You trust us to encrypt your data. That’s why we treat it like our own.

We believe in real transparency and will always tell you how we protect your most valuable asset.

Privacy Statement

Updated September 2021

Welcome to the Nimbox Privacy Notice

This information has been produced to help you understand everything you need to know about the way Nimbox collects, uses, and shares personal data, what your legal rights are and how to exercise them.

We hope you’ll take some time to read this document; we’ve tried to keep it all as simple as possible and to avoid jargon, and we’ll make our best efforts to keep you informed if there are any changes to the way we process your personal data in the future.

Nimbox takes its responsibility for protecting your data very seriously and we do advise you get to know our practices. If there’s anything here you don’t understand, or if you want to ask any questions, please feel free to contact us.

Who is the Data Controller?

We are Nimbox.

Registered address: The Waterscape, 42 Leeds & Bradford Road, Leeds, West Yorkshire. LS5 3EG

Registration number: 08280927

In this document Nimbox may be referred to as “we”, “us”, or “our”.

What kinds of Personal Data does Nimbox Process?

Nimbox collects personal data for various purposes; with that in mind we have created a list of the types of personal data that we may collect, either directly from yourself or from other sources, in order to achieve those purposes.

The kinds of personal data we may collect include:

Customer / Client

Organisation name, e-mail address.

Supplier / Trader

Contact details and bank details.


Names, e-mail addresses, bank details.

What are the reasons Nimbox collects Personal Data?

Legal Obligations

Nimbox uses personal data firstly to fulfil any contractual obligations that exist between us and yourself. Where we request personal data be provided to enter into, or meet the terms of any such contract, you will be required to provide the relevant personal data or we will not be able to deliver the goods or services you want. In such cases the lawful basis of us processing the personal data is that it is necessary for the performance of a contract.

We are required by law to process personal data for purposes relating to our legal obligations, these include:

To provide for our financial commitments, or to relevant financial authorities.

 Legitimate Interests

Nimbox may process Personal Data for any of the following purposes, which are considered to be within our legitimate business interests:

To provide goods and services where it has been requested,

Where does Nimbox obtain Personal Data from?

We will collect personal data directly from you in various ways. This could include when you complete an online form, or if you provide the data directly to a representative of Nimbox.

We collect some personal data from publicly accessible sources such as:

Companies House, credit scoring companies. General internet search and company websites.

We may also gather personal data by any of the following methods:

From third-party organisations provided for future marketing purposes.

Who will Nimbox share your Personal Data with?

To achieve the above stated purposes for which we process your personal data, we may have to share your personal data with certain third parties.

We shall make all reasonable efforts to ensure that any third-party we share your personal data with is also compliant with data protection law.

The kinds of third parties we may share your personal data with include:

Other members of a group of companies to which Nimbox belongs.

Organisations where it is necessary to setup various resources.

Organisations that are acting as our marketing agents.

Where will Nimbox store your Personal Data?

Nimbox will not transfer your personal data to any country other than those that have been granted an adequacy decision under the General Data Protection Regulation.

We may however share your personal data with third-party organisations who then transfer the data. We shall take all reasonable measures to ensure those third parties are also compliant with data protection law.

How long will Nimbox keep your Personal Data?

We will keep your personal data only for as long as required to achieve the purposes for which it was collected, in line with this privacy notice.

The following criteria are what determine the period for which we will keep your personal data:

Until we are no longer required to do so to comply with regulatory requirements or financial obligations.

Your Rights, Our Responsibility

There are several rights granted to you immediately upon providing us with your personal information; some of these are mentioned above. We’d like you to know that at Nimbox we take your rights seriously and will always conduct ourselves in a way that is considerate of our responsibility to serve your legal rights.

The Right of Access

This grants you the right to confirm whether or not your personal data is being processed, and to be provided with relevant details of what those processing operations are and what personal data of yours is being processed.

If you would like access to the personal data we have about you, we ask that you contact us using the details below.

The Right to Rectification

This one is fairly straight forward; if you notice that the data we have about you is inaccurate or incomplete, you may request we rectify the mistake. We will make every effort to respond to requests of this type immediately.

The Right to Erasure

Otherwise known as the ‘right to be forgotten’, this given you the right to request your personal data be deleted.

This is not an absolute right; if you were to request that we erase your personal data, we would erase as much of that data as we could but may have to retain some information if it is necessary.

Were we have received a request for personal data to be erased, if it is necessary for us to retain some of that information we shall ensure that the remaining data is used only when and where it is absolutely necessary.

The Right to Objection

The right to object is a basic freedom all democracies enjoy. If you wish to object to the way we use, or have used, your personal data you may do so freely.

The Right to Complain

We will always try to maintain the highest standards and encourage the confidence our customers have in us as an organisation. To achieve this, we request that any complaints be first brought to our attention so we can properly investigate matters. If you would like to complain about Nimbox to a regulatory body, you may do so by contacting your local data protection supervisory authority.

Nimbox Contact Details


The Waterscape, 42 Leeds & Bradford Road, Leeds, West Yorkshire. LS5 3EG

+44 (0)3454 757574

Who is the Nimbox EU Representative?

Ametros Ltd

Lakeside Offices, Thorn Business Park, Hereford, England, HR2 6JT

0330 223 2246