We take your privacy seriously
This policy is effective as of 1 January 2022.
Last updated: 19 May 2023
Personal information is any information about you that can be used to identify you. This includes information about you as a person (such as name, address, and date of birth), your devices, payment details, and even information about how you use a website or online service.
At NorthWhistle, we aim to collect as little information as possible about our customers. Our whistleblowing system contains zero cookies, we collect no IP addresses and our information is stored and handled according to top industry practices. This policy is meant to inform you about your rights regarding the personal information that you choose to share with us.
2. Information We Collect
Information we collect falls into one of two categories: ‘voluntarily provided’ information and ‘automatically collected’ information.
‘Voluntarily provided’ information refers to any information you knowingly and actively provide us when using or participating in any of our services and promotions.
‘Automatically collected’ information refers to any information automatically sent by your devices in the course of accessing our products and services.
3. Log Data
If you encounter certain errors while using the site, we may automatically collect data about the error and the circumstances surrounding its occurrence. This data may include technical details about your device, what you were trying to do when the error happened, and other technical information relating to the problem. You may or may not receive notice of such errors, even in the moment they occur, that they have occurred, or what the nature of the error is.
4. Personal Information
We may ask for personal information — for example, when you submit content to us or when you contact us — which may include one or more of the following:
- Phone number
- Home/mailing address
- Company Name
- Payment information
‘Sensitive information’ or ‘special categories of data is a subset of personal information that is given a higher level of protection. Examples of sensitive information include information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation, sexual practices or sex life, criminal records, health information, or biometric information.
The types of sensitive information that we may collect about you include:
- information related to whistleblowing cases
We will not collect sensitive information about you without first obtaining your consent, and we will only use or disclose your sensitive information as permitted, required, or authorised by law.
5. Legitimate Reasons for Processing Your Personal Information
We only collect and use your personal information when we have a legitimate reason for doing so. In which instance we only collect personal information that is reasonably necessary to provide our services to you. And only with your consent.
6. Collection and Use of Information
We will collect personal information from you when you do any of the following on our website:
- Register for an account
- Use a mobile device or web browser to access our content
We may collect, hold, use and disclose information for the following purposes, and personal information will not be further processed in a manner that is incompatible with these purposes:
- to provide you with our platform’s core features and services
- to contact and communicate with you
- to enable you to access and use our website, associated applications, and associated social media platforms
- for internal record keeping and administrative purposes
- to comply with our legal obligations and resolve any disputes that we may have
We may combine voluntarily provided and automatically collected personal information with general information or research data we receive from other trusted sources. For example, Our marketing and market research activities may uncover data and insights, which we may combine with information about how visitors use our site to improve our site and your experience on it.
7. Security of Your Personal Information
When we collect and process personal information, and while we retain this information, we will protect it within the highest commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.
You are responsible for selecting any password and its overall security strength, ensuring the security of your own information within the bounds of our services.
For example, ensuring any passwords associated with accessing your personal information and accounts are secure and confidential.
8. How Long We Keep Your Personal Information
However, if necessary, we may retain your personal information for our compliance with a legal, accounting, or reporting obligation or for archiving purposes in the public interest, scientific, or historical research purposes or statistical purposes.
9. Children’s Privacy
We do not aim any of our products or services directly at children under the age of 13 and we do not knowingly collect personal information about children under 13.
10. Your Rights and Controlling Your Personal Information
Marketing permission: If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by contacting us using the details below.
Access: You may request details of the personal information that we hold about you.
Non-discrimination: We will not discriminate against you for exercising any of your rights over your personal information. Unless your personal information is required to provide you with a particular service or offer (for example providing user support), we will not deny you goods or services and/or charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties, or provide you with a different level or quality of goods or services.
Downloading of Personal Information: We provide a means for you to download the personal information you have shared through our site. Please contact us for more information.
Notification of data breaches: We will comply with laws applicable to us in respect of any data breach.
Complaints: If you believe that we have breached a relevant data protection law and wish to make a complaint, please contact us using the details below and provide us with full details of the alleged breach. We will promptly investigate your complaint and respond to you, in writing, setting out the outcome of our investigation and the steps we will take to deal with your complaint. You also have the right to contact a regulatory body or data protection authority in relation to your complaint.
11. Business Transfers
If we or our assets are acquired, or in the unlikely event that we go out of business or enter bankruptcy, we would include data, including your personal information, among the assets transferred to any parties who acquire us. You acknowledge that such transfers may occur, and that any parties who acquire us may, to the extent permitted by applicable law, continue to use your personal information according to this policy, which they will be required to assume as it is the basis for any ownership or use rights we have over such information.
12. Changes to This Policy
If the changes are significant, or if required by applicable law, we will contact you (based on your selected preferences for communications from us) and all our registered users with the new details and links to the updated or changed policy.
If required by law, we will get your permission or give you the opportunity to opt in to or opt-out of, as applicable, any new uses of your personal information.
13. Contact Us
Contact the Nebulr Group Data Protection Officer at oscar(at)nebulr.group