Privacy policy
Last updated 10th July 2026
This privacy notice describes how and why Qadop Ltd ("we", "us", or "our"), acting as the data controller, might collect, store, use, and/or share ("process") your information when you use our websites, products, portals, marketing material and/or our services and/or enter into discussions with us for the provision of services whether by you or by us ("Services"), such as when you:
- Visit and engage with our websites at https://www.qadop.com/ or https://assembleyourteam.com, or any website, portal or product of ours that links to this privacy notice.
- Complete any of our surveys, assessment and/or questionnaires
- Engage with us in other related ways, including any sales, marketing, or events.
For the purposes of this policy, "personal information" means information that can directly or indirectly identify you as an individual, such as your name, telephone number, address, billing information, and email address or other similar information.
Questions or concerns?
Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@assembleyourteam.com.
Table of contents
- Privacy policy
- Table of contents
- 1. What data do we collect?
- 2. How do we process your data?
- 3. When do we share your personal information?
- 4. How do we keep your information safe?
- 5. How long do we keep your data?
- 6. Do we collect information from minors?
- 7. What are your legal privacy rights and how to exercise them?
- 7.1 What are your privacy rights?
- 8. How can you review, update, or delete the data we collect from you?
- 8.1 How to opt out
- 9. Changes to privacy policy
- 10. How can you contact us about this notice?
1. What data do we collect?
We collect three types of information
- Personal information you provide to us
- Information automatically collected when you use our services
- Information from other sources
Personal information you provide to us
We only collect personal data that you choose to share with us.
The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use. The personal information we collect may include the following:
- Identity Data: Includes first name, last name, and surnames.
- Contact Data: Includes email addresses, phone numbers, and contact preferences.
- Profile Data: Includes job titles and professional context you share during interactions (e.g., company name, industry).
You agree to provide true,accurate and complete personal information and to keep it updated.
Information that we collect as you use our services
When you visit, use, or navigate our Services, we automatically collect certain information depending on the service. This information is primarily needed to provide our services and maintain operational security.
We categorize this as:
-
Log and Usage Data
Log and usage data is service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services and which we record in log files and databases. Depending on how you interact with us, this data may include your IP address, device information, browser type, and settings and information about your activity in the Services (such as the date/time stamps associated with your usage, pages and files viewed, searches, and other actions you take such as which features you use), device event information (such as system activity, error reports, and hardware settings).
-
Device Data
We collect device data such as information about your computer, phone, tablet, or other device you use to access the Services. Depending on the device used, this device data may include information such as your IP address (or proxy server), device and application identification numbers, browser type, hardware model, operating system, and system configuration information.
-
Location Data
We collect country, region, and city-level geolocation data based on the approximate location derived from the IP address automatically provided by your device when accessing our services. This data helps us enhance security, adhere to legal restrictions based on your country or region, and improve service delivery by understanding regional usage patterns. We specifically do not collect high-resolution location data, meaning we do not pinpoint your exact street-level address. This is an intentional choice to respect your privacy while still enabling us to provide location-aware services. You can opt out of allowing us to collect your location information either by refusing access to it or by using a VPN or an IP not related to your location. However, opting out of location data collection, for example by using a VPN, may limit your access to certain services or features such as sign-in that rely on knowing your country or region for legal compliance or service delivery.
Information collected from other sources
We may collect data from publicly accessible sources, professional networks, and commercial data providers.
In order to improve our services, communication, and records, and keep them accurate and relevant, we occasionally obtain information about you from third-party sources. The information we receive may include categories of personal data already described, such as Identity Data, Contact Data, and Profile Data. Additionally, we may collect:
- Social Media Data: Information from publicly available social media profiles.
- User Intent Data: Information related to your potential interest in our services or products, such as product preferences, technology interest.
We use this data strictly to maintain accurate records and to deliver relevant updates, targeted communication, and service promotions. For marketing and promotional communications, we rely on your explicit consent, as further detailed in Section 7.1.1.
2. How do we process your data?
We process your personal information to provide, improve, and administer our Services, communicate with you, ensure security and prevent fraud, and comply with legal obligations. Additionally, we may process your information for other specific purposes with your explicit consent.
The reasons for processing your personal information vary based on your interactions with our Services, and include:
-
To deliver products and services to you.
If you proceed to buy products or services from us, we will process your personal information (including, but not limited to, your name, email address, and payment details) for the purposes of communicating with you, providing you with access to our products and services, and offering necessary support. This includes completing transactions you have requested, establishing unique accounts for you so you can access our products and services (such as assembleyourteam.com), and dealing with accounting and/or billing-related matters. The legal basis for this processing is the performance of our contract with you.
-
To provide consultation meetings.
We may process your personal information (such as your name, email address, and phone number) when you request a consultation meeting. This information is used to provide you the service,schedule and conduct the meeting, communicate with you regarding the consultation, and provide any follow-up information.
-
To send you marketing and promotional communications.
We may process the personal information you send to us, such as your name and email address, for our newsletter, updates on new products and features, and other marketing purposes, if this is in accordance with your marketing preferences. You can update your marketing preferences or opt out of these communications at any time by using the unsubscribe links provided in the communications for that purpose.
-
To identify usage trends.
We may process information about how users of our websites and/or products use our Services to better understand how they are being used so we can improve them.
-
To determine the effectiveness of our marketing and promotional campaigns.
We may process your information to better understand how to provide marketing and promotional campaigns that are most relevant to you. This analysis is primarily conducted at an aggregate level, and for any personalized marketing, we rely on your explicit consent.
-
To save or protect an individual's vital interest.
We may process your information when necessary to save or protect an individual's vital interest, such as to prevent harm.
Cookies and Tracking Technologies
We utilize "cookies" and similar tracking technologies (such as session cookies) to enhance your experience and provide essential functionalities when you use our Services.
- What are cookies? Cookies are small text files that are placed on your device (computer, tablet, smartphone) when you visit a website. They are widely used to make websites work more efficiently, as well as to provide information to the site owners.
- Our Use of Cookies: We exclusively use cookies that are strictly necessary for the operation of our Services and for authentication purposes. These are primarily first-party session cookies, which enable you to log in, navigate our platforms (e.g., assembleyourteam.com), and maintain your authenticated session. Examples include
session_id(to maintain your active login session) and_auth_token(for user authentication). These cookies are temporary and typically expire when you close your browser. At present, we do not use cookies for analytics, marketing, or advertising purposes, nor do we employ other tracking technologies like pixels or web beacons. - Third-Party Cookies: We do not currently use any third-party cookies for advertising, analytics, or tracking your activity across other websites.
- Managing Your Cookie Preferences: Most web browsers allow you to control cookies through their settings. You can choose to block or delete cookies, or set your browser to alert you when cookies are being sent. However, please be aware that disabling essential cookies will significantly impact your ability to log in and use the core functionalities of our Services, as they are crucial for maintaining your authenticated session. For more details on how to manage cookies, please refer to your browser's help documentation.
3. When do we share your personal information?
We highly value your privacy and are committed to keeping your personal data confidential. However, in specific, limited situations, it becomes necessary to share your data. This section outlines those circumstances where sharing is strictly required and always conducted in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.
We may disclose your personal information in the following circumstances:
-
With Service Providers and Subcontractors (Service Delivery):
We may share your information with trusted independent contractors, facilitators, or third-party service providers who work with us or on our behalf to deliver workshops, fulfil your requests, or carry out transactions managed under our umbrella. These parties act as data processors and are contractually bound by Data Processing Agreements (DPAs) to keep your data secure, confidential, and to use it solely for the purpose of executing the agreed service.
-
With Infrastructure and IT Providers (Operations):
We engage trusted technical service providers to host, maintain, and support our operational infrastructure and day-to-day business tools. This includes hosting and processing data within secure and well known cloud platforms, such as Google Cloud Platform (GCP), Amazon Web Services (AWS) and Microsoft Azure. These providers act as data processors on our behalf and maintain high industry standards for data security.
-
With Professional Advisers:
We may share data with our professional legal, financial, accounting, or insurance advisers where necessary to comply with regulatory obligations, manage corporate governance, or protect our legal rights.
-
For Legal and Compliance Obligations:
We may disclose your information if we are legally required to do so to comply with applicable laws, government requests, judicial proceedings, court orders, or legal processes (such as meeting national security or law enforcement requirements).
-
In Connection with Business Transfers:
In the event of a merger, acquisition, sale of assets, or other business restructuring, we may share your personal data with the relevant third parties involved. Such sharing will only occur to the extent necessary and with appropriate safeguards in place, in line with Article 6(1)(f) GDPR (legitimate interests).
About International Data Transfers:
We exclusively process and store all personal data within the United Kingdom and the European Economic Area (EEA). We do not transfer your personal data outside of the UK or EEA.
We ensure that all third parties processing your personal data on our behalf are contractually bound to comply with data protection laws and provide adequate technical and organizational measures to protect your information.
4. How do we keep your information safe?
We are committed to protecting your personal data through a combination of organizational, physical, and technical security measures.
We protect your information through three key approaches:
-
Technical Safeguards:
We utilize industry-standard security measures provided by our trusted cloud infrastructure partners (such as encryption for data in transit and at rest, access controls, and regular system updates) to protect against unauthorized access, alteration, or disclosure.
-
Organizational Measures:
Access to personal data is strictly controlled and limited to specific individuals who have a legitimate business need to know in order to deliver our services. Anyone authorized to handle this data is bound by strict confidentiality obligations.
-
Data Minimization:
We only collect and retain the data necessary to deliver our services, reducing the potential impact of any security event.
While we maintain high industry standards and make every effort to secure your data, please be aware that no method of electronic transmission over the internet or digital storage can be guaranteed 100% secure. Cyber threats are constantly evolving, and while we actively defend against them, we cannot guarantee absolute protection against unauthorized third-party breaches. Consequently, while we do our utmost to protect your information, any transmission of personal data is ultimately done at your own risk. We recommend that you always interact with our services and communications within a secure online environment.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
5. How long do we keep your data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, service, or reporting requirements.
Specific data retention periods
Here's a breakdown of how long we typically retain different types of personal data:
-
Newsletter Subscription Data (Name, Email Address): Retained until you unsubscribe from our newsletter. Upon unsubscription, your data will be deleted with in the next 24h from our marketing lists, unless there's another legal basis for retention (e.g., you are also a client).
-
Consultation Request Data (Name, Email Address, Phone Number): If you request a consultation but do not become a client, we will retain this data for a period of 3 years from the date of your last interaction to follow up on your interest and for our legitimate business interests in understanding engagement. If you become a client, this data will be incorporated into your client record and retained according to the retention period for client transaction data.
-
Client Transaction Data (Contact, Identity, Financial, and Transaction Data): As required by law, we retain this information for 7 years following the end of the financial tax year in which the transaction occurred to comply with our legal and regulatory accounting obligations.
-
Website Usage Data (Pseudonymized IP Address, Browser Characteristics, Device Characteristics): This data, collected automatically, is typically retained for a shorter period, usually up to 2 years, for analytics, security, and to identify usage trends.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it. If this is not immediately possible (for example, because your personal information has been stored in secure backup archives), then we will securely store your personal information and isolate it from any further processing until deletion or overwrite is possible.
In some circumstances, we may permanently anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
For further information or to request the deletion of your data prior to these periods, please see '8. How can you review, update, or delete the data we collect from you?' below.
6. Do we collect information from minors?
We do not knowingly collect, process data from, or market to children under 18 years of age.
By using our Services, you represent that you are at least 18 years of age, or that you are the parent or guardian of such a minor and consent to their use of the Services. If we learn or become aware that personal information from users less than 18 years of age has been collected without verifiable parental consent, we will deactivate the relevant account or record and take immediate, reasonable measures to promptly delete such data from our systems.
If you become aware of any data we may have inadvertently collected from children under the age of 18, please contact us immediately at privacy@assembleyourteam.com
7. What are your legal privacy rights and how to exercise them?
We only process your personal information when we believe it is necessary and we have a valid legal reason (i.e. legal basis) to do so under applicable law, like with your consent, to comply with laws, to provide you with services to enter into or fulfil our contractual obligations, to protect your rights, or to fulfil our legitimate business interests.
7.1 What are your privacy rights?
7.1.1 EU/UK residents only
In some regions (like the EEA, UK, and Switzerland), you have certain rights under applicable data protection laws. These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) if applicable, to data portability; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make such a request by contacting us by using the contact details provided in the section How can you contact us about this notice below.
We will consider and act upon any request in accordance with applicable data protection laws.
Consent Management
For processing activities that rely on your consent (e.g., newsletter and sending marketing communications), we obtain your explicit consent through a clear affirmative action, typically by asking you to check a box on our website or forms. This checkbox is accompanied by relevant information and links to this Privacy Policy, allowing you to understand what you are consenting to. Your consent is then securely recorded in our systems, along with the date and time it was given, providing an auditable record of your preferences.
Right to Lodge a Complaint with a Supervisory Authority:
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, contact us so that we can address the issue. You also have the right to complain to your Member State data protection authority or UK data protection authority.
If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.
Withdrawing your consent:
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. You can withdraw your consent at any time by contacting us by using the contact details provided in the section How can you contact us about this notice below.
Right to Lodge a Complaint with a Supervisory Authority:
If you are located in the EEA or UK and you believe we are unlawfully processing your personal information, contact us so that we can address the issue. You also have the right to complain to your Member State data protection authority or UK data protection authority.
However, please note that this will not affect the lawfulness of the processing before its withdrawal nor, when applicable law allows, will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications:
You can unsubscribe from our marketing and promotional communications at any time by clicking on the unsubscribe link in the emails that we send, or by contacting us using the details provided in the section How can you contact us about this notice below. You will then be removed from the marketing lists. However, we may still communicate with you — for example, to send you service-related messages that are necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.
Cookies and similar technologies:
Most Web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.
If you have questions or comments about your privacy rights, you may email us at privacy@assembleyourteam.com.
Legal bases of processing
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on in order to process your personal information. To satisfy this requirement, we explicitly map our processing purposes, the categories of personal data involved, and their respective legal bases in the table below:
| Purpose of Processing | Categories of Personal Data Involved | Legal Basis Under GDPR |
|---|---|---|
| To deliver products and services to you | Identity Data, Contact Data, Financial Data, Transactional Data, Profile Data, Log and Usage Data | Performance of a contract with you (Article 6(1)(b)) |
| To provide consultation meetings | Identity Data, Contact Data, Profile Data, Log and Usage Data | Pre-contractual steps / Performance of a contract (Article 6(1)(b)) |
| To send you newsletters, marketing and promotional communications | Identity Data, Contact Data, Profile Data | Consent (Article 6(1)(a)) |
| To identify usage trends to improve our Services, products, and experiences | Log and Usage Data, Device Data, Profile Data, Location Data | Legitimate Interest (Article 6(1)(f) — to study how customers use our products/services, define types of customers, and keep our Services updated and relevant) |
| To determine the effectiveness of our marketing and promotional campaigns | Log and Usage Data, Device Data, Contact Data, Profile Data | Legitimate Interest (Article 6(1)(f) — to understand the return on investment of our outreach and inform our marketing strategy) |
| For legal, accounting, and business administration purposes with Professional Advisers | Identity Data, Contact Data, Financial Data, Transactional Data, and other relevant data as required for specific professional advice or compliance | Legitimate Interest (Article 6(1)(f) — for proper administration of our business, corporate governance, and protecting our legal position) and Legal Obligation (Article 6(1)(c) — to comply with statutory duties) |
Detailed description of legal bases
Depending on the context, we may rely on the following legal bases to process your personal information:
-
Consent (Article 6(1)(a) GDPR). We process your information if you have given us permission (i.e., consent) to use your personal information for a specific purpose. You can withdraw your consent at any time. Learn more about how to do this in 8. How can you review, update, or delete the data we collect from you?.
-
Performance of a Contract / Pre-contractual Steps (Article 6(1)(b) GDPR). We process your information where it is necessary in order to provide you with the products and services you have requested, or to take actions at your request before entering into a formal contract.
-
Legal Obligations (Article 6(1)(c) GDPR). We process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, or to exercise or defend our legal rights.
-
Vital Interests (Article 6(1)(d) GDPR). We process your information where we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.
-
Legitimate Interests (Article 6(1)(f) GDPR). We process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. This includes our interests in optimizing and improving our Services, analyzing platform usage, understanding the impact of our marketing activities, and ensuring efficient business administration.
7.1.2 California residents only: your california privacy rights
Please note that the contents below in this section are additional information that only applies to California residents.
The California Consumer Privacy Act (also called the "CCPA") is a privacy-centric bill protecting the privacy of California consumers that came into effect on 1 January 2020.
On 1 January 2023, the California Privacy Rights Act (“CPRA”) entered into law and amended the CCPA, including limitations and regulations originally enforced by the CCPA, including additional specific types of new amendments to each category covered by the CCPA, enabling a more comprehensive overview of data privacy. The California Privacy Protection Agency will regulate the CPRA.
Under the CCPA, California residents may have certain data protection rights regarding their personal information (also referred to in this Privacy Policy as personal data).
These rights may be subject to certain limitations and/or restrictions.
Where there is a conflict between this section and any other section of this Privacy Policy, this section shall prevail.
Right to know
If you are a California resident, you may submit free of charge, but not more than twice in a 12-month period, a verifiable request for us to disclose certain information to you about our collection and use of your personal information in the preceding 12 months including:
- The specific pieces of personal information we have about you.
- The categories of personal information we have collected or disclosed for a business purpose about you within the last 12 months.
- The categories of sources from which the personal information was collected.
- The business and/or commercial purposes for collecting and selling the personal information.
- The categories of third parties to whom the personal information was disclosed for a business purpose or otherwise shared.
- If we sold your personal information, the categories of personal information that we sold and the categories of third parties to whom the personal information was sold.
We detail the personal information we collect and its sources in1. What data do we collect?, and how we handle it in 2. How do we process your data?. We outline who we disclose or share this information with in 3. When do we share your personal information?, and we have also set out information regarding the sale of your personal information in the section below headed "Right to Opt-Out/Do Not Sell".
To submit a request, please see the "Exercising your rights" section below.
Within ten days of receipt of your request, we will confirm receipt of your request. We will verify your identity as a resident of the state of California and contact you to request that information. If we cannot verify your identity, we will deny your request. If we deny your request, even if only in part, we will explain the reason in our response.
Once we have verified your identity and determined that your request is a verifiable consumer request, we will provide a substantive response within 45 days of receipt unless we need more time, in which case we will notify you.
Right to delete
If you are a California resident, you may submit a verifiable request for us to delete any personal information we have collected about you.
Within ten days of receipt, we will confirm receipt of your request. We will verify your identity as a resident of the state of California and contact you to request that information. If we cannot verify your identity, we will deny your request.
There are also some exemptions to the right to request deletion of personal information. If we deny your request, even if only in part, we will explain the reason in our response.
Once we have verified your identity, we will provide a substantive response within 45 days of receipt of the request unless we need more time, in which case we will notify you.
Right to opt-out / do not sell
California residents may opt out of the "sale" of their personal information, as defined by the CCPA. This does not include when:
- You direct us to disclose your personal information or use us to interact with a third party, and the third party does not sell the personal information.
- We use or share an identifier solely to alert a third party that you have opted out of the sale of your personal information.
- Your personal information is transferred as an asset, as part of a transaction in which the third party assumes control of all or part of our business, in which case the third party will have to tell you in writing if it materially changes how the information is used or shared,
- We use or share your personal information under a written contract with a service provider necessary for business purposes. Here, the service that the service provider performs is on our behalf, and our written contract prohibits it from keeping, using or disclosing your personal information for any purpose other than for the specific purpose identified in the contract.
Under the CCPA, the definition of “sale” is expansive. It includes transferring or sharing personal information with a third party for any value, even if the information is not sold for monetary value. Qadop Ltd does not sell personal information for monetary value. However, on occasion, with your explicit consent, we may share your Contact Data (such as name and email address) with other companies for referral purposes to help you access services we cannot directly provide. In instances where such a referral leads to you or your company using the services of the referred company, Qadop Ltd may receive a monetary commission. This type of sharing, which includes receiving a monetary commission for a referral, falls under the broad definition of "sale" in the CCPA/CPRA.**
You have the right to opt out of the sale or transfer of your personal information by submitting a request to us as explained in the section below "Exercising Your Rights".
Within 15 days of receipt of your request, we will act upon your request. We will verify your identity as a resident of the state of California and contact you to request that information. If we cannot verify your identity, we will deny your request. If we deny your request, even if only in part, we will explain the reason in our response.
Once we have verified your identity, we will notify all third parties to whom we have sold or transferred your personal information within 90 days of receipt of your request.
For further information and details on how to opt out, please see section 8.1 How to opt out
Right to be free from discrimination
We may not discriminate against you because you have chosen to exercise your rights, including, for example, by denying you access to our online services or charging you different rates or prices for the same online services, unless that difference is reasonably related to the value provided by your data.
Exercising your rights
To submit a verifiable request to exercise any of your rights (including your right to opt out of the sale of your personal information) or otherwise contact us for more information about how to exercise your rights, please contact using the steps detailed in section 10. How can you contact us about this notice?.
In order to help us to deal with any email request promptly and efficiently, please include "Your California Privacy Rights" in the subject field and state your right to know, deletion or opt-out (as appropriate).
If you would like to designate an authorised agent to make a request on your behalf, please be sure the agent is able to demonstrate you have provided written permission for the agent to submit the request on your behalf and provide proof of his or her own identity.
We will deny the request if the agent does not satisfy these requirements. We have the right to verify with you that you want to take the action requested by the agent.
8. How can you review, update, or delete the data we collect from you?
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please contact using the steps detailed in section 10. How can you contact us about this notice?.
8.1 How to opt out
To opt out of marketing communications, you can use the unsubscribe link provided in the communications for that purpose, or contact us via email as detailed in section 10. How can you contact us about this notice?.
Regarding cookies and similar technologies, most web browsers are set to accept cookies by default. You can usually choose to set your browser to remove cookies and to reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services.
9. Changes to privacy policy
Yes, we will update this notice as necessary while we evolve and change our services to stay compliant with relevant laws.
We may update this privacy notice from time to time. The updated version will be indicated by an updated 'Last Updated' date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy notice frequently to be informed of how we are protecting your information.
10. How can you contact us about this notice?
If you have questions or comments about this notice, you may email us at privacy@assembleyourteam.com.