📢 We're making digital ID work for 1 million Scots — Read the full announcement

Interrobang is a not-for-profit cooperative, registered as a limited company in England and Wales. We run this website and any subdomains.

We are Cyber Essentials certified.

This page was last updated on 1 July 2023.

Our website

We don't collect any analytics from this website. That includes cookies, which is why you didn't have to click through a cookie banner when you landed on this site.

Our newsletter and social media

Our newsletter is hosted on Substack (privacy policy), and we also use LinkedIn (privacy policy).

We sometimes use Substack and LinkedIn's analytics to understand how we can reach more people.

If you’d like content about you removed from our newsletter or social media, contact [email protected].

Research participants

Our work involves researching with vulnerable people about difficult topics. Part of how we protect them is treating their data with care.

We collect the following information from research participants:

  • Full name
  • Phone number
  • Email address
  • Address
  • Full name
  • Signature

Research material

  • Interview recordings (audio or video)
  • Quotes and transcripts
  • Notes
  • Photos

Why we collect this data

We collect participant information to identify participants, and arrange sessions and follow-ups.

All research participants are given a consent form that outlines what the research involves, what information will be recorded and how it will be used. If the participant is happy to proceed we ask them to sign the form to confirm this.

We collect research material to reference during project work.

How long we keep research data

Participant information is deleted at the end of the project.

We scan signed consent forms and shred paper copies, then store consent forms on Google Drive and keep these for six years. All notes and digital files are destroyed or deleted two years after the research session. We delete any personal information provided to us from the research recruiter when the project has finished.

Where research data is processed and stored

Research material is separated from any identifiable information, such as consent forms, while we are working with it.

We use Google Drive to track participants with no identifying information (eg. 'participant 1'), unless consent has been given. Any notes we gather during research sessions are stored securely. Any digital files (like audio, photos and videos) are stored on Google Drive and are only accessed by members involved in the research.

We may send audio of the research session to a transcriber if necessary. We review the privacy notices of the companies we use for this and ask for explicit consent from participants in our consent forms.

We may use research materials like quotes, photos, audio or video clips, in presentations to clients. We will only do this if we have consent from participants. We don’t connect this information to participants’ names.

Sometimes we may publish quotes from research sessions. We only do this if we have specific consent from the participant and any personally identifiable information has been removed. We will only publish audio, photos and video from a research session if a participant has given consent and has signed a model release form.

Opt-out of collection

Participants can withdraw their information from a project at any time. To do this, contact [email protected].

Software we run for clients

Sometimes we'll build and run software on behalf of our clients.

We host these on:

Each product we run will have its own privacy policy detailing exactly what it stores, how and why.

Clients and partners

During the course of our work, we'll collect information about client representatives, partners and potential new members, including:

  • Name
  • Company
  • Phone number
  • Job title and employer
  • Company address
  • Working hours and flexible working arrangements
  • Testimonials
  • Day rates

At the moment, we don't collect any special category data during our recruitment process for new members.

Third party services

We use several third-party services to do our work, which involves processing this data:

Things we don’t do

We don't:

  • sell or buy data from third parties, including mailing lists
  • do telephone or postal marketing

How we keep data safe

We carefully choose our tools and make sure they have security features appropriate to what we're using them for. We only use tools that:

  • default to secure (HTTPS) connections
  • allow multi-factor authentication
  • work with our password managers, so we can use strong, unique passwords by default

Data breaches

If we ever have a data breach, we'll tell the Information Commissioner’s Office according to their guidance.

Exemptions

There are exemptions to data protection regulations that might force us to share data about you, including requests by law enforcement. The ICO has a full list of these exemptions.

Reviewing this policy

Interrobang is growing quickly, so we frequently use new tools and services to do our work.

We'll review and update this policy at least every six months.

Your rights and getting in touch

The General Data Protection Regulation gives EU citizens the following rights:

  • right to be informed
  • right of access
  • right to rectification
  • right to erasure
  • right to restrict processing
  • right to data portability
  • right to object
  • rights related to automated decision-making, including profiling

To exercise any of these rights, let us know at [email protected]. We will respond to all requests within 28 days of receiving them.

Our postal address is Interrobang, c/o Birch, 126 Addington Rd, South Croydon, CR2 8YA.

If you aren’t satisfied by our response, you can contact the Information Commissioner’s Office.

Get updates

You can get our case studies, opinions and updates on our work sent to your inbox whenever we publish. No more than one a week and no spam, ever.