Graffiti Group Ltd is a leading provider of Payroll & HR hardware and software solutions



Privacy Statement

Graffiti Group Ltd is committed to protecting your privacy and your personal information. This Privacy Statement informs you of our privacy practices and of how your personal information is protected.

Graffiti Group Ltd strongly supports the fundamental rights to privacy and data protection as well as compliance with national and international privacy laws.

This Privacy Statement describes how Graffiti Group Ltd processes and protects the personal information of individuals who use our website content as well as in the context of our offline business activities.

Graffiti Group Ltd has adopted an internal Data Privacy Policy, which is applicable to all our business activities for the collection, processing, use, dissemination, transfer, and storage of personal information. It imposes common rules, and aims at ensuring a high level of protection of personal information within Graffiti Group.

Why Do We Collect and Use Personal Information?

We use personal information for various purposes including to fulfil your orders and requests, to manage our relationship, conduct surveys, improve our products, services, online content as well as your user journey, manage your account and the programs you join, analyse the activities on our websites, ensure the security of our activities, protect against fraud and, more generally, run our business activities.

Our primary goal in collecting information is to provide our customers and other users with superior service and a smooth, efficient and personalised experience while using the Graffiti solutions.

Graffiti Group Ltd collects personal information for the following purposes:

  • To fulfil orders of products and services. We collect this information to deliver your order, to obtain payment, to communicate with you about the status of your order and for contract management purposes.
  • To provide you with the technical support you request from us. Personal information is necessary to identify your system, understand the configuration of the products, diagnose your questions, and provide solutions.
  • For relationship management purposes. It includes communicating with you about the products; services and digital content you have acquired to ensure you use them in the best way possible.
  • To manage your account. When you take on our solutions, we use your personal information to give you access to our services, authenticate you and interact with you about it.
  • To ensure the security of our products and services and of your activities and of others, for the protection against fraud and the compliance with our terms and conditions and this Privacy Statement. We may also investigate potential breaches.
  • To enable or administer our business, such as for quality control and consolidated reporting.
  • For business continuity and disaster recovery.
  • To comply with legal obligations to which we are subject. For example accounting and tax obligations.
  • Any other purpose otherwise conveyed to you.

For the purposes of the Data Protection laws currently applicable in the UK, marketing information gathered during your site visit and/or your contact with us will be logged and controlled by us.  We are, therefore, the Data Controller for this type of data. The basis for processing this type of data is Legitimate Interest.  Your data will be retained for a period of two years following the last contact between us.  You retain the right to opt out of this type of communication should you choose to do so.

Information we collect from you, where you choose to provide it to us via this website, enables us to send you information about products and services. By providing us with your information, your consent and selecting your preferred communication methods, you consent to us processing it for this purpose.  We will not pass it on to any third party.  You retain the right to opt out of this type of communication.

For data relating to the delivery of e-payslip, documents and/or secure email solutions, our partner SSLP Group is the Data Processor.  Information provided to us as a result of an agreement to provide services, will only be processed for the purposes of fulfilling the requirements of the agreement.  The lawful basis for processing this type of data is Contractual Obligation.  Your data is held on servers within the EU.  Your data is retained according to your organisation’s retention policy and removed only on specific instruction from the Data Controller.  Your data will not be transferred to a country outside the EEA without express, written permission from your Data Controller and then only when appropriate safeguards are in place as required under UK data protection law.

By visiting our website, you are accepting and consenting to the practices described in this policy.

Information we may collect from you

We may collect and process the following data about you:

  • Information you give us. You may give us information about you by filling in forms on our website ( or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our site, participate in research activity, register for the e-payslip solutions, consultancy, search for a product, and when you report a problem with our site or our solution, and request us to contact you or otherwise contact us. The information you give us may include your name, address, email address, phone number.  For solution registration purposes, this may include national insurance number and/or payroll number.
  • Information we collect about you. With regard to each of your visits to our website, we may automatically collect the following information:
    •  technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
    • Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including the date and time); pages you viewed or searched for; page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse-overs), methods used to browse away from the page, if you linked to our site from another website, the address of that website, and, if you linked to the site from a search engine, the address of that search engine and the search term you used.
    • When using Graffiti Group e-pay solution, we do not monitor your activity once logged in to view your documents.  However, activity data may be gathered for your company Administrator by SSLP Group.  If your company has requested Google Analytics style data, this may also be recorded for analysis purposes by SSLP Group for your company Administrator.  Please contact your Administrator to establish if this option has been activated.

What do we do with your data?

The protection of your data is a priority for Graffiti Group. We use your information for contractual purposes in:

  • Information you give to us. We may use this information to carry out our obligations arising from any contracts entered into between you and us or us and your Data Controller, to provide you with the information, products and services you request from us, to notify you about changes to or to make suggestions and recommendations that may interest you about our range of products or services, or to ensure that content from our site is presented in the most effective manner for you and for your computer.
  • Information we collect about you. We will use this information in one or more of the following ways;
    • to administer our website
    • to provide services to you as required by the contractual arrangement;
    • to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
    • to enable verification that you are a human and not a robot (reCAPTCHA)
    • to allow you to participate in interactive features of our services, when you choose to do so;
    • to carry out research where permission has been granted or generic research that does not involve personal data;
    • to provide your Data Controller, activity information, to enable them to manage the service we provide;
    • as part of our efforts to keep our site safe and secure;
    • to measure or understand the effectiveness of marketing activity we serve to you and others, and to deliver relevant marketing activity to you;
    • to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
    • information we receive from other sources. We may combine this information with the information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).

Where providing services under contract or agreement, we may only process your data in a manner consistent with the contract or agreement.  Graffiti Group Ltd employees will, from time to time, be required to access your data for legitimate business purposes, such as to assist you with a support query or to investigate or resolve an issue raised by you.  If you are an employer or a payroll bureau, your clients/employees will need to be made aware of this.

Exercising your rights

Where Graffiti Group is the Data Controller.  You may revoke your consent to the processing of your data, ask for information about any personal data we hold about you, or ask us to correct or delete that information by sending an email to  please be specific about your requirement.  You may be sent a form to complete and may be asked to provide identification.

Where Graffiti Group is the Data Processor.  If you are a user of our services, provided under contract, requests to revoke consent, requests to correct information held about you, requests to be deleted and requests for information must be sent to your company Data Protection Officer who will take the appropriate action and pass on that request to us, if required.

Other sites.  Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.


Cookies are small text files that are used by our website to make our user’s experience more efficient. The current EU Cookie Law (more information) states that we can store cookies on your machine if they are essential to the operation of our site but that for all others we need your permission to do so. Graffiti Group uses some non-essential cookies.

To learn more about cookies, including what they are, how they work and how to block them or delete them, please visit for detailed guidance.

The following information describes the cookies that Graffiti Group currently use on this site and what we use them for:

Session Cookies

We use a session cookie to remember what you’ve been viewing and the actions you have taken.  If these are disabled, various functionalities of the site will be unavailable and you may not achieve the objective of your visit. More information on session cookies and what they are used for at

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google undertakes not to associate your IP address with any other data held by Google. You can find out more about Google’s position on privacy as regards its analytics service at

Third-party cookies for analytics purpose

In order to provide our visitors with a better service, we measure the number of page views, the number of visits, the different actions performed by visitors on our site, the geo-location of our visitors and the number of times visitors return to our site. For this purpose, we use Google Analytics. You can read more about how Google uses Cookies here

Google Analytics information

Graffiti Group website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States.

In case IP-anonymization is activated on our website, your IP address will be truncated within the area of Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the whole IP address first be transferred to a Google server in the USA and truncated there. The IP-anonymization is active on this website. You can find out more about Google’s position on privacy as regards its analytics service at

Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing them other services relating to website activity and internet usage.

The IP-address that your Browser conveys within the scope of Google Analytics will not be associated with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also opt out from being tracked by Google Analytics with effect for the future by downloading and installing Google Analytics Opt-out Browser Add-on for your current web browser.

For more information on Google’s privacy and cookie policy, please visit Google Terms of Service and Google Privacy Policy:

If you are happy to use our site now that you know what cookies we use and what we use them for, please click the ‘Accept Cookies’ button.

If you wish to control which cookies are used, you have the following options available to you:

Click the ‘Decline Cookies’ button in the toolbar below which will stop Google Analytics tracking but keep session cookies enabled on this site.

Browse the site using your browser’s anonymous usage setting which is called ‘Incognito’ in Chrome, ‘InPrivate’ for Internet Explorer or ‘Private Browsing’ in Firefox and Safari.

Not use this site and delete all SSLPost cookies from your chosen Internet browser. To delete any cookies that are already on your computer, please refer to for detailed guidance regarding your chosen browser. You will need to search in your cookie folders for ‘’ to find our cookies if you wish to perform a deletion.

PLEASE NOTE:  Not accepting the cookies will prevent us from learning about website visitor behaviour that helps us improve your website visit experience. It may also render areas of the website unusable.