We may change this privacy policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we may send you an email notification. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our privacy policy whenever you use the Services to stay informed about our information practices and the ways you can help protect your privacy.

If you disagree with any changes to this privacy policy, you will need to stop using the Services and deactivate your account, as outlined above.

Contact Us

If you have questions or concerns about how your information is handled, please contact us at support@zaffo.com. 0203 176 6861. Unit 512, The Print Rooms, 164 to 180 Union Street, SE1 0LH.