Privacy Policy

Workplace Analytica is committed to protecting the privacy of your personal data. This Privacy Policy explains how we collect, use, and share your personal data when you visit our website or use our services.  Workplace Analytica Effective Date: 15 February 2025

We collect the following personal data with your explicit consent:

First Name and Last Name: We collect your first and last name to personalize our communications with you and to properly identify you in our systems.
Phone Number and Mobile Number: We collect your phone number and mobile number to contact you regarding inquiries you have made, to provide customer support, and, with your consent, to send you marketing communications about our products and services.
Title/Role and Company Name: We collect your title/role and company name to understand your professional background and tailor our services and communications to your specific needs and industry. This information also helps us understand trends and challenges within different industries and job functions.
Email Address: We collect your email address to communicate with you about your inquiries, provide you with updates about our products and services, send you marketing communications (with your consent), and deliver newsletters and other content you have subscribed to.
 

How We Use Your Personal Data

We use your personal data for the following purposes:

To respond to your inquiries and provide customer support.
To personalize our communications with you.   
To send you marketing communications about our products and services (with your explicit consent).
To provide you with updates about our products and services.
To deliver newsletters and other content you have subscribed to.
To analyze website usage and improve our website and services.
 

Wix Automations
 

We use Wix's built-in automation features for email marketing. The data used in these automated email campaigns includes the user's first name, last name, email address, and company name (if provided).

Welcome Emails: Welcome emails are sent to new subscribers to confirm their subscription and provide them with information about our products and services. These emails are personalized using the user's first name.
Follow-up Emails: Follow-up emails are sent after purchases (if applicable) to thank customers for their order, provide shipping information, and request feedback. These emails may include personalized recommendations based on the user's purchase history.
Wix provides the platform and tools that enable us to send these automated emails. More information about Wix's data processing practices can be found in Wix's privacy policy.
 

Data Security

We are committed to protecting the security of your personal data. We implement a variety of technical and organizational measures to safeguard your information from unauthorized access, use, or disclosure. These measures include:

Access Controls: We use role-based access control (RBAC) to limit access to personal data to authorized personnel only. We use strong passwords and multi-factor authentication to control access to our administrative accounts.

Data Management and Protection:
Encryption: Data at rest is encrypted using AES-256. Data in transit is protected with SSL/TLS encryption.
Data Masking & Anonymization: Sensitive data is obscured in non-production environments.
Secure Data Storage: We use cloud-based storage [mention provider if you wish] with strict security policies. 
Data Retention & Deletion Policies: We have data retention and deletion policies in place to comply with applicable regulations (e.g., GDPR, CCPA). 
Regular Backups: Automatic and encrypted backups are performed [mention frequency] to prevent data loss.
Incident Response Procedures: We have a well-defined incident response plan to mitigate data breaches and security threats. This includes detection and monitoring, incident handling steps (identification, containment, eradication, recovery), lessons learned analysis, and breach notification protocols in compliance with applicable regulations.
Penetration Testing & Security Audits: We rely on service provider Wix to conduct penetration testing and security audits to identify vulnerabilities.
Third-Party Risk Management: We assess the security practices of our third-party vendors and have Data Processing Agreements (DPAs) in place with all vendors who process personal data on our behalf. These DPAs include contractual obligations regarding data security.
Wix Security: Our website is hosted on the Wix platform, which utilizes the secure infrastructure of AWS and Google Cloud Platform. These providers maintain industry-standard security certifications, including ISO 27001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, and PCI DSS Level 1. More information about Wix's infrastructure security can be found in Wix's privacy policy and on the AWS and Google Cloud security pages. (Include links).   

Data Retention

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, as described in this Privacy Policy, and as required by applicable law. The length of retention periods depends on several factors, including the type of data, the purpose of processing, and legal obligations.

Specifically: Contact Information (Name, Email, Phone): We retain contact information for 3 years after your last interaction with us or until you unsubscribe from marketing communications. User Registration Information: We retain user registration information for 5 years after any account is terminated.

Wix's data retention policies, which may apply to data stored on their platform, are described in Wix's Privacy Policy.

International Data Transfers

Currently, we do not transfer personal data outside of the UK. However, we may transfer data to and from the US in the future. If we do so, we will implement appropriate safeguards to ensure that your personal data is protected in accordance with applicable data privacy laws, including [mention specific mechanisms you would use, e.g., adequacy decisions, standard contractual clauses, etc.]. We will update this privacy policy to reflect any changes in our international data transfer practices.

Marketing Communications

We may use your personal data to send you marketing communications about our products and services, but only if you have given us your explicit consent to do so.   

Legal Basis for Marketing:

Our legal basis for processing your personal data for marketing purposes is your explicit consent.

Opt-Out: You have the right to withdraw your consent to marketing communications at any time. You can do so by: Clicking the "unsubscribe" link in any marketing email we send you.
Contacting us directly at: hello@workplaceanalytica.com

United Kingdom (UK):

Our marketing practices comply with UK GDPR and PECR. We obtain explicit opt-in consent for email, SMS, and automated calls.

United States (US):

Our email marketing practices comply with the CAN-SPAM Act. We provide a clear and easy opt-out mechanism in all marketing emails. For SMS and telemarketing, we obtain prior express written consent as required by the TCPA. We also comply with state-specific privacy laws, including CCPA and CPRA, by providing users with the right to opt out of the sale or sharing of their personal data.
 

Your Rights

You have the following rights regarding your personal data:

Access: You have the right to request a copy of the personal data we hold about you.
Rectification: You have the right to request that we correct any inaccuracies in your personal data.
Erasure: You have the right to request that we delete your personal data under certain circumstances.   
Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances.   
Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.   
Objection: You have the right to object to the processing of your personal data for direct marketing purposes (including profiling) and, in certain other situations, to the continued processing of your personal data.   

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Web Services, Workplace Analytica, Floor 5, 167-169 Great Portland Street, London W1W 5PF
Email: hello@workplaceanalytica.com. You can also contact our Data Protection Officer at:

legal@workplaceanalytica.

Data Protection Officer

If you have any questions or concerns about this Privacy Policy or our data processing practices, please contact our Data Protection Officer:   

Mr. Leslie Masih, Floor 5, 167-169 Great Portland Street, London W1W 5PF
Email: hello@workplaceanalytica.com
 

Changes to this Privacy Policy

We may update this Privacy Policy from time to time.  Any changes will be posted on this page with a revised "Effective Date."  We encourage you to review this Privacy Policy periodically to stay informed about our data processing practices.