Privacy Policy

Mimir is an application to help teams understand and enhance their team's performance. Privacy is essential to us and we are committed to respecting and protecting it. Our privacy policy is designed to tell you about us and what we do, how we protect your information, and your rights.

This privacy policy applies to users with respect to our service(s) and does not extend to include third party services that can be accessed via our platform.

For the purposes of the relevant Data Protection Laws, Mimir acts as a Data Controller. We are therefore responsible for any information we receive through the use of our app and for determining how and why it is processed.

We provide our services to organisations looking to understand and enhance their team's performance. At times we will be processing your information on their behalf, as their Data Processor. This will mean that we will be processing your information subject to their lawful basis and/or for our own legitimate interests.

By signing up to use our app, you are agreeing to Mimir using the information we receive about you, allowing us to collect and use your data, as outlined within this policy.

We will collect

Any information given to us by you. This will include your name, date of birth, email, team and role. It will also include the answers to the questionnaires you supply.

We may collect the information from your device where you install or access our service. This will depend on the device permissions that you have granted. This can include connection and location information, such as your IP address, to allow us to efficiently balance service access loads to provide the fastest and best application response for you.

Cookies: We will use cookies, when you interact with our website to help us understand how you use it, and which parts of our website are most visited. This allows us to focus on delivering the best content and user experience. We do not collect identifiable data through the use of cookies; therefore, we will not use them for advertising or marketing purposes.

We will use your data;

  1. To provide you with the service

    - To create, register and manage your user account, and to ensure your information is accurate and up to date
    - To enable users to work together in a safe and secure environment
    - To inform you of any changes, modifications, and updates to the service(s)
    - To review, investigate and address issues that may affect your use of our service
  2. To exercise our legitimate interests
    - We will use your data to review and assess the quality of our service(s)
    - To provide you with a responsive service, and to support you, when you contact us
    - For our own internal operations. This could include troubleshooting, fraud detection and resolution, data quality checks, functional testing, security, audit, and statistical analysis to ensure that our app(s)/service(s) continues to satisfy the needs of our users
    - We will anonymise your data to enable us and our customers to review the results of the questionnaires, to be able to interpret the responses and draw information from the responses
  3. To respond to obligatory requirements
    - We will disclose information where it has been requested as part of a reasonable regulatory requirement or in response to a legal request.

Sharing of your identifiable data

Your information is used to support you to improve your self-management and for you, and us, to learn more about your wellbeing. To do this, we will need to share some information with other parties, such as;

  • Data storage and backup up provider(s), to record the information that is input to your account
  • Push notification software providers for reminders and to receive updates (notifications)
  • Your employer, for them to support you, and to evaluate our service(s)
  • SMS and email messaging services for communicating to/with you

We will only ever share the minimal amount of information necessary to deliver the service and we will NOT sell or share any of your information for marketing purposes.

We will share your anonymous data with researchers. This information cannot identify you and once it is anonymised it cannot be linked with you. The purpose of this is to review and interpret the answers to the questionnaires. This enables us and our researchers to really understand our user-base.

How do we keep your information secure?

You access your information using secure password credentials, with multi factor authentication set by you. Information kept by us is stored within Amazon Web Services, a cloud-based service, situated in their London region, and is encrypted both at rest and in transit.

We have strict procedures and security measures to prevent, as much as reasonably possible, unauthorised access to, or disclosure of, your information. We cannot guarantee the security of any information you transmit to us, such as emails containing information about you.

How long will we store your information?

We will keep your information for the duration of the contract or until you request that your data be deleted. If we delete your data, it can take up to 6 months of to remove from our back up facility, simply due to the way that they operate, and in some cases, it may remain on our back up facility for legal and regulatory purposes.

What rights do you have regarding your information?

We are committed to complying with your rights to your information and will deal with any requests, outlined below without undue delay, and in line with regulatory timeframes. By law you have a number of rights that apply in certain circumstances. These include the right to:

Object to processing

This means you may not want your information used in some ways.

Restrict processing

This means we can no longer use your information, but we will store it and maintain your place on our data set of users whose information we hold but cannot use moving forward.

Be informed

You should have clear, accessible and transparent information provided to you so you understand how we work, protect and use your information.

Have access to your information

This enables you to check we are using your data correctly and is done by contacting us directly.

Data rectification

If you see incorrect or incomplete information, you can ask to have that corrected.

Be erased

This means you can be "forgotten". It is important to know; this is not a general statement and is subject to some conditions, but the right means you could have all the information we hold on you deleted where there is no compelling reason for us to keep using it.

Move your data

This is referred to as portability. Your data should be provided for you in a way that is accessible and provides you with the option of reusing the data in other situations, as you own your data.

Complain

You have the right to lodge a complaint, and we will respect this and deal with it in a timely fashion in line with UK regulations.

Withdraw consent

This means you remove the right for us to use your data. You may do this at any point and without providing a reason for doing so. Removing your consent though means you will no longer be able to use our services.

Changes in the Privacy Policy and to the service

Any changes to the Privacy Policy will be notified to you via an in-service notification. For some notifications you may be required to read and accept the changes before you can continue using the service. This will be governed in line with our terms & conditions, to be read in conjunction with this privacy policy, when activating your user account.

Contact Us

If you have further questions, you can contact us at the address: 112 Pitmore Road, Eastleigh, SO50 4LT

Our Data Protection Officer is contactable at the above details and dpo@aimsinsights.com

If you would rather deal with an independent group or feel we have not satisfactorily dealt with your enquiry, you can contact the ICO by email casework@ico.org.uk OR phone 0303 123 1113.

Full details of the Data protection regulation, can be found at www.gov.uk/data-protection.