Squadify Privacy Policy
Effective Date: 1 September 2025
Our Commitment to Your Privacy
Your privacy is extremely important to us and for this reason our processes are compliant with ISO 27001. This policy explains what Personal Information we hold, how we use it – including how we use artificial intelligence (“AI”) to generate narrative content in reports – and how you can check and update, manage, export or delete your Personal Information.
Glossary
“GDPR” means the General Data Protection Regulation (EU) 2016/679.
“UK GDPR” means the UK form of GDPR post-Brexit.
“Personal Information / data” means information or data that identifies or relates to an identifiable individual.
“AI” means software systems that generate narrative summaries or recommendations from team-level scores, based on Squadify’s methodology. Squadify does not use AI to profile individuals or to make automated decisions about them.
When we refer to “You”, we mean the person(s) who use the Squadify platform.
“We / Us / Our” refer to the Squadify group of companies.
Our business activities and functions
Squadify is a team acceleration platform. We run surveys and carry out analytics on the data captured to present teams with insights to enable continuous improvement in teamwork and performance. We also generate benchmark data and insights across teams to support the team level recommendations .
We use AI tools to help summarise team-level results and to provide narrative insights and suggested actions based on our established methodology. AI operates only on team-level data and does not introduce new categories of Personal Information.
What Personal Information do we collect and hold?
We only collect Personal Information that is necessary to deliver the Squadify service. This includes:
Survey ratings provided by individuals are not stored or used as Personal Information. Ratings are processed solely to create an aggregated team score and are not associated back to individuals in the database or reports.
We do not collect any GDPR-defined special category data (e.g., health, religion, political opinions, sexual orientation, biometric or genetic data).
How we use your information (including AI-generated content)
We use your Personal Information to:
We also use AI to:
AI is used solely to enhance team-level reporting. We do not:
Sharing your data with others
We only share information at the team level, never at the individual level. Individual survey responses cannot be identifiedwithin any Squadify report.
Third-party service providers (including providers of cloud hosting and AI processing) act as data processors under GDPR and are bound by contractual obligations to safeguard Personal Information and process it only on our instructions.
Storage and Security of Personal Information
We take appropriate technological and organisational measures to protect Personal Information from loss, unauthorised disclosure or damage.
Our platform is hosted on Amazon Web Services (AWS), which provides industry-standard security controls and certifications.
All Personal Information stored in our systems is encrypted. Team-level analytics and reporting data are aggregated and cannot be linked back to individuals.
We retain Personal Information for three years after the final Squadify report is generated. At that point, Personal Information is anonymised and retained for benchmarking and analytical use only. Teams returning after more than three years begin as a new team without historical data.
Any payment transactions processed by us or third parties are encrypted using SSL technology.
Data transfers
Personal Information may be processed in countries outside the one in which it was collected, including by AWS or other service providers. Where cross-border transfers occur, we apply appropriate safeguards such as adequacy decisions or Standard Contractual Clauses.
All transfers are encrypted. Team-level analytical data used by AI tools is anonymised or aggregated and cannot identifyindividuals.
Automated decision-making
We do not engage in solely automated decision-making (including AI profiling) that produces legal or similarly significant effects on individuals.
AI-generated summaries are descriptive and advisory at the team level only.
Your right to access, correct, export or delete your Personal Information
Under GDPR and UK GDPR, you have the right to:
These rights apply to the Personal Information listed in this policy (name, email address, time-zone, and team-identifying information).
Team-level analytics or AI-generated team narratives are not Personal Information and therefore not subject to data subject rights.
Requests may be submitted to juliet.owen@squadify.net.
Complaints
If you have a complaint, please email juliet.owen@squadify.net and we will respond within 3 working days.
You also have the right to lodge a complaint with your relevant data protection authority.
In the case of a data breach
If we experience a data breach, we will notify affected users within 24 hours and keep them updated throughout the resolution process.
Our incident response, reporting and remediation procedures are documented within our ISO 27001-certified Information Security Management System (ISMS), and these procedures are reviewed and tested regularly.
Direct marketing
We only send direct marketing communications if you explicitly opt in.
We aim to ensure all communications provide value through data, insights and research.
Data Protection Contact
Our Data Protection Officer is Juliet Owen, who can be reached at:
juliet.owen@squadify.net
