This policy states how EvolveMyRetirement® (the "Website") uses your personal information.
The Website may collect and use the following kinds of personal information:
• Email address
• Password
• The name by which you choose to be addressed by the Website
• Gender
• Date of birth
• Post code
• Financial information
• Credit card details (processed securely by our payment provider; not stored by us)
The data controller responsible for your personal information is Okinawa Zest Limited, a company registered in England and Wales (company number 9182665), with its registered office at Argyle House, Northside Suite 1B1, Joel Street, Northwood, HA6 1NW.
The Website may use your personal information to:
• Allow you access to the Website
• Display to you information about you on the Website
• Carry out calculations for your benefit
• Personalise the Website for you
• Send you information about the Website and your usage of it
• Contribute to anonymous statistics held by the Website
• Show advertising on the public Website and, where you have given consent, improve the relevance of such advertising
• Collect payments for the use of additional features requested by you
The Website will not use your personal information for uses other than the above, except as required to do so by law.
We process your personal information only where we have a lawful basis to do so under UK data protection law. These bases are:
• Contract: to provide you with access to the Website, operate your Account, perform calculations, and process payments.
• Legitimate interests: to maintain the security and performance of the Website, to generate anonymous statistics, and to improve the service.
• Consent: for marketing emails and for personalised advertising or non-essential cookies, where applicable. You may withdraw your consent at any time.
• Legal obligation: to retain certain records for tax, audit, or compliance purposes.
Under UK data protection law you have the following rights in relation to your personal information:
• access the personal information we hold about you
• correct inaccurate information
• request the deletion of your information
• restrict how your information is used
• object to certain types of processing
• receive your information in a portable format
• withdraw consent where we rely on consent
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you are unhappy with how your information has been handled.
We keep your personal information only for as long as necessary to provide the Website, operate your Account, or meet our legal, accounting, or reporting obligations. If you delete your Account, we retain only the information required to comply with legal obligations, maintain audit records, resolve disputes, or enforce this policy, after which it is securely deleted.
Your personal information may be transferred outside the United Kingdom. Where this occurs, we ensure that appropriate safeguards are in place, such as adequacy regulations or approved data-transfer agreements, to protect your information in accordance with UK data protection law.
The Website requires your explicit consent before sending you the following types of email:
• News updates relating to new features of the Website or of general interest
• Periodic reminders to log into the website to review your plan
While you are signed up to the Website, the Website may send you the following types of email without your additional explicit consent:
• Messages in direct response to your use of the Website
• Notification of account inactivity for over a year
• Administrative messages concerning the Website
In compliance with the Data Protection Act 2018, EvolveMyRetirement® has put in place appropriate technical and organisational measures against unauthorised or unlawful processing of your personal data and against accidental loss, destruction or damage to it. All information exchanged between your web browser and EvolveMyRetirement® is encrypted using industry-standard TLS. Your password information is securely encrypted using bcrypt before it is stored. Your credit card details are not stored by us, but are used solely during individual payments requested by you.
Payments are processed by a PCI DSS–compliant payment provider. We do not store your credit card details, and they are handled securely in accordance with the provider’s PCI DSS obligations.
The Website may use cookies in accordance with our Cookie Policy.
