Privacy Policy

About this policy

Who should read this policy:

  • visitors to our website at https://www.helloayda.com/ (Website);
  • users of Ayda Platform (Platform) who access the Platform to set up, run and manage research projects (Researchers);
  • individuals invited to the Platform by the Researchers as participants or candidates in the research projects (Participants);
  • individuals representing our prospective customers or any other business contacts, including representatives of governmental and regulatory bodies and our suppliers and service providers (Other Business Contacts).

What is covered:
This policy sets out what information we collect about you, what we use it for and who we share it with. It also explains your rights and what to do if you have any concerns about your personal data

Who to contact about this policy: If you have any questions about this privacy policy, how we handle your personal data or you are looking to exercise one of your rights, please contact: support@helloayda.com

Latest updates: This policy was last updated 13 February 2024. We may sometimes need to update this policy to reflect changes to the way we provide our services or to comply with updates to data protection law. Where possible, we will notify you of any substantive changes but please check back regularly to see whether any changes have occurred.

Who checks this policy is enforced: The Information Commissioner’s Office(ICO) is the UK regulator and is responsible for checking that businesses comply with UK Data Protection Law

 

1. About us

We are Particity Limited (trading as Ayda), registered in England and Wales with company number 11375698 whose registered address is c/o Jump Accounting, We Work, 33 Queen Street, London, EC4R 1AP, United Kingdom (we/ us /our). We are the controller of your personal information (which means we decide what information we collect and we use it). With regards to the personal data of Participants, we are both data controller and data processor – see more details in paragraph 2. In particular, with respect to any personal data contained in any surveys and/or questionnaires completed by Participants as part of research carried out by the Researchers, we are a data processor only, and we do not use any such data for our own purposes.

We are registered with the Information Commissioner’s Office (ICO), the UK regulator for data protection matters, under number ZA492862.

If you have any questions about this privacy notice or the way that we use your personal information, please get in touch using the following details:
Email address: dpo@helloayda.com
Postal address: c/o Jump Accounting, We Work, 33 Queen Street, London, EC4R 1AP, United Kingdom

 

2. Information we collect about you

Personal data (or personal information) means any information which does (or could be used to) identify a living person. We have grouped together the types of personal data that we collect and where we receive it from in the tables below (grouped by the category of data subjects).

Participants
If you are a Participant, Researchers will collect the data from you, store it on our Platform and enable you to activate your accounts on our Platform. To the extent we facilitate research projects and your interactions with Researchers, we will be acting as a data processor for and on behalf of the Researchers. This includes all data collected by the Researchers from the Participants, including all surveys and questionnaire responses.

In addition, we will have an independent relationship with you as the user of our Platform and to the extent we have a legal relationship with you (under our Participant Terms and Conditions), communicate with you, collect data about your use of the Platform and send you our own marketing communications, we will do so as a data controller. The table below sets out the types of data we collect and process as a data controller.

 

Participants

Types of personal data: Purpose of processing:
Identity Data – your first and last name or title, and email address.
  • To set up and activate your account on our Platform and to identify you as the Participant user of the Platform
  • To verify your eligibility to use the Platform
  • To communicate with you
Contact Data – your email address, and name.
  • To communicate with you (including in relation to your Incentives)
Account Data – email address, password, username, your social media account details (if you choose to use it to access the Platform).
  • To activate, maintain and operate your account on the Platform
Financial and Transaction Data – your bank account or other payment information necessary to facilitate redemption of Incentives (as may be determined by our partners who provide payments and rewards facilities to us), your Incentives redemption history.
  • To facilitate the redemption of Incentives by you
  • To maintain records of all transactions relating to Incentive
Usage Data - information about how you use our Platform, audit trail of systems used and documents accessed and downloaded
  • To enable you to view history of your activities on the Platform
  • To analyse how our users interact with the Platform
  • To improve our services
  • To comply with our legal and regulatory obligations
Communications Data – records of communications between you and us
  • To enable us to keep records related to our business
  • To manage our relationship with you
  • To comply with our legal and regulatory obligations
Feedback – information and responses you provide when completing surveys and questionnaires issued by us (for example an exit questionnaire relating to the use of the Platform)
  • To analyse your feedback and to improve our services
Technical Data - internet protocol (IP) address, browser type and version, time zone setting and generic location, browser plug-in types and versions, operating system and platform on the devices you use to access our systems
  • To operate our Platform and such other purposes as set out in our Cookies Policy
 

Researchers

Types of personal data: Purpose of processing:
Identity Data – your first and last name or title, and email address.
  • To set up and activate your account on our Platform and to identify you as the Participant user of the Platform
  • To verify your eligibility to use the Platform
  • To communicate with you
Contact Data – your email address, and name.
  • To communicate with you (including in relation to your Incentives)
Account Data – email address, password, username, your social media account details (if you choose to use it to access the Platform).
  • To activate, maintain and operate your account on the Platform
Marketing Data - includes your preferences in receiving marketing from us and your communication preferences.
  • To enable us to comply with your marketing preferences and to send you our marketing data if we are allowed to do so
Usage Data - information about how you use our Platform, audit trail of systems used and documents accessed and downloaded
  • To enable you to view history of your activities on the Platform
  • To analyse how our users interact with the Platform
  • To improve our services
  • To comply with our legal and regulatory obligations
Communications Data – records of communications between you and us
  • To enable us to keep records related to our business
  • To manage our relationship with you
  • To comply with our legal and regulatory obligations
Feedback – information and responses you provide when completing surveys and questionnaires issued by us (for example an exit questionnaire relating to the use of the Platform)
  • To analyse your feedback and to improve our services
Technical Data - internet protocol (IP) address, browser type and version, time zone setting and generic location, browser plug-in types and versions, operating system and platform on the devices you use to access our systems
  • To operate our Platform and such other purposes as set out in our Cookies Policy
 

Other Business Contacts

Types of personal data: Purpose of processing:
Identity Data – your first and last name or title, and email address.
  • To set up and activate your account on our Platform and to identify you as the Participant user of the Platform
  • To verify your eligibility to use the Platform
  • To communicate with you
Contact Data – your email address, and name.
  • To communicate with you (including in relation to your Incentives)
Marketing Data - includes your preferences in receiving marketing from us and your communication preferences.
  • To enable us to comply with your marketing preferences and to send you our marketing data if we are allowed to do so
Communications Data - records of communications between you and us
  • To enable us to keep records related to our business
  • To manage our relationship with you
  • To comply with our legal and regulatory obligations
Company/ Employment Data - your job title, employer’s business name
  • To enable us to identify which organisation you represent
 

Website Visitors

Types of personal data: Purpose of processing:
Technical Data - internet protocol (IP) address, browser type and version, time zone setting and generic location, browser plug-in types and versions, operating system and platform on the devices you use to access our systems.
  • As set out in our Cookies Policy
Contact and Communications Data - your email address, telephone number and contact preferences, if you submit a “contact us” request on our website.
  • To enable us to respond to your enquiry and keep records of our communications
 

3. How we use your information

Under UK data protection law, we need a legal reason (known as a lawful basis) for holding, collecting and using your personal data. There are 6 main legal reasons which organisations can rely on. The most relevant are:

  • to enter into and perform our contract with you;
  • pursue our legitimate interests (our justifiable business aims) but only if those interests are not outweighed by your other rights and freedoms (e.g. your right to privacy);
  • to comply with a legal obligation that we have;
  • where you have consented to us using your personal data a certain way.

The following table sets out when we rely on each lawful basis.‍

Lawful Basis When we rely on such lawful basis:
Contract
  • When processing of your personal data is necessary in connection with the contract we have (or will have) with you or the organisation you work for, for example to fulfil our obligations under terms and conditions of use of the Platform or any vendor or supplier contract
  • Where we retain information to enable us to bring or defend legal claims.
Legal Obligation
  • When we are required to comply with a legal obligation and in order to do so, we need to use your personal data, for example:
    • Recording your preferences (e.g. marketing) to ensure that we comply with data protection laws
    • Carrying out our due diligence checks
Legitimate Interests
  • Where using your information is necessary to pursue our legitimate business interests to:
    • improve and optimise our Website and/or Platform;
    • monitor and make improvements to our Website and/or Platform to enhance security and prevent fraud;
    • to provide our services to you and ensure the proper functioning of our Website and/or Platform; and
    • to protect our business and defend ourselves against legal claims
  • Where we use your information for our legitimate interests, we have assessed whether such use is necessary and that such use will not infringe on your other rights and freedoms.
Consent
  • Where you have provided your consent to providing us with information or allowing us to use or share your information.
  • Where you have consented to receive marketing material from us.

Where we need to collect your personal data (for example, in order to fulfil a contract we have with you), failure to provide us with your personal data may mean that we are not able to provide you with the services. Where we do not have the information required about you to fulfil an order, we may have to cancel the service ordered.

 

4. When we send you marketing messages

We do not send marketing communications to Participants.

We may, from time to time send marketing communications to the Researchers and other Business Contacts. If you have received any marketing messages from us, you can opt out of these at any time by following the “unsubscribe” link in the message or contacting us at unsubscribe@helloayda.com.

Opting out of marketing will not affect our processing of your personal data in relation to any order you have with us and where we required to use your personal data to fulfil that order or provide you with certain information.

 

5. Who we share your information with

‍We may share your personal data with:

  • Our personnel: our employees (or other types of workers) who have contracts containing confidentiality and data protection obligations in order to process your order.
  • Our supply chain: other organisations that help us provide our services. We ensure these organisations only have access to the information required to provide the support we use them for and have a contract with them that contains confidentiality and data protection obligations.
  • Our website hosting provider: the company who provides website hosting services to us may have access to some information (e.g. information from cookies and tracking technologies) to ensure that the Website is working correctly.
  • Our cloud service provider: which we use to store information about our customers and which enables us to deal with enquiries and provide our services.
  • Regulatory authorities: such as HM Revenue & Customs.
  • Our professional advisers: such as our accountants or legal advisors where we require specialist advice to help us conduct our business.
  • Third party marketing providers: such as HubSpot, SendinBlue and FreshWorks when you sign up to receive marketing messages or newsletters from us.
  • Any actual or potential buyer of our business.

If we were asked to provide personal data in response to a court order or legal request (e.g. from the police), we would seek legal advice before disclosing any information and carefully consider the impact on your rights when providing a response.

 

6. Where your information is located or transferred to

We store company information (including your personal data) in servers located in the United Kingdom. We have proper mechanisms in place to ensure that transfer to that country is compliant with relevant data protection laws.
Otherwise, we will only transfer information outside of the UK or the EU where we have a valid legal mechanism in place (e.g. by using contracts approved by the European Commission or UK Secretary of State).

 

7. How we keep your information safe

We have put in place appropriate security and safety measures to prevent your personal data from being lost or illegally accessed by those who do not have permission. These measures include:

  • access controls and user authentication (including multi-factor authentication);
  • internal IT and network security;
  • regular testing and review of our security measures;
  • staff policies and training;
  • incident and breach reporting processes;
  • business continuity and disaster recovery processes.

    In the event that there is an event or incident affecting your personal data, we will keep you informed. We may also need to notify the regulator (where required under data protection law) and if we make decisions about personal data about your data jointly with another party(for example, if a third party marketing provider), we may need to notify them.
 

8. How long we keep your information

Where we are responsible for making decisions about how to collect and use your personal data, we will only keep your personal data for as long as necessary to fulfil the purposes we collected it for or as long as required to fulfil our legal obligations.

When we consider how long to keep your personal data, we will consider whether it is still necessary to keep it for the purpose which we collected it or whether the same purpose could be achieved by holding less personal data. We will also consider the volume, nature, and sensitivity of the personal data and the potential harm to you if there was an incident affecting your personal data.

We may keep Identity Data, Contact Data and certain other data (specifically, any exchanges between us by email or any other means) for up to seven years after the end of our contractual relationship with you.

If you browse our Website, we keep personal data collected through our analytics tools for only as long as necessary to fulfil the purposes we collected it for (see our cookie policy for further information).

If you have asked for information from us or you have subscribed to our mailing list, we keep your details for a reasonable time or until you ask us to stop contacting you.

 

9. Your legal rights

You have specific legal rights in relation to your personal data.

We can decide not to take any action in relation to a request where we have been unable to confirm your identity (this is one of our security processes to make sure we keep information safe) or if we feel the request is unfounded or excessive. We may charge a fee where we decide to proceed with a request that we believe is unfounded or excessive. If this happens we will always inform you in writing.

Your legal rights are as follows:

  • Access: You must be told if your personal data is being used and you can ask for a copy of your personal data as well as information about how we are using it to make sure we are abiding by the law.
  • Correction: You can ask us to correct your personal data if it is inaccurate or incomplete. We might need to verify the new information before we make any changes
  • Deletion: You can ask us to delete or remove your personal data if there is no good reason for us to continuing holding it or if you have asked us to stop using it. If we think there is a good reason to keep the information you have asked us to delete (e.g. to comply with regulatory requirements), we will let you know and explain our decision
  • Restriction: You can ask us to restrict how we use your personal data and temporarily limit the way we use it (e.g. whilst you check that the personal data we hold for you is correct).
  • Objection: You can object to us using your personal data if you want us to stop using it. We always comply with your request if you ask us to stop sending you marketing communications but in other cases, we decide whether we will continue. If we think there is a good reason for us to keep using the information, we will let you know and explain our decision.
  • Portability: You can ask us to send you or another organisation an electronic copy of your personal data.
  • Complaints: If you are unhappy with the way we collect and use your personal data, you can complain to the Information Commissioner or another relevant supervisory body, but we hope that we can respond to your concerns before it reaches that stage. Please contact us at: dpo@helloayda.com.

If you would like to exercise any of your legal rights, please contact: dpo@helloayda.com.

 

10. Our cookie policy

Our Website uses cookies and similar technologies.

Cookies are small text files that are downloaded to your device. Cookies contain uniquely generated references which are used to distinguish you from other users. They allow information gathered on one webpage to be stored until it is needed for use on another, allowing our Website to provide you with a personalised experience (like remembering your favourites) and provide us with statistics about how you interact with our Website.

Cookies are not harmful to your devices (like a virus or malicious code) but some individuals prefer not to share their information (for example, to avoid targeted advertising).

Different types of cookies
Session vs. persistent cookies: cookies have a limited lifespan. Cookies which only last a short time or end when you close your browser are called session cookies. Cookies which remain on your device for longer are called persistent cookies (these are the type of cookies allow websites to remember your details when you log back onto them).

First party vs third party cookies: cookies placed on your device by the website owner are called first party cookies. When the website owner uses other businesses’ technology to help them manage and monitor their website, the cookies added by the other business are called third party cookies.

Categories of cookies: cookies can be grouped by what they help the website or website owner do (the Purpose).

  • Necessary cookies are cookies which help the Website to run properly (when they are strictly necessary cookies it means their only function is to help the website work).
  • Performance cookies help a Website owner understand and analyse how Website visitors use their website.
  • Analytical cookies are used to understand how visitors interact with the Website. These cookies help provide information on metrics the number of visitors, bounce rate, etc.
  • Marketing cookies tailor online adverts to reflect the content you have previously browse and help inform companies about your interests so they can show you relevant adverts.

What do we use cookies for?
We use cookies to:

  • to track how visitors use our Website
  • to record whether you have seen specific messages we display on our Website
  • to keep you signed into our Website
  • where we post content and links to content, we use cookies to capture and analyse information such as number of views and shares


The cookies we use are:

Cookie Purpose What it does How long it lasts
_ga Analytical cookie This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors. 2 years
_gid Analytical cookie Used by Google Analytics to anonymously distinguish users. See Google Analytics Cooke Usage for more information. 24 hours
_gcl_au Marketing cookie Used by Google AdSense for experimenting with advertisement efficiency across websites using their services. See Advertising Cookies for more information. 90 days
_fw_crm_v Session cookie Used to track Visitor/User identity and chat sessions performed by the User for our Online Chat Tool See FreshChat Cookies for more information. 1 year
ARRAffinity, ARRAffinity, .AspNetCore(various) Necessary cookies Used by the Ayda platform to ensure correct operation of the platform Up to 1 year
ai_session, ai_user Performance cookies Used by the Ayda platform to monitor usage of the platform using Microsoft Azure Application Insights See Azure Application Insights for more information. 1 year

We can only use cookies with your permission (you will be prompted by a message when you first visit our Website, also known as a cookie banner, where you can choose to accept or decline our cookies).

You can choose to decline cookies but if you turn off necessary cookies, some pages and functions on our Website may not work properly. You can also manage cookies through your browser settings or device settings (your user manual should contain additional information).

You can also delete cookies directly with the relevant third parties (for example, you can disable Google Analytics on their website).