Licensing & Policies

This page contains the following information:

1: GDPR Compliance Statement
2: Privacy Policy
3: Cookies Policy
4: Terms of use
5: Data Processing Agreement

GDPR Compliance Statement

IntroductionThe EU General Data Protection Regulation (“GDPR”) came into force on 25 May 2018.The new Regulation aims to standardise data protection laws and processing across the EU, giving people greater rights to access and control their personal information.

Our Commitment: Envolve Technology Limited are committed to ensuring protection of all personal information that we hold, and to provide and to protect all such data. We recognise our obligations in updating and expanding this program to meet the requirements of GDPR.Envolve Technology Limited are dedicated to safeguarding the personal information under our control and in maintaining a system that meets our obligations under the new regulations. Our practice is summarised below.

How We Prepared for GDPR: Envolve Technology Limited already have a consistent level of data protection and security across our organisation, but we have introduced new measures to ensure compliance.Information Audit — We carried out an audit of information previously held and ensured that it was compliant with the new regulations.Policies and Procedures — we have revised data protection policies and procedures to meet the requirements and standards of the GDPR and any relevant data protection laws, including:Data Protection – our main policy and procedure document for data protection has been revised to meet the standards and requirements of the GDPR. Accountability and governance measures are in place to ensure that we understand and adequately disseminate and evidence our obligations and responsibilities; with a dedicated focus on privacy and the rights of individuals.Data Retention and Erasure – we have updated our retention policy and schedule to ensure that we meet the “data minimisation” and “storage limitation” principles and that personal information is stored, archived and destroyed in accordance with our obligations. We have procedures in place to meet the new “Right to Erasure” obligation.Data Breaches – our procedures ensure that we have safeguards in place to identify, assess, investigate and report any personal data breach as early as possible. Our procedures have been explained all employees.International Data Transfers and Third-Party Disclosures – where Envolve Technology Limited stores or transfers personal information outside the EU, we have robust procedures in place to secure the integrity of the data. Our procedures include a continual review of the countries with sufficient adequacy decisions, as well as binding rules, or standard data protection clauses for those countries without.Subject Access Request (SAR) – we have revised our SAR procedures to accommodate the revised 30-day timeframe for providing the requested information and for making this provision free of chargePrivacy Notice/Policy – we have revised our Privacy Notice(s) to comply with the GDPR, ensuring that all individuals whose personal information we process have been informed of why we need it, how it is used, what their rights are, who the information is disclosed to and what safeguarding measures are in place to protect their information.Obtaining Consent – we have revised our consent mechanisms for obtaining personal data, ensuring that individuals understand what they are providing, why and how we use it and giving clear, defined ways to consent to us processing their informationDirect Marketing – we have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials.Data Protection Impact Assessments (DPIA) – where we process personal information that is considered high risk, we have developed stringent procedures for carrying out impact assessments that comply fully with the GDPR’s Article 35 requirements. We have implemented documentation processes that record each assessment, allow us to rate the risk posed by the processing activity and implement mitigating measures to reduce the risk posed to the data subject(s).Processor Agreements – where we use any third-party to process personal information on our behalf (ie Payroll, Recruitment, Hosting, etc), we have drafted compliant Processor Agreements and due diligence procedures for ensuring that they meet and understand their/our GDPR obligations.

Data Subject Rights: We provide easy-to-access information via our website of an individual’s right to access any personal information that Envolve Technology Limited processes about them and to request information about:what personal data we hold about them the purposes of the processing the categories of personal data concerned the recipients to whom the personal data has/will be disclosed how long we intend to store your personal data for the right to have incomplete or inaccurate data about them corrected or completed and the process for requesting this the right to request erasure of personal data (where applicable) or to restrict processing in accordance with data protection laws, as well as to object to any direct marketing from us and to be informed about any automated decision-making that we use the right to lodge a complaint or seek judicial remedy and who to contact in such instances.

By placing or using the Envolve widget, you are accepting our terms of use.

When handling personal data for any reason pursuant to any agreement with Envolve, all parties shall adhere at all times to the provisions of the Data Protection Act 1998, as amended from time to time, and all other applicable legislation, including, but not limited to, the Privacy and E-Commerce Regulations 2003. Each party shall use all reasonable commercial endeavours to ensure that any third party database list used in connection with the Services is accurate and complies with all applicable laws.

Information Security and Technical and Organisational Measures: Envolve Technology Limited takes the privacy and security of individuals and their personal information very seriously and take every reasonable measure to protect and secure the personal data that we process. We have robust information security policies and procedures in place to protect personal information from unauthorised access, alteration, disclosure or destruction.

GDPR Roles and Employees: Envolve Technology Limited have designated Emma Smith as our Data Protection Officer (DPO)/Appointed Person and have appointed a data privacy team to develop and implement our roadmap for complying with the new data protection Regulation. The team are responsible for promoting awareness of the GDPR across the organisation, assessing our GDPR compliance, identifying any gap areas and implementing the new policies, procedures and measures.Envolve Technology Limited understands that continuous employee awareness and understanding is vital to the continued compliance of the GDPR and have involved our employees in our preparation plans.If you have any questions about our GDPR compliance policies, please contact Emma Smith on

Privacy Policy

Envolve Technology Limited (“Envolve”, “we” and “us”) are committed to protecting and respecting your privacy.

This policy (together with our Terms of Use and Cookies Policy) sets out the basis on which any personal data we collect from you or third parties, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting (the “Site”) you are accepting and consenting to the practices described in this policy.

For the purpose of the EU General Data Protection Regulation (“GDPR”) 25 May 2018 and the Data Protection Act 1998 as may be amended or replaced from time to time (“the Act”) and save as otherwise expressly stated, the data controller for data that we collect is Envolve Technology Limited c/o Excalibur House, Newport, NP18 2HJ VAT Number: 200 854345.

Information we may collect from you

We may collect and process the following data about you:

Information that you provide to us

This includes without limitation when you participate in a conversation with a business through our widget placed on their website or social media account (“Site”) of one of our customers (“Business”) or participate in any of the activities of that Business, when you complete a user profile, when you subscribe to one of our Business hosting or related services, when you participate in conversations or any other social media functions on that Site from time to time, when you enter a competition, promotion or survey, when you post material on or through our Site, when you respond to a request for information which we may use for our internal research purposes or to evaluate our services when you report a problem with the widget on the Site or social account, or when you contact us for any other reason.

Envolve may collect data from you on behalf of one of our customers relating to your access and participation in a Business. The collection, access, use and security of such data is the direct responsibility of the person or entity on whose behalf we are hosting the Business and is governed by the specific terms of use and privacy policies applicable to that Business. In these circumstances the operator of the Business is the Data Controller. Envolve will not be liable for any information you provide in respect of a Business. Any queries regarding such information including requests to change your data should therefore be directed to the Business according to the procedures made available to you by that Business.

The information you give us may include your name, address, e-mail address and phone number, financial, credit card information or other details relating to any transaction carried out through the widget on one of our customers sit Site, personal descriptions, photograph, opinions etc.

Information we collect about you

With regard to each of your visits to our Site or to any Business we may automatically collect the following information:

  • technical information, including without limitation the Internet protocol (IP) address, browser type and version, time zone setting, operating system and platform; and
  • information about your visit, including without limitation the full Uniform Resource Locators (URL) clickstream to, through and from our Site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page and any phone number used to call our customer service number; traffic data, location data, webblogs and other communication data, whether this is to predict your preferences or required for our own billing purposes or otherwise and the resources that you access.

This above is statistical data about your browsing actions and patterns, and does not identify you as an individual.

Information we receive from other sources

We may receive or access information about you and your participation in a Business from the customer on whose behalf we are hosting that Business. We will not share this information with any other Business. Such information will be aggregated and anonymised so that it does not identify you as an individual and may be used by us for analytics and other business purposes, including selling such anonymised and aggregated information to third parties.

We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this Site. We also work closely with third parties from time to time (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.


Our Site uses cookies to distinguish you from other users of our Site. This helps us to provide you with the best possible experience when you browse our Site and also allows us to improve our Site. For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy.

Where we store your personal data

The data that we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our providers. Such staff may be engaged in, amongst other things, the fulfilment of any request you make and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy. Information you provide to us is stored using Google cloud services and shared with Elastic Email, Mailjet, Go Cardless and Quaderno or such other providers as we may chose from time to time.

The transmission of information via the Internet is not completely secure and you do so at your own risk. For example, if you engage with a a Business via our technology on their Site you may be able to send emails using our third party provider’s Internet based email tool. We cannot guarantee the security or confidentiality of any data transmitted to or via our Site and we do not accept any liability for this. Once we have received any information you supply on our Site, we will however use reasonable endeavours to protect any personal data held on our Site and will use strict procedures and security features to try to prevent unauthorised access.

Uses made of the information

Your information will be used for a wide range of purposes, including but not limited to,:

  • To provide you with our products and services and to ensure that the content and services that we offer are tailored to your needs and interests;
  • To allow you to engage with a Businesses, blogs and other interactive features of our service and to post information or other online content (such as photos, videos, audio recordings);
  • To send you informational and promotional content that you may choose (or “opt in”) to receive. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email;
  • To ensure that content from the businesses widget on their Site is presented in the most effective manner for you and for your computer;
  • To process your order transactions and contact you regarding any order;
  • To bill and collect money owed to us. This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments;
  • To carry out our obligations arising from any contracts entered into between you and us;
  • For administration, accounting, marketing, research and development and quality assurance purposes including to monitor and report on the Services and to analyse Customer and user behaviours and trends.
  • To support and improve the Site and the products and services we offer;
  • To respond to your requests or follow up with you after you have provided information to us and to communicate with you about your account;
  • To send you system alert messages. For example, we may let you know about temporary or permanent changes to our service, like planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy;
  • To enforce compliance with our Terms of Use and applicable law. This may include developing tools and algorithms that help us prevent violations. For example, we may use tools to review the content of emails sent via our third party email tool for the purpose of ensuring compliance with our Terms of Use, to help to reduce spam and to maintain high deliverability;
  • To provide customer support;
  • To provide information to representatives and advisors, for example lawyers and accountants, to help us comply with legal, accounting, or security requirements.
  • To prosecute and defend a court, arbitration, or similar proceeding;
  • To transfer your information in the case of a sale, merger, consolidation, or acquisition. We will notify you of the change either by sending you an email or posting a notice on our Site;

We may combine information we collect from third parties with information you give to us and information we collect about you. We may us this information and the combined information for the purposes set out above.

Disclosure of your information

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries from time to time, as defined in section 1159 of the UK Companies Act 2006.

We may disclose your personal information with selected third parties including:

  • business partners, providers, suppliers and sub-contractors for the performance of our Site and services
  • advertisers and advertising networks that require data to select and serve relevant adverts to you and others
  • analytics and search engine providers that assist us in the improvement and optimisation of our Site.

Current third parties used for the provision of the Envolve service include:



Email address

Elastic Email

Transactional email

Email address

Go Cardless


Data shared directly from customer to Go Cardless


VAT & Invoicing

Data shared directly from customer to Quaderno

  • In the event that we sell or buy any business or assets, in which case we may disclose your data to the prospective seller or buyer of such business or assets.
  • If Envolve or substantially all of its assets are acquired by a third party, in which case data held by it about its customers and users will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use and other agreements; or to protect the rights, property, or safety of Envolve, our users, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Public Information and Third Parties

Blog. We may have public blogs on our Site or a Business. Any information you include in a comment on our blog may be read, collected, and used by anyone. If your personal information appears on these blogs and you’d like it to be removed, contact us at or in the case of a blog available on a Business, contact the Business operator. If we’re not able to remove your information, we’ll let you know why.

Social Media Widgets. Our Site may include social media features, like the Facebook Like button. These features may collect information about your IP address and which page you’re visiting on our Site, and they may set a cookie to make sure the feature functions properly. Social media features and widgets are either hosted by a third party or hosted directly on our Site. Your interactions with those features are governed by the privacy policies of the companies that provide them.

Links to Third-Party Sites. Our Site includes links to other websites, whose privacy practices may be different from Envolve’s. If you submit Personal Information to any of those sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

Service Providers. If it is necessary to provide you a service you’ve requested, like send you a T-shirt, then we may provide your personal information to a service provider. We will restrict any service provider’s use of your personal information. We will tell you whenever reasonably possible and you may request at any time the name of our service providers.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the web pages we use from time to time to collect your data. You can also exercise the right at any time by contacting us at

Access to information

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

Your concerns

If you have any concerns in relation to our Site or this privacy policy, please contact

Cookies Policy

We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit for detailed guidance.

The list below describes the cookies we use on this site and what we use them for. We operate an ‘implied consent’ policy, so that if you close the cookies notification message or you continue to use the website, you are agreeing to our use of cookies. If you do not agree, then you should either not use this website, or you should delete the cookies having visited the website, or you should browse the website using your browser’s anonymous usage setting (“Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)

Google Analytics: We use Google Analytics to collect information about visitor behaviour on our website. Google Analytics stores information about what pages you visit, how long you are on the page, how you got there and what you click on. This Analytics data is not tied to any personally identifiable information, so it cannot be used to identify who you are.

You can find out more about Google’s position on privacy regarding its analytics service at

Session Cookies: We use a session cookie to remember your log-in for you if you are a registered user or for other purposes strictly necessary for the operation of our website. If these are disabled then the website will not function properly.

More information on session cookies and what they are used for can be found at

Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

Third Party Cookies: These are cookies set on your computer by external service providers. Cookies of this type are advertising networks and providers of analysis services as well as the social network sharing buttons to allow visitors to share content onto their social networks. Third party cookies we currently use include Facebook and Twitter.  In order to implement these sharing buttons, and connect them to the relevant social networks and external sites, scripts are used from domains outside of our website. You should be aware that these sites are likely to be collecting information about what you are doing across the internet, not just on this website. We have no control over third party cookies used on our website and you should check the respective policies of each of these sites to see how they use your information and to find out how to opt out, or delete, such information, if you wish to do so.

Terms of use

Welcome to a service operated by Envolve Technology Limited (“Envolve”, “we” or “us”) (the “Site”) which, amongst other things, is intended to (i) provide you with information about and to allow you to subscribe to and purchase our products and services as a customer (a “Customer”) (ii) allow you to register a user account with us (a “Registered User”) (iii) allow you to use the technology without a registered account (a “User”) to engage with one or more of the virtual Businesses via our technology hosted on their own website or social media accounts (“Site“) on behalf of our customers (a “Businesses”) (iv) allow you to post and upload content and interact with others and (v) allow you to contact us directly.

This page (together with our Privacy Policy and Cookie Policy) describes the Terms of Use on which you may make use of the Site (“Terms of Use”) whether as an unregistered visitor, a User or Customer including as an individual, or as an authorised individual representing a company, council, trust or charity.

Please read these Terms of Use carefully before you start to use the Site or place our technology on your website or in your social channels. By using our Site or placing our technology on your website or in your social channels you indicate that you accept these Terms of Use and that you agree to abide by them. If you do not agree to these Terms of Use, you must refrain from using our Site.

These Terms of Use refer to the following additional terms, which also apply to your use of our Site:

Our Privacy Policy which sets out the terms on which we process any personal data we collect from you, or that you provide to us.

Our Cookie Policy, which sets out information about the cookies on our Site.

Please note that:

If you are a Registered User and Customer of our business using products and services available on the Site your use of those products and services will be governed by the Customer Licence and Terms of Service which you will have accepted at the time of putting our technology live on your website or in your social channels.

If you are a User and engage with a Business, your access and use of that Business will be governed by the specific terms of use and privacy policies of the customers on whose behalf we are hosting the Business.

Information about us

The Site, and technology which sits on a businesses website or in their social channels is operated by Envolve Technology Limited a company registered in England (Number 08548197) with our registered office being c/o Excalibur House, Newport, NP18 2HJ VAT Number: 200 854345.


In order to engage with a Business via our technology hosted on their website or their social channels (“Site”), you must provide the requested identification information. You represent and warrant that all personal data and information provided during the registration process is up to date, complete, accurate and true and agree to communicate to Envolve any changes of your personal data in a timely manner.

You are responsible for the activities carried out on or through the Site through  and all such activities shall be attributed to you as the User. You are liable for any damage caused to or prejudices against Envolve or third parties as a result of the misuse, loss, misappropriation and/or compromising of the confidentiality of your User ID and password.

You are responsible for making all arrangements necessary for you to have access to our Site.

We have the right to disable or remove any account, User ID or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of these Terms of Use.

We do not guarantee that our or a businesses Site, or any content on it, will always be available or be uninterrupted. Access to our Site is permitted on a temporary basis. From time to time, we may suspend, withdraw, discontinue or change all or any part of our Site without notice. We will not be liable if for any reason the Site is unavailable at any time or for any period.

As a User having engaged with a Business you may be invited to participate in activities and provide additional information (including personal data) to a Business and its operators and you agree that you participate in such activities or provide such information at your sole discretion. Such activities and the collection, access, use and security of such information is the responsibility of the person or entity on whose behalf we are hosting the Business and is governed by the specific terms of use and privacy policies applicable to that Business. Envolve will not be liable for any information so provided or for any use or activities undertaken by you in respect of a Business. Any queries regarding such activities or information including requests to change your data should therefore be directed to the Business according to the procedures made available to you by that Business.

Acceptable use policy

In using the Site, you undertake that you:

  • will not provide any false information to us or to any Business, including but not limited to your email address or any other information requested by a Business;
  • will not include any malicious, defamatory or libellous material on the Site or in responses or contributions to Business activities hosted on the Site;
  • will use your best efforts to ensure that no false, malicious, defamatory or libellous material is published on the Site or in any Business; and you will take immediate appropriate action to remedy any complaint or concern upon becoming aware, including notifying us;
  • will indemnify Envolve against any claims from third parties arising from such false malicious, defamatory or libellous information or material;
  • will not disclose any personally identifiable information unless permission has been expressly granted by the person to whom such information relates;
  • acknowledge that you arrange, attend or participate in any meetings with any group, organisation or person arising from your use of the Site entirely at your own risk
  • will be solely responsible for your activities and interactions with customers or other users of the Site or a Business. We reserve the right, but have no obligation, to monitor any dispute between you and another user;
  • will only use the Site or any Business for lawful purposes and may not use the Site or any Business:
  • in any way that breaches any applicable local, national or international law or regulation
  • in any way that is unlawful or fraudulent, or has any unlawful or fraudulent purpose or effect;
  • for the purpose of harming or attempting to harm minors;
  • will not retrieve, store, transmit, distribute, post or email any material including without limitation text, files, images, photos, videos, sounds musical works, works of authorship and applications (“Content”):
  • without having permission from the party that owns the intellectual property rights in such Content;
  • which breaches, infringes, violates or is contrary to any law, by-law, statute or regulation or any other parties’ rights (including but not limited to intellectual property rights and privacy rights); or
  • which in our opinion involves behaviour that is explicit, discriminatory, racist, abusive, threatening, bullying, harassing, libellous or obscene or encouraging illegal activity; and/or which could otherwise be capable of offending other users;
  • will not, other than via functionality specifically provided by us to do so, use the Site without written permission to promote another site, service or business in any way including but not limited to posting any email addresses or URLs;
  • will not transmit, or procure the sending of, any unsolicited or unauthorised advertising or promotional material or any other form of similar solicitation (spam) ;
  • will not buy or sell third party products or services through the Site, except in respect of Business as expressly permitted by that Business;
  • will not reproduce, duplicate, copy or re-sell any part of our Site in contravention of the provisions of these Terms of Use; or
  • will not access without authority, interfere with, damage or disrupt any part of the Site, or any other user account, or any equipment or network on which the Site is hosted, or any software used in the provision of the Site; or any equipment or network or software owned or used by any relevant third party.

Failure to comply with this acceptable use policy constitutes a material breach of the Terms of Use. At our absolute discretion, we will determine whether there has been any breach of this acceptable use policy. If we deem that a breach has occurred, we may take such action as we deem appropriate including suspension or termination of your User account and deletion of content.

Intellectual property rights

We are the owner or the licensee of all intellectual property rights in the Site and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

You may print off one copy of any page from the Site and, where applicable functionality exists, download data from the Site for your personal reference. You may also draw the attention of others to material posted on the Site.

Our status, and that of any identified contributors, as the authors of Content on the Site must always be acknowledged.

You are not permitted to publish or otherwise copy or use any part of this on the Site for commercial purposes, distribution or personal gain to other parties without first obtaining our express written consent or a licence to do so from us or our licensors

If you print off, copy or download any part of our Site in breach of these Terms of Use, your right to use our Site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Other than any materials clearly marked as capable of being modified, you must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text or logos.

Trade marks

‘’ and ‘Envolve’ plus any other trade marks or logos used on the Site are trade marks of Envolve Technology or its third party licensors. You are not permitted to use any of these marks without express written consent.

Uploading Content to the Site

You must comply with the policies and standards contained in these Terms of Use whenever you contribute, respond to, post or upload Content to the Site, or make contact with other users of the Site. You warrant that any such contribution complies with those standards, and you indemnify us for any breach of that warranty.

Any contributions, experiences, information, views or other Content that you upload to or through the Site is for public display and will be considered non-confidential and non proprietary, and we have the right to use, copy, distribute and disclose to third parties any such material for any purpose associated with the operation of the Site.

We will not be liable for any Content transmitted or posted by you on or through the Site or for any interactions you may have with other users. You warrant that you are able to licence the material that you upload to the Site to us and that the use of such Content will not infringe the intellectual property rights of any other party.

We have the right but not the obligation to reject, refuse to post or remove any Content in whole or in part that you make on or through the Site for any reason, including without limitation any Content which in our sole opinion does not comply with these Terms of Use.

You acknowledge that we have the right to disclose your identity to any third party who is claiming that any Content posted or uploaded by you on or through the Site constitutes:

  • a violation of their intellectual property rights or of their right to privacy; or
  • a breach of civil or criminal law, including libel, discrimination, incitement or may be considered to be inflammatory.

The Site changes regularly

Envolve aims to update the Site regularly, and may change or delete the content at any time. Any of the content on the Site may be out of date at any given time, and we are under no obligation to maintain or update such content. If the need arises, we may without liability suspend access to the Site, or close it indefinitely.

Our liability

The material displayed on the Site is provided without any guarantees, conditions or warranties as to its accuracy or it being comprehensive.

Nothing in these Terms of Use excludes or limits our liability for death or personal injury arising from our negligence, nor our liability for fraud or fraudulent misrepresentation nor any other liability which cannot be excluded or limited by English law.

To the extent permitted by law, we expressly exclude all conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity.

We will not be liable to any user for any loss or damage, whether in contract, tort (including negligence), breach of statutory duty, or otherwise, even if foreseeable, arising under or in connection with:

  • use of, or inability to use, our Site; or
  • use of or reliance on any content displayed on or through our Site.

If you are a business, please note that in particular, we will not be liable for:

  • loss of income or revenue;
  • loss of business;
  • loss of profits or contracts;
  • loss of anticipated savings;
  • loss of data;
  • loss of opportunity, goodwill or reputation; or
  • any indirect or consequential loss or damage
  • wasted management or office time; and

whether caused by tort (including negligence), breach of contract or otherwise

Transactions with third parties and links from / to the Site

Where the Site or activities hosted on it contain links to other sites and resources provided by third parties, these links are provided for your information only. We have no control over the content of those sites or resources, and accept no liability for them or for any loss or damage that may arise from your use of them.

Contracts for the supply of any goods or services formed as a consequence of the use of these external sites arising through use of the Site shall be governed by the terms and conditions of supply of the relevant party supplying those goods or services. We will have no involvement, liability or obligations in relation to any contracts that you form with any third parties.

Envolve uses third party service providers in connection with the Site and services offered through it including Google cloud services, Elastic Email and Mailjet services for email, Go Cardless and Quaderno services for payments and we advise you to review the terms of use applicable to such products and services.

Third parties shall not have any rights under the Contracts (Rights of Third Parties) Act 1999 in relation to any agreement between us and you.

The Site must not be framed on any other site.

Viruses, hacking and other offences

We do not guarantee that our Site will be secure or free from bugs or viruses. You are responsible for configuring you information technology, computer programmes and platform in order to access our Site. You should use your own virus protection software.

You must not knowingly introduce viruses, trojans, malware, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to the Site, the server on which the Site is stored or any server, computer or database connected to the Site. You must not attack the Site via a denial-of-service attack or a distributed denial-of service attack. By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use the Site will cease immediately.

We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of the or to your downloading of any material posted on it, or on any linked to it.


The Site uses:

  • Ordnance Survey Code-Point® Open data

The Site contains:

  • Ordnance Survey data © Crown copyright and database right 2015
  • Royal Mail data © Royal Mail copyright and database right 2015
  • National Statistics data © Crown copyright and database right 2015


We may revise these Terms of Use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we made, as they are binding on you. Some of the provisions contained in these Terms of Use may also be superseded by provisions or notices published elsewhere on our Site.

Jurisdiction and applicable law

These Terms of Use and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.

The English and Welsh courts will have exclusive jurisdiction over any claim arising from, or related to, a visit to the Site. However, we retain the right to bring proceedings against you for breach of these conditions in your country of residence or any other relevant jurisdiction

Your concerns

If you have any concerns in relation to our Site, please contact

Data Processing Agreement

This Data Processing Agreement (“Agreement”) forms part of the Contract for Services (“Principal Agreement”) between any businesses which uses the Envolve Technology Limited technology (the “Company”) and Envolve Technology Limited  (the “Data Processor”) (together as the “Parties”)

(A)  The Company acts as a Data Controller.
(B)  The Company wishes to subcontract certain Services, which imply the processing of personal data, to the Data Processor.
(C)  The Parties seek to implement a data processing agreement that complies with the requirements of the current legal framework in relation to data processing and with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
(D)  The Parties wish to lay down their rights and obligations.


1. Definitions and Interpretation
1.1 Unless otherwise defined herein, capitalised terms and expressions used in this Agreement shall have the following meaning:1.1.1  “Agreement” means this Data Processing Agreement and all Schedules;
1.1.2  “Company Personal Data” means any Personal Data Processed by a Contracted Processor on behalf of Company pursuant to or in connection with the Principal Agreement;1.1.3  “Contracted Processor” means a Subprocessor;
1.1.4  “Data Protection Laws” means EU Data Protection Laws and, to the extent applicable, the data protection or privacy laws of any other country;
1.1.5  “EEA” means the European Economic Area;
1.1.6  “EU Data Protection Laws” means EU Directive 95/46/EC, as transposed into domestic legislation of each Member State and as amended, replaced or superseded from time to 1.1.7  “GDPR” means EU General Data Protection Regulation 2016/679;
1.1.8  “Data Transfer” means:  a transfer of Company Personal Data from the Company to a Contracted Processor; or  an onward transfer of Company Personal Data from a Contracted Processor to a Subcontracted Processor, or between two establishments of a Contracted Processor, in each case, where such transfer would be prohibited by Data Protection Laws (or by the terms of data transfer agreements put in place to address the data transfer restrictions of Data Protection Laws);1.1.9  “Services” means the services the Company provides.
1.1.10  “Subprocessor” means any person appointed by or on behalf of Processor to process Personal Data on behalf of the Company in connection with the Agreement.1.2 The terms, “Commission“, “Controller“, “Data Subject“, “Member State“, “Personal Data“, “Personal Data Breach”, “Processing” and “Supervisory Authority” shall have the same meaning as in the GDPR, and their cognate terms shall be construed accordingly.

2. Processing of Company Personal Data
2.1 Processor shall:
2.1.1  comply with all applicable Data Protection Laws in the Processing of Company Personal Data; and
2.1.2  not Process Company Personal Data other than on the relevant Company’s instructions.
2.2 The Company instructs Processor to process Company Personal Data.

3. Processor Personnel
Processor shall take reasonable steps to ensure the reliability of any employee, agent or contractor of any Contracted Processor who may have access to the Company Personal Data, ensuring in each case that access is strictly limited to those individuals who need to know / access the relevant Company Personal Data, as strictly necessary for the purposes of the Principal Agreement, and to comply with Applicable Laws in the context of that individual’s duties to the Contracted Processor, ensuring that all such individuals are subject to confidentiality undertakings or professional or statutory obligations of confidentiality.

4. Security
4.1  Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of Processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, Processor shall in relation to the Company Personal Data implement appropriate technical and organisational measures to ensure a level of security appropriate to that risk, including, as appropriate, the measures referred to in Article 32(1) of the GDPR.
4.2  In assessing the appropriate level of security, Processor shall take account in particular of the risks that are presented by Processing, in particular from a Personal Data Breach.

5. Subprocessing
5.1 Processor shall not appoint (or disclose any Company Personal Data to) any Subprocessor unless required or authorized by the Company.

6. Data Subject Rights
6.1  Taking into account the nature of the Processing, Processor shall assist the Company by implementing appropriate technical and organisational measures, insofar as this is possible, for the fulfilment of the Company obligations, as reasonably understood by Company, to respond to requests to exercise Data Subject rights under the Data Protection Laws.
6.2  Processor shall:
6.2.1  promptly notify Company if it receives a request from a Data Subject under any Data Protection Law in respect of Company Personal Data; and6.2.2  ensure that it does not respond to that request except on the documented instructions of Company or as required by Applicable Laws to which the Processor is subject, in which case Processor shall to the extent permitted by Applicable Laws inform Company of that legal requirement before the Contracted Processor responds to the request.

7. Personal Data Breach
7.1  Processor shall notify Company without undue delay upon Processor becoming aware of a Personal Data Breach affecting Company Personal Data, providing Company with sufficient information to allow the Company to meet any obligations to report or inform Data Subjects of the Personal Data Breach under the Data Protection Laws.
7.2  Processor shall co-operate with the Company and take reasonable commercial steps as are directed by Company to assist in the investigation, mitigation and remediation of each such Personal Data Breach.

8. Data Protection Impact Assessment and Prior Consultation
Processor shall provide reasonable assistance to the Company with any data protection impact assessments, and prior consultations with Supervising Authorities or other competent data privacy authorities, which Company reasonably considers to be required by article 35 or 36 of the GDPR or equivalent provisions of any other Data Protection Law, in each case solely in relation to Processing of Company Personal Data by, and taking into account the nature of the Processing and information available to, the Contracted Processors.

9. Deletion or return of Company Personal Data
9.1  Subject to this section 9 Processor shall promptly and in any event within 10 business days of the date of cessation of any Services involving the Processing of Company Personal Data (the “Cessation Date”), delete and procure the deletion of all copies of those Company Personal Data.
9.2  Processor shall provide written certification to Company that it has fully complied with this section 9 within 10 business days of the Cessation Date.

10. Audit rights
10.1  Subject to this section 10, Processor shall make available to the Company on request all information necessary to demonstrate compliance with this Agreement, and shall allow for and contribute to audits, including inspections, by the Company or an auditor mandated by the Company in relation to the Processing of the Company Personal Data by the Contracted Processors.
10.2  Information and audit rights of the Company only arise under section 10.1 to the extent that the Agreement does not otherwise give them information and audit rights meeting the relevant requirements of Data Protection Law.

11. Data Transfer
11.1 The Processor may not transfer or authorize the transfer of Data to countries outside the EU and/or the European Economic Area (EEA) without the prior written consent of the Company. If personal data processed under this Agreement is transferred from a country within the European Economic Area to a country outside the European Economic Area, the Parties shall ensure that the personal data are adequately protected. To achieve this, the Parties shall, unless agreed otherwise, rely on EU approved standard contractual clauses for the transfer of personal data.

12. General Terms
12.1 Confidentiality. Each Party must keep this Agreement and information it receives about the other Party and its business in connection with this Agreement (“Confidential Information”) confidential and must not use or disclose that Confidential Information without the prior written consent of the other Party except to the extent that:
(a)  disclosure is required by law;
(b)  the relevant information is already in the public domain.
12.2 Notices. All notices and communications given under this Agreement must be in writing and will be delivered personally, sent by post or sent by email to the address or email address set out in the heading of this Agreement at such other address as notified from time to time by the Parties changing address.

13. Governing Law and Jurisdiction
13.1 This Agreement is governed by the laws of The United Kingdom.13.2 Any dispute arising in connection with this Agreement, which the Parties will not be able to resolve amicably, will be submitted to the exclusive jurisdiction of the courts of The United Kingdom.

By agreement of Emma Smith, CEO Envolve Technology Limited.
By placing the Envolve Technology platform on either your website or in your social channels you hereby agree to the terms of the data processing agreement.