Privacy Policy


“PAZ.AI”, “PAZ”, “We” and “Our” refer to the company Paz Limited.


PAZ respects your privacy and is committed to protecting your personal data. It is PAZ’s policy to respect your privacy regarding any personal information we may collect and process about you, including across our website, https://paz.ai, and other websites and apps we own and operate.


This Privacy Policy outlines:



Personal information is any information relating to you which can be used to identify you. This includes, but is not limited to, information directly about you (for example your name, address, and date of birth), information about your devices, payment details and information about your interactions with our digital services such as our website, and your interactions with our products and services. 


Our website may contain links to third party websites/apps. We have no control over the privacy policies of these 3rd parties. This privacy policy does not extend to cover your use of those services. We advise you to read the privacy policy information of third party websites/apps when you interact with these websites/apps. 


Policy version: 2.1


Last updated: 6th October 2021


Data controller / Data processor


The UK GDPR & EU GDPR distinguishes between organisations that process personal information for their own purposes (“data controllers”) and organisations that process personal information on behalf of other organizations (“data processors”). We are a Data Controller with respect to the personal information you provide to us.


Data we collect


We currently collect and process the following information:


Personally identifiable data

Data that can directly identify you.


Examples:



Affiliation with partner organisations data

Data about your relationship with partner organisations that we work with to help us provide our services.


Examples:



Employment data

Data about your past and current employment. Data about your career aspirations, data that will help you secure employment and data about your interactions with our employer partners.


Examples:



Recruitment & HR data

Data about your application to join our organisation and data required to facilitate your employment and assess your performance if you are an employee or contractor of Paz or are applying to become an employee or contractor of Paz.


Examples:



Education data

Data about education you have received past and present. Data about your progression through our education programmes.


Examples:



Payment data

Data required to facilitate payments to us.


Examples:



Device data

Data sent to us by the devices that you use to interact with: our website, the services and websites of our third party processors and other digital properties.


Examples:



Preference data

Data about your preferences in relation to our products and services.


Examples:



Interaction data

Data about your interactions with our products and services or communications with our team or third party processors.


Examples:



Website profile data

Data you have provided to be shared on our website or other digital properties.


Examples:



Communications data

Data about communications we have sent to you or received from you. Including the metadata from these communications and the communications content.


Examples:




How we get the personal information and why we have it

There is no statutory or contractual requirement for you to provide personal information to use, unless you decide to use our products or services. 


Most of the personal information we process is provided to us directly by you when you:



We also receive personal information indirectly, from the following sources in the following scenarios:


We use the information we collect for the following purposes:


We may share this information with:

our sub-processors that help us provide our website, products and services to you.


A parent, subsidiary or affiliate of our company


our students, teachers and accreditors for the purpose of facilitating team-work and collaboration and generally facilitating your education


our employees, contractors and agencies who help us manage parts of our business


credit agencies, courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you


courts, tribunals, regulatory authorities, and law enforcement agencies, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise, or defend our legal rights


third parties, including agents or subcontractors who assist us in providing information, products, services, or direct marketing to you


an entity that acquires our business, or to which we transfer all or substantially all of our assets and business


Under the UK GDPR and EU GDPR, the lawful bases we rely on for processing this information are:


(a) Your consent. 


When you give us consent to collect and use your personal information for a specific purpose. You are able to remove your consent at any time. You can do this by contactining talent@paz.ai


(b) When we have a contractual obligation.


When you have entered or are about to enter into a contract or transaction with us. This allows us to deliver our products and services to you, or work with you to help us deliver our products and services.


(c) When we have a legal obligation.

When we may have a legal obligation to disclose or store your personal information. For example this may be the result of a court order, criminal investigation, government request or regulatory obligation.

(d) When there is a vital interest.

When in extremely rare circumstances we may be compelled to disclose some of your information for the preservation of life.


(e) When we have a legitimate interest.

A legitimate interest is when we have a legitimate business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. 

Our legitimate interests are:



Keeping your information secure

We have put policies, mechanisms and procedures in place to protect the personal data that we process. 


Although we try our best to protect the personal information we collect, we cannot guarantee that any transmission method, storage solutions or protocol is 100% secure. No approach can guarantee absolute data security.


If you hold an account with us, we advise you to keep your access details secure.




How long we keep your personal data for

Our policy is to keep your personal data only for as long as we need it to fulfil our processing tasks. When we no longer require your information we will schedule it for deletion. We may require a short period of administrative time up to 3 months in order to process the deletion of your data.


We may hold onto your personal data after you have completed your training or recruitment process with us so that we can support you in your future training or recruitment activities. We may also continue to hold on to personal data to allow us to measure the effectiveness of our programmes and the impact they have had on people’s lives in the future, for example we may wish to contact you to ask if the programme you participated in has led to the career you wished to enter. In this case we will remove data which is no longer relevant from our systems, and retain what we need to facilitate communication with you.


Similarly we may keep personal data relating to our suppliers, mentors and partners in our systems following the end of our projects so that we can contact you in the future to work on new projects.


If necessary, we may keep your personal information even after the need to fulfil our main processing tasks has expired, in order to comply with our legal, accounting or reporting requirements.


We may also retain anonymised information relating to your interaction with Paz for research or statistical purposes.


Children’s privacy

We do not provide services directly to children or proactively collect their personal information. 


Changes to this policy

We keep our privacy notice under regular review to make sure it is up to date and accurate. We advise you to check this policy regularly.


If we update our policy and determine that consent is required for a new or updated processing activity we will seek your permission and give you the opportunity to opt in or opt out of the processing.


International transfers of personal information


The personal information we collect is stored and/or processed in:


Covered by adequacy:



Requires additional safeguards:



The countries to which we transfer your personal information may not have the same standard of data protection laws as the country in which you initially provided the information. 


If we transfer your personal information to countries that do not have a valid adequacy agreement under the UK GDPR then we will put in place additional safeguards with the organisations that are processing personal data for us in those locations. Typically these safeguards will include SCCs (Standard Contractual Clauses). These are a set of clauses, added to data processing agreements or the policies of our sub-processors that outline how data will be protected. 


You may request a copy of the safeguards we use to protect your data when transferring it outside of the UK by contacting talent@paz.ai


These safeguards will aim to protect your data to an equivalent level as would be applied within the UK.


Our subprocessors

This list covers our main subprocessors. It is not exhaustive.


Service: Google Workplace

Service purpose: Email account management, document creation and storage.

Server location: US & EU

Service: AirTable

Service purpose: Cloud database tool.

Server location: US

Service: Slack

Service purpose: Chat communication platform.

Server location: US

Service: Notion

Service purpose: Used for tracking projects and tasks. 

Server location: US

Service: Autopilot

Service purpose: Email marketing tool.

Server location: US

Service: Zapier

Service purpose: Business automation tool.

Server location: US

Service: Webflow

Service purpose: Hosts the Paz website. 

Server location: US and edge locations worldwide

Service: Stripe

Service purpose: Online payment processor.

Server location: EU & US

Service: HelloSign

Service purpose: eSignature platform.

Server location: US

Service: Typeform

Service purpose: Online form software.

Server location: US




Your data protection rights

Under data protection law, you have rights including:

Your right of access

You have the right to ask us for copies of your personal information. 

Your right to rectification

You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 

Your right to erasure

You have the right to ask us to erase your personal information in certain circumstances. 

Your right to restriction of processing

You have the right to ask us to restrict the processing of your personal information in certain circumstances. 

Your right to object to processing

You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability

You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.


Please contact us at talent@paz.ai if you wish to exercise any of your rights.



Further disclosures

Log Data


When you visit our website or other digital properties, our servers may log the data provided by your browser. This may include your device’s Internet Protocol (IP) address, browser type and version, the webpage you have visited, the visit metadata which includes the time and date of your visit, how long you interacted with the page and how long your device took to download all the required content on the page.


Additionally, any technical errors you may experience when browsing our website or other digital properties may trigger additional data collection from our servers. This data may include details about your device and browser, metadata including the time and date of the error, what you were trying to do when the error happened, and other technical information relating to the error.


This information may not be personally identified on it’s own, however it is possible that if the information was combined with other information gathered by Paz, or information gathered by third parties that you could be personally identified.


Our servers collect this information to help us deliver a performant and secure online service.


User-generated content


User-generated content is content provided to us by our users and customers for the purpose of publication on our website and other digital properties, for example an image and biography for publication on the talent profiles section of our website.


Any content you submit for the purpose of publication will be public after posting. After publishing, it may be accessible by third parties not covered under this privacy policy.



Information from third parties


Information that we receive indirectly about you, from third parties, will be protected as set out within this privacy policy. If you are a third party providing information to us about individuals you represent and warrant that you have such individuals consent to provide us with that information and that you have made them aware of the purposes for which their data will be processed.


Managing your marketing permissions


You can manage your personal marketing communications preferences by:



We may need to request information from you to help us confirm your identity. If you opt-out from specific marketing communications, we may retain some parts of your personal information to maintain our do not contact lists.


Our use of cookies and similar technologies


We use some 'cookies' on this website. You can find our detailed information about the types of cookies we use and how you can manage them in our [link]cookie policy[link] 



Making a complaint


You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Contact us about your data


For any questions or concerns regarding your data privacy, you may contact us using the following details:


Alvaro Sanmartin

talent@paz.co.uk