Sign In

App Privacy Policy

1. Purpose

Nuffield Technologies Ltd. that provides the Rugged Data service (collectively referred to as “The Company” in this document) are committed to protecting your Personal Information when you use our products and services. We recognise that when you choose to use the service and may provide us with information about yourself or other individuals (e.g. work colleagues, your customers, etc.), you trust us to treat it in a responsible manner.

The purpose of this Privacy Policy is to inform you about how the Company may use your Personal Information when you use the Rugged Data app. Our Rugged Data website privacy policy sets out a much wider range of situations where we may process your data.

The Company uses all Personal Information that you provide to us or that we collect from you in accordance with all applicable laws, including those concerning the protection of Personal Information such as the General Data Protection Regulation.

2. Definitions 

In this privacy policy, the following definitions are used:

Data Protection Law: all UK legislation and regulations in force from time to time regulating the use of personal data and the privacy of electronic communications including, but not limited to, UK data protection law and best practice guidance (from the Information Commissioner’s Office (ICO)), and any successor legislation or other directly applicable regulation relating to data protection and privacy in the UK. Data protection legislation in the UK consists of the “UK GDPR” and Data Protection Act 2018, based on the EU Regulation 2016/679 General Data Protection Regulation (“EU GDPR”) Throughout this document where we use the terms “GDPR” or “data protection”, we mean UK GDPR and the Data Protection Act 2018.

Encryption or encrypted data: The most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data can be easily accessed and therefore could be considered insecure.

ICO: Information Commissioner’s Office. The supervisory authority for data protection in the UK.
Personal Data: any information relating to an identifiable person who can be directly or indirectly identified from that information, for example, a person’s name, identification number, location, online identifier. It can also include pseudonymised data. The terms Personal Data and Personal Information are used interchangeably within this policy.

Personal Data Breach: a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

Special Categories of Personal Data: this data needs more protection because it is sensitive. It includes data which relates to an individual’s health, sexual orientation, race, ethnic origin, political opinion, religion, and trade union membership. It also includes genetic and biometric data (where used for ID purposes).

3. App Privacy Policy scope 

This App Privacy Policy applies to the processing of personal data by the Company when you use the Rugged Data application.

You should be mindful that should you enter any personal data into the application you may well be processing personal data according to your own data protection policies and applicable law. This privacy policy does not cover any such data, in terms of notifying any individuals you record within the application.

4. The collection and use of data

4.1. How do we collect information

We will either be provided with certain information by your employer, or may collect information directly from yourself, or via your use of the application, including any data you record within the application.

    4.2. What information do we collect

    When you use the application

    We will typically collect and use information for the following purposes:

    • Your name and login credentials for the purposes of providing you with access to the application. You will not be able to use the application without this information
    • Your name and identification information when you carry out your tasks as a user of the application
    • Any personal information you enter within the application whilst carrying out tasks.
    • Task-specific data (including images) across all submitted forms within the application, alongside Quality Assurance (QA) checks data, may be used to train Machine Learning (ML) algorithms. This is used for an AI-driven Quality Assurance (QA) feature that detects anomalies with task data and flags some forms submitted within the application for human QA review by your employer.
    • The GPS location when you take a photo in the application. This is used to verify your location against the location of where the assessment should be taking place.
    • The photos that you take within the application. Photos that you take within the app are checked to ensure that they are unique.

    If you contact our service desk for support

    Whenever you submit a support ticket, we will store the information you provide and any follow up information you provide or we collect from you whilst resolving your query, in our third-party ticketing service.
    This information is used purely for the purposes of responding to your query, although we may use the information in aggregated format for the purposes of identifying the most common queries we receive and to analyse the number of queries we receive and in some cases to help with training our employees for future support queries.

    If you contact us via email regarding the application
    If you contact us via email, we may keep a record of your contact details, your enquiry and any other information pertinent to the contact. If your query relates to a support issue, your information will be entered and managed via our service desk (see above), otherwise your email will be stored within our email service supplier and accessible by the appropriate person within the Company to deal with your enquiry and may be downloaded to a local device.

    4.3. Sharing information with third parties

    We use a number of third-party cloud-based services for the purposes of effectively running our business and providing our services to you. We also use a number of third-party companies, e.g. accountants, IT support, etc.

    In all cases where we are using a third-party service or company, we will only provide the minimal amount of information for the purposes of delivering the service to us and to meet our requirements.
    We always carry out due diligence against all our third-party suppliers for the purposes of ensuring their compliance with data protection, maintaining adequate security of your data and ensuring they apply adequate data protection principles to the processing of the data we supply. We also make sure a legally binding contract (sometimes called a Data Processing Agreement or DPA) is also in place to protect your data.

    We may disclose personal information to third parties when we reasonably believe we are required by law, and in order to investigate, prevent, or take action regarding suspected or actual unlawful or otherwise prohibited activities, including, but not limited to, fraud.

    4.4. Where may your information be stored

    When you use the application, your data and the task data entered within the application (e.g. assessment or job data) is stored within our application, which is stored on servers that may mean we transfer personal data to a country/countries around the world including ( Europe, US ), for the purposes of delivering our services. We will, where the country to which your data is transferred has not been found to provide an adequate level of protection, put in place appropriate safeguards to ensure your Personal Information is protected.

    5. Cookies

    We may use information obtained from cookies or similar technology, when you use the application.
    Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track users’ use of the application and to compile statistical reports on website activity. For further information visit www.aboutcookies.org.

    You can set your browser not to accept cookies and the above website tells you how to remove cookies from your browser. However, if you do so you may find the application will not function as a result.

    5.1.  What do we use cookies for? 

    This website uses cookies that fall into one or more of all the categories below:

    • Strictly necessary cookies – these enable services you have specifically asked for. These cookies are essential to enable you to move around our website and use its features, such as accessing secure areas of the website. Without these cookies certain services you have asked for cannot be provided
    • Performance cookies – these collect information on the pages visited. These cookies collect information about how users use a website, for instance which pages users go to most often, and if they get error messages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. They are only used to help us make improvements to the website for a better user experience.
    • Functionality cookies – these remember choices you make to improve your experience. These cookies allow the website to remember choices you make and provide enhanced, more personal features. They may be used to help provide services you have asked for such as watching a video. The information these cookies collect may be anonymised and they cannot track your browsing activity to other websites.

    6. Keeping Data Secure 

    We take appropriate measures to ensure that any personal information which you disclose via the app is kept secure, accurate and up to date and kept only for so long as is necessary for the purposes for which it is used. The security measures taken may include, but are not limited to, data encryption.

    6.1. Retention of personal information

    Unless stated elsewhere in this document or in our terms of services we only store the data necessary to provide the services we provide to you. We will keep this data for as long as it is lawful for us to do so (this may be for as long as you are a customer or because of a legal obligation to retain the information, whichever is the longest).

    7. What are your rights? 

    Under the “GDPR”, you have a number of data protection rights. As a user of the application you are therefore entitled to exercise the following rights:

    • Right to access – to receive a copy of the Personal Information held and processed about you. Right to correct – to have any inaccuracies in your Personal Information corrected or to have your information updated.
    • Right to erase – to have your Personal Information erased, if there is no lawful reason for it to be retained.
    • Right to restrict use – the right to “block” the use of your data or limit the way in which it can be used;
    • Right to data portability – to ask for certain personal information to be provided to you (or a third-party) in a structured, commonly-used and machine-readable format;
    • Right to object – the right to object to the use of your data in certain circumstances, including where it is used for legitimate interests.

    If you wish to exercise any of these rights in terms of your use of the Company application, you should contact your employer who is obliged to respond to such requests. The Company will cooperate with your employer if they require help in dealing with your request.

    7.1.  How to contact us 

    This Website Privacy Policy should tell you everything you need to know, but you can always contact us to ask any questions or if you wish to exercise any of your rights in relation to your Personal Information, using the contact information below:

    • Email address: [email protected]
    • Postal address: Unit 4 Acorn Business Park, Ling Road, Poole, BH12 4NZ

    You have the right to make a complaint to the supervisory authority if you are unhappy with how we’ve handled your Personal Information. In the UK, the supervisory authority is the Information Commissioner’s Office (http://www.ico.org.uk).

    8.  More information

    For more information about your data rights and privacy or data protection in general visit the Information Commissioner’s Office website: https://ico.org.uk

    9. Changes to our privacy notice

    We may change or update elements of this privacy notice from time to time or as required by law. The most current version of our application privacy notice will always be available via the application website (https://ruggeddata.co.uk/privacy-policy/)

    10. Policy governance

    Responsibility for this Privacy Policy rests with Helen Craig. Duties include, but are not limited to:

    Ensuring that all staff in scope and appropriate external parties have read and confirmed their acceptance of the latest version of this policy
    Monitoring for legal, regulatory or industry best practice developments in relation to this policy
    Coordinate with senior management, IT, and legal counsel to communicate and review issues related to this policy
    Review and update this policy at least every 12 months, in order that it remains fit for purpose

    Exceptions to this policy shall be allowed only if previously approved by Helen Craig.
    This policy has been approved by senior management and is effective from 2 Dec 2025.