Privacy policy

Welcome to Little Birdie. Little Birdie is a subscription and bill management service that assists users by displaying all of their regular payments, bills and subscriptions in one simple app. It can then notify users of forthcoming payments, price changes, contract renewal or payment dates, and free trial end dates. It can also recommend alternative products or providers if relevant, and assist in the cancellation of unwanted products or services, or in switching to alternative deals.

Little Birdie enables you to harness the data held by your Bank and use it for your own benefit. We use the data you share with us to identify smart and relevant suggestions we believe will help you save time, money and hassle. However, we know this means we have an important responsibility to do the right thing with the data we hold. Rest assured, our number one priority is always how we store, analyse and protect your personal information.

Little Birdie is dedicated to safeguarding your personal information and respecting your right to privacy. Please contact us at hello@littlebirdie.co.uk if you have any queries or issues about our Privacy Policy or our procedures regarding your personal information.

This Privacy Policy explains how we may use your information in the cases that you:

Visit our Website at www.littlebirdie.co.uk
Download and use our Little Birdie App
Interact with us in other related ways, such as sales, marketing, or events.

In this Privacy Policy when we refer to:

“Website,” we are referring to any website of ours that references or links to this policy
“App,” we are referring to any application of ours that references or links to this policy, including any listed above.
“Services,” we are referring to our Website, App, and other related services, including any marketing advertisements, sales, or events.

The aim of this Privacy Policy is to explain what information we collect, how we use it, and what rights you have in relation to it as clearly as feasible. If you do not agree with any of the provisions in this Privacy Policy, please stop using our Services immediately.

Please carefully study our Privacy Policy to understand how we process your personal information. By interacting with us in the ways outlined in this Privacy Policy, you indicate that you have read and understood the entirety of this Privacy Policy as it relates to you.

1. Little Birdie – who we are

The Little Birdie App and/or Website and the Services are owned and operated by Little Birdie Holdings Limited. We are a company registered in England and Wales, with Company Number 13472909. and our registered office is Wellington House 273-275 High Street, London Colney, St Albans, Hertfordshire, England, AL2 1HA.

In this policy we refer to Little Birdie Holdings Limited as Little Birdie, we, us, our etc. And we refer to you as a user, you, your etc.

This Privacy Policy only applies to the use of your personal data obtained by us, whether from you directly or from a third party. It does not apply to personal data collected by third parties during your interactions with those third parties or your use of their products or services, for example, where you follow links from our App or Website to third party websites or services over which we have no control, or you purchase services from those third parties.

You can contact us at hello@littlebirdie.co.uk

2. What personal information do we collect from you?

We gather personal information that you voluntarily supply to us when you register with Little Birdie (Registration Information), express an interest in learning more about us or our products and services, engage in activities on the Services, or contact us in any other way.

We also gather personal information based on the context of your interactions with us and the Little Birdie Service, the choices you make, and the features you use.

We (or third parties acting on our behalf) may collect the personal data types listed below about you:

Personal information provided by you. Names, phone numbers, email addresses, postal addresses, usernames, passwords, contact preferences, contact or authentication data and similar information are collected.

We may process special categories of personal data as part of your financial transactions if they included information about your racial or ethnic origin, political viewpoints, philosophical beliefs, or trade union membership, as well as medical information or information about your sex life or sexual preference. We shall only keep this data if you have provided it to us as part of our services to you, and we will do it in full accordance with the law, and we will never use it for any unauthorized reason (for example profiling or tailoring of our service).

Log and Usage Data. Log and use data are information about service-related, diagnostic, usage, and performance that our servers automatically gather when you access or use our Services and stores in log files. This log data may comprise your IP address, device information, browser type and settings, information about your participation in the Services, device event information (system activity, problem reports, etc.), and hardware configurations, according on how you engage with us.

Device Data. We gather device data, which includes information about your computer, phone, tablet, or any other device that you use to access our Services. This device data may contain information such as your IP address, device and application identifying numbers, location, browser type, hardware model, Internet service provider and/or mobile carrier, operating system, and system configuration information, depending on the device used.

Location Data. We gather location data, which can be exact or imprecise, such as information about your device's position. The amount of information we collect is determined by the type and configuration of the device you use to access our Services (e.g GPS to detect your geolocation data). You can refuse to enable us to gather this information by either rejecting access to the information or removing your device's Location setting. Nevertheless, you may be unable to use certain parts of our Services in this case.

Mobile Device Access. We may seek access to or authorization to specific capabilities on your mobile device, such as social network accounts, contacts, and other functions. If you want to adjust our access or permissions, you may do so in the settings of your device.

Mobile Device Data. We collect device details (such as your mobile device ID, model, and manufacturer), operating system, version, and system configuration information, device and application identification numbers, browser type and version, hardware model, internet service provider and/or mobile carrier, and Internet Protocol address automatically. We might optionally collect information about the phone network connected with your mobile device, the operating system or platform of your mobile device, the type of mobile device you use, the unique device ID of your mobile device, and details about the functions of our App that you have visited.

Mandatory Data. Data that we are required to store for Financial Conduct Authority (FCA) reporting or audit purposes (e.g. complaints), and also your reference number that is exclusive to you (Unique Customer Identifier).

Push Notifications. We may ask to give you push alerts about our account or certain App features. If you do not want to receive these sorts of communications, you can disable them in your device's settings or under Profile from within the App.

3. What personal information do we receive from others about you?

To provide our Service, we work with and link to trusted third parties to view transactions of your bank accounts and/or credit cards. To enable you to access and share your transaction data, we work with Bud Financial Limited (www.thisisbud.com). Bud provide the regulated Account Information Service, and are authorised by the FCA as an Authorised Payment Institution. You can find out more about Bud here - Bud Financial Limited - Open Banking.

We receive the following information from Bud:

Your Account and transaction information. When you authorise us and Bud to connect to your accounts, they source and provide us with view level access to your bank accounts and credit cards which includes subscription and transaction information sourced from those accounts.

Visit BUD for more information on Bud and their T&C and their privacy policy

4. How do we use your personal information?

Purpose	Legal Basis	Registration Information
To send you marketing communications about the Little Birdie app and our Services, if you have signed-up on our website or app – including by telephone call and/or email and/or in-app	Consent	Name, Email address, telephone number
To investigate customer service queries or complaints after closure	Legitimate interests	Registration Information, Unique Customer Identifier, account information, transactional information, technical information,
To comply with regulatory and audit requirements	Legal obligation	Mandatory information
To create aggregated market research, from which all personal data is removed	Legitimate interests – so we can keep going as a business and continue to provide a free service, we may provide aggregated market research services, from which all personal data is removed, to other businesses in return for revenue. We may also use the same services to provide customers and potential customers with generic insights.	Account information, transactional information,
To fulfil offers, promotions and incentives	Fulfilling the terms of the offer/contract with you	Contact details, transactional information, account information
To monitor and improve our Service	Legitimate interests - to track the use of Little Birdie and identify areas where we can improve performance or functionality (business and technical)	Technical information,
To understand our customer base	Legitimate interests - to understand our user demographic, preferences and behaviours so we can improve the relevance of the service to individual customers and grow the business	Transactional information, technical information,
To provide customer support and maintain your account	Fulfilling our contract with you	Registration Information, Unique Customer Identifier, account information, transactional information technical information
To contact you with third-party recommendations tailored to you based on your subscription and transaction information - contact by us or via a third-party on our behalf including by telephone call and/or email and/ or in-app Consent Name, email address, telephone number, account information, subscription and transactional information	Consent	Name, Email Address, Telephone number, account information, subscription and transactional information
To fulfil our Services; including in-app or other Service based recommendations from us, tailored to you based on your subscription and transaction information.	Fulfilling our contract with you Legitimate interests – it is in our or a third party’s legitimate interest to use your personal data to ensure that we provide the Services in an effective, safe and efficient way.	Name, email address, telephone number, Registration Information, account information, transactional information, technical information, Unique Customer Identifier
To identify you as a customer and create your account	Fulfilling our contract with you	Unique Customer Identifier
To send communications to help you finish your registration	Legitimate interests – to help us develop our business and help our customers with the account opening process	Registration Information
To register you as a customer	Fulfilling our contract with you	Registration Information

We may also collect, create and use anonymised, aggregated reporting and statistics about users of our Services for the purpose of building information about our business and the market, and providing to third parties for industry analysis (and we might be paid for this), and for our marketing and promotion purposes. None of these anonymised, aggregated reports or statistics will enable our users to be personally identified. 

Our Application is intended to analyse your personal data in order to make suggestions to assist you to save money or make your life easier. We save data about you on our systems so that we can make choices about the products and services to recommend to you. We do not presently utilise automated processing or profiling to make judgments about you that might have a major impact on you (like refusing you financial products or credit profiling). In the case where this changes in the future, we will notify you accordingly.

More on our “Legal Basis”

The following are our legal basis for using your personal data, as stated in this Privacy Policy:

(A) Contractual performance: To provide our Services, we can only do so if we have permission to handle your personal data for that reason. As a result, the majority of our treatment of your personal data is required to carry out the agreement we have with you, as detailed above.

(B) Legal obligations: We shall additionally handle your personal data when we are required by law to do so. For instance, to:

Prevent and identify fraud, money laundering, and other types of crime, as well as security concerns.
Comply with all applicable laws and regulations, as well as any industry-specific necessary standards and rules.

(C) Legitimate interest:  We may also treat your personal data in accordance with our legitimate interests or the legitimate interests of others. Our justifiable interests are as follows:

to understand our user demographics, preferences, and behaviours in order to increase our relevance to individual consumers and improve our service;

monitor how the Apps and Website are being used and find areas where we may improve performance or functionality (both business and technical);
remain as a business and continue to provide a free service

(D) Consent: If we depend on your permission for using your personal data in a certain way, and you subsequently withdraw your consent by writing us at hello@littlebirdie.co.uk, we will stop using your personal data. This may mean we are no longer be able to offer you our App and related services.

5. What are your Privacy Rights?

You have specific rights under relevant data protection legislation in particular locations (such as the EEA and the UK). These might involve your right to:

seek information to and request a copy of your personal information,
request correction or deletion of your personal information,
restrict the processing of your personal information, and
data portability, where applicable.
you may also have the right to object to the processing of your personal information in certain circumstances.

Please use the contact information provided below to make such a request. Any request will be considered and handled in compliance with applicable data protection regulations.

If we are processing your personal information based on your consent, you have the right to withdraw your consent at any time. Please keep in mind that this will not impact the lawfulness of the processing prior to its withdrawal, nor will it affect the processing of your personal information based on legitimate processing grounds other than consent.

If you are a resident of the EEA or the UK and feel we are treating your personal information illegally, you have the option to lodge a complaint with your local data protection supervisory authority, being the Information Commissioner’s Office (ICO). Their contact information may be found at https://ec.europa.eu/justice/data-protection/bodies/authorities/index en.html EEA residents and at https://ico.org.uk/make-a-complaint for UK residents.

If you have questions or comments about your privacy rights, you may email us at hello@littlebirdie.co.uk

6. Sharing your information

We only share your data with the third parties listed below.

Other third parties	Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, or to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law or regulation.
Law enforcement or other government and regulatory agencies and bodies	We share personal data with law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation.
Third-party post/email/telephone marketing and CRM specialists	We share personal data with specialist suppliers who assist us in managing our marketing database and facilitating our post /email / telephone marketing communications and account-related communications.
Advertising partners	We share personal data with third party advertising partners, when you use our Services[s]. This data is used to provide you with, and measure the effectiveness of, online personalised advertising and for other advertising related activities. These third parties may also assist us in providing you with third-party recommendations tailored to you based on your subscription and transaction information including via email and/or telephone call.
Third-party suppliers who provide applications/ functionality, data processing or IT services	We share personal data with third parties who support us in providing our Services and help provide, run and manage our internal IT systems. Such third parties may also include, for example, providers of information technology, cloud-based software-as-a-service providers, identity management, website design, hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them. We also share your personal data with third-party service providers to assist us with insight analytics.
Decision Tech	When you choose to look at offers relating to energy, mobile, broadband and insurance we will transfer you to the secure Decision Tech platform. We will send your name and email address to pre-populate these fields within the Decision Tech site and you will complete any further data entry to get relevant offers within their secure environment. We will not see any of this further information.  Please note that when you submit further information to Bud you will be subject to their Privacy Policy
Bud	Bud provide the Open Banking service which securely manages your consent with your Banks to provide Little Birdie with your transactions information. We only pass your name to Bud and you complete any further data entry within the Bud secure open banking environment. We do not see any of this information Please note that when you submit further information to Bud you will be subject to their Privacy Policy

When we transmit any personal data about you to any of the non-UK providers listed earlier in this section, we will take reasonable steps to verify that the receiver appropriately secures your personal data in line with this Privacy Policy.

Partners and services that you choose to utilise via our Company’s service may store your data in other countries or sections of the world. We urge that you thoroughly review their privacy policies. When you utilise a partner service, the partner or our Apps will make these privacy rules available to you. Do keep in mind that the handling of your data by our partners is regulated by their terms and conditions and privacy policies - we have no influence over this. If you want your data deleted by a partner, you need contact them personally. We will do everything we can to assist you.

7. How long do we keep your Data?

We will only store your personal information for as long as it is required or authorised by law unless a longer retention period is required or permitted by law. IN general we will in any event not retain your personal information for more than twelve (12) months after the user's account is terminated.

When we no longer have a legitimate business need to handle your personal information, we will either delete or anonymize it, or if this is not feasible, we will securely retain it and isolate it from further processing until deletion is practicable.

8. Third-Party Websites and Information

This Privacy Policy only relates to personal data that we acquire or obtain from third-party sources; we are not accountable for private information concerning you that third parties gather and retain. Third-party websites have their very own terms and conditions and privacy policies, which you should read carefully prior to submitting any private information to these websites. We assume no liability or responsibility for the content of third-party websites, or for the terms and conditions or policies of third-party websites.

9. Protection of your Personal Data

We have put in place adequate technological and organizational security measures to ensure the safety of any personal information we handle. Even so, no electronic transmission over the Internet or information storage technology can be guaranteed to be secure, so we cannot promise or guarantee that hackers, criminal activities, or any unauthorized third-parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. We will do our best to secure your information, and we will also ensure that we comply with the legal security standards that govern our Company's operations. To help us safeguard your personal data, you should adhere to our security rules and procedures, which we may inform you about from time to time under our Terms. Please be assured that your banking data is always protected by bank-level security.

10. Cookies

To access or retain information, we employ cookies and similar web or app tracking technologies (such as beacons and pixels).

Our Cookie Notice: http://www.littlebirdie.co.uk/cookiepolicy has specific information on how we use such technologies and how you may refuse certain cookies.

When you first use our Website or App, we shall ask you if you agree to our use of cookies. You have the option of consenting to particular cookies. These settings will then be remembered for one year; nevertheless, you may disable or update your cookie preferences at any time by visiting this page. You may also erase cookies using the settings of your browser or mobile phone.

One of our partners CYTI Ltd may also view, edit, or set their own cookies. The use of these technologies by third parties is subject to their own privacy policies and is not covered by this Policy, except as required by law. For more information about CYTI and its use of cookies please see the CYTI Ltd privacy policy here.

11. Minors

To use our Company’s service, you must be at least 18 years old. Our Website and Apps are not intended for minors under the age of 18, and we do not intentionally collect personal information from visitors in this age range. If we discover that we have accidentally received personal data from you via our Website, Apps, or any other source while you are under the age of 18, we will erase that information as quickly as practicable.

If you believe we have accidentally obtained personal data from a child under the age of 18, please notify us at hello@littlebirdie.co.uk.

12. Updates to this Privacy Policy

We reserve the right to change our Privacy Policy at any moment. Any modifications to our Privacy Policy that we make in the future will be placed on this page and, if a major modification is made, will be disclosed to you through email or another suitable method.

The revised version will be denoted by a new "Revised" date, and it will be effective as soon as it is available.

13. Contact Details

If you have any questions or comments about this Privacy Policy, you may e-mail us at hello@littlebirdie.co.uk or by post to:

Little Birdie Holdings Limited

Wellington House, 273-275 High Street,

London Colney,

St Albans, Hertfordshire,

England, AL2 1HA.

Last updated on: 13/06/2023