Privacy Policy

1. Introduction. This Privacy Policy describes how AFFPRO LTD, a legal entity, incorporated under the Laws of United Kingdom, Company number 14947392, registered address: Suite 118, 4 Montpelier Street, London, SW7 1EE ("Company", "We", "Us", or "Our"), collects, uses, and manages information obtained through its website https://affpro.com ("Website"). We respect Your privacy and are committed to processing Your data in accordance with applicable data protection laws, including the EU GDPR, and the UK Data Protection Act 2018. By accessing or using Our Service, You acknowledge that You have read, understood, and agreed to the terms of this Privacy Policy. If You do not agree with this Policy, please refrain from using our Website and Services. Continued use of the Service following any updates will constitute acceptance of the changes. 2. Definitions. The following definitions apply throughout this Privacy Policy: • “Account” means a unique account created for You to access our Service or parts of our Service. • “Affiliate” means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority. • “Personal Data” means any information relating to an identified or identifiable natural person. • “Usage Data” means non-identifiable technical data collected automatically during the use of the Website. • “Cookies” are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses. • “Device” means any device that can access the Service such as a computer, a cellphone or a digital tablet. • “Service” refers to the Website. • “Service Provider” means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. • “Data Controller” refers to AFFPRO LTD, which determines the purposes and means of processing Personal Data. • “You” or “User” means the individual or entity accessing or using the Website. 3. Data Collection. We collect only a limited amount of data from Users, depending on their interaction with the Website. Specifically: 3.1. Personal Data. While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to: • Email address. • First name and last name. • Phone number. • CV. • Usage Data. • Login credentials (e.g., username and password for accessing personal dashboard). We may collect Personal Data when You: • Submit information via contact forms or lead generation forms (first name and last name, email address, phone number). • Apply for a position through the job application form (e.g., CV, name, contact information). • Register or log in to the personal dashboard on the Website. 3.2. Usage Data. Usage Data is collected automatically when using the Service. Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data. When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device. This data is non-identifiable and used exclusively for Website performance and analytics. 4. Use of Personal Data. We process the limited Personal Data we collect for the following purposes: • To respond to enquiries submitted via the Website; • To review applications submitted for recruitment purposes; • To analyse Website usage and improve user experience; • To comply with legal obligations where applicable. We do not use Personal Data for direct marketing or profiling purposes. 5. Cookies and Tracking Technologies. The Website uses cookies and similar technologies to collect analytical data. 5.1. Types of Cookies Used. • Strictly Necessary Cookies – Enable basic website functions and security. • Analytics Cookies – Allow Us to understand Website traffic (e.g., via Google Analytics or similar tools). • Functional Cookies – Help provide enhanced functionality and personalization of the Website. 5.2. User Control. Users are presented with a cookie consent banner upon their first visit. Users are provided with the option to consent or decline the use of non-essential cookies. 6. Data Storage and Retention. We retain Your Personal Data to fulfill our legal, operational, contractual, and regulatory obligations. For each type of records, the recordkeeping requirements may vary so We guarantee that in no event shall We retain Your Personal Data longer than required. Once data is no longer required, it will be securely deleted or anonymized. All login credentials are securely stored on cloud infrastructure operated by third-party service providers such as Google Cloud, used in conjunction with the Scaleo platform. 7. Data Sharing and Transfers. We do not transfer Your Personal Data to third parties, except in the cases expressly outlined in this Privacy Policy, namely: • Compliance with legal obligations. We may disclose Your Personal Data if such disclosure is required to comply with applicable laws, regulations, legal processes, or governmental requests, including but not limited to matters of national security or law enforcement. Where permitted by law, We will make reasonable efforts to notify You in advance of such disclosure. We may also share Your Personal Data with regulatory or supervisory authorities, courts, law enforcement agencies, fraud prevention bodies, licensing authorities, or other competent third parties where required by law or necessary to establish, exercise, or defend our legal rights. When feasible and appropriate, We will promptly inform You about any such disclosure. • In an emergency. We may disclose Your Personal Data if We believe it is necessary to prevent imminent and serious harm to the health or safety of any person. • To enforce our policies and rights. We may disclose Your information if We believe that Your actions violate our Terms, internal policies, or otherwise threaten the rights, property, or safety of the Company, its users, or others. • With our Affiliates. We may share Your Personal Data with our parent companies, subsidiaries, affiliates, or other entities under common ownership or control, solely for purposes aligned with this Privacy Policy. • M&A. In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, Your Personal Data may be transferred to the acquiring or successor entity, subject to the safeguards provided herein. • With Your consent. We may share Your Personal Data when You explicitly consent to such sharing or direct us to do so. • Third-party service providers. We may share Your Personal Data with trusted third-party service providers that perform services on our behalf and support our business operations, including but not limited to: - Cloud hosting and server infrastructure; - Web and marketing analytics tools (e.g., Google Analytics); - Email delivery and communication platforms; - Professional advisors, including legal and regulatory consultants. We do not sell, rent, or disclose Your Personal Data to third parties for commercial purposes. 8. Legal Basis for Processing. We process Your Personal Data based on one or more of the following legal bases: • Consent: when You give us explicit permission. • Contract: when processing is necessary to fulfill a contract with You. • Legal obligation: when we are legally required to process the data. • Legitimate interests: when it is in Our legitimate business interest and not overriddenby Your rights. 9. Know your Rights. Under applicable data protection laws, You have the following rights: • You have the right to receive information regarding purposes of Personal Data collection, regarding third parties, to which we disclose Your Personal Data, information regarding safeguards that are applicable for secure storage of Your Personal Data, and the period of time for which Personal Data will be stored. Data collection, regarding third parties, to which we disclose Your Personal Data, information regarding safeguards that are applicable for secure storage of Your Personal Data, and the period of time for which Personal Data will be stored. • You also have the right to demand full erasure of Personal Data concerning You by sending Us a request via [email protected]. The Company shall fulfil Your request within an appropriate period of time. If there is no other lawful ground for storing and processing of Your Personal Data, as prescribed by Applicable Law, the Company shall erase such information. If there is another legal ground for such processing, the Company shall notify You within an appropriate period. • You also have the right to demand restriction of the storing and processing of the Personal Data, if legal grounds for such demands have arisen or are prescribed in Applicable Law. • You have the right to object to the processing of Personal Data concerning Yourself under circumstances that are prescribed in Applicable Law. In case of such objection, the Company shall refrain from processing of Your Personal Data, if there are no other legal grounds for continuing the processing. • You have the right to ask the Company to provide You with a structured list of previously provided Personal Data (and of the currently processed Personal Data by the Company). You also can ask Us to transmit Your Personal Data to a previously chosen third party. 10. Data Security. We implement appropriate technical and organizational measures to ensure the security of any data temporarily processed, including encryption, access control, and secure deletion procedures. 11. Children’s Privacy. The Website is not intended for individuals under the age of 16. We do not knowingly collect Personal Data from minors. If You believe that a child has submitted Personal Data, please contact Us immediately. 12. Contact Us. If You have any questions about this Privacy Policy, please feel free to contact us or to write to us at: [email protected].