Privacy policy


This Privacy Policy is issued on behalf of FlyForm (formerly known as GovNow Ltd.) so when we refer to “we”, “us” or “our” in this Privacy Policy, we are referring to FlyForm, who is responsible for processing your data.

We respect your privacy and are committed to protecting your personal data. This Privacy Policy will inform you as to how we look after your personal data when you visit our website (, regardless of where you visit it from, and tells you about your privacy rights and how the law protects you.

Our policies are governed by the European General Data Protection Regulations (GDPR). Should you find our practices, or our response to any query you raise with us regarding data privacy and protection, unsatisfactory, you have the right to file a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection (

For client having business dealings with FlyForm, further policies apply, details of which you may obtain from your account manager.

We keep this Privacy Notice under review and will reflect any updates or changes to practice within this Privacy Notice (to reflect changes in operations and the way we process your data). This Notice was last updated on 27 June 2022.

Important information and who we are

Purpose of this Privacy Policy

1. This Privacy Policy aims to give you information on how we collect and process your personal data through your use of the website, including any data you may provide through the website when you:

  • register with us
  • register for any of our events or resources
  • fill out our online contact form
  • correspond with us
  • purchase a product or service

2. This website is not intended for children, and we do not knowingly collect data relating to children.

3. It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you, so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.


1. FlyForm is the controller and responsible for the website including overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact us at:

FlyForm Ltd
Capital Tower
Greyfriars Road
CF10 3AG

2. You have the right to make a complaint at any time to the Information Commissioner’s Office, the UK supervisory authority for data protection issues ( or to any equivalent body in the relevant jurisdiction (collectively, the “ICO”). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to the privacy notice and your duty to inform us of changes

1. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Third-party links

1. This website may include links to third-party websites, plugins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave the website, we encourage you to read the privacy policy of every website you visit.

Personal data collection

The data we collect about you

  1. Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
  2. We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows
    1. “Identity Data” includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth, photographs, job title, national insurance number, age, and gender.
    2. “Contact Data” includes billing address, residential address, delivery address, email address, work address, social media handles, telephone numbers, and fax number.
    3. “Financial Data” includes bank account details.
    4. “Transaction Data” includes details about payments to and from you and other details of products and services you have purchased from us.
    5. “Technical Data” includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plugin types and versions, operating system and platform, full ‘Uniform Resource Locators’ clickstream to, through and from the Site (including date and time), and other technology on the devices you use to access the Site.
    6. “Profile Data” includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses, products you viewed or searched for; page response times; download errors; length of visits to certain pages; and page interaction information (such as scrolling, clicks, mouse-overs, and methods used to browse away from the page).
    7. “Usage Data” includes information about how you use the Site, products, and services.
    8. “Marketing and Communications Data” includes your preferences in receiving marketing from us and our third parties, and your communication preferences. Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.

How your personal data is collected

  1. We use different methods to collect data from and about you including through:
    1. Direct interactions. You may give us your Identity Data, Contact Data and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
      • apply for our products or services
      • register for any of our events
      • request marketing to be sent to you
      • promotion or survey
      • give us some feedback
      • use the contact form
      • request a whitepaper download
    2. Automated technologies or interactions. As you interact with the Site, we may automatically collect Technical Data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. See also section titled “cookies” below for further details.
    3. Additionally, through our use of Google Analytics, we collect technical data about you, such as your internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access the website
    4. Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources such as analytics providers; search information providers; advertising networks; technical, payment and delivery services; data brokers or aggregators; and publicly available sources, such as Companies House and the Electoral Register based inside the EU.

Please email to find out more about the various third parties and public sources from which we may receive personal data about you.

Use of personal data

  1. We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
    1. Where we need to perform the contract we are about to enter into or have entered into with you.
    2. Where it is necessary for our legitimate interest (or those of a third party) and your interests and fundamental rights do not override those interests.
    3. Where we need to comply with a legal or regulatory obligation

Please email to find out more about the types of lawful basis that we will rely on to process your personal data.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third-party direct marketing communications to you via email or text message.

  1. Promotional messages from us
    1. We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
    2. We may use your Identity Data, Contact Data, Technical Data, Usage Data and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).
    3. You will receive marketing communications from us if you have requested information from us, have purchased goods or services from us, or if you provided us with your details when you downloaded content or registered for an event. In each case, you have not opted out of receiving that marketing.
    4. See also section titled “storage and retention of personal data” below for further details about how long we keep your data.
  2. Opting out
    1. You can tell us or third parties not to contact you with updates and information regarding our products and services by following the unsubscribe instructions on any communications sent to you.
    2. You have the right to withdraw consent to marketing at any time by emailing
    3. Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us because of a product/service purchase, product/service experience or other transactions.
    4. Please Note: Opting out does not preclude you from submitting forms on our website – e.g. to sign up for a webinar. As a result of you taking this action, some communications will be triggered even if you have chosen to opt out of marketing previously, so that we can meet the request you have made by submitting the form (e.g. to provide a join link to the webinar).
  3. Profiling, segmentation and targeting
    1. The information you provide may also be used for profiling, segmentation and targeting purposes via our CRM and/or marketing automation platform. This enables us to personalise your experience and improve business performance – for example, by helping to determine which content you may find most relevant, so that we can direct you to more of this and to less of the information that you find less useful.
    2. Typical uses include dividing our database into sub-groups based on shared characteristics, lead nurturing and triggered communications.
    3. You also have the right to withdraw consent to this profiling by emailing
  4. Analysing the use of our website
    1. To better understand how users access and use our website, both on an individual and aggregated basis, we use:
      • Google Analytics – aggregated and de-identified information on audience, acquisition, behaviour and conversions.
      • HubSpot – to track individual activities and interactions

This data is collected and analysed with the intention of improving the user experience and the performance of our website.

5. Understanding marketing/campaign performance

a. We use the following platforms to understand how our marketing activities are performing:

  • HubSpot – including email performance metrics.
  • Google Analytics – including acquisition source.
  • LinkedIn – including performance metrics.

Data may be aggregated and analysed to create business intelligence which will enable us to report on performance and make better informed decisions about future activities.


We, or third-party service providers we use, may automatically collect and store information about your visits and interactions with our site in collective or aggregated data that does not identify you specifically, but is automatically received and recorded by us through the use of “cookies.” These include:

  • Third-party service cookies: the functionality offered within the website to access whitepapers and to register for events is provided by third parties. These services use cookies provided by those third parties. FlyForm has no access to any data collected through these third-party service cookies.
  • Analytics cookies: the website uses Google Analytics to track your interaction with it, so we can measure its efficiency and improve its usefulness. This functionality uses cookies provided by Google. These cookies are common to all of Google Analytics’ tracking of your interactions with various services across the internet. Google may use the information it gathers about your interaction with the website to inform other services it provides, including targeting advertisements. FlyForm does not have access to any data gathered by Google in through these analytics cookies.

A cookie, also known as an HTTP cookie, web cookie, or browser cookie, is used by our web site to communicate certain information to and from your browser and the website. This will include:

  • Browser
  • Language
  • Device ID
  • Operating System
  • Device Name and Model
  • Location (e.g. Country or City)
  • Pages viewed
  • Links clicked
  • Time of visit
  • Length of visit
  • Referring URL/web page

Cookies cannot be programmed, cannot carry viruses, and cannot install malware on your computer. Learn more about cookies on our Cookie Policy page.

You may refuse the use of cookies by selecting the appropriate settings in your browser.

Most browsers will allow you to see what cookies you have and delete them from particular or all websites.

Be aware that any preference you have set will be lost if you delete all cookies.

For more information on how to modify your browser settings to block or filter cookies, see or

  • Clear GIFs, pixel tags and other technologies

Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies, which are embedded invisibly on web pages. We or our service providers may use clear GIFs, in connection with our site to track your activities and compile statistics about usage of our site (e.g. web or social media analytics). For example, we use HubSpot to deliver our email communications. We gather statistics around email opening and clicks using industry standard technologies including clear gifs to help us monitor and improve performance.

  • Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.

If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Storage and retention of personal data

You can exercise your right to prevent marketing communications to you by not checking certain boxes on the forms we use to collect your personal data, or by utilising opt-out mechanisms in emails we send to you. You may also ask us to delete any of your data we hold. If you opt out of updates and other communications, or delete your data, we will retain minimum personal data to document these requests and thereby avoid using your personal data for any other purpose.

In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

How long we keep your information

  1. As long as you keep engaging with us, we will retain your personal information under legitimate interest for as long as we consider there is value to you and to us of maintaining contact, unless you ask us to delete it sooner.
  2. Contacts are only kept in our marketing database if they are showing signs of engagement (i.e. our database and system records at least an email click). This means we will stop emailing you if we haven’t heard from you for 12 months, and from this point you will be considered an inactive or ‘non-marketing’ contact. If you re-engage with us (by submitting a form on the website for example), you will be re-added to our mailing list and will start to receive emails again.
  3. Non-marketing contacts are retained for a further 12 months before being permanently deleted if no further engagement is received.

Who we might share this information with

We will only disclose and/or share your personal data as required by law (or law enforcement), or to fulfil the functional request you made in providing us with your personal data.

We will ensure that all third parties we engage to enable us to fulfil your requests will handle your data in compliance with the European General Data Protection Regulation. Such third parties will only be permitted to process your data to fulfil your requests; they will not be permitted use of your personal data for any other purpose.

  1. We may disclose your information to vendors, service providers or agents who perform functions on our behalf and enable us to:
    1. Fulfil requests for information
    2. Host content and assets
    3. Receive and send communications
    4. Update our records and marketing lists
    5. Generate reports
    6. Analyse data
  2. Third-party platform providers include:
    1. HubSpot: Marketing automation platform.
    2. ServiceNow
    3. Salesforce/FinancialForce PSA: CRM system.
    4. Google Analytics: Web analytics.
    5. LinkedIn: Insights Tag (i.e. advertising).
    6. SurveyMonkey: Online survey tool.
  3. FlyForm staff
    1. To enable us to respond to your enquiries and contact you with relevant offers, your personal information will be disclosed to our employees, including sales and marketing personnel.
    2. Our employees will only use your information to the extent necessary to perform their functions.
  4. Business transfers
    1. In the event that we undergo re-organisation (including rebranding) or if we are acquired by/merge with another company, you agree that any personal information we hold about you may be transferred to that re-organised entity or third party.
  5. Legal authorities
    1. We may disclose personal information if required to do so by law, court order or for the purposes of prevention of fraud or other crime, or if we believe that such action is reasonably necessary to protect and defend the rights, property or personal safety of FlyForm, the FlyForm website or its visitors.
  6. Aggregate and de-identified information
    1. We may disclose aggregate or de-identified information about our users to third parties for marketing, advertising, research or similar purposes.

Data protection

We have taken reasonable steps to help protect the information we collect from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These include training and awareness programmes for all staff and appropriate technical measures such as encryption of laptops, enforcement of strong password controls and virus and malware detection. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate business need to know.

We do not transfer information outside the EEA.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Your rights to access, amend or delete the information we hold

You have the right to review and correct and/or delete the personal information we have collected about you, and to restrict the way in which we process that information.

Requests will be dealt with wherever possible within one month of receipt.

To make a request for personal information FlyForm holds about you, please contact:

FlyForm Ltd
Capital Tower
Greyfriars Road
CF10 3AG

Changes to the privacy notice

This privacy notice was updated in June 2022. This policy may change and be updated from time to time to reflect changes in operations and the way we process your data.