Updated 08.03.2023
This Privacy Policy is provided by Rota Geek Limited, 71-75 Shelton Street, London, WC2H 9JQ. Company number 06783810. When you use Rotageek (collectively “Rotageek”, “we” and “us”), you’re trusting us with your personal data. We offer Services and our website, www.rotageek.com, (“Services”, “Sites”, or “Rotageek Services”) across our app, website and through customer support that enable organisations to predict and meet demand and manage and schedule their employees.
This Privacy Policy describes how Rotageek is committed to the security and the protection of your and your Users' data when engaging with Rotageek across our Sites or using our Services in compliance with legal requirements and best practices.
Our Services are not intended for children and we do not knowingly collect data relating to children.
It is important that you read this Privacy Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy policy supplements other notices and privacy policies and is not intended to override them.
We will continue to build and execute on our existing security practices to ensure we take all reasonable measures to secure and protect your data in accordance with all applicable laws, including the Data Protection Act (2018), the retained EU law version of the General Data Protection Regulation ((EU) 2016/679) (UK GDPR), EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).
Rotageek Privacy Policy Overview
Rotageek obtains Personal Data about you from various sources to provide our Services and to manage our Site. “You” may be a visitor to our Sites
or a user of one or more our Services (“User” or “Organisation”) or an employee of a User or Organisation (“Employee”). If you are an Employee, Rotageek will generally not collect your Personal Data directly from you. Your agreement with the relevant Organisation should explain how the Organisation shares your personal data with Rotageek, and if you have questions about this sharing, then you should direct those questions to the Organisation.
This Privacy Policy is meant to help you understand what information we collect, why we collect it, how we process it and how you can update, manage, export and delete your information.
If at any time you are concerned or have questions about how we might be handling your data, please reach out to our Data Protection Officer at privacy@rotageek.com
Personal data that Rotageek collects:
Our Sites use cookies and other technologies to function effectively. These technologies record information about your use of our Sites, including:
We use the information that we collect from all our Services for the following purposes:
We do not share your personal information with companies, organisations or individuals outside of Rotageek except in the following cases:
With Organisation administrators:
Your Organisation administrators will have access to your Rotageek account. They may communicate with you to:
For external processing:
We share Personal Data with a limited number of our service providers. We have service providers that provide services on our behalf, such as identity verification services, website hosting, data analysis, information technology and related infrastructure, customer support, email delivery and SMS delivery. These service providers may need to access Personal Data to perform their services. We authorise such service providers to use or disclose the Personal Data only as strictly necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf in accordance with applicable Data Protection Legislation. Our service providers are predominantly located in the European Union and the United States of America. All of our third-party suppliers are fully vetted to ensure their security practices are meeting our standards. For a full list of our sub-processors, see here.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions
Where your data is transferred out of the UK for any processing activity, we have put in place with our sub-processors technical and organisational measures to protect your personal data to ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
For Marketing:
We use your contact information and information about how you use the Services to send promotional communications that may be of specific interest to you, including by email and by displaying Rotageek ads on other companies' websites and applications, as well as on platforms like [Facebook and Google]. These communications are aimed at driving engagement and maximising what you get out of the Services, including information about new features, survey requests, newsletters, and events we think may be of interest to you. We also communicate with you about new product offers, promotions and contests. You can manage your preferences at all times and opt out of any such communications.
For legal reasons:
We will share personal information outside of Rotageek if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
If Rotageek is involved in a merger, acquisition or sale of assets, we’ll continue to the ensure the confidentiality of your personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organisational, technical and administrative measures designed to protect Personal Data within our organisation against unauthorised access, destruction, loss, alteration or misuse.
Your Personal Data is only accessible to a limited number of Rotageek personnel who need access to the information to perform their duties. Anyone with this access is subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately at privacy@rotageek.com.
If you are a Rotageek User, we retain your Personal Data as long as we are providing the Services to your Organisation or as long as required by the administrator of your account.
We retain Personal Data after we cease providing Services to you, even if you close your Rotageek account, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention.
If you have elected to receive marketing emails from us, we retain information about your marketing preferences unless you specifically ask us to delete such information. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.
Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.
We review our information collection, storage and processing practices, including physical security measures, regularly to prevent unauthorised access to our systems.
You have a choice regarding our use and disclosure of your Personal Data.
OPTING OUT OF RECEIVING ELECTRONIC COMMUNICATIONS FROM US
If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails or email support@rotageek.com . We will comply with your request(s) as soon as reasonably practicable and within 1 month. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.
HOW YOU CAN REVIEW, CORRECT OR UPDATE YOUR PERSONAL DATA
If you are a User and would like to review, correct, or update Personal Data that You have previously disclosed to us, You may do so by contacting your Manager in your Organisation. As a Data Processor of your data, we can only take instructions from our client’s Administration team.
If you receive marketing information from us and would like to review, correct or update your Personal Data, You may do so by contacting us.
Your Organisation undertake to notify the Employees of this Privacy Policy and of their rights under the Data Protection Law. We will provide you with reasonable assistance to enable you to comply and respond to a request, query or complaint from an Employee in relation to their Personal Data.
YOUR DATA PROTECTION RIGHTS
Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:
In some cases, we retain data for limited periods when it needs to be kept for legitimate business or legal purposes.
We try to ensure that our services protect information from accidental or malicious deletion. Because of this, there may be delays between when you delete something and when copies are deleted from our active and backup systems.
Process for exercising data protection rights:
In order to exercise your data protection rights, you may contact Rotageek as described in the Contact Us section below. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country.
For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.
If you are a current or former Employee of an Organisation who uses or has used Rotageek Services, please direct your requests directly to the Organisation. For example, if you are employed or were previously employed by an Organisation using Rotageek as a scheduling provider, and you have a request that is related to the information that you provided, then you should address your request directly to the Organisation.
Updates to this policy:
We update this policy from time to time. We will always indicate the date when the latest changes were published. If changes are significant, we’ll provide a more prominent notice by email.
Links to other website:
We may at times provide links on our Website to third party websites, including without limitation those owned or managed by our partner networks, affiliates or advertisers. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites' individual privacy policies before submitting any personal data.
Contact Us:
If you have questions, you can contact Rotageek and our Data Protection Officers at privacy@rotageek.com. You can contact your local data protection authority (in the UK, this is the Information Commissioner’s Officer) if you have concerns regarding your rights under local law.