Privacy Policy

Version December 2021

Allego Privacy Policy - version December 2021

This privacy policy discloses the privacy practices of Refract Software, Refract an Allego Company (“Refract” or “we,” “us,” etc.). It will inform you of the following:

  • What personally identifiable information (“Personal Data”) is collected from you, how it is used and with whom it may be shared.
  • What choices are available to you regarding the use of your Personal Data.
  • The security procedures in place to protect the misuse of your information.
  • How you can correct any inaccuracies in the information.

How and When this Privacy Policy Applies

This Privacy Policy applies to the processing of Personal Data collected by us when you:

  • Visit this website or our offices;
  • Send or receive communications to or from us, including emails, phone calls, texts or fax;
  • Use our cloud services as an authorised user (for example, as an employee of one of our customers who provided you with access to our services), but only in those situations where we act as a controller of your Personal Data; or
  • Register for, attend and/or otherwise take part in our events, webinars or contests.

Refract is the controller of your Personal Data as described in this Privacy Policy, unless expressly specified otherwise.

This Privacy Policy does not apply to the extent we process your Personal Data in the role of a processor on behalf of our customers (for example, when that customer is your employer), including where we offer to our customers various cloud services through which our customers (and/or their affiliates) collect, use, share or process Personal Data via our cloud services.  To understand the policies that apply to you when a Refract customer (and/or a customer affiliate who uses the Refract cloud services) is the controller, please contact that customer directly. We are not responsible for the privacy or data security practices of our customers, which may differ from those set forth in this Privacy Policy.

Information Collection, Use, and Sharing

Information we collect

We are the sole owners of the information collected directly from users of this website and, in some cases (explained below), from users of our services, and from other sources. This includes:

  • Information you give us. You give us information about yourself when you use our website or when you correspond with us by phone, email, in person or otherwise. When you use our website to request information about our services, download a document, register for an event, schedule a demo, or post a comment or provide feedback on our website, we require you to provide us with your personal contact information, such as your name, company name, job title, email address, phone number and the country in which you are located. When you apply for a job on our website, we require you to provide additional Personal Data.
  • Information we collect about you. We use common information-gathering tools, such as tools for collecting usage data, cookies (defined below), web beacons and similar technologies to automatically collect information that may contain Personal Data from your computer or mobile device as you navigate our websites, our services or interact with emails we have sent to you. This may include your IP address, browser type and information regarding your use of the website such as a log of your visits to the website, your browsing activity, your page views and downloads, and the URLs of the sites you came from. If you use certain features of our services on a mobile device, we may also collect telephony log information, device event information, and location information.
  • Information received from other sources. Our website may link to other websites operated by third parties (“Third Party Websites”). You may have the ability to provide information such as your name, email address, company name, location, and phone number, on such Third Party websites, when you request more information, register for a trade show or event or perform other activities on these Third Party Websites. Third Party Websites may share with us your personal and/or business contact information, such as your name, email address, company name, job title, phone number, as well as your browsing activity, for our marketing and promotional purposes. You may also provide your information to our resellers and channel partners, who provide such information to us for our joint marketing purposes. In addition, we collect information from publicly accessible sites such as business directories and social media sites. We do not control, and are not responsible for, the content or practices of Third Party Websites. This Privacy Policy does not apply to Third Party Websites, which are subject to their own privacy policies.

How we use your Personal Data

We will use the information we collect for our commercial and business purposes in the following ways:

  • As it is important for us to be responsive to you and to ensure the proper functioning of our website and proper delivery of our services, we believe it is in our legitimate interests to use information you give us and information we collect about you to:
    • perform the services you requested, such as providing you with more information about our products and services, scheduling a demo or enrolling you in a webinar;
    • manage user registrations;
    • handle contact and support requests – if you fill out a “Contact Me” web form or request user support, or if you contact us by other means including via a phone call, we process your Personal Data to the extent it is necessary for our legitimate interest in fulfilling your requests and communicating with you;
    • further develop our products and services, and provide you with customer and/or technical support for our products and services;
    • support our intent to maintain and improve the performance and security of our website and our services and improve and administer our services for our internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
    • aggregate your information with the information of our other website visitors in order to analyse and administer our website and services; this information may include (but is not limited to) your IP address, your browser type, the pages that you viewed, the dates and times that you visited and the URL of the website you came from and the website you went to after you left our site.
    • comply with legal requirements and enforce the terms and conditions of our agreements, including the investigation of potential violations;
    • inform you of changes to this privacy policy
    • assist you with problems using our website, measure and understand the effectiveness of the content we serve to you and others and present our website content in a more effective manner for you and for your computer or device;
    • enable you to apply for a job with us; and
    • register office visitors.
  • With your consent, or where we are able to under the applicable law, we may use your Personal Data to (i) inform you about product upgrades, special offers or other products, services and information (including from third parties); (ii) conduct market research; (iii) ask you to complete surveys or evaluations; (iv) plan and host company events, online forums and social networking activities, such as our user conference or webinars about our products and services or the products and services of our partners; or (v) notify you about changes to our products or services. If you wish to withdraw your consent to such marketing, you can do so by using the unsubscribe function in any email we address to you or by emailing
  • We may process your location data to enable us to identify you by IP address so that we may deliver a more targeted website experience, or to enable us to comply with applicable laws. If you wish to withdraw your consent to us using location data, you can do so by emailing
  • If we use your personal information for an unrelated or new purpose that isn’t otherwise permitted by applicable law, we will notify you and we will explain the legal basis that allows us to do so (and if you are a California, US resident, we will obtain your consent for the new use).

When we receive information directly from individuals who are citizens or residents of the European Union, that information may include “personal data,” as regulated by the European Union’s General Data Protection Regulation (“GDPR”). As the recipient of this information from individuals other than those who are using our cloud services as authorised users of our customers, Allego is a data “controller” under the GDPR.  As mandated by the GDPR, we will respond to your requests to delete, correct, transfer, provide information about and otherwise manage the data you have submitted to this website.  You may opt out of any future contacts from us at any time. We provide these rights to anyone who submits information to our website, whether or not he or she is a citizen or resident of the European Union. To request any of those services, please contact us at

How we share your Personal Data

We will not sell or rent your Personal Data to anyone.   We may share your Personal Data with the following selected third parties:

  • our website hosting and operating suppliers located in the US & UK, which store your Personal Data in the US and other countries, to enable us to operate our website and deliver web content to you and who enable you to conduct certain activities on our website, such as downloading a document;
  • our analytics and search engine providers, located in the US and other countries, which store your personal data in the US, the UK, the EU, to assist us in the delivery, improvement and optimisation of the website;
  • the provider or providers of remote software hosting services that we engage to host our software, which may store your personal data in the US, EU, UK and other countries depending on the location from which you are accessing the software and whether we or our customer have authorised storage of your personal data in that location, if you are a user of our services;
  • our consultants and independent contractors located in the US, the UK, the EU and other countries, which may access your Personal Data from each of these locations to provide implementation and other professional services, or customer and technical support, on our behalf to you, if you are a user of our services;
  • (if you use our services as an authorised user of one of our customers) our cloud service providers located in the US, who store your personal data in the US, EU, UK and other countries, who provide us with customer service and relationship management services so that we can serve you as a customer and comply with our contract with you;
  • (if you use our services as an authorised user of one of our customers) your affiliated customer responsible for your access to the services to the extent this is necessary for verifying accounts and activity, investigating suspicious activity, or enforcing our terms and policies;
  • (unless you opt out) our cloud service providers located in the US, who store your personal data in the US, EU, UK and other countries, who provide us with sales and marketing automation services based upon information we obtain from our website so that we can market to you, or who provide channel relationship management services so that we can market and sell to you through our sales channels;
  • (unless you opt out) our marketing partners located in the US, UK and EU, which store your personal data in the US, UK, EU and other countries;
  • advertisers and advertising networks located in the US, which store your personal data in the US and other countries, that require the data to select and serve relevant advertisements to you and others;
  • in individual instances, professional advisers acting as processors or joint controllers including lawyers, bankers, auditors and insurers based in countries in which we operate who provide consultancy, banking, legal, insurance and accounting services, and to the extent we are legally obliged to share or have a legitimate interest in sharing your Personal Data;
  • if we are involved in a merger, reorganisation, dissolution or other fundamental corporate change, or sell a website or business unit, or if all or a portion of our business, assets or stock are acquired by third party, with such third party. In accordance with applicable laws, we will use reasonable efforts to notify you of any transfer of Personal Data to an unaffiliated third party; and
  • companies that we acquire in the future when they are made part of the Allego corporate group, to the extent such sharing of data is necessary to fulfill a request you have submitted via our websites or for customer support, marketing, technical operations and account management purposes.

US - California

Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Consumer Privacy Act. We therefore will not sell your personal data to outside parties without your consent.  You have the right not to receive discriminatory treatment by the business for the exercise of the privacy rights conferred by California law.


We use cookies and other similar technologies (such as web beacons) (“Cookies”) to enhance your experience using the website. “Cookies” are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, and to deliver a better and more personalised service. Refract, Allego and its marketing partners or suppliers may use Cookies when you interact with our website or use our online products. We use Cookies to track your visits to the website and what links you click on, as well as to track your page views, so that we can understand what content is of interest to you and present you with a better browsing experience. We also use Cookies to track and deduplicate information you provide when you submit a form to us, to test whether you have cookies enabled, and to remember you if you visited the website previously.

Cookies may be either “persistent” cookies or “session” cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

We use the following Cookies:

  • Strictly necessary Cookies. These are Cookies that are required for the operation of the website. They include, for example, Cookies that enable you to log into secure areas of the website.
  • Analytical/performance Cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the website when they are using it. This helps us to improve the way the website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality Cookies. These are used to recognise you when you return to the website. This enables us to personalise our content for you (such as to pre-fill forms that you have filled out on our website in the past).
  • Targeting Cookies. These Cookies record your visit to the website, the pages you have visited and the links you have followed. We use this information to help make our marketing activities more relevant for you. We may also share this information with third parties for this purpose, consistent with the section titled “How we share your Personal Data” above.

If for any reason you wish to not take advantage of Cookies, you may disable Cookies by changing the settings on your browser.

Information Submitted to a Refract / Allego Service by Users Authorised by Our Customers

As described above, we may also process Personal Data submitted by or for a customer to our cloud services. To this end, if not stated otherwise in this Privacy Policy or in a separate disclosure, we process such Personal Data in the role of a processor on behalf of a customer (and/or its affiliates) that is the responsible controller of the Personal Data concerned. We are not responsible for and have no control over the privacy and data security practices of our customers, which may differ from those set forth in this Privacy Policy. If your Personal Data has been submitted to us by or on behalf a Refract / Allego customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Refract / Allego customer directly. Because we may only access a customer’s data upon instruction from that customer, if you wish to make your request directly to us, please provide to us the name of the Refract / Allego customer who submitted your data to us. We will refer your request to that customer, and will support them as needed in responding to your request within a reasonable timeframe.


We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline. Wherever we collect sensitive information, that information is encrypted and transmitted to us in a secure way.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

While we follow generally accepted standards to protect Personal Data, no method of storage or transmission is 100% secure. You are solely responsible for protecting your password, limiting access to your devices and signing out of websites after your sessions.

How Long Do We Keep Your Personal Data? 

We may retain your Personal Data for a period of time consistent with any legal purpose of collection that applies to your interaction with us. We determine the appropriate retention period for Personal Data on the basis of the amount, nature and sensitivity of your Personal Data processed, the potential risk of harm from unauthorised use or disclosure of your Personal Data and whether we can achieve the purposes of the processing through other means, as well as on the basis of applicable legal requirements (such as applicable statutes of limitation).  After expiration of the applicable retention periods, your Personal Data will be deleted. If there is any data that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further use of such data.


Our Privacy Policy may change from time to time and all updates will be posted on this page.

Questions; Contacting Company; Reporting Violations

If you have any questions or concerns or complaints about our Privacy Policy or our data collection or processing practices, or if you want to report any security violations to us, please contact us at the following address or email, or use the “Contact Us” button below:

Contact Us

Refract, an Allego Company

Generator Studios, Trafalgar Street

Newcastle Upon Tyne


If you are a California, US resident and you want to exercise your rights, or you wish for an authorised agent to make a request on your behalf, please contact us on our toll-free telephone number at Allego-  833-920-1988 or click on the ‘Contact Us’ button above.