Privacy Notice

1. Introduction and General Terms

1.1. These terms apply to the websites and other products offered by nowhere Group Limited ('nowhere' / 'we' / 'us'). Our registered office is at Tall Trees 85a Esher Road, Hersham, Walton-On-Thames, Surrey, KT12 4LN. We are a company registered in England, with company number 04189963.

1.2. This Privacy Notice applies and has effect in respect of all online services and other software and products made available by us (together the "Product(s)"), as well as any other online features relating to the Products including our website (the "Website"). Together the Product(s) and Website are referred to as the "Online Services".

1.3. If you have any questions or comments about this Privacy Policy, please contact us on

1.4. We are committed to protecting and respecting your privacy. The Privacy Notice explains the basis on which personal information we collect from you will be processed by us or on our behalf. Where we decide the purpose or means for which personal data you supply through these Online Services is processed, we are the "data controller". We will comply with all applicable data protection laws, including the General Data Protection Regulation 2016/679.

1.5. In some instances, we may be a joint data controller, with your employer or the business that engages you and which has made our Products available to you (the "Principal"). If you would like to know more about how the Principal makes use of your personal data, please ask to see their privacy notice.

1.6. Please read this Privacy Notice carefully as it contains important information about the following:

1.6.1. What information we may collect about you;

1.6.2. Whether we will disclose your details to anyone else;

1.6.3. Your choices and rights regarding the personal information you have provided to us.

1.7. This Privacy Notice forms part of and should be read in conjunction with our EULA in respect of the product, please find it here

1.8. The Online Services may contain hyperlinks to services owned and operated by third parties. These third party services may have their own privacy notices and we recommend that you review them. They will govern the use of personal information that you submit, or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third party services and your use of these is at your own risk.

1.9. We may make changes to this Privacy Notice in future, which will be posted on this page. You should check this page from time to time to ensure you are aware of any changes. Where appropriate we may notify you of changes through the Products.

2. Information we may collect about you

2.1. When you use our Online Services we collect and process the following information which may include your personal data.

2.1.1. Information provided by you when using the Products ("Principal Information"). We will collect any information you submit to use when you use our Products. This includes your response to any of the questions set out in our Products, and as well as your performance when undertaking any of the exercises or tasks enabled by our Products.

2.1.2. Information collected for the purposes of providing analytics ("Analytics"). We may collect technical information about your use of the Online Services through the use of tracking technologies and analytics.

3. Why we collect information about you

3.1. To provide our Products to you. We will use information about you (including Principal Information and Analytics) for delivering our Products to you under the terms of use agreed between us and Principals. The processing of information in this way is necessary for us to record your progress and current status within a Product, and to ensure the Products deliver the features promised and function properly, so that you have the optimal experience when using any one of our Product(s).

3.2. When relevant, and when it does not have a negative impact on the data subject, privacy settings will be set to the most private by default.

3.3. To help us improve the Online Services and fix any problems. We may process Analytics so that we can analyse and improve our Online Services. This processing is also necessary for us to pursue our legitimate interests of (I) ensuring that our Online Services function properly so that you and other users have the best experience when using any of our Online Services; (II) improving the quality of our Online Services, and providing a better experience to our users; (III) identifying and correcting any bugs in the Online Services.

4. Data Sharing

4.1. We will share your information with third parties only in the ways that are described in this Privacy Notice.

4.1.1. Principals: We are engaged by Principals to provide services to them. You may have submitted Principal Information to us as part of our delivery of that service. We will share that data with the Principal in accordance with any agreements we have entered with the Principal.

4.1.2. Group members, personnel, suppliers or subcontractors: We keep your information confidential, but may disclose it to any member of our group (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006), our personnel, suppliers or subcontractors insofar as it is reasonably necessary for the purposes set out in this Privacy Notice. However, this is on the basis that they do not make independent use of the information, and have agreed to safeguard it.

4.1.3. Merger or acquisition: If we are involved in a merger, acquisition, or sale of all or a portion of its assets, we may disclose Analytics to the acquiring or merging entity.

4.1.4. Required by law: In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention).

4.1.5. Enforcement: We may also disclose your personal information to third parties in order to enforce or apply the terms of agreements, to investigate potential breaches, or to protect the rights, property or safety of nowhere, our customers, or others.

5. Your rights in relation to your personal data which we process

5.1. You have the following rights over the way we process personal data relating to you, as set out in the table below. We aim to comply without undue delay, and within one month at the latest.

5.1.1. Ask for a copy of data we are processing about you and have inaccuracies corrected. You have the right to request a copy of the personal information we hold about you and to have any inaccuracies corrected. We will use reasonable efforts to the extent required by law to supply, correct or delete personal information held about you on our files (and with any third parties to whom it has been disclosed to).

5.1.2. Object to us processing data about you. You can ask us to restrict, stop processing, or to delete your personal data if:

• you consented to our processing the personal data, and have withdrawn that consent;

• we no longer need to process that personal data for the reason it was collected;

• we are processing that personal data because it is in the public interest or it is in order to pursue a legitimate interest of nowhere or a third party, you don’t agree with that processing, and there is no overriding legitimate interest for us to continue processing it;

• the personal data was unlawfully processed;

• you need the personal data to be deleted in order to comply with legal obligations;

• the personal data is processed in relation to the offer of a service to a child.

5.1.3. Obtain a machine readable copy of your personal data, which you can use with another service provider. If we are processing data in order to perform our obligations to you, or because you consented, if that processing is carried out by automated means, we will help you to move, copy or transfer your personal data to other IT systems. If you request, we will supply you with the relevant personal data in CSV format. Where it is technically feasible, you can ask us to send this information directly to another IT system provider if you prefer.

5.2. To make a request, please let us know by sending an email to

6. Data Retention

6.1. We will hold your personal information on our systems for as long as is necessary for the relevant service, or as otherwise described in this Privacy Notice.

7. Children

7.1. We do not use our Online Services to knowingly solicit information from or market to children under the age of 13. Our terms of use prohibit users aged under 13 years from accessing our Online Services. In the event that we learn that we have collected personal information from a child under 13 years of age we will delete that information as quickly as possible. If you believe that we might have any information from or about a child under 13 years of age, please contact us at

8. Security

8.1. We will take all reasonable technical and organisational precautions to prevent the loss misuse or alteration of your personal information. For example, our databases are password protected and limited to essential employees only (such as nowhere management or employees whose main role requires system access).

8.2. Please be aware that, although we endeavour to provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.

9. International Data Transfers

9.1. Our servers are located in Ireland.

9.2. It is possible that your personal information may be transferred outside of the EU by the Principal. We recommend that you refer to the privacy notices and/or terms and conditions of the Principal if you are concerned about your data being transferred outside the EU.

9.3. Where we transfer your information outside of the EU, we have agreements in place with those parties which include standard data protection clauses adopted by a data protection regulator and approved by the European Commission to ensure that appropriate safeguards are in place to protect your personal data. If you would like to find out more about these safeguards, please let us know by writing to

10. Contact Information

10.1. All questions, comments or enquiries should be directed to nowhere at We will endeavour to respond to any query or questions within 2 business days.

11. Document Updated

Last updated on 11 June 2018