Privacy Policy

Introduction

Popsa (referred to as "Popsa", "we", "our" or "us") takes your privacy very seriously. We ask that you read this Privacy Policy carefully as it contains important information about what to expect when we collect personal information about you as a result of using our mobile applications ("App" or "Apps") (regardless of where you visit it from) our web services such as popsa.com ("Website" or "Websites") and in any communication or interaction between us, any information retained on our databases or following telephone, email or other communications. This Privacy Policy also sets out how Popsa will use your personal data, tells you about your privacy rights, and how the law protects you.

Our App is not intended for children and Popsa does not knowingly collect data relating to children.

This Privacy Policy forms part of our Terms of Service and also incorporates our Acceptable Use Policy and our Cookie Policy. It is important that you read this privacy notice, together with any other privacy notice or fair processing notice that we may provide by notification in our App from time to time, so that you are fully aware of how and why we are using your data.

Definitions used in this Privacy Policy have the same meaning as set out in our Terms of Service.

Popsa works closely with print partners at locations throughout the world ("Partners") to manufacture high-quality photo-personalised products in a physical format which can be sent directly to you or on your behalf to your chosen friends, family or anyone else you choose throughout the world.

To ensure we provide you with the best user experience in our App, and to continue to improve our Services and support to you, we may share your information with third parties such as agents, venues, companies, promoters or sponsors and to enable you to purchase our Services you will either need to provide credit/debit card information to our payment services partner, Stripe, or authorise payments using PayPal. Please read our guidance below to understand how they may use your information.

Your personal information is collected, stored and processed strictly in accordance with the EU General Data Protection Regulation (EU) 2016/679 ("GDPR") and Directives 2002/22/EC and 2002/58/EC on privacy and electronic communications as amended by Directive 2009/136/EC as these may be updated or revised from time to time.

Popsa is the 'controller' of your personal data under the GDPR when we collect personal information (as that term is defined in the GDPR) and therefore we have responsibility to ensure your personal information is processed and stored in accordance with this Regulation at all times.

Popsa is a group made up of several companies (the "Popsa Group"), so when we mention Popsa or "we", "our", or "us" in this privacy notice, we are referring to the relevant company in the Popsa Group that is responsible for processing your data when your use our services, or purchase a product or service from us. The legal entity holding responsibility as the 'data controller' is Popsa International Limited.

We have appointed a data protection officer ("DPO") who is responsible for overseeing our compliance with our GDPR obligations and any questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights as set out below, please contact the DPO at dpo@popsa.com.

You can find more information on the GDPR and your legal rights here.

Our contact details are as follows:

Popsa International Limited, St James House, 9-15 St James Road, Surbiton, Surrey, KT6 4QH. Our DPO can be contacted by email on dpo@popsa.com.

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.


1. The information we collect about you

When you use our Apps or Website to browse our products, create designs or purchase services or subscriptions from us, or when you correspond with us directly through email, post or by telephone, we may collect information about your identity, how to contact you, and limited financial information.

As is usual, we automatically collect technical data about how you are using our App or Website, and behavioural data that allows us to understand how our users and customers interact with our products and services. This information is tracked using services provided by third parties, such as Google Analytics.

Where you have supplied your contact information to 3rd parties for the purpose of marketing, we will rely on our Legitimate Interest to contact you via the telephone or post.

When you use our Apps:

We collect technical and usage data whenever you use our Apps. This includes your IP address, the version of the app you are using, your time-zone and information that allows us to understand how people use our App.

We also collect information about your preferred language. This is detected from the device you are using, and we use this to tailor our communications with you and to display information to you in the correct language. This preference can be changed in our Apps, in the Settings page.

This information is added to a profile we hold on you ("User Profile"). This profile is automatically updated over time as you use our App and services and is kept up to date with your marketing preferences.

When you visit our Website, or use secure features available on our website:

We use cookies for the following purposes:

  • Authentication and security: for example, to tell us when you are logged in so we can show you your information and relevant data and protect your account from unauthorised users.
  • App features and other services: we may use cookies to deliver new features and services.
  • Analytics and research: we collect data about App usage to analyse where improvements can be made and provide an easy to use overall user experience of our App and our ordering processes.

Cookies or other tracking technologies are text files placed on your computer to collect standard internet log information and visitor behaviour information. The information is used to track visitor use of our Apps and Websites and to compile statistical reports on browsing activity. For information about the cookies and other tracking devices used on our Apps and Websites and how to disable them, we recommend visiting www.aboutcookies.org or www.allaboutcookies.org. You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, some of our App features may not function if you remove cookies from your browser.

For detailed information about our use of cookies, please see our Cookie Policy.

When you create an account using an email address:

Initially, we collect some basic information such as your name and your email address. If you choose to place an order with us, we request that you set a password, which we then cryptographically store so we can protect your account and information. We never see your actual password.

When you create an account using Facebook:

We request the email address, name, gender and the date of birth that you registered with Facebook. You are given an opportunity to deny this request in part or in total during the authentication process. If you do not provide us with a valid email address that we can use to contact you, we may be unable to fulfil our service to you.

When you create an account using Twitter:

We request the email address and name that you have registered with Twitter. You are given an to deny this request during the authentication process. If you do not provide us with a valid email address that we can use to contact you, we may be unable to fulfil our service to you.

When you grant our app permission to access your Photo Library:

We collect some statistical information about your photo library, such as the number of photos you have taken in total, and the median number of photos you have taken over recent months. This allows us to enable features to customers who have a sufficient number of photos in their photo library.

When you select photos to use in a photo-personalised product while using our App:

Our proprietary "PrintAI" algorithm will perform analysis of the photos you select so that it can create an aesthetically pleasing design as if a human had designed it.

The algorithm assesses a photo's date, dimensions, location of any faces, and how close the photo is chronologically to other photos in your selection. This information is used to heuristically determine the best positions and sequence of the photos.

When you enable the Popsa Assistant ("Assistant"):

Photos in your library will be analysed to provide an automatic photo curation service. The assistant runs as part of the Popsa App and performs analysis on your mobile device, however it may occasionally upload small versions of some photos to our servers for further analysis; this is done anonymously. The Assistant will perform multiple analyses on photos in your library, asking questions such as "is this photo a screenshot", "are faces present in this photo", "is this face similar to other faces in the photo library", "is there a famous landmark in this photo". This information is used to determine whether a photo should be included in a curated list of photos that could be used to create a photo-personalised product.

The Assistant will also analyse the statistical distribution of photos in your library. This allows it to identify significant events, such as when you go on holiday, so that it can help you select large groups of relevant photos easily.

With your permission, the Assistant will keep a secure record of the faces it detects in your photo library. This can help you select groups of faces that are familiar to you, rather than having to browse through thousands of photos yourself.

Wherever possible, the Assistant performs analysis by running processes in the mobile app to ensure a high degree of privacy reduced latency.

When the Popsa Assistant is available to you it will appear as a new item on the Settings page inside the app. You will have the option of turning the Popsa assistant off if you no longer wish to benefit from the help it provides.

When you place an order for a photo-personalised product in our App:

To fulfil an order, we request a delivery address and contact information (such as a phone number) for the intended recipient. We also request a billing address for fraud detection and as a complete record of the transaction. Postal addresses include a name, postal/zip code, and country.

If you choose to pay for your order using a credit or debit card, this payment information is sent directly to our payment-services provider, Stripe, who authorise the purchase on our behalf. We never see or store your card details but we are notified if the transaction succeeds or fails.

If you choose to pay for your order using another service, such as PayPal, we never see your financial data, we are notified that a transaction has either succeeded or failed.

To process your payments by credit or debit card

Payments for our Services by credit and debit cards are processed through our third party payment services processor, Stripe, in accordance with a Merchant Services Agreement between Popsa and Stripe, whose headquarters are at 3180 18th Street, Suite 100, San Francisco. When you reach the checkout stage of our ordering process, our App passes the credit/debit card details you provided securely and directly to Stripe to authorise the transaction with your bank or credit card company. Popsa does not, store any credit/debit card details. We require Stripe and all of our Partners to maintain levels of security that are adequate and appropriate to protect your information in accordance with all applicable legislation. We strongly recommend you visit Stripe's website at and review their terms and conditions https://stripe.com/gb/terms and in particular their privacy policy https://stripe.com/gb/privacy which sets out how they use and store your information.

Please note that Popsa does not store your credit/debit card information at any time, nor do we have sight of any credit/debit card details that you enter when paying for our Services. Payment information and authorisation is relayed to us from Stripe using tokenisation technology which means your credit/debit card data never passes through our servers at any time. We will not be legally responsible to you for any loss that you may suffer if a third-party gains unauthorised access to any information that you provide to Stripe.

To process payments by PayPal

If you choose to pay via PayPal you will be securely redirected to a PayPal operated site or mobile app, although this may appear to be presented within our App. We will not see any of your financial information held by PayPal nor we will ever see the username, email or password that you use to authenticate with PayPal. We will only be notified that the transaction has completed successfully or that it has failed, and we may be given a reason explaining why the transaction failed (e.g. "insufficient funds", or "card reported as stolen").

We strongly recommend that you visit Paypal's website and review their privacy policy, available https://www.paypal.com/webapps/mpp/ua/privacy-full which sets out how they protect your information.

When you contact our support team:

We keep a record of the communications you have with us in which you may volunteer any information.

When you enter a competition, or complete a survey:

We may add the responses you provide to your User Profile so we can provide a better and more customised service to you in the future.

Aggregated Data

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific Website or App feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy notice.

Special Categories of Personal Data

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data

Where we need to collect personal data by law, or to enable us to provide you with Popsa products and services, and you fail to provide that data when requested, we may not be able to fulfil your Order. In this case, we may have to cancel an Order you have placed with us but we will notify you if this is the case at the time if you have provided us with valid contact information.

Occasionally we may receive information about you from other third party sources (such as credit reference agencies) which we may add to information we already hold about you in order to help us verify your identity and improve our Services to you.

To administer your Account and provide you with Support

We may access basic information about Account activity or purchase records held by Stripe or PayPal to be able to process your Orders, administer Services like invoicing, payments, refunds and to assist us to resolve any conflicts that may occur between us, but this information does not include your credit/debit card data.

Requests for further information

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Cookie Usage

For detailed information about our use of cookies, please see our Cookie Policy.

2. Purposes for which we will use your personal data

We have set out below a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. (Please see the Glossary for terminology used below.)

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at dpo@popsa.com if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out below.

To register you as a new customer:

We may use your identity and contact information.
The legal basis for this is the performance of our contract with you when providing our Services.

To process and deliver your order, including keeping a record of the transaction for accounting purposes and fraud prevention:

We may use your identity, contact, financial and transaction information.
The legal bases of this is the performance of our contract with you when providing our Services; and because the information is necessary to make payments for our products and services which is in in our legitimate interests.

To manage our relationship with you, including notifying you about changes to our terms or our privacy policy, or asking you to leave a review or take a survey:

We may use your identity, contact, profile, and marketing and communications information.
The legal bases for this is the performance of a contract to provide our services to you; because the information is necessary to comply with a legal obligation; and because the information is necessary for our legitimate interests (to keep our records updated and study how customers use our products and services).

To enable you to partake in a prize draw, competition or to complete a survey:

We may use your identity, contact, profile, usage and marketing and communications information.
The legal basis for this is the performance of a contract to provide our services to you and because it is necessary for our legitimate interests (to study how customers use our products and services, in order to develop and grow our business).

To deliver relevant in-app or website content, to serve advertisements, and measure or understand the effectiveness of advertising we serve to you:

We may use your identity, contact, profile, usage, marketing and communications, and technical information.
The legal basis for this is because it is necessary for our legitimate interests (to study how customers use our products and services, to improve our advertising effectiveness, and to grow our business and inform our marketing strategy.)

To use data analytics to improve our Apps, products and services, marketing, customer relationships and experiences:

We may use your technical and usage information.
The legal basis for this is that it is necessary for our legitimate interests (to define types of customers for our products and services, to keep our App and Website updated and relevant, to develop our business and to inform our marketing strategy.)

To make suggestions and recommendations to you about goods or services that may be of use or interest to you:

We may use your identity, contact, technical, usage or profile information.
The legal basis for this is that it is necessary for our legitimate interests (to develop our products and services, and to grow our business.)

Glossary

"Legitimate Interest" means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

"Performance of Contract" means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

"Comply with a legal or regulatory obligation" means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Change of Purpose

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Most commonly, we will use your personal data in the following circumstances:

  • to process your registration on our App
  • to communicate with you to process and fulfil any Orders you make for our Services
  • to send your customised product to your intended recipient
  • to assist us to continually improve and develop our Website and our Services
  • where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; and
  • where we need to comply with a legal or regulatory obligation.

The relevant information is then used by us, our Partners, agents and sub-contractors to process and administer your Account and to communicate with you on any matter relating to the operation of your Account and the provision of our Services. If you agree, we may also contact you about other products and services we think may be of interest to you.

We may also use aggregate information and statistics for the purposes of monitoring App usage in order to help us to improve our functionality and facilities of our App and our Services. We may also provide such aggregate information to third parties.

We may also use aggregate information and statistics for the purposes of monitoring App usage in order to help us to improve our functionality and facilities of our App and our Services. We may also provide such aggregate information to third parties. These statistics will not include information that can be used to identify you.

From time to time we may provide your information to our customer service agencies for research and analysis purposes so that we can monitor and improve the Services that we provide. We or our agents and sub-contractors may contact you by post, email or telephone to ask you for your feedback and comments on our Services.

We may also use aggregate information and statistics for the purposes of monitoring App usage in order to help us to improve our functionality and facilities of our App and our Services. We may also provide such aggregate information to third parties.

To promote your safety and security we use the information we collect to help verify accounts and activity, and to promote safety and security, such as by investigating suspicious activity or violations of our terms or policies.

Sale of business

If our business is sold or integrated with another business your details may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business.


3. Sharing your data with our Partners and third parties

To enable Popsa to fulfil our Services, we need to share your information with our Partners who provide print services on our behalf and who produce your customised product in accordance with your Order as well as delivering your Order to your intended recipient. Your information may also be shared with relevant third parties to enable us to process and fulfil your Orders. These third parties may also need to contact you in connection with your Order.

We may share your information with other third parties so that they can provide services to us (e.g. postal and courier services, call centre providers, professional advisers or a market research company), but where we do we will put in place a written agreement protecting your information as required by data protection legislation. Where you have consented to be contacted by certain third parties by email or other means, we may provide your information to them and they may use it for advertising or marketing purposes.

Popsa has no control over the content or operation of third party websites or mobile applications so if you choose to visit a website or mobile application of any third party please ensure you read their privacy policy first to fully understand how they use your information.

Where required or permitted by law, we may share information requested by a government agency or other regulatory body or organisation, to protect or enforce our rights or the rights of any Partner, or third party, or in the detection and prevention of fraud and other crimes.

Internal Third Parties

Other companies in the Popsa Group acting as joint controllers or processors and who are based in the United Kingdom and provide R&D services.

External Third Parties

  • Service providers such as our Print Partners acting as processors based in the UK, Australia, the US and the EU who provide services to manufacture and dispatch of photo-personalised products.
  • Professional advisers acting as processors or joint controllers including our lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
  • UK HM Revenue & Customs, regulators and other authorities acting as processors or joint controllers based in the United Kingdom who require reporting of processing activities in certain circumstances.
  • The App Store, administered by Apple Inc.
  • Google Play, administered by Google Inc.
  • PayPal (Europe) S.à r.l. et Cie, S.C.A.
  • Functional Software Inc (Sentry) to provide crash reporting and Software analytics.

4. Third-Party Marketing

We will get your express opt-in consent before we share your personal data with any company outside the Popsa group of companies for marketing purposes.

We may also wish to provide you with information about special features of our App or any other service or products we think may be of interest to you. If you would rather not receive this information, please send an email stating your request to dpo@popsa.com. If you provide your express consent to us providing you with marketing information, you can always opt out at a later date.

We may also provide your information to carefully selected third parties whose products or services we believe may be of interest to you and we may share your information with third parties we think may be of interest to you. We shall only do this if you have expressly indicated your consent in the Settings page of our App to receiving such third-party information.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us on dpo@popsa.com.

Opting out of marketing information

If you have already consented to receiving this information, but change your mind and wish to opt out. If you would rather not receive this information, you can ask us or third parties to stop sending you marketing messages at any time by logging into the App and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out or unsubscribe links on any marketing message sent to you or by contacting us at dpo@popsa.com any time.

We want to ensure your legal rights in respect of your personal information are fully protected so if for any reason you still receive messages from third parties via the App after opting out please send an email to dpo@popsa.com.

Where you opt out of receiving marketing messages, this will not apply to personal data of you or your recipient provided to us as a result of a submitting an Order to us to purchase our print products, print and delivery processes, feedback about your Popsa experience or other transactions you have with us.


5. Data Security and how our systems protect your information

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We have put in place the following security procedures and technical and organisational measures to safeguard your personal information:

  • All communication between your Device browser and our servers is performed through a secure connection using encryption.
  • All the information is stored safely in our servers and available/disclosed only to Popsa employees who need to access that information in order to process it to provide the our Services, and strictly upon entering into obligations of confidentiality in respect of your information.

Popsa systems and processes are configured to strictly comply with the GDPR and we maintain those systems to the industry standard levels required to safeguard your personal information and to ensure rights are always protected. However, you should be aware that the use of the Internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal information which is transferred from you or to you via the Internet.

As referred to above, only Stripe or PayPal have access to your credit/debit card data, which is never stored on Popsa servers.


6. Overseas Transfers

The information you provide when you register on our App or using our Services may be transferred to countries outside the European Economic Area ('EEA') that do not have similar protections in place regarding your data and restrictions on its use as set out in this policy. However, we will take steps set out below in accordance with the GDPR to ensure adequate protections are in place to ensure the security of your information.

The EEA comprises the EU member states plus Norway, Iceland and Liechtenstein.

By submitting your information you consent to these transfers for the purposes specified.

We share your personal data within the Popsa Group. This will involve transferring your data outside the EEA.

Many of our Partners and other external third parties that we use to provide our Services are based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented that is appropriate to the transfer:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries. More Information.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries. More Information.

7. Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.


8. Data Retention

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, which includes to provide our Services to you, the process your Order, send print products to your intended recipient, including for the purposes of satisfying any legal, accounting, or reporting requirements that Popsa must comply with in the usual course of our business.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by emailing us at dpo@popsa.com.


9. Your legal rights relating to your personal data

You have the right to:

Request access to your personal data.

You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please send an email to dpo@popsa.com or send a letter to Popsa International Limited, St James House, 9-15 St James Road, Surbiton, Surrey, KT6 4QH.

No fee usually required.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

Request correction of your personal data.

We want to ensure that your personal information is accurate and up to date. You may ask us, or we may ask you, to correct information you or we think is inaccurate, and you may also ask us to remove information which is inaccurate. If any of the information that you have provided to us changes, for example if you change your email address, name or payment details this can be changed in your account settings page inside the app.

Request erasure of your personal data.

This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it, for instance if you no longer wish to use our Services. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing

You have the right to object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data

This enables you to ask us to suspend the processing of your personal data in the following scenarios: (a) if you want us to establish the data's accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party (data mobility).

We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform our Services to you.

Right to withdraw consent or unsubscribe

We are relying on consent to process your personal data. However, if you notify us to withdraw your consent, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

If you wish to cancel your registration, or unsubscribe to our communications, please let us know the correct details by sending a support request to dpo@popsa.com or send a letter to Popsa International Limited, St James House, 9-15 St James Road, Surbiton, Surrey, KT6 4QH.


10. Time limit to respond

We try to respond to all legitimate requests within 30 days. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.


11. Your consent to processing your personal data

By registering an account on our App, and submitting your personal information or that of your intended recipient of our print product via our App you consent to the use of that information as set out in this Privacy Policy.


12. Links to third party websites

Our App contains links to other websites or mobile applications. This Privacy Policy only applies to this App so when you access links to other websites or mobile applications you should read their own privacy policies.


13. Changes to our Privacy Policy

We keep our Privacy Policy under regular review. If we change our Privacy Policy we will post the changes on this page, and place notices on other pages of the App, so that you may be aware of the information we collect and how we use it at all times. You may be required to indicate that you accept these changes before being able to download our stream our App to your Device or to purchase Services however this will not affect the fulfillment of Orders already purchased by you before those changes are implemented. This Privacy Policy was last updated on 14th June 2021.


14. How to contact us

We welcome your views about our App, our Services and our Privacy Policy. If you would like to contact us with any queries or comments please send an email to dpo@popsa.com or send a letter to Nightingale House, 46/48 East Street, Epsom, Surrey, United Kingdom, KT17 1HQ.


Partner Compliance

We affirm that Google Workspace APIs are not used to train generalised AI and/or ML models.