fanduel-us.quantum-pfe.com Open in urlscan Pro
104.46.40.164  Public Scan

Form analysis
0 forms found in the DOM

Text Content

Skip to main content
We use cookies

nudge uses cookies to personalise content to provide you with the best possible
experience and constantly improve our website for you. By clicking 'Accept All',
you agree to the above. You can learn more about our cookie policy and change
your preferences by clicking 'Read more'

Accept all


PRIVACY NOTICE

Protecting your privacy

Nudge Global Limited is committed to protecting and respecting your privacy.
This Privacy Notice sets out the basis on which your personal information will
be used by us. We collect and process your personal information because we have
a contractual agreement with FanDuel US. The Service Agreement allows nudge to
provide you with certain services and we need to obtain certain personal
information relating to you in order to do this.

Throughout this agreement, you’ll see reference to the terms “Data Controller”,
“Data Processor” and “Controller to Controller”.

“Data Controller” is a legal term used under the General Data Protection
Regulation (GDPR) to signify who controls what to do with any given personal
information.

“Data Processor” is the corresponding term used to signify who manages or uses
such personal information on behalf of the Data Controller.

“Controller to Controller” is a legal term used when two or more Data
Controllers independently determine the purposes and means of processing of
discrete personal data sets and independently processing two distinct data sets
to provide a service.



Our legal status under GDPR is therefore that of a “Data Processor”, and in this
capacity we process your personal information with the authority, and following
the instructions, of FanDuel US, which remains at all times the “Data
Controller” of your personal information.

Notwithstanding that some of your personal information is provided to us by
FanDuel US and some personal information is added by you, we remain the Data
Processor under all circumstances. This is because we can only use your personal
information provided for the purposes outlined in the Service Agreement we have
with FanDuel US and explained to you. We do not have any discretion in the way
the personal information is used other than in the provision of our Financial
Education Services.


Please read the following Privacy Notice carefully to understand how we will
use, and what we will do with, your personal information.
What is the ‘Legal Basis’ on which we are holding and processing your personal
information?
Under GDPR we currently store and process personal information under the legal
basis of “Legitimate Interest” if nudge is the “Data Processor” and “Informed
Consent” under GDPR, if nudge is the “Data Controller”. Our online Financial
Education Services that we have been contracted to provide by FanDuel US only
work effectively if we are able to obtain some personal information from both
FanDuel US and you.
Whose personal information do we collect?
Nudge Global Limited needs to collect and use certain types of personal
information in order to operate our online Financial Education Services.
The people whose personal information we collect include past, current and
prospective employees of the businesses that use our online services.


What personal information do we collect?
As mentioned in Section 1, some personal information might be provided by
FanDuel US utilising a scheduled, secure data feed. You will have the option to
provide additional personal information if you wish to do so.


Data points provided by FanDuel US:
 * Unique Employee Identifier
 * First Name
 * Last Name
 * ISO Country Code
 * ISO Subdivision (e.g. state)
 * Email Address

Data Points provided by user voluntarily:
 * Date of birth (DD/MM/YYYY or MM/YYYY)
 * Postcode
 * Employment Status
 * Basic Salary
 * Employment Benefits (eligibility and where applicable, membership)
 * Preferred Email Address and Mobile Number
 * Dependent and Partner Details (name and date of birth)
 * Housing Status
 * Additional Income Details
 * Additional Financial Product Information
 * Any other details necessary or relevant to the operation of the online
   Financial Education Services from time to time
 * Gender
 * Preferred Name

The table below explains why each of these fields is needed for the nudge
Financial Education Services. However, to summarise, we collect this personal
information to set up your account and so we can provide local, personalized and
meaningful content that is relevant to you in terms of legislation, tax
considerations, and retirement planning. You also have the option of providing
additional personal information once you set up a nudge account (see additional
fields in the table below).

Data Points Additional information about why this data is collected

Email address

To enable nudge to send relevant updates and information to the user. For
instance, if a user tells us they are interested in “Government Support”, nudge
would be able to notify them if a government-approved allowance changes in any
way.

Mobile number

May be required for multi-factor authentication.

Preferred name

For identification and ability to personalize messages (nudges).

Last name

For identification and ability to personalize messages (nudges).

Date of birth (day, month and year) or month/year of birth, depending on your
organisation’s set up

Understanding the stage of life someone is at allows nudge to tailor
communications accordingly to ensure they are going to be relevant and
impactful. For instance, age can impact things such as eligibility for state
pension (if applicable) as well as attitudes towards a pension plan and
priorities or risk levels when it comes to saving or planning for retirement.

Basic salary

The tax band and earnings of a user will directly impact the type of content
they should receive to ensure it is relevant.

Currency code

Enables nudge to provide the correct default currency information.

Country code

Required to make sure users see the content relevant to the country in which
they reside.

Gender

Useful for aggregate reporting to establish any material financial differences
between genders. For example, it would be useful to have this kind of
demographic analysis in the nudgenomics (MI reporting) to inform strategy around
the gender pay gap. These reports are compiled on behalf of FanDuel US.

Postcode/zipcode, state and location

Where legislation varies by state or region, it enables information to be
targeted accordingly, so that the user receives information that is most
relevant to their situation. Required for aggregate reporting to establish if
there are material differences in any financial wellbeing measures between
different user locations. These reports are compiled on behalf of FanDuel US.

Unique identification numbers (employee ID and/or personnel unique number)

For identification purposes. Employee ID is collected to enable secure access
(Single Sign On) and/or the personnel unique number is collected for identity
verification.

Dependent and partner details (name and date of birth)

Allows nudge to provide updates that are dependent on your family status.

Home Ownership Status

Allows nudge to provide updates and relevant content that are based on your home
ownership status.

Additional income details

Additional income may impact your tax status and therefore the updates you
receive.



In addition, nudge will comply with any lawful request for collecting data
(e.g., from law enforcement authorities) as required under UK law.
How is your personal information used?

We are dedicated to creating engaging and customized content and providing
valuable information to you, at the right time. We use all of the information we
have to help us provide and support our Financial Education Services.

Here’s how:

 * We operate and offer you access to Financial Education Services to help you
   make informed decisions to improve your financial wellbeing. Features
   include:
    * Notifications (known as “nudges”). Tell us about your circumstances and
      the areas of personal finance that interest you. Then when there’s
      something you need to know, we’ll send you a timely and personalized
      notification – or ‘nudge’.
    * Help achieving your financial goals. Dynamic financial education stories,
      money management tools and progress trackers are designed to set you on
      the right track to achieve your goals.
    * A personalized feed. Your feed will provide you with the latest financial
      news and information, delivered in jargon-free bite-sized posts.

 * We are able to deliver our Financial Education Services, personalize content,
   and make suggestions for you by using this information to understand how you
   use and interact with our Financial Education Services.
 * We administer our business and comply with laws and regulations.
 * We use your information to send you timely, personalized communications
   (“nudges”) about financial changes that could have an impact on your
   circumstances. We also use your information to respond to you when you
   contact us.
 * We use the information we have to help verify accounts and activity, and to
   promote safety and security on and off our services, such as by investigating
   suspicious activity or violations of our terms or policies. We work hard to
   protect your account using teams of security and privacy experts, automated
   systems, and advanced technology.
 * We aggregate information for management information purposes and reporting at
   a high level to FanDuel US. However, this is only done at a generic level and
   your personal information is not shared with anybody.

How long is personal information kept?

Personal information is kept for 12 months as per nudge’s retention policy. If
you leave FanDuel US your data will be deleted.

We manage your personal information for as long as you are with FanDuel US and
it has a contract for Financial Education Services with us. If you leave FanDuel
US then your access to nudge will cease in due course and your data will be
deleted. Similarly, if FanDuel US ceases to have a contract for Financial
Education Services with us we will arrange for the deletion of all the personal
information that we store on the expiry or termination of the contract.



The requirements of the General Data Protection Regulation (GDPR)

We regard the lawful and correct treatment of personal information by Nudge
Global Limited as very important to our successful operation, and to maintaining
confidence between us and our users. We ensure that our organization treats
personal information lawfully and correctly. To this end, we fully endorse and
adhere to the “Principles of Data Protection”, as set out in GDPR.

In particular, this Privacy Notice will be amended to reflect any change in our
usage of personal information, but not without notifying you and obtaining your
informed consent. This means:

 * We will not use your personal information for any purpose that is
   incompatible with this Privacy Notice.
 * We will only collect sufficient personal information from you to operate our
   online Financial Education Services.
 * We will endeavor to keep your personal information up to date and we will
   immediately amend your personal information where we are advised that it is
   inaccurate.
 * We will not retain your personal information longer than necessary for the
   purposes notified in this Privacy Notice unless required to do so by law.
 * We will operate appropriate technical and organizational processes to protect
   your personal information against unauthorized or unlawful access or
   processing and against accidental loss or destruction. The detailed measures
   we take are described at point 9 of this Privacy Notice.
 * Apart from exchanging your personal information with you, we will not
   transfer your personal information to a country outside the UK or European
   Economic Area (EEA) unless adequate and sufficient safeguards are in place to
   protect your personal information to the standards that apply within the
   UK/EEA.
 * If FanDuel US or the end-user is based in the European Economic Area, then
   transfers of personal data from FanDuel US to nudge (based in the UK) will
   rely on an adequacy agreement.

Nudge Global Limited’s data privacy governance and compliance are structured and
maintained within the scope of GDPR. However, we adhere to local privacy
regulations wherever our services are provided outside of the jurisdiction of
GDPR.

Additional privacy measures

We have put in place internal training and management processes to enable us to
perform in accordance with this Privacy Notice. In particular, we have a person
with specific responsibility for data protection in our organization, the
designated Data Protection Officer.

This person is responsible for ensuring that:

 * Everyone managing and handling personal information understands that they are
   responsible for following good data protection practice.
 * Everyone managing and handling personal information is appropriately trained
   to do so.
 * Everyone managing and handling personal information is appropriately
   supervised.
 * Anybody wanting to make inquiries about handling personal information knows
   what to do.
 * Anybody handling queries about personal information knows what to do.
 * Queries about handling personal information are promptly and courteously
   dealt with.
 * Continuous compliance with relevant privacy legislations and regulations is
   maintained.
 * Methods of handling personal information are clearly described.
 * A regular review and audit is made of the way personal information is managed
   and new technology and security measures considered.
 * Methods of handling personal information are regularly assessed and
   evaluated.
 * Performance with handling personal information is regularly assessed and
   evaluated.

Security arrangements for your personal information

We believe that the security of your personal information is core to you using
and trusting our online system.

When handling personal information, security must be paramount, and we have
rigidly pursued a maximum security baseline for our services and processes. We
utilize industry best practices. This includes encryption in transit and at
rest, implemented with digital certificates from Digicert, the recognized leader
in this field. This protects the web internet and all information transferred to
and from our online system from unauthorized access and snooping. This ensures
that personal information can be uploaded to the platform with the confidence
that personal information is secure.

The personal information stored on our system is also further protected from
unauthorized access by “firewall” systems and detection and prevention
monitoring tools. These prevent access by anyone other than legitimate users.
With our powerful monitoring and logging tools, we can trap any events that may
be associated with attempted security breaches. One of the most reputable Cloud
Service Providers (CSPs) hosts our online system. This company was selected by
us because it has an outstanding reputation for security and a robust protocol,
which further protects our site and your personal information.

nudge’s 360-degree security and privacy training for all data handlers covers
all aspects of the potential attack surfaces to ensure that all operators are
aware of the risks and can recognize a security event or an incident and respond
according to the policies and procedures we have in place.

With whom is your personal information shared?

Nudge Global Limited does not share your personal information with any other
party unless required to do so by law.

It might be required to do so by law, court order or other governmental
authority or if it believes that such action is necessary to protect and defend
the rights, property or personal safety of Nudge Global Limited, our online
Financial Education Services and its visitors.

IP Addresses and Cookies

We may collect information about your computer including, where available, your
IP address, operating system and browser type for system administration and as
part of our audit trail process. In addition, we obtain information about your
general internet usage by using a cookie file, which is stored on the hard drive
of your computer. Cookies are pieces of information that a website transfers to
your hard drive to store and sometimes track information about you.

However, if you decide to disable non-essential cookies, you may not be able to
take full advantage of the platform. Cookies are specific to the server that
created them and cannot be accessed by other servers, which means that they
cannot be used to track your movements around the web. Although they do identify
a user’s computer, cookies do not personally identify users and passwords and
credit card information is not stored in cookies.

We may use cookies to hold the brand last accessed for the login page where this
is not specifically referenced.

Access to information

GDPR gives you various rights including the right to access information held
about you. The list below gives a brief explanation of the rights you have.
However, we should point out that nudge might need to contact FanDuel US,
depending on the relationship under GDPR.

Your rights under GDPR:.

 1. The right to be informed
    
    The right to be informed covers some of the key transparency requirements of
    GDPR. It is about providing individuals with clear and concise information
    about what organizations do with their personal data.

 2. The right of access
    
    The right of access, commonly referred to as subject access, gives
    individuals the right to obtain a copy of their personal data, as well as
    other supplementary information.

 3. The right to rectification
    
    Under GDPR individuals have the right to have inaccurate personal data
    rectified. An individual may also be able to have incomplete personal data
    completed – although this will depend on the purposes for the processing.
    This may involve providing a supplementary statement to the incomplete data.

 4. The right to erasure
    
    Under the circumstance of “Legitimate Interest”, which is the lawful basis
    for processing your data, individuals have the right to have personal data
    erased. This is also known as the “right to be forgotten”. A request for
    removal will result in the data being completely deleted. However, this must
    be explicit and clear that all data is to be removed.

 5. The right to restrict processing
    
    Individuals have the right to restrict the processing of their personal data
    in certain circumstances. This means that an individual can limit the way in
    which an organization uses their data. This is an alternative to requesting
    the erasure of their data.

 6. The right to object
    
    Individuals have the right to object to the processing of their personal
    data at any time where it is being processed on the grounds of “Legitimate
    Interest”. This effectively allows individuals to stop or prevent the
    processing of their personal data.

 7. Rights in relation to automated decision making and profiling
    
    GDPR restricts nudge from making solely automated decisions, including those
    based on profiling, that have a legal or similarly significant effect on
    individuals.

 8. The right to data portability
    
    The right to portability applies in certain circumstances where personal
    data is being processed on the grounds of “Performance of a Contract”. It
    gives individuals the right to receive personal data they have provided to a
    controller in a structured, commonly used and machine readable format. It
    also gives them the right to request that a controller transmits this data
    directly to another controller.

 9. Rights to withdraw consent.
    
    GDPR provides you with the right to withdraw your consent at any time. You
    do so by emailing privacy@nudge-global.com.

To make a request, or if you have any other data protection concerns or
complaints, you should send an email to nudge’s Data Protection Officer:
privacy@nudge-global.com.

You also have the right to lodge a complaint directly with the Information
Commissioner’s Office using this link.

Your acceptance of these terms

By using our online Financial Education Services, you agree to the collection
and use of your personal information by Nudge Global Limited and to this Nudge
Global Limited Privacy Notice.

We’ll notify you before we make changes to this policy and give you the
opportunity to review and comment on the revised policy before continuing to use
our services.

Contact nudge

Please email any questions, concerns or comments you have about this Privacy
Notice to privacy@nudge-global.com or write to us at

Nudge Global Limited,

6-8 Greencoat Pl, London

SW1P 1PL

United Kingdom.

June 2023.

Top keyboard_arrow_up


©2023 nudge Global Ltd
About Help Center T&Cs Privacy Cookies