Privacy Policy

Last updated: January 2025

1. Introduction

RoleCall Job Evaluation Platform ("RoleCall", "we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Platform.

We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

RoleCall is the data controller for personal data processed through the Platform:

RoleCall Job Evaluation Platform
Data Protection Officer
Email: privacy@rolecall.uk
Phone: +44 20 7123 4567
Address: London, United Kingdom

3. Information We Collect

3.1 Information You Provide
  • Account Information: Name, email address, organization name, job title
  • Evaluation Data: Job position details, evaluation scores, comments, and assessments
  • Organization Data: Department structures, job bands, salary ranges (optional)
  • Communication Data: Support requests, feedback, email correspondence
3.2 Information Automatically Collected
  • Usage Data: Features accessed, evaluation history, platform interactions
  • Technical Data: IP address, browser type, device information, access times
  • Cookies: Session cookies, preference cookies (see our Cookie Policy)
3.3 AI Processing Data

When using AI evaluation features, job position data is processed through OpenAI's GPT-4 API. This data is anonymized and not stored by OpenAI beyond processing requirements.

4. Legal Basis for Processing

We process personal data based on:

  • Contract: To provide our services under the subscription agreement
  • Legitimate Interests: To improve our services, ensure security, and prevent fraud
  • Consent: For marketing communications and optional features
  • Legal Obligations: To comply with applicable laws and regulations

5. How We Use Your Information

We use collected information to:

  • Provide and maintain the job evaluation platform
  • Process evaluations and generate analytics
  • Manage user accounts and authentication
  • Send service notifications and updates
  • Respond to support requests and feedback
  • Improve platform features and user experience
  • Ensure platform security and prevent abuse
  • Comply with legal obligations
  • Send marketing communications (with consent)

6. Information Sharing & Disclosure

We may share your information with:

6.1 Within Your Organization
  • Authorized users within your organization
  • Designated evaluators (HR, managers, external evaluators with permission)
6.2 Service Providers
  • OpenAI: For AI evaluation processing (anonymized data)
  • Hostinger: Email service provider
  • Cloud Infrastructure: Secure data storage providers
6.3 Legal Requirements

We may disclose information if required by law, court order, or government request.

We do not sell, rent, or trade your personal information to third parties.

7. Data Retention

We retain personal data for:

  • Active Accounts: Duration of subscription plus 30 days
  • Evaluation Data: 7 years for compliance and historical analysis
  • Financial Records: 7 years as required by UK tax law
  • Marketing Data: Until consent is withdrawn

Data is securely deleted or anonymized after retention periods expire.

8. Data Security

We implement appropriate technical and organizational measures:

  • Encryption of data in transit (TLS 1.3) and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Regular backups and disaster recovery procedures
  • Employee training on data protection
  • Incident response and breach notification procedures

9. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Request limited processing of your data
  • Portability: Receive your data in a structured format
  • Object: Object to certain processing activities
  • Withdraw Consent: Where processing is based on consent

To exercise these rights, contact us at privacy@rolecall.uk.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the UK/EEA. We ensure appropriate safeguards through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the UK government
  • Your explicit consent where required

11. Children's Privacy

The Platform is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn we have collected data from a child, we will delete it promptly.

12. Cookies & Tracking

We use cookies and similar technologies to enhance your experience. For detailed information, please see our Cookie Policy.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email or Platform announcement. The "Last updated" date indicates the latest revision.

14. Complaints

If you have concerns about our data practices, please contact us first. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Phone: 0303 123 1113
Website: ico.org.uk

15. Contact Us

For privacy-related questions or requests:

Data Protection Officer
RoleCall Job Evaluation Platform
Email: privacy@rolecall.uk
Phone: +44 20 7123 4567
Address: London, United Kingdom
By using the RoleCall Platform, you acknowledge that you have read and understood this Privacy Policy and agree to our data processing practices.