Website Privacy Policy

business practices

Last Reviewed

12th September 2022


Introduction

Welcome to Waracle’s website privacy policy. Waracle has worked in the digital products arena since the very beginning of mobile application development and we are the UK’s leading mobile app, IoT and emerging technology company. Waracle is a privacy leader and we apply the principle of privacy by design in all that we do. In all matters of compliance we act with complete transparency and the requirements of data protection, data security and data privacy influences every aspect of our commercial operation. We seek to maintain full compliance at all times with the UK DPA 2018 and the GDPR.

It is our goal to make this privacy notice easy to follow, easy to read and easy to validate, but should you have any questions, please reach out to our Data Protection Officer.

Data Protection Officer
Waracle Limited
The Engine Room
1 Bash Street
Dundee
DD1 1LQ
t. 01382 529 528
e. dpo@waracle.com


The Data We Collect from this Website

This depends how you engage with us. If you merely come and have a look, we collect no other data than that provided through our use of cookies and analytics if you opt-in. Cookies and Analytics are collected to enhance your user experience and to provide us with data about how our website is being used. If you decide to opt out of analytics tracking we will still place a cookie indicating your preference.

Read More About Our Cookie and Analytics Policy

However, if you contact us through our contact forms, we collect, with your consent, the following personal data:

Recruitment forms:
Your basic contact details
Salary expectations
Your CV (as a file upload)
Anything else you tell us at the point of application.

Project enquiry forms:
Some basic company details
Your email address
A summary of your intended project.

Event Forms
Your basic contact details.
Please note that it is usual to share your contact details with the event organiser. When possible we will detail the event organiser in the event contact form. In all cases, we conduct due diligence on our event organisers to ensure compliance with data protection regulation.

Newsletters
Your email address.
We use “MailChimp” to provide our newsletters, which is a globally compliant, industry leading service provider. It has a user friendly unsubscribe facility, meaning you, the user, can easily unsubscribe from our mailing list at any time.


Why we collect this data and our legal basis for collecting it

We collect contact details from the project enquiry form in order to pursue business opportunities. The lawful purpose for processing this data is CONSENT as defined by the UK DPA 2018, which is obtained during the completion of the enquiry form.

Our recruitment team collects contact & CV details from the recruitment enquiry form (including your CV if you upload it) for the purpose of finding employees. The lawful purpose for processing this data is also CONSENT, which is obtained during the completion of the recruitment enquiry form.

Waracle frequently holds events to pursue both business and recruitment opportunities. Our events coordinator collects your basic contact data from the events form and again the lawful purpose for processing this data is CONSENT.

We hold your data securely in applications, which are fully compliant with all applicable data protection regulation and which are designed for this purpose.


Research Projects

Waracle conducts various research projects, generally related to how people use the internet and online services. Volunteers for such projects undergo a separate and strict compliance process, which details all privacy and security aspects of any given research project. As you would expect, this is an entirely consensual process, with the highest standards of transparency and privacy compliance possible.


Who we share this data with

Aside from the secure sub-processors listed below, and when applicable event organisers, we don’t share your personal data with anyone unless you have given us your unequivocal consent to do so.

The data you consent to provide us with through our various contact forms is treated with the utmost confidentiality and security.

We say this with confidence for two reasons.

  1. We only share data externally if there is a very specific purpose and the person whose data it is has given Waracle their unequivocal consent for this to happen. This is unlikely to happen, except in the process of recruitment for external clients, and even then further safeguards are applied as detailed a little further down the page.
  2. The sub-processors, commonly referred to as applications or “apps”, we use to store and manage personal data are all vetted for data protection compliance. This includes the use of secure storage and processing facilities, which are only accessible to the account holder – which is us, Waracle.

The sub-processors we use for recruitment, business development and research enquiries are:

Sales Force
Recruitee
Experian
Mailchimp
Netlify
Zapier
Google Workspace Enterprise

We conduct due diligence on all our sub-processors and ensure they are all fully compliant with all UK & EU Data Protection Legislation, including GDPR.

Read the Sales Force Privacy Policy and Data Protection Compliance
https://www.salesforce.com/company/privacy/

Read the Recruitee Privacy Policy
https://recruitee.com/en/privacy

Read the Experian Privacy Policy
https://www.experian.co.uk/privacy/privacy-and-your-data

Read the Mailchimp Privacy Policy
https://mailchimp.com/legal/privacy/

Read the Netlify Privacy Policy
https://www.netlify.com/privacy/

Read the Zapier Privacy Policy
https://zapier.com/privacy

Read the Google Workspace Privacy Policy
https://workspace.google.com/intl/en_uk/security/

In the case of recruitment, if we progress your application and forward your details to one of our partners or clients (the partner or client organisation you are likely to be working with) your CV would be anonymised first. We do this not only to comply with data protection regulations, but also to protect our commercial interest.


How long we retain this data

We retain business contact data indefinitely, but we only retain recruitment data and CVs for 12 months. We may contact existing applicants after 12 months to refresh their consent, if we believe an employment opportunity is likely. Research data retention will be detailed at the consent stage, but generally research data is deleted immediately on cessation of each project.


It’s your data – these are your rights.

There is no better place to study your rights in respect to your personal data than the ICO’s website. Here’s the link:

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

Should you need to contact us in respect to your personal data rights, you can write, phone, or email us using the contact details at the top of this page.


Further Information

This privacy notice only covers the collection of personal data through our website and associated recruitment, event, research and business development activities. Where prospective client or prospective employee contact proceeds to formally contracted engagement, both parties will necessarily undertake mutual due diligence, covering all aspects of UK regulatory and legislative compliance, including, but not limited to, all aspects of data protection legislation.

For the purposes of due diligence and compliance, Waracle has a full compliance team, led by a senior manager with Board level access.

The compliance team can be contacted using the contact details at the top of this page.