Ashby Privacy Policy - Data Protection & Your Rights

Review your data rights now: verify and request a copy of the portion stored by Ashby, and set your preferred notification channels. Our process ensures you see processing dates, sources of data, and the exact scope we rely on, within 30 days of a valid request.

To exercise your rights, follow these steps: submit a formal request through our privacy portal, include your contact details, and specify the data type you need or the portion you want. We verify your identity and ensure you retain control over your assets; you’ll receive a clear timeline and a plain-language answer.

Updates to our policies arrive with concise summaries and practical examples. This combined approach reduces reliance on jargon, clarifies obligations, and aligns the organizzazione with privacy laws. You’ll find change notices in the privacy center and monthly digests.

Interviews with the privacy team explain how to apply your rights in real situations. In these conversations we show how compliance is built into workflows, how you can limit data collection at the source, and how to exercise objection or deletion. We highlight the need to document consent streams and to address unsolicited data requests.

We spell out the obligations of the organizzazione and your rights: access, correction, deletion, data portability, and processing limits. We describe how we protect assets, enforce strong access controls, and share data only with partners who meet our security standards and your consent preferences. If a policy is violated, you can file a complaint through our privacy portal.

Ashby Privacy Policy: Data Protection & Your Rights; How can you access correct or delete your personal information

To access correct or delete your personal information, sign in to your Ashby account and use Privacy controls to view, copy, or remove data. If you cannot access controls, contact us to lodge a data rights request; this enables us to verify your identity and proceed with your instructions. Therefore, enable the controls in your account to streamline the process.

Your rights and how to exercise them

Across Ashby websites, data processing occurs collectively with processors in switzerland and within the united network managed from herts. visitors understand that data used for statistics supports security and site improvements. To exercise rights, contacting our privacy team enables identity verification and prevents access by others. Further, you can request a copy of your data to understand the information held and the purpose behind it. If you disagree, lodge a grievance and we address it with a written response posted to you. The period for responding follows the applicable law and company policy.

Right	What it enables	How to exercise	Notes
Access	View data held about you	Sign in and use Privacy controls or contact our privacy team to verify identity	Includes information used for operating purposes and statistics
Copy (data portability)	Obtain a machine-readable copy	Request a copy; we provide in a portable format	Data can be moved to another service
Delete	Remove personal data not required for purpose	Submit a deletion request; identity verification required	Some data retained for legal reasons or grievance handling
Correction	Update inaccurate data	Use Privacy controls or contact us; we perform update	Updates apply to accounts and related systems
Grievance	Raise concerns about processing	Lodge grievance via contact or form; we investigate	We post outcomes where appropriate

What personal data Ashby collects and why

Limit non-essential data collection by adjusting your privacy preferences in your Ashby account and in your browser to control what is collected and stored.

Below is a clear, concrete breakdown of the data we collect, why we collect it, and where it is used, so you can decide what you wish to share and how it affects your experience.

1. Identifiers and contact details

   • What: your name, email address, postal address, phone number, and username. Some fields are required to create and manage your account.
   • Why: to identify you, communicate important updates, provide personalized support, and fulfill orders or requests.
   • Where/When: collected during sign-up, profile updates, and when you post content or contact support.

2. Content you post and messages you say

   • What: text you submit, comments, reviews, messages in chats, and any content you posted in public or semi-public areas.
   • Why: to enable interactions, deliver requested features, and address your wishes or questions.
   • Where/When: during posting, replying to inquiries, and when you engage with community features.

3. Technical and usage data

   • What: device type, operating system, browser, language, IP address, time stamps, cookies, and unique identifiers.
   • Why: to ensure security, protect accounts, and improve performance and reliability.
   • Where/When: during visits to our sites and when you interact with features that perform processing.

4. Usage data and visits

   • What: pages you visit, features used, session duration, and referral sources.
   • Why: to understand how services are used, tailor experiences, and address particular needs you have during your journey with us.
   • Where/When: recorded as you navigate our site and while you perform activities that require processing.

5. Transactional and financial data

   • What: payment status, invoices, refunds, and transaction IDs.
   • Why: to complete purchases, process payments, and provide receipts and order history.
   • Where/When: during purchases, refunds, and customer service interactions related to transactions.

6. Location data

   • What: approximate location based on IP or device settings.
   • Why: to tailor content and comply with regional requirements.
   • Where/When: during use of certain features or services that rely on location context.

7. Business data and partner interactions

   • What: information about businesses or partners you interact with through Ashby.
   • Why: to support collaborations, provide coordinated services, and address business-related needs.
   • Where/When: during negotiations, onboarding, or joint activities with partners.

Addition to these categories, we address details on consent and control. Some processing depends on the purpose and may rely on reasonable safeguards. When data is shared, it is limited to what is necessary and protected by security measures.

Why we collect data and how we use it

We collect data to perform services, enforce our terms, and comply with legal obligations. In addition, we use data to prevent abuse, investigate issues, and improve products for a better user experience. If you posted content or interacted with our services, we may reference that activity to tailor recommendations and communications. When requested by you or as required by law, we address details with the appropriate authority.

Data sharing and protection

We share information with service providers, partners, and authorities only as needed to deliver services, protect users, or meet enforcement requirements. We take reasonable steps to keep data protected and do not disclose it beyond what is necessary to perform the stated purposes.

Your rights and how to exercise them

You can exercise your rights to access, update, delete, or restrict processing of your data. If you wish to export your data or move it to another service, you can request portability. If you are unable to change a setting yourself, contact us and we will assist. You can also lodge concerns with a privacy authority if you believe our practices do not address your rights.

Details and options are described in this policy to help you manage what is posted, kept, and processed. Addressed questions about data handling are handled promptly to support your trust and confidence in Ashby.

Where your information comes from and how to verify its accuracy

Start by listing every source of information you rely on and verify each item against your records, giving you a clear understanding of its origin and longer validity before you act.

Sources of information

Data comes from user-provided inputs (forms, account settings, and communications), analytics collected from your time on the site, browser and device signals, and when applicable data from third-party partners. Each item is shown with its source so you can recognize where it originated; if the data concerns others, we separate it to protect privacy. Specifically, we track consent choices, preferences, and contact history. The data from analytics includes timestamps and interaction patterns that help us understand behavior while limiting exposure of sensitive details. This data is collected using approved technologies, using your consent and the controls you have in your browsers and through the essex centre privacy settings. As said in our policy, we shall document the retention period for each source and the specific fields involved, so you can see below what is stored and for how long. In our essex centre, spring audits verify that sources are linked to the right records, and we exercise care to minimize loss from cross-sourcing. Browsers and cookies provide signals used for personalisation, and you have control over what you share. If a source is unclear, you can request a review; contacting our privacy team is supported and there is no charge for basic verification.

Verifying accuracy and responses

To verify accuracy, compare each data item to your own records–account details, recent communications, and the consent you gave. Specifically, verify fields like email, name, preferences, and contact history, and confirm the source tag matches the original submission or partner feed. If you find a discrepancy, you may request corrections; we shall update the data and show the changes in the data path shown to you. There are several ways to verify, including cross-checking with logs and analytics and by contacting the team for a data path summary. The retention period for data is defined by source and kept only as long as needed to fulfil the purpose. In essex centre operations, we perform spring checks to keep accuracy high. If you have requested data exports, you will receive them via a secure download; there is no charge for this service. You retain control over how data is used and can exercise your rights to review, correct, or delete information at any time. To start, use the contact options below or the data-check link in the policy to initiate a review.

How to request access to your data (DSAR) with Ashby

Submit your DSAR through the Ashby website Privacy section using the "Access to data" form. Include your full name, a current email address, and any identifiers tied to your Ashby account to verify your right to access data stored by Ashby and our first-party services.

Ashby collects data from visitors, employment records, and users of our services. Your DSAR covers data Ashby processes directly and data we share with partners to deliver site and service functionality. You may request access to general data categories, including contact details, employment information, communications, site and device logs, and uses data stored in backups over the past years. If data has changed, mention the period to search and any devices or apps you used to interact with Ashby, so we can locate the relevant records as part of the review.

To make a complete request, specify the scope (which accounts, which site or service, incl third-party integrations) and your preferred format (downloadable file or secure link). Provide enough detail to identify the relevant records and minimize the need to review unrelated data. If you want to disable certain processing during the DSAR period, note that some services may be limited as a result. You can also specify whether you want a collective export covering multiple services or a focused set of records regarding a specific topic.

Submit the request via our site once more: go to privacy and select Access to data. We may contact you during verification to confirm your identity; the peverel team handles the verification process and will keep you informed at every step. If you are contacted for clarification, respond promptly to keep the process moving. If you need further guidance regarding the data types in scope, our team can provide a concise explanation.

What you will receive

You will get a structured export of your data, organized by source and purpose, with a general summary of how it is used. The package includes data collected from your visits, employment records, and interactions with Ashby’s services, along with metadata indicating data sources, processing purposes, and retention periods. Part of the data may be withheld under exemptions described in regulations, and you will receive a clear note about any omissions. Materials are delivered through the Ashby website or via a secure download link, and you can choose to collect or have the data sent to a designated contact by ensuring the address is updated in your profile.

Timelines and verification

Ashby aims to respond within 30 days of receipt, with an extension possible up to 60 days for complex or high-volume requests, including those spanning multiple sites or devices. The clock starts after identity verification and a clearly described request is received. If we need more information, we will contact you. When the data is ready, you will receive a downloadable file and a summary of data categories, sources, and rights regarding them. If you disagree with our response, you can request a review per regulations and our compliance procedures.

How to request deletion or erasure of your data under Ashby policy

Submit your deletion request via the Ashby privacy portal or by mailing a written notice to our privacy team. Include your wish to erase data and specify the scope you seek to remove across systems and settings, including cookies and data visible to visitors.

For physical mail submissions, we may require additional verification steps to protect your rights.

1. First, gather details about the data types you want deleted: your personal details, contact information, recruitment records, preferences, and any copy stored in other parts of the system. Note the date you provided the data and where it appears (account, forms, cookies settings).
2. Prepare and submit the request through the portal or your mailing address. In your note, describe the parts of your data you sought to delete and, if applicable, your consent status for processing.
3. We require verification of your identity before acting. Provide identifiers and, if requested, a copy of an ID to prevent unauthorized deletions.
4. After submission, you will receive a reference number and an expected timeline for processing. We will reach you with updates as the request moves through the lanes of our workflow.
5. Elaboriamo entro un tempo ragionevole ed cancelliamo o anonimizziamo i dati nei sistemi attivi. Riceverai una copia di conferma delle azioni intraprese e qualsiasi aggiunta di dati che non possa essere cancellata sarà gestita in linea con i requisiti di conservazione.

Se qualsiasi dato appare inaccurato, contattaci per correggerlo durante il processo di cancellazione. Ashby segue i principi relativi alla privacy, correlati ai diritti sulla privacy, e fornisce canali chiari tramite le stesse impostazioni per raggiungere il team con domande su date, ambito o preferenze dei cookie.

Come Ashby verifica la tua identità prima di elaborare le richieste sulla privacy

Verificare il richiedente con un controllo di identità a livelli prima di elaborare qualsiasi richiesta sulla privacy. Per esercitare i tuoi diritti, Ashby richiede almeno due segnali indipendenti: una verifica diretta tramite un codice univoco inviato al tuo contatto registrato e un dettaglio di conferma conservato nel nostro sistema. Se i segnali differiscono o non sono disponibili, sospendiamo l'elaborazione a meno che tu non fornisca una verifica alternativa. Di seguito troverai i prossimi passaggi e gli aggiornamenti.

Passaggi per la verifica dell'identità

Ulteriori verifiche possono includere una revisione anonima di documenti o un breve colloquio; ci impegniamo per un risultato rapido proteggendo i tuoi dati. Richiediamo almeno due segnali indipendenti e potremmo richiedere una copia di un documento d'identità se necessario. Se non puoi fornire la prova richiesta, rifiutiamo la richiesta e spieghiamo il motivo e i passi successivi. Non ci affidiamo solo ai dati dei social media; se utilizziamo informazioni sui social media, otteniamo il tuo consenso esplicito e limitiamo l'utilizzo alla verifica. Ciò include ulteriori attività di ricerca sulla privacy condotte con la tua autorizzazione per migliorare i processi.

Durante la verifica, l'analisi aiuta a valutare il rischio e a determinare se procedere. Potremmo fare riferimento a informazioni che abbiamo già ricevuto per accelerare le verifiche, mantenendo al contempo i dati il più restrittivi possibile. Applichiamo controlli strategici del rischio per allinearci alla policy e proteggere entrambe le parti. I dati conservati per la verifica vengono archiviati in modo sicuro e sono temporanei; potrebbero essere eliminati al termine del processo. Il termine "medio" è definito nel nostro glossario per chiarire gli esiti della verifica.

Gestione dei dati e trasparenza

I dati utilizzati per la verifica rimangono all'interno di un sistema protetto e sono condivisi solo con personale autorizzato per lo scopo di soddisfare la tua richiesta. Potremmo conservare registri delle fasi di verifica per un periodo limitato e potremmo fornire una copia del registro di verifica su richiesta. Se richiedi la portabilità, offriamo un'esportazione diretta dei tuoi dati in un formato strutturato e leggibile dalle macchine, che include i dati forniti e i risultati della verifica. Qualsiasi costo per richieste specializzate o accelerate viene comunicato in anticipo; gli aggiornamenti sullo stato sono visualizzati di seguito e puoi modificare o annullare la richiesta in qualsiasi momento. I dati vengono conservati in linea con i nostri requisiti di conservazione e vengono eliminati quando non sono più necessari per supportare i tuoi diritti alla privacy.

Cosa aspettarsi dopo aver inviato una richiesta di accesso o cancellazione dei dati

Dopo l'invio della tua richiesta di accesso o cancellazione dei dati, provvediamo ad accusarne la ricezione entro un breve lasso di tempo e iniziamo la verifica per confermare la tua identità e le tue necessità.

Raccogliamo solo le informazioni minime necessarie e limitiamo l'elaborazione a ciò che è necessario per adempiere ai tuoi diritti. È nostra responsabilità proteggere i loro dati mentre verifichiamo l'ambito della tua richiesta. Per riferimento, vedi httpswwwashbycouk.

Gli aggiornamenti avvengono entro un intervallo di tempo appropriato e sarai pienamente informato sui prossimi passi. In particolare, verifichiamo l'ambito dei dati coinvolti. Se la verifica mostra un ambito più ampio, potremmo aggiungere passaggi. Inoltre, potremmo richiedere prove a supporto dell'indagine. Potremmo coinvolgere team compresi specialisti della privacy e un gruppo del canale social per confermare il contesto della tua interazione, mantenendo al contempo la gestione dei dati limitata alle esigenze del caso. L'elaborazione dipende dalla complessità e da qualsiasi considerazione transfrontaliera; verifichiamo tutti gli elementi prima di confermare l'esito. Se la revisione richiede più tempo, ti informiamo.

Quando l'azione è completa, riceverai un riepilogo conciso di ciò che è stato fatto e di ciò che rimane limitato, se presente. Se è necessario apportare un'ulteriore modifica, puoi inviare un'altra richiesta; la gestiremo con la stessa cura e risponderemo nello stesso lasso di tempo. Teniamo un registro sicuro dei passaggi per supportare la responsabilità e consentire azioni legali future.

Come contattare Ashby per domande sulla privacy o per presentare un reclamo

Utilizza la dedicata area di contatto privacy sul sito di Ashby: invia tramite il modulo privacy o via email. [email protected] con oggetto “Privacy Question” or “Reclamo”. Se hai cliccato su una notifica o stai usando l'app, il sistema inoltra il tuo messaggio al nostro team della privacy per velocizzare l'elaborazione.

Quando invii, includi il tuo nome completo, a metodo di contatto, e indica se tu sei soggetto dei dati or an rappresentante autorizzato. Fornire una sintetica text descrizione del problema, i dati coinvolti (ad es., identità data, physical attributi, devices), il periodo o post date, e qualsiasi altra informazione rilevante assets or caratteristiche. Menziona eventuali di terze parti processori o social integrations, la parte con cui hai interagito, e la lane dove il flusso di dati avviene. Se disponibili, allegare documenti di supporto o schermate.

Gestiamo le richieste ai sensi del applicable protezione dei dati framework e in base alla legge applicabile nella vostra regione. Noi shall accusa ricevuta entro due giorni lavorativi e fornisci una tempistica ragionevole per la risoluzione, tipicamente 14 giorni per richieste semplici e fino a 30 days for complex cases. If additional information is required per verificare il tuo identità, richiederemo prontamente e terremo a mente la minimizzazione dei dati. Potremmo anche richiedere informazioni in merito al contesto del trattamento per garantire l'accuratezza.

Durante la revisione, potremmo contattare i soggetti interessati. consenziente parti se necessario e spiegare le opzioni per modificare o revocare il consenso ove disponibile. Per analitico elaborazione o altro caratteristiche collegato al tuo account, delineiamo le finalità e il diritto di limitare l'elaborazione. Se la questione riguarda di terze parti assets o dati condivisi con altri, descriviamo come tali parti possano essere informate o come l'accesso ai dati sia limitato.

Dopo la risoluzione, potresti scegliere di post un riepilogo del risultato nel tuo account Ashby o richiedi una copia della risposta. Se la questione riguarda il tuo identità diritti dei dati, forniamo le modalità per accedere, rettificare o cancellare le informazioni. Se rimane insoddisfatto, può presentare un reclamo all'autorità di controllo applicable alla tua regione; ti forniremo indicazioni e l'ID di riferimento per la tua segnalazione. Conserviamo un registro sicuro del processo e utilizziamo ciò che impariamo per migliorare la privacy framework e relativa erogazione dei servizi.