Privacy Policy

Home / Privacy Policy

Overview

Growcreate (Growcreate Limited, Invessed Limited or our affiliates, trading as Midday Digital and referred to as "we", "our", or "us" in this text) are committed to data protection and privacy. This notice is provided to inform you how we collect and process any information that we collect from you, or that you provide to us. It sets out the types of personal data we collect and process, the purposes of processing and the rights you have in connection with it. It covers information that could identify you (“personal information”) and information that could not. In the context of the law and this notice, “process” means collect, store, transfer, use, or otherwise act on information.

We respect individuals' privacy rights and are committed to handling personal information responsibly and in accordance with applicable law. If you are in any doubt regarding this notice, please contact adam@midday.digital.

Types of personal data we collect

During your contract with us, or when making an enquiry about our service offering, we may process personal data about you, your colleagues, and customers, as well as other individuals whose personal data has been provided to us. The types of personal information we may process include, but are not limited to:

  • Account profile and contact information

  • Communications, such as emails and recordings

  • Financial, e.g., invoices and proposals

  • Technical data, such as API keys provided

  • Marketing data and preferences

We also collect anonymous or aggregated data, such as usage statistics and reports derived from your personal data. Anonymous data is not considered personal information in law because it does not reveal your identity. However, if we combine aggregated data with your personal information in a way that could identify you, we treat the combined data as personal information and will use it in accordance with this privacy notice.

Purposes for data processing

Our team will process your personal data to inform you about our services and provide them. The purposes for which we process personal information include, but are not limited to:

  • Sales and Marketing

  • Account Management

  • Solution Support and Maintenance

  • Project Delivery (including our core delivery specialisms like Umbraco upgrades, managing secure client portal systems, configuring managed Azure hosting, or embedding custom AI Search tools)

Other purposes

We may also collect and use personal information when necessary for other legitimate purposes, such as helping us conduct our business more effectively and efficiently – for example, for general IT security management, accounting or financial planning. We may also process your personal information to investigate violations of law or breaches of our own internal policies.

We may also use your personal data where we consider it necessary to comply with laws and regulations, including collecting and disclosing employees' personal information as required by law (e.g., for tax, health, and safety, andyour personal information, or we may otherwise need it anti-discrimination laws), under judicial authorisation, or to exercise or defend our legal rights.

Legal basis

Our legal basis for collecting and using the personal data described above will depend on the specific data and how we collect it. We will normally collect personal data from you only where we need it to perform a contract obligation (i.e., to deliver a service and to manage the client/business relationship), where we have your freely given consent to do so, or where the processing is in our legitimate interests and only where this interest is not overridden by your own interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person.

Sharing your data

We take care to allow access to personal data only to those who require it to perform their tasks and duties, and to third parties with a legitimate purpose for accessing it. Whenever we permit a third party to access personal information, we will implement appropriate measures to ensure the data is used in a manner consistent with this notice and that the security and confidentiality of the data is maintained.

In addition, we make certain personal data available to third parties who provide services to us. We do so on a "need-to-know" basis and in accordance with applicable data protection and data privacy laws. For example, some personal data will be available to our employee benefits plan service providers and third-party companies that provide us with employment law advice, health and safety support, payroll support services, and expenses, tax, and travel management services.

Your Rights

You may exercise the rights available to you under data protection law. We respond to all requests from individuals seeking to exercise their data protection rights in accordance with applicable data protection laws. To exercise any of these rights, please contact adam@midday.digital.

Issues and Complaints

We try to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures. If you want to make a complaint about the way we have processed your personal information, you can contact the ICO or raise it with our team at adam@midday.digital.