Guru Recruitment Marketing Ltd (trading as “Spot.”, “we”, “us”, or “our”) is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website weareSpot.com (including any associated sites operated by us) or our recruitment services. It also outlines your rights and how you can exercise them. This policy is effective as of 2026 and is designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU GDPR, as well as other relevant privacy laws. By using our site or services, you agree to the collection and use of information in accordance with this policy.

Data Controller: For the purpose of data protection law, the “controller” of your personal data is Guru Recruitment Marketing Ltd, a company registered in England & Wales (No. 11456564), with registered office at 10 Upper Grosvenor Road, Tunbridge Wells, TN1 2EP, United Kingdom. You can contact us with any questions or requests regarding your personal data at theteam@wearespot.com. (If you are an EU resident, and if required, we will designate an EU representative and update this policy with their contact details.)

We may collect and process various types of personal information about you, depending on how you interact with our website and services:

• Information You Provide Directly:

  • Contact or Sign-Up Forms: If you fill out a contact form, request a demo, sign up for an account, or otherwise get in touch, we collect the information you provide. This typically includes your name, email address, phone number, company name, and any details you choose to share in your message. We use this to respond to your inquiries or provide the requested service.

  • Account Information: If you register for an account on our site, we may collect login credentials (such as username and password) and profile details (such as your role, company, and preferences).

  • Job Application Data: If you apply for a job vacancy through Spot (as part of our recruitment campaigns for clients), we will collect the information you submit in your application. This may include your CV/résumé, cover letter, employment history, education, skills, contact details, and any other information you provide about yourself. This data is used solely for recruitment purposes (see “Recruitment Services” below for more details). We do not intentionally collect special categories of personal data (such as racial or ethnic origin, political opinions, health information, etc.) about candidates or users, and we ask that you not provide these in any submissions.

  • Newsletter Sign-Up: If you subscribe to our email newsletter, we collect your email address (and possibly name) to send you updates. We will also record your consent to receive the newsletter.

• Information We Collect Automatically:

  • Cookies & Similar Technologies: When you visit weareSpot.com, our system may collect information about your visit through cookies or similar tracking technologies. This includes data such as your IP address (which may be used to infer your general location), browser type, device type, pages viewed, the date/time of visits, and referring website. Specifically, we use Google Analytics cookies to understand how visitors navigate our site. These analytics cookies track metrics like page views and time on site, and help us improve our content and user experience. We have configured Google Analytics not to collect personally identifiable information; for example, we employ IP anonymization so that only a truncated IP is stored (meaning it cannot directly identify you). (See “Use of Cookies” below for more detail and your choices.)

  • Usage Data: Our web servers may log standard information as you interact with the site (this is common for security and debugging), such as your IP address, browser type, and requests. We use this data to ensure the security of our site and to prevent fraudulent or malicious activity.

• Information from Third Parties:
  We generally collect personal data directly from you. We do not purchase marketing lists or delve into external sources for personal data about our site users. The only exceptions might be:

  • If you apply for a job via an external job board or recruitment partner that uses our service, that partner may forward us your application details. In such cases, the partner’s privacy policy may also apply, and you should review it on their platform. We will treat any such received data in line with this policy.

  • If a business client provides us with personal information (e.g. they recommend a candidate or share a referral), we will only use that information for the intended purpose (such as contacting the referred candidate about the job opportunity) and will inform the individual at the first appropriate chance.

We use personal information for the following purposes, each of which is supported by a lawful basis under data protection law:

• To Provide Our Services and Respond to You:
  If you contact us with an inquiry, request a service, or sign up on our platform, we will use your details to communicate with you and fulfill your request. For example, we may use your contact information to schedule a demo, send you information about our hiring campaign service, or assist you with setting up and managing a hiring campaign. Lawful basis: This processing is necessary for the performance of a contract or in order to take steps at your request prior to entering a contract. In cases where no contract is yet in place, we rely on our legitimate interests in providing you with information and support you have requested (since you initiated contact, we consider this use expected and beneficial to you, with minimal privacy impact).

• Recruitment Services (Job Applications):
  A core part of our business is running fixed-fee hiring campaigns for clients (employers). If you apply for a job opening through Spot, we use your personal data to process that application. This includes reviewing your qualifications, contacting you for interviews or screenings (which may be done by our human recruitment team), and forwarding your application or summary to the client that has the open position. We also use your contact information to update you on the status of your application. For instance, we (or the client) will let you know if you have been shortlisted, and we endeavor to inform all candidates of the outcome, whether successful or not. Lawful basis: It is in our legitimate interests to process candidate data in order to provide recruitment services to our clients and to help candidates find employment. We believe this use is also in the interest of candidates who apply (you expect your data to be used to consider you for the job and to be passed to the hiring company). We always handle candidate data with confidentiality and do not use it for purposes unrelated to recruitment. (Note: If a different lawful basis applies in certain contexts, such as explicit consent for keeping your data on file for future roles, we will obtain it and inform you.)

• Email Newsletter and Marketing:
  If you have subscribed to our newsletter or have an ongoing client relationship with us, we will use your email to send you our newsletter and occasional updates about our services, recruitment tips, or related events. We strive to send content that is relevant and valuable. Lawful basis: Consent – We will only send you marketing emails if you have opted-in. (If you are an existing client or have engaged with us in the past, we may send you related information under the “soft opt-in” rule, but we will always provide an easy unsubscribe option.) You have the right to withdraw your consent at any time by clicking the “unsubscribe” link in any marketing email or by contacting us, and we will stop sending you further emails.

• Website Functionality and Personalization:
  We use cookies to remember your preferences (for example, whether you allowed or declined certain cookies) and to provide a smoother browsing experience. Some cookies are necessary for the site to function (for instance, to keep you logged in to your account or to enable our pricing calculators). Lawful basis: For necessary cookies, the basis is our legitimate interest in providing a functional website (these do not require consent under PECR). For any cookies that are not strictly necessary (e.g., analytics or advertising cookies), we rely on consent, as gathered through our cookie banner on your first visit.

• Analytics and Improvements:
  We analyze usage data (via Google Analytics and similar tools) to understand how our site is used, which pages or content are most engaging, and where we can improve the user experience. The information is typically aggregated and does not identify you personally. We might generate internal reports on metrics like total visitors, time on page, conversion rates, etc. Lawful basis: Consent (for placing analytics cookies, per above). In cases where we run analytics in a privacy-friendly manner (e.g., anonymized, or under a legal exemption), we would rely on legitimate interests to improve our services. In either case, analytics are never used to make decisions about individuals – it’s just to better our website and marketing effectiveness.

• Security and Fraud Prevention:
  We may use personal data (like IP addresses or account activity logs) to monitor and prevent fraud, hacking, law violation, or misuse of our website. This includes detecting and addressing any suspicious or malicious activity to protect our business and other users. Lawful basis: Legitimate interests – it’s in our interest (and our users’ interest) to keep our site secure and free from bad actors. This processing is limited to security purposes only.

• Legal Obligations:
  In some cases, we may need to process or disclose personal data to comply with a legal obligation, a court order, or to exercise or defend legal claims. For example, if required for tax/accounting records (client transaction data) or if law enforcement provides a lawful request. Lawful basis: Compliance with a legal obligation.

We will not use your personal data for entirely new, unrelated purposes without updating you and obtaining any necessary consent. We also do not engage in any automated decision-making or profiling that produces legal or similarly significant effects on you (all important decisions, such as candidate shortlisting, involve human review and judgment – while we might use software tools to aid the process, final decisions are made by people, not algorithms).

What Are Cookies? Cookies are small text files stored on your device when you visit a website. They are widely used to make websites work, or work more efficiently, as well as to provide information to the site owners. Our website uses cookies and similar tracking technologies to enhance your experience and enable certain features. When you first visit our site, you will see a cookie consent banner that allows you to choose which cookies you’re happy to accept. This gives you control over non-essential cookies in line with legal requirements for user consent.

Types of Cookies We Use:

• Necessary Cookies: These are essential for the operation of our website. For example, they enable core functions like user login, account management, and security. Without these cookies, the site may not perform properly. We do not require your consent for necessary cookies, as they do not store personal data beyond what is needed for the service.

• Analytics Cookies: We use Google Analytics to collect information about how visitors use our site. Google Analytics sets cookies to record information such as the pages you view, the time you spend on the site, how you arrived at the site, and what you click. The data collected is aggregated and anonymous; it does not include your name, email, or other directly identifying information. We have enabled IP anonymization so that Google truncates your IP address within the UK/EEA before processing it. These analytics help us understand user behavior and improve our website’s content and layout. (Google Analytics may set cookies named _ga, _gid, etc. More details can be found in Google’s own privacy policy.)

• Advertising and Referral Cookies: Currently, we do not show third-party banner ads on our site. However, if in the future we include sponsored links or participate in referral programs, cookies might be used by those partner networks to track referrals and ad performance. Such cookies would typically identify that you clicked a link on our site and later allow us to receive credit or measure the result (for example, if we partner with a job board or an affiliate service). If any advertising or referral cookies are in use, they will only be set with your consent via the cookie banner.

• Functionality Cookies: These remember your preferences on our site (e.g., your cookie settings, or perhaps your region or username for convenience). They enhance your experience by eliminating the need to re-enter information. These might be treated as necessary or as optional, depending on whether they involve any tracking beyond our site.

Your Cookie Choices:
On your first visit, and anytime after, you can choose to allow or reject non-essential cookies. Our cookie banner lets you accept all, or decline analytics/advertising cookies. If you choose to decline, we will honor that and not load those scripts. If you accept and later change your mind, you can usually modify your cookie settings by clicking a “Cookie Settings” link (typically found in our footer) or by clearing cookies in your browser and revisiting the site to prompt the banner again. Additionally, you can manage cookies through your browser settings: for example, you can block third-party cookies or all cookies. Please note that if you disable cookies entirely (especially necessary ones), some parts of our website may not function properly or at all. For more detailed information about cookies and how you can control them, visit AboutCookies.org or the ICO’s cookie guidance online.

By continuing to use our site with your browser set to allow cookies (and, where applicable, by clicking “Accept” on our banner), you consent to our use of cookies as described. We will not set or use any non-essential cookies if you opt to reject them – your experience will not be personalized or tracked by those tools in that case.

Spot (Guru Recruitment Marketing Ltd) provides recruitment marketing and candidate screening services to business clients. If you are a job seeker applying through our service, this section is for you:

• Application Processing: When you apply for a job that we advertise or manage for a client, we collect the personal data you provide (such as your CV, name, contact details, etc.). We use this data to evaluate your application for the specific role. Our experienced recruitment team reviews candidates (there may also be online questionnaires or assessments, depending on the campaign). We may contact you via email or phone to discuss your application, arrange interviews, or gather more information. Any interviews we conduct (including phone/Zoom screenings) will be used to assess your suitability for the client’s role. We do not use purely automated tools to reject or accept applicants – while we might use software to help parse resumes or rank answers, human recruiters are always involved in decisions.

• Sharing with the Hiring Company: If you are shortlisted or if we find you meet the criteria, we will share your application or a summary of it with the client company who is hiring for the position. This typically includes your name, CV, and relevant details about your experience as provided. We inform those candidates whose details are being forwarded to the client, and likewise we aim to inform candidates who were not selected. The client will use your data to continue the recruitment process (e.g., direct interviews) and will handle your information as per their own privacy obligations. We ensure our clients are aware of their duties under data protection law to keep your data confidential and use it only for recruitment.

• Retention of Candidate Data: We retain personal data of applicants only as long as necessary for the recruitment process. For a given job campaign, we generally keep applicant data until the position is filled and any placement is finalized, and then for a short additional period (e.g., a few months) in case of any follow-up needs or legal obligations. If your application is unsuccessful, we will delete or anonymize your data after this retention period. If you would like us to remove your information sooner, you have the right to request deletion – we will comply as long as we have no overriding legal requirement to keep it (see “Your Rights” below). Future Opportunities: If we think your profile is promising for other roles, we may reach out to ask if you would like us to keep your CV on file. We will only retain and consider you for future job openings with your explicit consent; otherwise, your data will be expunged once the original hiring process concludes.

• Your rights as a Candidate: Rest assured, as a job applicant you have the same rights (access, correction, deletion, etc.) regarding your data (detailed in “Your Rights” below). Exercising those rights will not affect your candidacy; we handle all such requests independently from hiring decisions.

• Confidentiality: We treat candidate information with the utmost care. Our team members are trained in data confidentiality. We do not share your application outside of Spot and the specific client you applied to, unless required by law or for the protection of rights (for example, we won’t send your CV to other clients without your permission, nor will we ever sell your data to third parties).

By applying to a job through Spot, you acknowledge that your personal data will be processed as described and transferred to the potential employer. If you have any concerns about this, please contact us and we’ll be happy to provide further details.

We do not sell your personal information to third parties. However, we do share certain data with third parties in the following circumstances, as necessary for our operations or as required by law:

• With Service Providers (“Processors”): We employ trusted third-party companies to perform tasks on our behalf and help us deliver our services. These include:

  • Hosting and IT Infrastructure: Our website might be hosted on servers provided by a third-party hosting company. All data on our website (including any personal data you submit) is stored on their secure servers.

  • Email Service Providers: If you subscribe to our newsletter, your email address is stored with our email marketing platform (for example, Mailchimp or a similar service, if we use one) to facilitate sending of emails. Such providers are used only to send communications you signed up for.

  • Analytics Services: As noted, we use Google Analytics (provided by Google LLC) for website analytics. Google acts as a data processor, meaning it processes usage data on our behalf and is contractually bound by Google’s data processing terms. We have configured Analytics to not collect more data than necessary. (Google may process data in the USA; see “International Transfers” below.)

  • Payment Processors: If our site offers the ability to purchase services or pay online (e.g., for a hiring campaign), payments may be processed by third-party payment gateways such as Stripe. In such cases, you are typically redirected to the payment provider’s secure platform (notice the Stripe URL on checkout) – the payment details (credit card numbers, etc.) are not received or stored by us. The payment processor will share back with us confirmation of payment and basic payer info we need (like your name or email and a payment ID) to record the transaction. Payment providers are themselves obligated to comply with data protection laws and secure your data; you can refer to Stripe’s Privacy Policy for more information.

  • Recruitment Tools: We may use third-party software tools to manage recruitment (for instance, an applicant tracking system or video interview platform). These tools might process candidate data on our behalf purely for our recruitment workflow. An example is Workable or Spark Hire (as referenced in general templates) – if we utilize such a tool, we ensure it is under contract and handles data in line with GDPR requirements.

  In all cases, these service providers act under our instructions and do not have independent rights to use your data beyond what is necessary to assist us. We only partner with providers that have provided sufficient guarantees to implement appropriate technical and organizational measures to meet data protection standards. A list of our key subprocessors can be provided on request.

• With Clients (Recruitment Context): As described, if you are a job candidate, we will share your relevant personal information with the client who is hiring for the role you applied to. That client will use your data for their recruitment decision-making. We limit what we share to what is necessary (usually your application/CV and any notes from our initial screening). The client is informed that they should handle your data responsibly and not use it for other purposes. If you have questions about how a particular employer handles your data, we can connect you with them or you may contact them directly; many employers have their own privacy notices for candidates.

• With Law Enforcement or Regulators: If we are under a duty to disclose or share your personal data in order to comply with a legal obligation, we may do so. For example, responding to lawful requests from public authorities (like a court order or an ICO investigation) or to meet national security or law enforcement requirements. We will verify any such request carefully and only provide the minimum necessary data.

• Business Transfers: If in the future our business enters into a joint venture, or if we sell or transfer part of our business or assets, personal data may be one of the transferred assets to the new owner. If that happens, we will ensure your data remains subject to privacy protections and inform you of any significant changes. (At this time, we have no plans for such changes.)

Other than the above, we do not share your personal information with third parties. We do not provide your data to third-party advertisers or marketing companies. All third parties who do process your data (the processors and clients) have agreed to keep it secure and confidential.

We are based in the United Kingdom. However, some of the third parties we use to support our services are located in other countries. Whenever your personal data is transferred outside of the UK (and/or the European Economic Area), we will ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. For example:

• Service Providers in the US: Our use of Google Analytics and possibly other tools means some data may be transferred to and processed on Google’s servers in the United States. Likewise, if we use an email service or cloud provider that operates from the US or other countries, your data might be stored or accessed in those locations. The privacy laws in those countries may not be as strict as UK/EU law. However, to protect your privacy, we rely on mechanisms such as the EU-U.S. Data Privacy Framework or UK extension (if applicable) – which recognize certain US companies as having adequate protection when they self-certify to the framework. Google, for instance, has commitments under these schemes (or otherwise we rely on European Commission-approved Standard Contractual Clauses (SCCs) with them, plus supplementary measures as needed). These measures ensure that your rights and protections travel with your data.

• Transfers to other countries: If any of our processors or partners are based in other countries (e.g., an email service in Canada or a hosting server in the EEA), we will similarly ensure compliance. Canada, for example, is covered by an adequacy decision by the EU for certain data, and SCCs would be used if required.

You can contact us if you have questions about the specific safeguards in place for transfers related to your personal data, and we’ll be happy to provide more detail. Our goal is to ensure that your data is always handled securely, no matter where it is processed.

e take data security seriously. We have implemented appropriate technical and organizational measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include, for example: using SSL/TLS encryption for our website (you’ll notice the padlock in your browser address bar, indicating your connection is secure), access controls to our databases (personal data is accessible only to staff who need it for their role), and regular review of our security practices.

We also ensure our team is trained in confidentiality and data protection. Any third-party processors we use are vetted for strong security practices as well. In the unfortunate event of a data breach that poses a risk to your rights and freedoms, we have procedures in place to notify the affected individuals and the appropriate regulator (ICO) within the timeframe required by law.

Please note that no website or Internet transmission is completely secure. We cannot guarantee that security measures will prevent every instance of unauthorized access or misuse, but we do put in significant effort to provide a high level of security appropriate to the risk. You also play a role: keep your account credentials confidential and please alert us immediately if you suspect any unauthorized use of your account or a security issue.

We will retain your personal data only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This means:

• If you contact us with an inquiry but do not become a customer, we may retain your correspondence and details for a certain period (for example, up to 12 months) in case you have follow-up questions or to refer back to our conversation if you contact us again. We periodically clean out old inquiry data.

• If you create an account or become a client, we will retain your account data for as long as you maintain an account with us. If you decide to close your account, we will delete or anonymize personal information associated with it within a reasonable time after closure, except for any data we are required to keep for legal purposes (e.g., invoice records for tax).

• If you subscribe to our newsletter, we will retain your email on our mailing list until you unsubscribe or until we decide to discontinue our newsletter service. If you unsubscribe, we will immediately stop sending you emails and remove your contact from the active mailing list. (We might keep a suppression record of your email to ensure we honor your no-contact request in the future.)

• Job applicants’ data will be kept as explained in the Recruitment Services section above (generally only for the duration of the hiring process plus a short period after, unless you consent to extended retention). We will not keep unsuccessful candidates’ personal data for excessive periods. Successful candidates’ data will typically be passed to the client/employer, and we will not retain it longer than necessary on our side.

• Web analytics data in Google Analytics is retained for a limited period (we might set Analytics to retain user-level data for e.g. 14 months, after which it gets deleted automatically on a rolling basis). Aggregated data (which has no personal identifiers) may be kept longer for statistical analysis.

In all cases, when we no longer have a lawful reason or legitimate need to keep your personal information, we will either delete it or anonymize it (so it can no longer be associated with you). If deletion or anonymization is not immediately possible (for example, because the data is stored in backup archives), we will securely store the data and isolate it from any further use until deletion is feasible.

Under applicable data protection laws, you have a number of rights regarding your personal data. We are committed to upholding these rights, and we outline them here for you:

• Right to Be Informed: You have the right to be given clear, transparent information about how we collect and use your personal data. We aim to achieve this through this Privacy Policy and any just-in-time notices we may provide (e.g. brief statements on forms). If anything is unclear, please contact us for clarification.

• Right of Access: You have the right to access the personal data we hold about you. This is often called a “Data Subject Access Request.” You can ask us to confirm if we are processing your personal data and provide you with a copy of that data, as well as information about how we use it. We will provide this free of charge, within one month of your request (unless the request is complex or numerous, in which case we may extend by up to two further months, but we will inform you of any delay).

• Right to Rectification: If any of the personal data we hold about you is inaccurate or incomplete, you have the right to have it corrected or updated. For example, if you change your contact email or spot an error in data we have about you, let us know and we will amend it.

• Right to Erasure: This is also known as the “right to be forgotten.” You can request that we delete your personal data when it is no longer necessary for us to retain it. For instance, if you withdraw from using our services and you want us to remove data we hold about you, in many cases we can do so (assuming we don’t need to keep it for legal reasons). Note that this right is not absolute – if we have a specific legal obligation or other lawful reason to keep the data, we may decline deletion but will inform you of the reason. In the context of newsletters, simply unsubscribing will ensure you aren’t contacted further; in context of an account, closing the account triggers deletion of most data as described above.

• Right to Restrict Processing: You have the right to ask us to stop or limit processing your personal data in certain circumstances. For example, if you contest the accuracy of the data or have objected to processing (see below), you can request restriction while the issue is being resolved. During restriction, we can store the data but not use it. If applicable, we will mark the data as restricted and only process it with your consent or for legal reasons.

• Right to Data Portability: For data that you have provided to us, which we process by automated means on the basis of your consent or to perform a contract with you, you have the right to obtain a copy in a structured, commonly used, machine-readable format and/or to have it transferred to another organization. In practice, this right mostly applies to data in systems like a user account info or data you uploaded. If you need an export of your account data, we will provide it if feasible. (Note: this right likely doesn’t apply to most of our processing, except potentially account registration info or candidate data at your request.)

• Right to Object: You have the right to object to certain types of processing of your personal data:

  • Direct Marketing: You can always object to or opt-out of direct marketing communications. If you no longer wish to receive our newsletter or promotional emails, use the unsubscribe link or contact us to be removed. We will comply promptly. We will not send you marketing again after an objection (except perhaps a one-time confirmation of your opt-out).

  • Legitimate Interests Processing: If we are processing your data on the basis of legitimate interests, you also have the right to object to that. However, in this case, if you do object, please note we will evaluate whether our legitimate grounds for that processing override your privacy rights. If your rights outweigh our interests, we will cease the processing you objected to. For example, a candidate might object to our processing of their data – unless we have compelling grounds (like a need to retain some data for defending a legal claim), we would likely honor such objection (which could mean deleting their data, equivalent to an erasure request).

• Right to Withdraw Consent: In cases where we rely on your consent to process data, you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we did based on your consent before withdrawal. If you withdraw consent for something (like analytics cookies or the newsletter), we will stop that processing going forward. For example, you can toggle off analytics cookies or unsubscribe from emails, and that choice will be respected.

• Rights related to Automated Decision-Making: As noted, we do not carry out solely automated decisions that have legal or similar effects. If that changes in future, you would have rights to human intervention and to contest the decision. We include this for completeness.

To exercise any of your rights, please contact us at theteam@wearespot.com with your request. We may need to verify your identity to ensure we don’t disclose or modify data to the wrong person (for instance, we might ask you to confirm some details we have on file). We will do our best to respond fully to all legitimate requests within one month, as required by law. If your request is complex or you have made multiple requests, we may need more time, in which case we will inform you of the extension and the reason.

Note: These rights may be subject to certain legal exceptions. If we cannot comply with a request in whole or in part, we will explain why (for example, if you request deletion of a record we must keep for legal compliance, we’ll let you know). However, we fully endorse your rights and will facilitate them as much as possible.

Finally, you also have the right to lodge a complaint with a supervisory authority if you believe we have not handled your personal data properly or lawfully. In the UK, the relevant authority is the Information Commissioner’s Office (ICO). You can find details on how to report concerns on the ICO’s website. We would, however, appreciate the chance to address your concerns directly before you approach the ICO, so please do contact us first if you can. We take privacy seriously and will work with you to resolve any issues.

Our website may contain links to third-party websites, including client websites, job boards, social media platforms (like our Twitter, Facebook, or LinkedIn pages), and references to resources. Please be aware that if you follow a link to any external website, this Privacy Policy will no longer apply. We do not have control over the content, security, or privacy practices of other websites. We cannot guarantee or be responsible for the protection of any information you provide to websites outside our control. We advise you to exercise caution and review the privacy policy of any external site you visit. Clicking on external links is at your own risk, and we won’t be liable for any issues arising from your use of third-party websites.

This caution also applies to any sponsored links or adverts that might appear on our site. If we feature sponsored content, clicking it may direct you to an external site through a tracking referral URL, which could employ cookies to track that referral. While we strive to partner only with reputable organizations, we aren’t responsible for how those sites handle your data. Again, please check their privacy statements.

We maintain profiles on platforms like Twitter, Facebook, and LinkedIn. Any information you voluntarily submit or share via our social media pages (for example, by commenting on a post or sending us a direct message) may be read, collected, or used by us in accordance with this policy (for instance, we might keep a note if you ask a question via Facebook). However, social media platforms have their own privacy policies and terms of use, which apply to your interactions on those platforms. We encourage you to review the privacy settings and policies on any social media accounts you use. We will never ask you to divulge personal or sensitive data in a public social media interaction. If a conversation requires sharing personal details, we’ll move it to a private channel (like direct message, email, or phone) for your safety.

Our website may include social sharing buttons or widgets (like a “Share on Facebook” button). Using these may set cookies or otherwise track your interaction, and the social network (e.g., Facebook) could record that you shared our page. This is considered an interaction with the third-party platform, which might be reflected in your account there. Use such features at your discretion.

Also, be aware that shortened URLs (especially on social media) can obscure the destination. We may post shortened links (e.g., via Bit.ly) on our social accounts. While we only shorten links to reputable pages (usually our own site or known resources), there is a general risk that scammers use shortened links for malicious purposes. Always be vigilant: if something looks suspicious about a link’s context, be cautious before clicking.

We may update this Privacy Policy from time to time, especially to reflect changes in our services or legal obligations. In 2026, data protection law continues to evolve in the UK and EU, and we strive to stay compliant with all requirements. If we make material changes (for example, if we start processing data for new purposes or implement new technologies affecting privacy), we will notify users either by a prominent notice on our website or by email (if appropriate). The “last updated” date at the top will always indicate when the policy was last revised. We encourage you to review this page periodically to stay informed on how we are protecting your information.

If you have any questions or concerns about this Privacy Policy or how we handle your data, please don’t hesitate to contact us at theteam@wearespot.com. We value your privacy and will gladly address any inquiries.