For the purposes of the EU General Data Protection Regulation (GDPR), Everymind Solutions Ltd (we or us) is the data controller (i.e. the company who is responsible for, and controls the processing of, your personal data).
Throughout this policy if we use the word Website we are referring to www.everymindatwork.com and if we use the word App we are referring to our mobile application Everymind
Personal data we may collect about you
Description of categories of personal data
- Identity Data: first name, last name, maiden name, username or similar identifier, marital status, title, date of birth, gender.
- Contact Data: billing address, delivery address, email address and telephone numbers.
- Device Data: includes the type of mobile device you use.
- Profile Data: includes your username and password, your interests, preferences, feedback and survey responses.
- Usage Data: includes details of your use of our App including, but not limited to, traffic data and other communication data, and the resources that you access.
We will obtain personal data about you when you:-
- access our Website;
- contact us either via our Website or our App;
- when you complete the sign up process for our App; and
- by completing the optional questionnaires, quizzes or other interactive features contained within our App.
We collect this information mainly from you directly although some elements are indirectly such as your browsing activity while on our website. Please familiarise yourself with our Cookies Policy
The personal information we collect about you depends on your activities.
If you are contacting us then we may obtain from you:-
- your name, address and contact details;
When signing up and utilising our App we collect and store:-
- your email address;
- the answers to the sign up questions, quizzes or other interactive features; and
- any content which you wish to save / bookmark.
Special Category Personal Data
How we use particularly sensitive personal information
|“Special categories” of particularly sensitive personal information, such as information about your health, racial or ethnic origin, sexual orientation or trade union membership, require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We have in place an appropriate policy document and safeguards which we are required by law to maintain when processing such data. We may process special categories of personal information in the following circumstances:1. In limited circumstances, with your explicit written consent.2. Where we need to carry out our legal obligations or exercise rights in connection with employment. 3. Where it is needed in the public interest, such as for equal opportunities monitoring.4. Where it is necessary to protect you or another person from harm. Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.|
Situations in which we will use your sensitive personal information
We do not process any personal data relating to racial or ethnic origin, sexual orientation or trade union membership.
Given the nature of our Website and more importantly our App some of the data we collect from you may be classed as health data.
Any health data we collect from you is volunteered to us by your use and interaction with our App. It is collected for the sole purpose of tailoring content.
Do we need your consent?
The answer is yes.
Our App can be utilised and content accessed without using the interactive elements which collect this data.
You have a right to withdraw your consent at any time (see Your rights below) and this can be done by emailing through the contact us tab on the App and by doing so your data shall be deleted.
How we use your personal data
We use this personal information to:
|Purpose/Activity||Type of Data||Lawful Basis for Processing|
|Respond to your enquiries||ContactIdentity||Your consentNecessary for our legitimate interests (to develop our products/Services and grow our business)|
|Create and manage your account with us||ContactIdentity||Your consent|
|Provide services to you and improve our services and content.||ContactIdentity||Your consentPerformance of a contract with you Necessary for our legitimate interests (to keep records updated and to analyse how customers use our Website / App)Necessary to comply with legal obligations (to inform you of any changes to our terms and conditions)|
|Customise our Website/App and its content to your particular preferences||IdentityUsageProfile||Your consentNecessary for our legitimate interests (to develop our services and grow our business)|
|To administer and protect our business and this App including troubleshooting, data analysis and system testing||Identity ContactDevice||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security)|
Our legal basis for processing your personal information
When we use your personal information we are required to have a legal basis for doing so. There are various different legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
consent: where you have given us clear consent for us to process your personal information for a specific purpose
contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract
legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations)
legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests)
Who we share your personal information with
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party.
We will also not share annonymised aggregated statistics in a scenario where the number of users or size of your Company makes it possible that you can be directly or indirectly identified. In these scenarios your Company’s statistics may be added to that of similar organisations to give an industry example to your employers.
Marketing and opting out
We will only contact you by email or phone about our services if you have asked us to do so. If you have changed your mind and would prefer us not to contact you, then you can opt out at any time. See further Your rights below.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us
- let us have enough information to identify you,
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates
Please bear in mind that use of the App requires us to have and maintain certain levels of personal information. If you ask us to erase this we may have to revoke your use of the App.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request by contacting us.
In some circumstances you can ask us to delete your data: see Your rights above for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
If your employer ceases to subscribe to our services then your user account and profile and all associated data shall be deleted.
Where is your information stored
We store all information within the UK. We do not transfer any data outside of the UK.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state or in the United Kingdom if you work, normally live or if any alleged infringement of data protection laws occurred in the relevant state. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you.