Data Protection Policy
CONTENTS
3. HOW WE COLLECT YOUR PERSONAL DATA
4. THE TYPES OF PERSONAL DATA WE MAY COLLECT
5. HOW WE USE YOUR PERSONAL DATA
6. OUR LAWFUL BASIS FOR USING YOUR PERSONAL DATA
8. RETENTION OF YOUR PERSONAL DATA
10. EXERCISING YOUR DATA PROTECTION RIGHTS
INTRODUCTION
Worker Info Exchange is committed to protecting the privacy and data protection rights of everyone who shares their personal data with us. This policy replaces our previous policy dated April 2021.
Platform Info Exchange Ltd., publicly known as Worker Info Exchange (WIE), is a non-profit organisation dedicated to helping workers access and gain insight from data collected about them at work. We are a company registered in England & Wales with the company number 11891546. For the purposes of this policy the data controller will be referred to as “WIE”, “we”, “us”, “our” here after.
Whether you are an Uber driver or a Deliveroo rider, WIE aims to tilt the balance away from big platforms in favour of the people who make these companies so successful every day – the workers. By working together to collect and pool our data as workers we can begin to demand a better deal at work.
We will never sell your data to third parties or share it for any commercial purposes such as advertising or marketing.
1. THE DATA CONTROLLER
Platform Info Exchange Limited is the data controller for all the personal data we process and retain. We are registered with the Information Commissioner as a data controller with registration number ZB297201.
2. CONTACT DETAILS
The address of our registered head office is Broxhead House, 60 Barbados Road, Bordon GU35 0FX, United Kingdom. You can contact us by email at office@workerinfoexchange.org.
3. HOW WE COLLECT YOUR PERSONAL DATA
We may collect information from you when you communicate with us via our website, email, telephone, or text service. Some of the data we collect may be considered special category data. We will not collect data for anyone below the age of 18 years.
We may collect data from you when you:
I. Apply to us to make a data subject access request on your behalf
II. Provide us with personal data relating to your work
III. Visit our website
IV. Visit our social media pages
V. Contact us directly by email, phone or message service
4. THE TYPES OF PERSONAL DATA WE MAY COLLECT
In this section we describe the data we collect concerning three main categories of data subjects including:
-
clients we serve,
-
people who work for us and
-
people who visit our website.
Clients we serve
When you make a data subject access request using our online service, we may collect the following information from you:
I. Your name
II. Your home address
III. Your email address
IV. Your phone number
V. Who your employer is
VI. Your ethnicity
It is necessary to collect this information so that we can securely authenticate your identity to your employer. Documents such as driver license & passport ID is immediately deleted and not held after your identify has been authenticated.
When you provide us the results of a data subject access request from your employer or if you instruct your employer to port your personal data to us directly, we may receive from you different types of personal data relating to your activity at work.
Data you may have provided the employer including:
I. Vehicle details including registration, serial number, fuel type, make and model
II. Device details including IP address, IMEI numbers and ad services identifiers
Data the employer observed about you at work including:
III. GPS data including time, location, speed and direction of travel
IV. Trip/task data including duration, dispatches, cancellations, GPS data, fares/fees and deductions
V. Performance ratings data assigned by customers to you or by you to customers
VI. Fraud and security events data including biometric, location and other forms of identity checks
VII. Telematics data including braking and acceleration data
VIII. Audio recordings of phone calls with you made by the employer
IX. Messages and notifications sent by the employer to you and vice versa
X. Complaints and compliments made by customers to the employer about you
XI. Restrictions on app services made by the employer effecting you
Data created by employer based on inferences about you including:
XII. Performance profiles including earnings, acceptance rates, customer service interactions
XII. Profiles about you used in automated decision making at work
XIV. Profiles relating to fraud and security including fraud probability scores
People who visit our website
When you visit our website, we may create cookies which can then be transmitted to your device so that when you visit our website in future we may be better able to serve you. These cookies are generally used created by the website hosting service. The main categories of cookies created include:
-
Essential Cookies: These cookies enable core functionality such as security, verification of identity and network management. These cookies can’t be disabled.
-
Marketing Cookies: These cookies are used to track advertising effectiveness to provide a more relevant service and deliver better ads to suit your interests.
-
Functional Cookies: These cookies collect data to remember choices users make to improve and give a more personalised experience.
-
Analytics Cookies: These cookies help us to understand how visitors interact with our website and discover errors.
You can use your browser settings to manage cookie preferences. Each browser is different, so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences. It is not possible to opt-out of cookies that are strictly necessary as this would impact the website’s functionality.
5. HOW WE PROCESS YOUR PERSONAL DATA
We only process your personal data where necessary and then only in accordance with our charitable mission in support of workers. We will never sell your data to third parties or share it for any commercial purposes such as advertising or marketing.
In the following we describe how the purposes for which we use your data:
II. To deliver our contractual agreement with you to make a detailed subject access or portability request on your behalf.
III. To conduct an identity check before we make the subject access request on your behalf. The identity information collected from you by our third party on demand service provider, Onfido, is deleted after your identification has been verified.
IV. To investigate your work related data in order to advise you and support you in any potential dispute with the employer or regulatory authority including dismissal appeals and court proceedings.
V. To aggregate your data with the data of other workers so that we can provide workers and their unions collectively insight on working conditions including pay, working time, time utilisation, quality of work offered over time.
VI. To communicate with you via phone, email or messaging for the purposes of sharing knowledge and news about our work and key events.
6. OUR LAWFUL BASIS FOR USING YOUR PERSONAL DATA
To protect your interests, we must have an identifiable and justified legal basis for receiving and processing your personal data. The legal basis we rely upon varies according to the circumstances in which we receive and process your personal information and they fall into the following categories:
I. Consent – for example, where you have given us your consent to receive and process your personal data.
II. Performance of a contract – for example, when you visit our website and fill in our request data application which creates a contract for us to make a data subject access request and receive data on your behalf. Within this contract you may optionally direct us to share your data with your nominated trade union or worker representative organisation.
III. Legitimate interests – for example, where we believe it is in our legitimate interests as a digital rights NGO to use your data, in a fair and proportionate manner, to further our organisational objectives of advancing worker digital rights by representing you and/or assisting your nominated trade union or worker representative organisation with insights derived from the data processed. This may also include processing your data for the purposes of administration, research, advocacy, communication, marketing and regulatory compliance.
IV. Regulatory compliance – for example, where we need to process your data in order to comply with the law.
7. SHARING YOUR INFORMATION
We do not share your personal data with any third party for commercial reasons. From time to time we may sub-contract processing of your data with other specialist partners for the purposes of storage and analytics services.
Your work-related data may be shared with selected academic and public interest research groups to advance our work in advocating for the rights of workers and for improved working conditions. Any such sharing would be subject to a data sharing agreement.
Your work-related data may also be shared with your nominated trade union or worker representative organisation where one has been identified by you. Any such sharing would be subject to a data sharing agreement. You have the right to revoke this permission by simply emailing us at office@workerinfoexchange.org
8. RETENTION OF YOUR PERSONAL DATA
We retain the work-related data you have given us for as long as necessary to support the purposes set out above in section 5.
You may request the deletion of your personal data at any time by emailing us at office@workerinfoexchange.org.
9. DATA SECURITY
We adopt strict data security protocols and use secure technologies to safeguard the use of your data. Unfortunately, the transmission of data via the internet is not 100% secure and we cannot accept responsibility where data has been illegally intercepted.
10. EXERCISING YOUR DATA PROTECTION RIGHTS
You always have the right to exercise control over any of your personal data that we may collect and use. Most importantly of all, at any time, you can request that we stop using your data and to request that we provide a copy of the information we hold about you.
In addition:
-
Where we process your data under your consent, you have the right to withdraw that consent at any time.
-
You have the right to rectify your data if it is inaccurate or incomplete.
-
You have the right to request the deletion of your personal data.
-
You have the right to restrict our processing of your data if there is disagreement about its accuracy or legitimate use of it.
-
You have the right to copy or transfer your data to another data controller.
-
You have the right to object to our processing of your data based on legitimate interests as described above.
To exercise any of these rights or if you have any questions please contact us at: office@workerinfoexchange.org
If you would like to make a complaint to the governing regulatory authority, you can contact the Information Commissioner’s Office by accessing their website or by phoning: +44 303 123 1113.
11. UPDATE OF THIS POLICY
We may occasionally update this policy in order to better serve and protect the interests of our stakeholders. This policy was last updated on July 19, 2024.