1. Privacy Statement

1.1 We take privacy seriously and this policy (Privacy Policy) sets out how we will handle your personal data and the anonymised data of your employees (together the “Provided Data”) securely and in accordance with your rights.

1.2 Curo Compensation Limited (we, us, our) is registered under the terms of the General Data Protection Regulation (GDPR). Details of our notification to the data protection regulator may be found in the Information Commissioner’s Office Public Register of Data Controllers at https://ico.org.uk/ under registration number ZA089894. Our registered office address is at Exchange Tower, 19 Canning Street, Edinburgh EH3 8EH.

2. General information

2.1 This Privacy Policy explains what information we collect from you and how we handle the information to ensure that we protect your rights. Please read this Privacy Policy carefully to understand how we will treat the Provided Data. In this Privacy Policy, references to you or your shall mean you as a user of https://www.curogpg.com. (our site) and/or our gender pay gap reporting services (our services).

2.2 This Privacy Policy should be read together with our terms and conditions, which together apply to your use of our site and our services.

2.3 By using our site and registering to use our services, you will be regarded as having accepted the terms of this Privacy Policy. Please do not use our site and our services if you do not agree to the terms of this Privacy Policy.

3. What information do we collect?

3.1 When you register to use our services and/or our site we may ask you to provide certain personal data including but not limited to, your name, company name and contact details (Personal Data).

3.2 In order to perform the services, we may also ask for anonymised information about employees from your organisation, including but not limited to, gender, job title, job level, business unit, position within the organisation, tenure, age, bonus and salary (Employee Data).

3.3 In addition, we may also collect information on an ongoing basis about what pages you access or visit, and information about your use of our site, for example the pages viewed, the website from which you came to visit our sites, changes you make to information you supply to us, details of the quotes you request and your transactions, including by use of cookies. Please see cookies information below.

4. What do we use the provided data for?

4.1 We may use your Personal Information for the following purposes:

  1. (a) in the normal course of our business, to allow us to register you to receive our services and to provide you with our services;
  2. (b) to allow us to manage your account;
  3. (c) to allow us to analyse your personal preferences and personalise our services to you;
  4. (d) to store your data to pre-populate fields to make it easier for you to provide information when you return to our sites;
  5. (e) to validate your information (and, in some cases, match it against information that has been collected by a third party) to check that the data we hold about our customers/users is accurate, consistent and current; and
  6. (f) to comply with any legal obligations to which we are subject.

4.2 We may use the Employee Data for the following purposes:

  1. (a) to allow us to provide the services to you;
  2. (b) to calculate gender pay gap statistics; and
  3. (c) to produce the reports you request, including the Gender Pay Gap Report, which may include diversity and inclusion reports, regulatory reports and/or other reports.

4.3 We shall periodically check that the Personal Data we store for you is accurate. If you would like to update the Personal Data we hold about you, please contact us on gpg@curocomp.com with your request.

4.4 The provision of the Provided Data is mandatory if you are to receive our services. If you fail to provide such data we shall be unable to provide our services.

5. Who do we share your information with?

5.1 As part of using our services, you consent to us sharing the Provided Data with the following parties:

  1. (a) the company who provide us with hosting services from time to time, currently, this is Pulsant;
  2. (b) our professional advisers;
  3. (c) our consulting partners and data management consultants; and
  4. (d) any member of our group and other companies which may be added to our group from time to time.

5.2 We may also share the Provided Data with third parties:

  1. (a) in the event that we, our business, or substantially all of its assets are acquired by a third party (in which case personal information about customers will be one of the transferred assets);
  2. (b) if we are under a duty to disclose or share the Provided Data in order to comply with any legal obligation, or in order to enforce or apply any contract with you; or to protect our rights, property, or safety of our employees, customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

6. How long do we store the provided data for?

6.1 We only store the Provided Data for as long as necessary for the purposes listed in paragraph 4.

7. What are your rights?

7.1 Access to your Personal Data: You may request access to a copy of your Personal Data.

7.2 Right to withdraw: You may withdraw your consent at any time. Please contact us using the details located at section 11 of this policy if you would like to withdraw your consent and we will delete your data in line with your right to erasure at 7.4 below.

7.3 Rectification: You may ask us to rectify inaccurate information held about you. If you would like to update the data we hold about you, please log on to your profile at www.curogpg.com and update your information.

7.4 Erasure: You may ask us to delete your Personal Data. If you would like us to delete the Personal Data we hold about you, please contact us using the details below, specifying why you would like us to delete your Personal Data.

7.5 Portability: You may ask us to provide you with the Personal Data that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.

7.6 Right to object: You may object to our processing of your Personal Data pursuant to this Privacy Policy. Please contact us using the details below, providing details of your objection.

7.7 Make a complaint: You may make a complaint about our data processing activities to a supervisory authority, for the UK this is the Information Commissioner’s Office, at https://ico.org.uk/.

7.8 To make enquires and/or to exercise any of your rights in this Privacy Policy please contact our customer service team at gpg@curocomp.com.

8. Cookies policy

8.1 Cookies are small files saved to your computer’s hard drive that track, save and store information as well as your interactions and usage of our website. The primary purpose for collection of data from users to our site is to allow us to provide a smooth efficient and personalised experience while using our site.

8.2 You are advised that if you do not consent to the use and saving of cookies from this website on to your computer hard drive then you should take necessary steps within your web browser security settings to block all cookies from this website and its external serving vendors.

8.3 Our website uses cookies software provided by (1) JSESSIONID, (2) Remember-me and (3) High Availability.

9. Security and data storage

9.1 We will treat all of your information in strict confidence and we will endeavour to take all reasonable steps to keep the Provided Data secure once it has been transferred to our systems. We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of the Provided Data, and data stored on the website and associated database.

9.2 Please note that the internet is not a secure medium and we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the Internet and will not hold us responsible for any breaches.

10. Changes to this Privacy Policy

10.1 We may modify this Privacy Policy from time to time, so please review it regularly.

10.2 If we change this Privacy Policy we shall notify you by means of notice on our site homepage.

10.3 This Privacy Policy was last amended on 7 December 2017.

11. Contact

11.1 If you have any queries relating to this Privacy Policy or our use of the Provided Data, please contact our customer services team at gpg@curocomp.com.