Privacy policy

How FutureGov uses data

FutureGov is a limited company based in the UK. In addition to consultancy services, we run this website (wearefuturegov.com) as well as the digital many of the products and prototypes listed on our case studies page (wearefuturegov.com/our-work)..

As a company, we apply human-centred design processes to everything we do. This means putting people first, understanding their needs and respecting their rights. This includes respecting their rights to data protection, as protected in law.

Whether we’re conducting research, designing services or building digital products, we’ll always conduct our work with the privacy of individuals in mind. This means collecting as little personal data as possible, storing it securely and being clear about how we’ll use that data.

This page details the data FutureGov may collect about you and how we use it. It also includes information relating to third parties we may use to store and process your data.

Covered in this policy is:

• the information we collect through our website
• the information we collect through our contact form
• the information we collect through our digital products
• the information we collect through our research activities
• the information we collect through our marketing activities
• potential and existing client data
• the information we collect through our recruitment
• your data and rights

Information we collect through our website

Why do we collect website data?

Collecting website data allows us to see how people are using our site. With this information, we can continually improve your experience.

What data do we collect on our website?

Using Google Analytics and Google Tag Manager, we collect the following information about users to our website:

• IP address (first two bytes)
• timestamp of visit
• country of visit
• referrer
• operating system
• browser
• pages visited during session

How long do we keep website data?

We store the data we collect indefinitely so we can see how the use of our website changes over time. Our focus for having this information is always on how we can improve the user experience.

Information we collect through our website contact form

We use the your details submitted through our contact form to communicate with you about services that might be relevant to you. We may also inform you of new offers, products and services which may be of interest to you. We’ll never sell your email address or other details without your permission, and all communications from us will contain a clear "unsubscribe" option.

Information we collect through our digital products

Registering for an account to use one of our products

If you’ve registered an account for one of our products, we use your email address to allow you to interact with the product, store your preferences and be notified by email about the information that you have indicated is of interest to you (we’ll always give you a clear opt-out). Further information can be found on the individual terms page relating to that individual product.

Providing feedback on a product survey or report a problem

Product surveys are used to improve our products and services and we only collect your contact information if you have indicated that you wish us to contact you with follow up information. Once you are satisfied the issue is resolved we’ll delete your contact information unless otherwise indicated.

Services we use to process data

Below is a list of third-party services we use to store and process your data across our website and products, a description of how we use them and links to the privacy policies of these parties. We’ve regularly reviewed these services and contracts to make sure these companies are fully compliant with GDPR.

• Sendgrid is a service that our products use to send emails to users to ensure efficient and effective email delivery (Privacy Policy)
• SupportBee processes automated emails so we can track responses and offer a better service (Privacy Policy)
• Google Analytics collects and analyses website data across all of our sites (Privacy Policy)
• AppSignal is used for performance monitoring and error handling, capturing errors when things go wrong with anonymised data (Privacy Policy)
• Feedbackify captures product feedback, which can be used anonymously or you can provide an email address if you'd like us to contact you (Privacy Policy)
• Memset / Linode / Heroku are cloud hosting providers we use for our UK based products & prototypes, hosting our application servers and databases.
• Mittwald is our German hosting provider for German clients, also hosting our application servers and the databases for these products
• Binary Lane is our Australian hosting provider for live products in Australia, hosting our application servers and the databases for these products
• Cloudflare is a content delivery network, protecting us from malicious attacks and improving the performance of our websites (Privacy Policy)

Information we collect through design research activities

We collect research material to reference during project work. Research is an important part of our work: it helps us understand people’s needs and build better products and services for our clients.

What data we collect

We collect the following information from research participants:

• full name
• telephone number
• email address
• address
• completed consent forms
• interview recordings (audio or video)
• quotes
• notes
• photos

Why we collect this data

We collect participant information to identify participants and arrange sessions and follow-ups.

All research participants are given a consent form that outlines what the research involves, what information will be recorded and how it will be used. If the participant is happy to proceed we ask them to sign the form to confirm this.

How long we keep research data

Participant information is deleted six months after the end of projects. We scan signed consent forms and shred paper copies, then store consent forms on Google Drive and keep these for seven years. All notes, digital files and participant information are deleted six months after the end of projects.

Where research data is processed and stored

Research notes and materials are separated from any identifiable information, such as consent forms, while we are working with it. Any notes we gather during research sessions are stored securely. Any digital files (audio, photos and videos) are stored on Google Drive and are only accessed by team members involved in the research.

We may use research materials like quotes, photos, audio or video clips, in presentations to clients. We will only do this if we have consent from participants. We don’t connect this information to participants’ names.
Sometimes we may publish quotes from research sessions. We only do this if we have obtained specific consent from the participant and any personally identifiable information has been removed. We will only publish audio, photos and video from a research session if a participant has given consent and has signed a release form for this use.

How long we keep research data

Participant information is deleted six months after the end of projects.
We scan signed consent forms and shred paper copies, then store consent forms on Google Drive and keep these for seven years. All notes and digital files and participant information is deleted six months after the end of projects.

Opt-out of collection

Participants are able to withdraw their information from a project at any time. To do this, contact [email protected].

Information we collect through marketing activities

If you sign up to one of our events or newsletters

FutureGov operates two external email newsletters. One is used to update partners and clients of important company news and events and the other is a weekly curated digest of news relevant to our sector. The subscriber data is only used for the purposes of operating these services and subscribers have the ability to unsubscribe at any time.

If anybody has given their contact information in relation to one of our events, then this information may be used to contact them in relation to this event, future events or sales purposes.

Use of social media

We use several social media accounts to share our work. We occasionally use the analytics tools provided by these platforms to understand how we can use these services better. Our social media accounts include:

• FutureGov on Twitter (Privacy policy)
• FutureGov on LinkedIn (Privacy policy)
• FutureGov on Medium (Privacy policy)
• FutureGov on Instagram (Privacy policy)
• FutureGov on Youtube (Privacy policy)

Potential and existing client data

We may collect the following information about our potential and existing clients:

• name
• company
• email address
• phone number
• job title
• company address
• testimonials

Why do we collect this data?

We use the data we collect to help us create, nurture and manage our client relationships. Testimonials may be used on our website for promotional purposes.

We use the following services to store and process this data:

• Gsuite including Mail and Drive (Privacy policy)
• Pipedrive (Privacy policy)
• Our workspace on Slack (Privacy policy)

Information we collect through recruitment

We collect the following information about people who apply to work at FutureGov, whether for a permanent position, apprenticeship, internship or contractual position.

• full name
• CV and supporting information
• email address
• covering letter
• phone number
• recruitment platform profile
• notes from interviews
• portfolio of work

We don’t collect any special category data or ask for any background checks as part of the application process. (As an employee, you may need to complete a DBS or background check as part of your project work.)

Why do we collect recruitment data?

Recruitment data is used to assess suitability for a role and communicate with candidates.

How long do we keep recruitment data?

Recruitment data is deleted when a candidate leaves the recruitment process, is offered a job, or their application is unsuccessful.

Where is the recruitment data processed and stored?

We use several platforms to help us find people to join our team. At the moment, these include:

• LinkedIn (Privacy policy)
• Indeed (Privacy policy)
• Twitter (Privacy policy)
• Lever (Privacy policy)

If you want to exercise your rights on a particular service, please refer to its privacy policy for more information.

We store CVs on Google Drive. Only team members involved in the recruitment process have access to recruitment platform accounts, CVs and emails.

Your data and your rights

When collecting and storing your personal data, FutureGov will adhere to your rights as outlined by the GDPR to access, rectify and/or remove your data entirely. Upon request, we’ll respond within 30 days:

• providing confirmation as to whether or not your personal data is being processed, by us and any third-party tools
• send you your personal data in a structured and machine-readable format to you and/or another service that you have instructed us to transfer the data to
• update and rectify any inaccurate personal data as requested
• erase all your personal data from our systems and our third-party processing tools

We’ve appointed an internal Data Protection Lead. They’re responsible for keeping this policy up to date and for helping us make sure we follow these practices in our everyday work.

If you have any questions or want to exercise your rights as stated above, then please write to us at [email protected].