Click Privacy Policy
Click is a brand name trading under the company name emoquo.
emoquo will not sell your personal data under any circumstances.
emoquo cares about your privacy.
Transparency and honesty are a huge part of our mission at emoquo. We care
about your privacy and especially about the psychological safety of the coaching
environment.
This Privacy Policy explains how emoquo collects and handles
our users' and clients' data for all our services.
1. Definitions
The following definitions apply to this policy.
- emoquo, we, us, or our refers to emoquo Ltd, 1st Floor, Midas House, 62 Goldsworth Road, Woking, Surrey GU21 6LQ, and its
employees.
- Services means all products (including related mobile applications),
services and websites offered by emoquo.
- Users, user, you means the people to whom we provide Services
directly via our platform.
- Client, organization or company refers to the entities who contract
with us to provide Services to their employees or others on the
platform.
- Organization manager means any person who has login credentials
to a client account to manage users within the organization and
access the reports.
- Consultants refers to accredited practitioners using the R@W
methodology with their clients.
- Personal data means information that identifies, relates to, describes,
is reasonably capable of being associated with, or could reasonably
be linked, directly or indirectly, with a particular individual.
- De-identified platform data means any content or data that you
submit to emoquo using its Services, unlinked from your Personal
Information. This may include your assessment and survey responses,
the challenges you create and vote on; and any other ratings or
responses you provide when using emoquo’s services.
2. How we protect your data
2.1 Employee practices
All employees and partners of emoquo follow a security policy to keep
everybody's data secure.
- We use two-factor authentication to log into important systems such
as databases and communication platforms.
- We keep our computers password protected and up to date with the
latest security updates.
- We use role-based access controls to limit our access to the minimum
needed to do our jobs.
- We use password managers so that all of our passwords are strong
and different between sites.
- Access to de-identified platform data is limited to authorized emoquo
employees whose job responsibilities require it.
- Employees of emoquo with access to de-identified platform data or
personal data sign a non-disclosure agreement with data protection
provisions in order to safeguard the information provided by clients
and users.
2.3 Databases
- Your data is encrypted at rest in our databases.
- Our systems interoperate inside a virtual private cloud, and your data
is always encrypted "in transit" outside of that.
- All our apps and APIs use https, and if you try to use insecure http
you will be automatically redirected.
- We use various methods to protect data against brute force attacks.
- We keep rolling backups of databases to prevent permanent data
loss.
2.4 In our apps
- The platform encourages strong passwords for users.
- Users are assigned permissions that control who can see and change
which data.
3. Data we collect
- Personal Data: We require certain personal data in order to register
your account such as your name, your email address, your role or
title, your country and state (where applicable), your avatar or
photograph (optional). We require this data for the following
reasons: (1) to create your account; (2) to ensure that you receive
notifications about deadlines with the appropriate time zone; and (3)
to ensure that we have minimum location data to honor your specific
privacy rights.
- Usage information: We collect usage data about you whenever you
interact with our services. This may include which web pages you visit,
what you click on, when you performed those actions, and other
activities.
- Device and browser data: We collect data from the device you use
to access our services, such as your IP address, operating system,
browser details and time of visit. This information may also tell us
your location.
- Cookies and page tags: We use third party tracking services that
employ cookies and page tags (also known as web beacons) to collect
aggregated and anonymous data about visitors to our websites. This
data includes usage details and user statistics.
- Account settings: You may be able to set or update various
preferences and personal details on your account settings page or
your profile. This includes your name, email address, default language
or time zone.
- As part of our services, we might ask you to complete an assessment,
questions about your wellbeing and engagement, or questions about
your experience of the services and their impact on you and/or your
team. Your responses will only be shared with your team (where
applicable), the consultant or facilitator (where applicable) and your organization
on an aggregated and de-identified basis.
- Your organization manager will receive access to aggregated and deidentified reports about all users connected to your organization, so
long as our data analysts can confirm a minimum threshold of users
from your organization in order to maintain anonymity.
- We may create aggregated de-identified data for any purpose derived
from data we hold about you. For example, we may create
aggregated de-identified data to share with clients, prospective
clients, partners for business or research purposes, or for provision of
our services such as our data benchmarks.
- We may disclose your personal data to the organization or relevant
authorities if either your use of our services or your organization
manager indicate a serious, imminent risk of harm to you or to others
around you.
5. How Long We Retain Data
- Personal data: Your personal data will be held by us for 36 months
after our relationship or contract with your organization is
terminated, at which point it will be deleted.
- Platform data: Platform data will be stored for 36 months after our
relationship or contract with your organization is terminated. At this
point it will be anonymized and unlinked from any personal data and
organization details, and will only be used research purposes, or for
provision of our services such as our data benchmarks.
6. Your rights
6.1 General
If you live in certain countries (for example, the United Kingdom or European
Union member states) you may have rights regarding your Personal Information,
including the right to access, correct, delete, port, limit or stop the use or
disclosure of your Personal Information. These rights are more fully explained at
https://ico.org.uk/for-organisations/guide-to-the-general-data-protectionregulation-gdpr/individual-rights/.
We will respond to requests to access and correct (if necessary) your Personal
Information as soon as possible. You have the following options when exercising
your rights:
- to request a copy of your personal data which emoquo holds about
you;
- to request that emoquo corrects any personal data if it is found to be
inaccurate or out of date;
- to request that your personal data is erased when it is no longer
necessary for emoquo to retain such data;
- to withdraw any consent you have given to the processing of your
personal data, at any time;
- to object to the processing of personal data including for marketing
purposes;
- to lodge a complaint with the Information Commissioner’s Office
(ICO).
These rights are explained more fully at https://ico.org.uk/fororganisations/guide-to-the-general-data-protection-regulation-gdpr/individualrights/.
6.2 Requests from clients or organization managers
Clients of emoquo or their designated organization managers can request the
following:
- Access to the organization de-identified platform data in CSV format.
To request a data export, please contact us at support@emoquo.com.
- Under no circumstances will we provide platform data where users
are identifiable. On a case-by-case basis, when the client indicates a
serious, imminent risk of harm to a user or others around them, we
will consider providing identifiable data related to that user only to
the relevant authorities.
7. New purpose
If we wish to use your personal data for a new purpose, not covered by this
policy, then we will provide you with a new policy explaining this new use prior
to commencing the processing and setting out of the relevant purposes and
processing conditions. Where and whenever necessary, we will seek your prior
consent to the new processing.
8. Sharing data
emoquo will not share your data with anyone without your explicit consent.
9. Updating your data
If you wish to update or change any information that we use of yours or how we
use it, you can do so by emailing us at support@emoquo.com. Please ensure
that you notify us of any updates, amendments and corrections to your
information by contacting us via the same email above.
Any queries or comments about this Privacy Policy or for
requests relating to the rights listed above, please contact emoquo at
support@emoquo.com.
If you wish to make a complaint about how we use your information, please
contact us in the first instance via email and we will do our best to help. If you
are still unhappy, you can contact the Information Commissioner’s Office via
their website (www.ico.org.uk).
We will occasionally update this Privacy Policy. We encourage
you to periodically review this notice to be notified of how we use your
information.
This privacy notice was last updated in October 2022.