top of page

Privacy Policy

How peopleworth collects, uses and protects your information

Last updated: 23 June 2026

On this page
  • Who we are
  • Scope of this policy
  • Information we collect
  • How we use your information
  • Legal basis for processing
  • Who we share information with
  • International data transfers
  • How long we keep your information
  • Your rights
  • Cookies and tracking
  • Data security
  • Changes to this policy
  • How to contact us

Who we are

peopleworth provides employer support through a membership model known as the peopleworth Employer Group.

Our services may include access to shared HR resources, people templates, recruitment process support, shared applicant tracking infrastructure, manager guidance, wellbeing pathways, payroll coordination, HRIS support, people operations support and specialist guidance.

peopleworth is responsible for the personal information collected through this website and described in this policy.

Where peopleworth processes employee, candidate or contractor information on behalf of a member company as part of delivering Employer Group services, the member company will usually remain responsible for deciding how and why that information is used. In those circumstances, peopleworth will usually act as a processor, or operator under South African data protection law, unless otherwise agreed in writing.

You can contact us at:

solutions@peopleworth.ai

Scope of this policy

This policy applies to visitors to our website, people who contact us, prospective members, member companies and individuals whose information may be processed as part of delivering Employer Group services.

peopleworth may operate across the United Kingdom, South Africa and other jurisdictions where our members, providers or systems are located.

This policy has been prepared with reference to applicable data protection requirements, including the UK General Data Protection Regulation, the Data Protection Act 2018 and the Protection of Personal Information Act, 2013, known as POPIA.

Where different legal standards apply, we aim to apply appropriate safeguards based on the nature of the information, the purpose of processing, the applicable jurisdiction and the relevant contractual arrangements.

Information we collect

We may collect and process the following categories of personal information.

Information you provide directly

This may include your name, job title, business email address, telephone number, company name, team size, enquiry details and any other information you choose to provide when contacting us, completing a form or booking a conversation.

Company and member information

Where a business enquires about or joins the peopleworth Employer Group, we may process company information such as company name, trading details, registration information, VAT or tax information, workforce size, management structure, key contacts, systems used, payroll arrangements, recruitment activity and people operations priorities.

Employee, candidate and contractor data processed for members

Where peopleworth supports a member company with HR, recruitment, payroll coordination, wellbeing, performance, surveys, people operations or related services, we may process personal information relating to that company’s employees, candidates, contractors or managers.

This may include employment details, role information, application information, onboarding records, offboarding records, performance documentation, absence information, payroll-related inputs, survey responses, case notes, interview records and other information required to deliver the agreed services.

In these circumstances, the member company will usually remain the controller, or responsible party under POPIA, and peopleworth will usually act as a processor or operator under a separate agreement.

Information collected automatically

When you use our website, we may collect technical information such as IP address, browser type, device information, pages visited, form interactions and website usage data through cookies and similar technologies.

We do not intentionally collect special category or sensitive personal information through our website enquiry forms. Where this type of information is necessary to deliver services to members, it is handled under separate contractual arrangements and appropriate safeguards.

How we use your information

We use personal information to:

  • respond to enquiries

  • provide information about peopleworth and the Employer Group

  • assess whether our services are suitable for a prospective member

  • book and manage conversations with prospective members

  • set up and administer Employer Group memberships

  • provide access to the peopleworth employer hub

  • configure member support arrangements, systems, workflows and delivery channels

  • deliver HR, recruitment, payroll coordination, wellbeing and people operations support

  • manage shared recruitment processes and applicant tracking workflows where included

  • provide templates, manager guidance, process support and reporting

  • coordinate agreed member services and specialist support

  • manage our website, systems and business operations

  • improve our services and user experience

  • meet legal, regulatory, contractual and record-keeping obligations

 

We do not sell personal information to third parties.

Legal basis for processing

Where UK data protection law applies, we rely on one or more lawful bases depending on the processing activity.

These may include:

Performance of a contract

Where processing is necessary to take steps before entering into a contract or to deliver services under a contract with a member.

Legitimate interests

Where processing is necessary for legitimate business purposes, such as responding to enquiries, administering member relationships, improving services, managing operations, providing practical support to members and protecting our legal rights, provided those interests are not overridden by individual rights.

Consent

Where consent is required, such as for certain marketing communications or non-essential cookies. Consent can be withdrawn at any time.

Legal obligation

Where processing is necessary to comply with a legal or regulatory obligation.

Where South African data protection law applies, we process personal information in line with POPIA’s conditions for lawful processing. This may include processing that is necessary to conclude or perform a contract, processing carried out with consent, processing necessary to pursue legitimate interests, and processing required to comply with legal obligations.

Who we share information with

We share personal information only where necessary and with appropriate safeguards in place.

 

This may include:

  • website and hosting providers

  • CRM and enquiry management systems

  • automation and workflow tools

  • HRIS, ATS, payroll, survey, wellbeing or people operations platforms used to deliver services

  • professional advisors, including legal, accounting or compliance advisors

  • specialist providers involved in delivering agreed member services

  • regulators, public authorities or other parties where required by law

Service providers may include providers used for website hosting, form submissions, workflow automation, customer relationship management, applicant tracking, HR systems, payroll coordination, surveys, wellbeing support and other agreed member services.

We require service providers to process information only in line with our instructions, where applicable, and to apply appropriate security and confidentiality measures.

International data transfers

Because peopleworth may operate across the United Kingdom, South Africa and other jurisdictions, and because some service providers may store or process information outside the country where it was collected, personal information may be transferred across borders.

Where we transfer personal information internationally, we take steps to ensure appropriate safeguards are in place. These safeguards may include contractual protections, recognised transfer mechanisms, appropriate agreements with service providers and other measures required by applicable law.

How long we keep your information

We keep personal information only for as long as necessary for the purpose for which it was collected, including to meet legal, accounting, contractual or reporting requirements.

Retention periods may differ depending on the type of information and the context in which it is processed.

As a general approach:

  • enquiry information is kept for as long as needed to respond to the enquiry and manage any follow-up

  • member account information is kept for the duration of the membership and for a reasonable period afterwards

  • employee, candidate and contractor information processed for members is kept in line with the relevant member agreement and applicable legal requirements

  • financial, contractual and service records may be kept for longer where required for legal, tax, accounting or audit purposes

When information is no longer required, we will delete it, anonymise it or securely retain it only where we have a lawful reason to do so.

Your rights

Depending on the jurisdiction that applies to you, you may have rights over your personal information.

If you are in the United Kingdom, these may include the right to access your information, request correction, request erasure, restrict processing, object to processing, request data portability and rights relating to automated decision-making.

If you are in South Africa, these may include the right to be notified that your information is being collected, access your information, request correction or deletion, object to processing and complain to the Information Regulator.

To exercise your rights, please contact us using the details below. We will respond within the timeframe required by applicable law.

Cookies and tracking

Our website may use cookies and similar technologies to make the site function correctly, understand how visitors use the site and improve user experience.

Some cookies are essential. Others may be optional and used only with consent where required.

You can manage cookie preferences through the consent banner on our site or through your browser settings.

Data security

We take the security of personal information seriously and use appropriate technical and organisational measures to protect information against unauthorised access, loss, misuse, alteration or disclosure.

These measures may include access controls, secure hosting, restricted permissions, confidentiality obligations, approved processors, system governance and internal procedures for handling personal information.

Changes to this policy

We may update this policy from time to time to reflect changes in our services, systems, legal obligations or data protection practices.

When we make changes, we will update the date at the top of this page. Where changes are significant, we will take reasonable steps to notify affected individuals or members.

How to contact us

If you have questions about this policy, wish to exercise your rights, or want to raise a concern about how we handle personal information, please contact us at:

solutions@peopleworth.ai

If you are in the United Kingdom and are not satisfied with our response, you may have the right to complain to the Information Commissioner’s Office.

If you are in South Africa and are not satisfied with our response, you may have the right to complain to the Information Regulator.

bottom of page