GDPR Privacy Statement

putting your privacy first at Podium, we take data security and privacy seriously

GDPR privacy statement

Effective as of 30 August 2023

1 Introduction

The purpose of this privacy policy is to describe clearly what information we gather about you while you access Podium’s sites and platform, how we use and process that data, who we disclose this information to, and how you can find out what data we hold about you together with how you can request changes or removal of that data.

2 The type of information we collect

Personal data should be processed lawfully, fairly and in a transparent manner.

We currently collect and process the following information:

  • Name
  • Email Address
  • Biographical information
    • Sex
    • Age
    • Level of education
    • Ethnicity
    • First language
    • Job area or current employment area
  • Facial images

3 How we get the personal information and why we have it

We collect only the necessary information about you for the purposes of psychometric, skills, 360 or other online assessments and the subsequent reporting of these assessments to our clients. Our clients may provide your personal information to us in order for us to setup your personalised invitations.

You may also be asked to volunteer this information to us via a form before you start your assigned assessments or other online exercises.

While you complete your assessments or other online exercises, we will also be collecting specific assessment data in the form of your responses to specific questions.

When providing any personal information we will specifically ask your consent to collect and process this information. You will have the choice whether to provide this information or not, and where a response is required, there is always a "Rather Not Say" option.

We offer the option of Facial Validation which is an advanced add-on feature designed to enhance the security and validity of un-proctored, remotely administered assessments. It uses a combination of artificial intelligence (AI) and common hardware that is available to most end-users. It is important to note that Facial Validation is not the same as Facial Recognition.

We store and process your data in order to provide a service to our clients. Your data or responses therefore could be used to help identify you and your responses for our client who has supplied your information to us. It may be used to produce reports for this client detailing areas of your personality, your ability, or your performance at specific skills. Additionally we may use this data to produce feedback reports for you which will summarise the information we have provided to our client.

Our clients may use these reports for the purposes of selection or development of individuals or teams/departments within their or for other organisations.

We may also provide a copy of the assessment data to our clients for use by them for their own use and management purposes.

Our clients are entitled to the use of the information you provide at their request for their own purposes. They are however obliged to process your information in accordance with their own obligations to data security policy, the Data Protection Act, or other data protections laws where applicable.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are: We have a legitimate interest.

4 How we store your personal information

Your information is securely stored. We have strong technical and organisational security measures to prevent the loss or unauthorised access of your personal information. We are ISO 27001:2022 registered and have an ongoing security training program in place for our employees on the proper handling of personal information.

We will retain personal data for as long as is required for the purposes it was collected. As a general rule, we will anonymise data after a period of 18 months at our discretion.

5 Your data protection rights

Under data protection law, you have rights including:

Your right of access - You have the right to ask us for copies of your personal information.

Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.

Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.

Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.

Your right to object to processing - You have the right to object to the processing of your personal information in certain circumstances.

Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

6 How to contact us

If you have any questions or if you wish to contact us, please email us at

7 How to complain

If you have any concerns about our use of your personal information, you can make a complaint by emailing us at

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office
Wycliffe House
Water Lane

Helpline number: 0303 123 1113

ICO website: Information Commissioner's Office (ICO)

Contact us to find out more about our security practices and policies.