At Sort, we take your privacy and the security of your personal data very seriously.
We need to collect data from you to provide services to you, and this policy tells you exactly what we collect, how and why it is used, and the steps we take to protect your data and your privacy.
Please make sure you read the information carefully before using the website (www.sortyourfuture.com) (the ‘site’) so that you understand the way we use your personal information.
- If you create a Sort account we may ask you to provide personal information to help us provide you with the most relevant information and services via the website.
- And/or if you sign up to receive a newsletter or receive other content from Sort via a third party site we may ask you for relevant information so we can provide you with the content you have asked for.
- We only ask for the information we need to provide the best service we can.
- We have put in place security measures to prevent your data from being lost or stolen.
- Your data may also be used anonymously as part of our statistical analysis of website use.
- You may ask for a copy of the data we hold at any time.
- You may ask for your data to be erased from our records at any time.
The information we collect
When you use our services, you may provide certain information (such as your name, phone number, email address, social media information, age, gender, ethnicity and location) to Sort. This information may be securely transmitted, stored, and used by Sort to provide you and other users with a better experience.
We may also collect the following information:
- Further demographic information such as your preferences and interests - this enables us to show you relevant content within the website.
What we do with the information we collect
We use this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- Improvement of our products and services.
- To periodically send promotional emails about new features, special offers or other information which we think you may find interesting using the email address which you have provided - but we will only do this if you have specifically consented to this.
- To contact you, from time to time, for market research purposes and use information that you provide to customise the website according to your interests.
- To draw up statistical and demographic data rendered anonymous and used for performance monitoring, published reports and data products, and trend forecasting.
- To serve you relevant advertising, recommendations and suggestions, or other content related to Sort's service.
- To provide your information to third parties according to our legal obligations.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where you have consented to our processing of your personal information.
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
Where appropriate, we may rely on the following legitimate interests as our lawful basis for processing:
- To study how our users use our services;
- To develop our services and grow our business;
- For running our business.
Use by third parties
Without your explicit consent, Sort will not sell, rent or share your personal details to any third parties for marketing purposes. We may provide anonymous information that cannot be traced back to you. In anonymous form, statistics may be provided to providers of data analytics services in order to provide us with statistical analysis of website use and trends. Please be advised that Sort will never share your login details, email addresses, passwords or phone numbers with third parties unless it is absolutely necessary to enable Sort to provide its services.
Sort may disclose your personal information that we collect to certain third parties and regulatory authorities if we believe that:
- we are obliged to do so pursuant to our legal obligations;
- we are obliged to do so as a result of any legal proceedings;
- it is necessary for the protection of our own rights or property; and/or
- it is necessary to protect the personal safety of our users or members of the public.
We have set out details of those third party partners that may receive your personal data to help provide you with our services:
We currently use Send In Blue, Squarespace, and Hubspot to manage Sort’s email lists and to store user data, and we use Tidio to manage our chat and career coach bot. Your contact information may be transmitted to and stored by these services on their servers in the United States. This data will be held securely by these service providers in accordance with relevant legislation and will be used by Sort only to manage your account and send emails or chat messages to you if you have requested them. You may change these permissions at any time by clicking on the ‘Unsubscribe’ link in an email, or by contacting us at email@example.com. We may, from time to time, change our email management and chat services providers, but will always choose a GDPR compliant service and ensure that your data is protected during any change of provider.
We use Acuity Scheduling to manage bookings for our careers guidance sessions, and the data you provide as part of that process will be stored securely by them in accordance with this policy.
Stripe and PayPal
If you choose to pay by payment card, we use a secure PCI compliant service to process your information. The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry-mandated requirements for any business that handles, processes, or stores credit cards – regardless of the business's size or location. The PCI Security Standards Council was founded by 5 of the major card brands, and they each share equal responsibilities in the council's work.
Sort is PCI DSS compliant which means that our security policies, and procedures meet the requisite standard.
Sort does not store any credit card information but uses Stripe and PayPal as our payment data processors.
If you complete one of our online quizzes, the data you provide will be stored securely via Scoreapp, our service provider, in accordance with this policy.
We are committed to ensuring that your information is secure. We will take reasonable technical and organisational measures to protect the information we collect against loss, misuse or any form of unlawful processing. Information on our servers is stored in a secured manner and access is limited to authorised employees only. However, it is important to note that we cannot eliminate all security risks associated with data transmission and storage.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe that there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- Refusing cookies when prompted as you visit the website
- Email us at firstname.lastname@example.org to:
- request a copy of your personal information;
- request for your personal information to be removed (and we are not otherwise entitled to retain that information);
- request for your personal information to be corrected, if it is inaccurate;
- object to the processing of your personal information;
- request the restriction of processing of your personal information;
- request the transfer of your personal information in a readable format (where applicable); or
- withdraw your consent at any time in relation to any activity for which you have provided your consent.
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
If you wish to raise a complaint on how we have handled your personal data, you can contact our Privacy Officer who will investigate the matter. If you are not satisfied with our response or believe that we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
Our Privacy Officer can be contacted at email@example.com.
You can contact the ICO:
- through their website at https://ico.org.uk/make-a-complaint/;
- by post at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; or
- by phone at 0303 123 1113.
We may change this policy from time to time by updating this page. This policy is effective from 23rd May 2022.
Last update: 23rd May 2022.