This Privacy Policy (“Privacy Policy”) explains how [Optival LTD] (“Company”, “we”, “us”, or “our”) collects, uses, and protects your personal data (as described below).
This policy applies to all websites and digital assets owned or managed by us, including sites, landing pages, and ads (collectively, “websites”). Our platforms provide information and comparisons of products and services offered by unaffiliated third parties, as well as facilitate user navigation to our business partners' sites (referred to as “Business Partners” and “Business Partners' Websites”), all as part of our service (“Services”).
Within this Privacy Policy, we outline the kinds of personal data we
collect from users, how and why we use it, potential sharing with
third parties, and your available rights and choices concerning your
data. By accessing, browsing, or otherwise using our web resources and
Services, you agree to the data handling and practices described
herein.
This document is an inseparable part of our
Terms of Use
(“Terms”). Any capitalized terms not defined here carry the meaning
provided in those Terms.
You are under no legal obligation to provide us with personal data;
however, declining to do so in certain cases may restrict access to
specific features (for example, we require your email for support
correspondence or contact via website forms). Some cookies are
essential for site function, while others are optional and used for
analytics or marketing, which you can opt out from as detailed in this
Privacy Policy. If you do not wish to provide necessary personal data,
you may refrain from using the corresponding features or discontinue
use of our website entirely.
Your use of our site or Services
means you consent to this Privacy Policy. If you do not agree with our
practices, please exit and do not utilize our platform.
For users in the EU or UK:
This Privacy Policy incorporates
required disclosures under the General
Data Protection Regulations
(“GDPR”) such as our processing grounds, your legal rights, our Data
Protection Representative, and instructions on exercising your rights.
We retain the right to update or modify this Privacy Policy periodically and at our discretion. Any new version will be published on our website, with the most current update date indicated under “Last Updated.” If required by law (including for material changes), we will inform you and/or seek your consent. Changes affecting existing personal data will come into effect after seven (7) days from the display of the revised policy. Please revisit this page regularly to stay informed on how your data is protected.
Protecting your privacy and upholding your rights as a data subject is important to us. For this reason, we have designated Prighter Group and its local partners as our privacy representative and point of contact for:
a. The European Union (EU)
b. The United Kingdom (UK)
Prighter allows you to easily exercise your privacy rights, such as requests to access or delete your personal information. To reach us via Prighter or submit a data rights request, please visit: Prighter | Compliance Landing Page of Optival LTD
Below you’ll find information about what personal data we collect, how we process it, the legal bases for doing so (where GDPR applies), definitions for “personal” and “non-personal” data, and an overview of related technical processes.
Categories of Data and Definition of Personal Data
“Personal Data,” as per data protection legislation, refers to any
information that identifies or can reasonably identify an individual —
such as IP addresses, cookie IDs, names, emails, or behavioral
profiles.
“Non-Personal Data” refers to information that cannot
be traced back to you as an individual (for example, aggregated site
usage statistics, device/browser types, territories, frequency of
visits, or non-unique technical data). Non-Personal Data is not linked
to identifiers and is handled separately. Should we combine Personal
and Non-Personal Data, the mixture will be treated as Personal Data.
How We Obtain Personal Data
Your data may reach
us in several ways, including:
(i) Automatically via tracking technologies and cookies (see our “Cookies and Similar Technologies” section), including ones installed by us, service providers, or business/marketing partners. Among these are “tracking links,” enabling us and partners to identify users sent from our site to a partner’s site.
(ii) Direct provision — for example, when you voluntarily communicate with us.
(iii) From Business Partners, primarily if you interact with them after being referred from our website.
Types of Data, Processing Purposes, & Legal Basis
Below is a summary of the types of Personal Data we process,
for what purpose, and the corresponding legal justification:
Online Identifiers: When accessing our website or
Services, we gather online identifiers like IP address, browser user
agent, and cookie ID. Optionally, a unique random identifier may be
assigned—especially when you use features that link out to Business
Partners’ sites.
Location Data: Your approximate geographic location
(e.g., by country), determined through your IP address.
Device Info: Technical details sent by your
device/browser: device model, version, browser type, OS, etc.
Usage Data: We track your interactions and activity
on our website, including pages visited, links clicked, and access
timestamps. This information may be stored with Online Identifiers in
logs.
Where location, device, or usage data are tied to online identifiers,
we treat the data as personal; otherwise, we may aggregate and
anonymize this information.
We use these data types to: maintain site operation, enhance security,
prevent fraud, debug, run analytics, market, refine advertising,
measure campaign performance, perform retargeting, and analyze how
users move from our Services to Business Partners' sites. Some data
collection occurs through cookies—using strictly necessary cookies is
based on legitimate interests, while other cookies require your
consent (which can be adjusted viaour cookie preferences manager at
any time).
Business Partners Engagement Data
When you click a Business Partner’s offer on our website and follow the referral, a unique ID is attached. We log that action—as well as, if applicable, confirmation from the Business Partner if you register, purchase, open an account, or make a transaction. We process this data to operate our business, calculate advertising fees (as described in our Terms), and keep records. Aggregated data may be used to improve our offerings and analyze Business Partner popularity—this is processed under legitimate interests.
Advertising Interaction Data
When running advertising campaigns for our websites or Services, we use third-party tools. These may collect data on your journey, such as the referral URL and campaigns that brought you to us, and whether you interact further with a Business Partner. These datasets are processed to manage and optimize our marketing efforts and are gathered by consent (adjustable in cookie settings).
Contact & Communications Data
If you reach out to us (for support, info, or otherwise), you may
provide your name, email, or other details. We’ll also keep a copy of
the correspondence. Such information is used to respond to your
requests, improve service, and maintain records. Most contact data is
processed with your consent, though we may also process for legitimate
interests (such as recordkeeping or resolving disputes).
Please note the nature and method of data processing may differ for
each case, as detailed above (often including automated steps such as
storage, analysis, transmission, or deletion). Transfers to other
countries are conducted on lawful grounds as explained in the
“International Data Transfers” section. We may also use certain
personal data to prevent or address fraud, illegal activities,
breaches of Terms, or threats to security—handled under legitimate
interests.
We utilize cookies and similar technologies (such as web beacons, pixels, and tags) whenever you access our website or interact with our Services. These are widely used small text files or codes placed on your browser/device to help deliver better browsing, maintain site functions, collect statistics, and enable advertising. For more about our cookie use, visit: www.allaboutcookies.org.
Our Cookies Settings banner provides details about specific cookies
used.
How to Control Cookies: Except for those strictly
necessary for the site to function, you can adjust your cookie
preferences or opt out at any time via our cookie management tool or
your own browser settings. Please be aware, disabling cookies might
impact your experience or access to certain features.
Your data may be shared with third parties, including reputable partners and service providers supporting our Services, as described below:
Business Partners: When you’re referred to a Business Partner’s website, we may share your unique ID and, for fraud prevention, your IP address or similar identifier—solely to facilitate business cooperation or track conversions.
Trusted Agents & Service Providers: To operate efficiently, we may grant trusted agents (counsel, advisors) or service vendors (such as cloud storage, CRM, or security providers) access to necessary personal data exclusively for agreed purposes. These providers are contractually bound not to use your data for any other intent and are required to secure and use personal data in compliance with applicable laws. They may, for their own purposes, use non-personal data only.
Group Companies & Acquirers: We may share data within our group or, in case of a business merger or acquisition, with an acquiring company. Any acquirer will inherit the obligations and rights under this policy.
Advertising Partners: If we use third-party ad
platforms or cookies (e.g., Google or social media), those vendors may
independently collect identifiers, device, and usage information to
aggregate, profile, or personalize ad delivery across their network.
Their data use is governed by their own privacy policies.
Legal/Governmental Authorities: We may disclose data
when required to by law, in response to legal processes (court orders,
subpoenas), litigation, or to comply with regulatory obligations or
law enforcement requests.
Owing to our global operations and use of international service providers (e.g., for cloud storage), your Personal Data may be transferred to or processed in countries outside your location. We handle such transfers in accordance with relevant data protection rules, ensuring your information is appropriately safeguarded, employing mechanisms such as standard contractual clauses or similar arrangements approved by authorities. If local law requires, your use of our Services is taken as consent for such international data transfers.
We retain your Personal Data solely for the duration necessary to
achieve the purposes for which it was collected, including for legal,
administrative, recordkeeping, or accounting purposes. Retention
periods are determined based on:
(i) Data type and its use: duration needed to fulfill collection
purposes, sensitivity, and potential risk from unauthorized use;
(ii) Legal obligations: some laws require us to retain certain
categories of data or respond to valid legal requests or court
orders;
(iii) Dispute or legal processes: we may keep data as needed to
protect our interests, defend legal claims, resolve disputes, or
enforce our terms.
When we determine retention is no longer needed or justified, your
Personal Data will be deleted or de-identified so it can no longer be
associated with you. Unless otherwise compelled by law, we may remove
your data for any reason at any time and without advance notice.
To help protect against data loss, misuse, unauthorized access, or alteration, we deploy security measures compliant with relevant standards and regulations. No system is entirely immune to threats, so we cannot guarantee complete security. Users should safeguard their own devices and networks accordingly, as risks are inherent to digital data storage and transmission.
You may exercise various rights relating to your Personal Data collected or held by us, depending on the legal regime and your relationship to us. Key rights are summarized below, along with guidance for submitting a request (such as via contact@pickember.co.uk or, for EU/UK residents, our Data Protection Representative at Prighter | Compliance Landing Page of Optival LTD). We may request additional information to verify your identity before actioning your request.
Right to Information: You may request details on our data collection and privacy practices. Most answers are found in this Policy, or you may contact us directly.
Right of Access: You may confirm whether we hold your data, find out which data is held, and request a copy.
Right to Rectification: You can request corrections or deletion of inaccurate/incomplete data, depending on the processing context and purposes.
Right to Erasure/Be Forgotten: You may request deletion of your data subject to conditions. Requests can be refused where we must retain data to fulfill obligations, resolve disputes, or for legal/compliance reasons. Exercising this right is possible via our contact methods above.
Right to Restrict Processing: Under certain circumstances, such as when accuracy is contested or processing is unlawful, you can request limits on our use of your data.
Right to Data Portability: You can obtain your data in a usable format and transfer it to another service, where technically feasible.
Right to Withdraw Consent/Object/Opt-Out: Where we rely on your consent, you can withdraw it at any time. This can be done via contact with us or directly in cases such as cookie settings (see our “Cookies” section). If we process data based on legitimate interests, you may object; we may continue if justified by overriding legitimate grounds or the need to defend legal rights.
Right to Appeal or Complain: If we decline your request, we’ll explain our reasoning as required by law. You may also lodge a complaint with the appropriate Data Protection Authority (see here for the EU, or contact the UK Information Commissioner).
Our Services are not directed to individuals considered children (under the age defined by applicable law). We do not knowingly collect personal data from children, and any such information will be deleted as soon as identified.
Our websites and Services contain links to external, third-party sites—including those of Business Partners. Clicking these or enabling connections may result in data collection or sharing by those parties, whose privacy practices we do not control. To exercise rights concerning information collected by third parties, please contact them directly.
