Invotek is an ICO-registered business.
Registration reference ZB796944.
This website has no trackers and collects no information.
invotek.net/legal/privacy-customer.html
Last updated 22 Jan 2025
Welcome!
This privacy notice explains what you can expect us to do with your personal data when you contact us or buy our services.
We may update this privacy notice at any time. We'll notify you of any updates via any method necessary.
Overwhelmed? We'll gladly clarify anything upon contact.
See the "Contact" heading for our email.
You're absolutely welcome to contact gdpr@invotek.net at any time to exercise your UK GDPR rights, or for any other privacy concerns.
E91A EAE3 73E1 52F2 20D9 31D6 3081 5AED 2F37 CBDF
0x30815AED2F37CBDF
For each purpose, we've provided a bullet point list of the data we collect/use.
We are required to have a "lawful basis" for the collection/usage of your personal data. The lawful bases used may affect your rights, which are set out below.
We will reply to requests without undue delay within one month. Feel free to make a request via the "Contact" heading.
More info on your data protection rights
You have the right to ask us for copies of your personal data, and other information, like where we got it from, or who we share it with.
There may be exceptions where you do not receive everything you ask for. Check the ICO's website (above) for a list of exceptions.
You have the right to ask us to correct/delete personal data you think is inaccurate/incomplete.
You have the right to ask us to delete your personal data.
You have the right to ask us to limit how we use your personal data.
You have the right to object to the processing of your personal data.
You have the right to ask that we transfer the personal data you gave us to another organisation, or to you.
When we use consent as our lawful basis, you have the right to withdraw your consent at any time.
For each purpose, we've provided information on the legal basis we use.
We use contract¹ as our legal basis.
We use contract¹ as our legal basis, as we may need to inform you of downtime, changes in pricing, etc., which may mean we can't provide our services anymore.
We use contract¹ and legitimate interests² as our legal basis.
We use contract¹ as there may be issues that significantly affects your service and thus affects us being able to carry out our contract with you.
We use legitimate interests² as we need to reply to your support queries via email/Discord, and provide you with general support/troubleshooting.
We use legitimate interests² as our legal basis as Stripe needs to identify and block fraudulent transactions. We also need to review uploaded content to ensure legal/ToS compliance, and add you to our purchasing blocklist if you break the law or our ToS.
We use consent³ as our legal basis.
¹ "Contract" means we have to collect/use this data to enter into, or carry out, a contract with you.
All of your data protection rights may apply, except the right to object.
² "Legitimate interests" means we're collecting/using your data because it benefits you, our organisation, or someone else, without causing an undue risk of harm to anyone.
All of your data protection rights may apply, except the right to portability.
³ "Consent" means we have permission from you after we gave you all the relevant information.
All of your data protection rights may apply, except the right to object. You have the right to withdraw your consent at any time.
All of our personal data comes directly from you. We don't collect anything from third parties.
For each purpose, we've provided information on how long we keep data for.
We may have to retain data longer than this if legally required (court orders, investigations etc). We'll notify you regarding this wherever possible.
Kept as long as you are a customer. Deleted two months after your last service ends, or earlier upon request. We'll send you reminders 30 days, 14 days, and 3 days before deletion.
Please note: We are legally required to keep transaction information for up to 6 years.
Please note: Any emails or other contacts related to purchasing our services will be kept if you made a transaction in the past 120 days, so we can prove to your bank you authorised the transactions.
Kept on our Stripe blocklist for up to 5 years, to identify and prevent you from buying our services again.
For those that are not an Invotek customer, we keep email conversations for up to 30 days after the last email sent or received.
We use Stripe as a data processor, which handles payment processing.
Other than this, we don't share your personal data with third parties.
At most, we take every step to anonymise and generalise your data (such as the income on our payment transparency page) which cannot be used to identify you in any way.
Please note: We may have to share/delete any personal data we hold on you upon a valid legal request (like a court order, copyright takedown etc).
If we encounter a personal data breach (when someone breaches our security and accesses your personal data), we'll inform you immediately through any method available.
Stripe, our data processor, may share personal data outside of the UK (to the USA). This transfer complies with UK data protection law via the International Data Transfer Addendum.
We are in a Data Processing Agreement with Stripe. For more information, both of these are available on Stripe's website:
If you have any concerns about our use of your personal data, you can make a complaint to us via the "Contact" heading.
If you remain unhappy with how we've used your data after raising a complaint with us, you can also complain to the ICO.
Helpline number: 0303 123 1113
The ICO's address:
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Invotek is an ICO-registered business.
Registration reference ZB796944.
This website has no trackers and collects no information.