Welcome to Path Net Zero Limited’s privacy policy.

Path Net Zero Limited (“Path Net Zero,” “we,” and “us”) respects the privacy of its users (“you”) and has developed this Privacy Policy to demonstrate its commitment to protecting your privacy.

This Privacy Policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you.

This Privacy Policy is provided in a layered format so you can click through to the specific areas set out below.

If you have any questions, please contact us using the methods specified in the ‘Contact Us’ section on our website and app.

This Privacy Policy describes the information we collect, how that information may be used, with whom it may be shared, your choices about such uses and disclosures and how the law protects you when you visit our website (regardless of where you visit it from). We encourage you to read this Privacy Policy carefully together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements other notices and privacy policies and is not intended to override them. By using our website, application or other online services (our “Service”), you are accepting the practices described in this Privacy Policy.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this Privacy Policy.

Path Net Zero is the controller and responsible for your personal data.

We have appointed a data privacy officer (“Privacy Officer”) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the Privacy Officer using the details set out below:

Email: [email protected]

‍You have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

We keep our Privacy Policy under regular review.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the Privacy Policy of every website you visit.

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

By providing Personal Data which may include Sensitive Data, you consent to the collection, use and disclosure of such data as permitted by applicable privacy laws. We may also collect your geolocation information with your consent. We may collect this information through a website, mobile application, or other online service. By using the Service, you are authorising us to gather, parse and retain data related to the provision of the Service. When you provide personal information through our Service, the information may be sent to servers located in the European Economic Area and countries around the world.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring that our contracts with our suppliers contain appropriate data protection provisions. Please contact us if you want further information on when and how your data is transferred out of the EEA.

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with the Service). In this case, we may have to cancel the Service but we will notify you if this is the case at the time.

In order to register as a user with Path Net Zero, you will be asked to sign in using your secure login. In addition, we may collect and store any personal information you provide while using our Service or in some other manner. This may include identifying information, such as your name, address, email address and telephone number, and, if you transact business with us, financial information.

We use various technologies to collect information from your device and about your activities on our Service.

We automatically collect information from your browser or device when you visit our Service. This information could include your IP address, device ID and type, your browser type and language, the operating system used by your device, access times, your mobile device’s geographic location while our application is actively running, and the referring website address.

When you visit our Service, we may assign your device one or more cookies or other technologies that facilitate personalisation to facilitate access to our Service and to personalise your experience. Through the use of a cookie, we also may automatically collect information about your activity on our Service, such as the pages you visit, the time and date of your visits and the links you click. If we advertise, we (or third parties) may use certain data collected on our Service to show you Path Net Zero advertisements on other sites or applications. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website or the app may become inaccessible or not function properly. Please see our Cookie Policy available for further details.

We embed pixel tags (also called web beacons or clear GIFs) on web pages, ads, and emails. These tiny, invisible graphics are used to access cookies and track user activities (such as how many times a page is viewed). We use pixel tags to measure the popularity of our features and services. Ad companies also use pixel tags to measure the number of ads displayed and their performance (such as how many people clicked on an ad).

If you’re using our app, we use Advertising IDs on devices (such as a mobile or tablet) instead of cookies, to recognise you. We do this to store your preferences and track your use of our app. Unlike cookies, Advertising IDs are not deleted but can be reset in “Settings” on your device. Ad companies also use Advertising IDs to track your use of the app, track the number of ads displayed, measure ad performance and display ads that are more relevant to you.

We may allow service providers, advertising companies and ad networks, and other third parties to display advertisements on our Service and elsewhere. These companies may use tracking technologies, such as cookies or web beacons, to collect information about users who view or interact with their advertisements. We do not provide any non- masked or non-obscured personal information to third parties. Some of these third-party advertising companies may be advertising networks that are members of the Network Advertising Initiative, which offers a single location to opt out of ad targeting from member companies (www.networkadvertising.org). Opting out will not decrease the number of advertisements you see. To opt-out of cookies that may be set by third party data or advertising partners, please go to http://www.aboutads.info/choices/.

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing). You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing.

You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences, by following the opt-out links on any marketing message sent to you and/or by contacting us at any time]. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

In all circumstances, we may perform these functions directly or use a third party vendor to perform these functions on our behalf who will be obligated to use your personal information only to perform services for us. Also, if you access our Service from a third party social platform, such as Facebook, we may share non-personal information with that platform to the extent permitted by your agreement with it and its privacy settings.

We do not share your personal information with others except as indicated in this Privacy Policy or when we inform you and give you an opportunity to opt out of having your personal information shared. We may share personal information with:

We may share information, including personal and financial information, with third parties that perform certain services on our behalf. These services may include fulfilling orders, providing customer service and marketing assistance, performing business and sales analysis, ad tracking and analytics, member screenings, supporting our Service functionality, and supporting contests, sweepstakes, surveys and other features offered through our Service. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes.

Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

We may disclose your information, including personal information:

We may use and share non-personal information we collect under any of the above circumstances. We may also share it with third parties to develop and deliver targeted advertising on our Service and on websites or applications of third parties, and to analyse and report on advertising you see. We may combine non-personal information we collect with additional non-personal information collected from other sources. We also may share aggregated, non-personal information, or personal information in hashed, non-human readable form, with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis, advertising, marketing, or other business purposes. For example, we may engage a data provider who may collect web log data from you (including IP address and information about your browser or operating system), or place or recognise a unique cookie on your browser to enable you to receive customised ads or content. The cookies may reflect de-identified demographic or other data linked to data you voluntarily have submitted to us (such as your email address), that we may share with a data provider solely in hashed, non-human readable form. We may also share your geolocation information in de-identified form with companies and third parties for the above purposes. To opt out of the sharing of your geolocation information, please discontinue use of the Path Net Zero application.

Do Not Track (“DNT”) is a privacy preference that users can set in their web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We are committed to providing you with meaningful choices about the information we collect and that is why we provide the opt-out links above. However, we do not recognise or respond to any DNT signals, as the Internet industry works toward defining exactly what DNT means, what it means to comply with DNT, and a common approach to responding to DNT.

If you have a Path Net Zero account, you have the ability to review and update your personal information within the Service by opening your account and going to settings. Applicable privacy laws may allow you the right to access and/or request the correction of errors or omissions in your personal information that is in our custody or under our control. Our Privacy Officer will assist you with the access request.

This includes:

We will respond to requests within the time allowed by all applicable privacy laws and will make every effort to respond as accurately and completely as possible. Any corrections made to personal information will be promptly sent to any organisation to which it was disclosed.

In certain exceptional circumstances, we may not be able to provide access to certain personal information we hold. For security purposes, not all personal information is accessible and amendable by the Privacy Officer. If access or corrections cannot be provided, we will notify the individual making the request within 30 days, in writing, of the reasons for the refusal.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

We keep your information only as long as we need it for legitimate business purposes and as permitted by applicable legal requirements. If you close your account, we will retain certain data for analytical purposes and recordkeeping integrity, as well as to prevent fraud, enforce our Terms of Use, take actions we deem necessary to protect the integrity of our Service or our users, or take other actions otherwise permitted by law. In addition, if certain information has already been provided to third parties as described in this Privacy Policy, retention of that information will be subject to those third parties’ policies. By law we have to keep basic information about you for six years after you cease being a customer for tax purposes but we will destroy all unnecessary data held by you after 30 days.

In some circumstances you can ask us to delete your data: see your legal rights below for further information.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

You can choose not to provide us with certain information, but that may result in you being unable to use certain features of our Service because such information may be required in order for you to register as user; purchase products or services; participate in a contest, promotion, survey, or sweepstakes; ask a question; or initiate other transactions.

Our Service may also deliver notifications to your phone or mobile device. You can disable these notifications by going into “App Settings” on the app or by changing the settings on your mobile device.

You can also control information collected by cookies. You can delete or decline cookies by changing your browser settings. Click “help” in the toolbar of most browsers for instructions.

Legally, you have the right to:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

We take security measures to help safeguard your personal information from unauthorised access and disclosure. However, no system can be completely secure. Therefore, although we take steps to secure your information, we cannot promise, and you should not expect, that your personal information, chats, or other communications will always remain secure. Users should also take care with how they handle and disclose their personal information and should avoid sending personal information through unsecure email.

You agree that we may communicate with you electronically regarding security, privacy, and administrative issues, such as security breaches. We may post a notice on our Service if a security breach occurs. We may also send an email to you at the email address you have provided to us. You may have a legal right to receive this notice in writing. To receive free written notice of a security breach (or to withdraw your consent from receiving electronic notice), please notify [email protected]

‍We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We provide areas on our Service where you can post information about yourself and others and communicate with others. Such postings are governed by our Terms of Use. Also, whenever you voluntarily disclose personal information on publicly- viewable pages, that information will be publicly available and can be collected and used by others. For example, if you post your email address, you may receive unsolicited messages. We cannot control who reads your posting or what other users may do with the information you voluntarily post, so we encourage you to exercise discretion and caution with respect to your personal information.

Although our Service is a general audience Service, we restrict the use of our service to individuals age 18 and above. We do not knowingly collect, maintain, or use personal information from children under the age of 18.

We are a growing company with users and operations in multiple countries. We have developed data practices designed to assure information is appropriately protected but we cannot always know where personal information may be accessed or processed. While our primary data centres are in the United Kingdom and EIRE, we may transfer personal information or other information to data centres outside of the United Kingdom. In addition, we may employ other companies and individuals to perform functions on our behalf. If we disclose personal information to a third party or to our employees outside of the United Kingdom, we will seek assurances that any information we may provide to them is safeguarded adequately and in accordance with this Privacy Policy and the requirements of applicable privacy laws.

This Privacy Policy does not create rights enforceable by third parties or require disclosure of any personal information relating to users of the website.

We will occasionally update this Privacy Policy to reflect changes in the law, our data collection and use practices, the features of our Service, or advances in technology. When we post changes to this Privacy Policy, we will revise the “last updated” date at the top of this Privacy Policy, which will be posted on the Services under “Settings” and also on pathnetzero.com, and you should regularly check for the most recent version, which is the version that applies. If we make any material changes to this Privacy Policy, we will notify you of the changes by reasonable means, which could include notifications through the Services or via email. Please review the changes carefully. Your continued use of the Services following the posting of changes to this policy will mean you consent to and accept those changes. If you do not consent to such changes you can delete your account by following the instructions under Settings.

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impac t on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

‍Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

‍Comply with a legal obligation means processing your personal data where it is necessary for compliance with a legal obligation that we are subject to.