Privacy Policy & Information Security

What this policy covers

Your privacy is important to us and we like to be transparent about how we collect, use and share information about you. This policy is intended to help you understand:

  • What information we collect
  • How we use your information
  • How we share information
  • How we store and secure information
  • How to access and control your information
  • Other important privacy information

What information we collect

We collect information about

  • visitors to our website;
  • people who use our services;
  • suppliers who we work with to deliver services; and
  • job applicants and our current and former employees.

How we use your information

How we use the information we collect depends on what product or service you use or access, how you use them, and any preferences you have communicated to us. Below are the specific purposes for which we use the information we collect about you.

Visitors to our website

When someone visits, we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behavior patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be explicit about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

If you provide us with information via one of the forms on our website, we may contact you by telephone and email. You are given the opportunity to opt-in to receiving this information at the appropriate section of the website when you register your details. If you no longer wish to be contacted in the future by us, follow the instructions on the specific mailing list or complete the form on our website:

IP addresses and cookies

To find out about the use of cookies on our website, see our Cookies Policy.

Website hosting

Imosphere uses a third party, CWCS to host its website. To deliver this service, it processes the IP addresses of visitors to the Imosphere website.

Email marketing

If you have opted in to our emails, from time to time, we may send emails to you regarding new services, releases and upcoming events. You may opt out of receiving newsletters and other secondary messages from us by selecting the ‘unsubscribe’ function present in every email we send.

We use a third-party provider, Campaign Monitor, for this type of email marketing. We gather statistics around email opening and clicks using technologies including clear gifs to help us monitor and improve our marketing communication. For more information, please see Campaign Monitor Privacy Policy.

FACE Assessment Toolsets – Third Party

If you request information specifically about our FACE Assessment Toolsets, your details will be passed to our Third Party Assessment Toolset Consultants - Way Finder and ARW Consultancy – who will contact you directly to provide the relevant information.

Your details will only be used to contact you about the information requested, unless you have also opted into our Mailing List in which case you will also receive information from Imosphere regarding new services, releases and upcoming events. You can opt out at any time by using the ‘Unsubscribe’ link in our emails.

Customer support

We use your information to resolve technical issues you encounter, to respond to your requests for assistance and to repair and improve our products and services. We use Zoho Desk to record help desk issues. For more information please see ZOHO Privacy Policy.

People who contact us via social media

We use a third-party provider, Hootsuite, to manage our social media interactions.

If you send us a private or direct message via social media, the message will not be shared by us with any other organisations. For more information, refer to the privacy policy set out by each social media platform.

People who email us

Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.

People who use our products and services

Our products and services include:

  • Atmolytics, our pioneering self-service and devolved analytics platform.
  • The UK’s most accurate and widely used resource allocation system for personal budgets.
  • An award winning electronic care record.
  • Over 100 nationally recognised assessment, care and support planning toolsets.
  • Tailored training solutions.

We have to hold the details of the organisations who have requested our product(s) and/or service(s) in order to provide it. However, we only use these details to provide the product and/or service the organisation has requested.

Job applicants, current and former Imosphere employees

Imosphere is the data controller for the information you provide during the recruitment process unless otherwise stated. If you have any queries about the process or how we handle your information, please get in touch.

What will we do with the information you provide to us?

All of the information you provide during the recruitment process will only be used to progress your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.

What information do we ask for and why?

The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.

We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary.

Application stage

As part of your application, we simply ask you to send in your CV.


Our hiring managers shortlist applications for interview. They will be provided with all the information on your CV.


We might ask you to participate in assessment days, complete tests or occupational personality profile questionnaires, and/or to attend an interview – or a combination of these. Information will be generated by you and by us. For example, you might complete a written test or we might take interview notes. This information is held by Imosphere.

If you are unsuccessful following assessment or interview for the position you have applied for, we may ask if you would like your details to be retained in our talent pool for a period of six months. If you say yes, we would proactively contact you should any further suitable vacancies arise.

Decisions about recruitment

Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered during the application process is taken into account.

You are able to ask about decisions made about your application by speaking to your contact within our recruitment team or by emailing

Conditional offer

If we make a conditional offer of employment we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our employees, their right to work and seek assurance as to their trustworthiness, integrity and reliability.

You will be required to provide:

  • Proof of your identity: you will be asked to attend our office with original documents, we will take copies.
  • Proof of your qualifications: you will be asked to attend our office with original documents, we will take copies.
  • We will contact your referees, using the details you provide in your application, directly to obtain references.
  • We will also ask you to complete a questionnaire about your health. This is to establish your fitness to work.

If we make a final offer, we will also ask you for the following:

  • Bank details to process salary payments.
  • Emergency contact details, so we know who to contact in case you have an emergency at work.

Where is information stored?

Internal network

If you are employed by Imosphere, relevant details about you will be stored on our company network, which is protected by our access control policy.

Third party systems

If you are employed by Imosphere, relevant details about you will be entered into our HR and Payroll systems, provided by third parties.

Recruitment agencies

Imosphere sometimes advertises through contracted recruitment agencies. To find out about the specific information held by these agencies, please get in touch.

How long is information retained for?

If you are successful, the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment plus six years following the end of your employment. This includes your fitness to work, records of any security checks and references.

If you are unsuccessful at any stage of the process, the information you have provided until that point will be retained for six months from the closure of the campaign.

Information generated throughout the assessment process, for example interview notes, is retained by us for six months following the closure of the campaign.

Access to personal information

Imosphere tries to be as open as possible in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by contacting us. If we do hold information about you, we will:

  • give you a description of it
  • tell you why we are holding it
  • tell you who it could be disclosed to
  • let you have a copy of the information in an intelligible form

To access, update or remove any personal information we hold about you a formal request must be sent to us. Clearly label your request as an ‘Information Request’ and send it to

Your rights

You have rights as an individual which you can exercise in relation to the information we hold about you.

You can read more about these rights here:

Disclosure of personal information

Imosphere will not disclose personal data without consent from the individual or relevant party, or unless required due to legal obligations.

Complaints or queries

Imosphere tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice does not provide exhaustive detail of all aspects of Imosphere’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.

If you want to make a complaint about the way we have processed your personal information, you can contact us.

This privacy notice does not cover the links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.

Changes to the privacy notice

We keep our privacy notice under regular review. This privacy notice was last updated on 30th June 2020.

How to contact us

If you want to request information about our privacy policy, please get in touch.

Information Security

Imosphere is an ISO/IEC 27001:2013 certified company, demonstrating our effective information security management system.

ISO/IEC 27001:2013 Information Security Management is the international standard for information security and ensures the correct people, processes, procedures and technology are in place to secure an organisation’s information assets.

Information security ensures the preservation of:

  • Confidentiality: ensuring that access to information is appropriately authorised
  • Integrity: safeguarding the accuracy and completeness of information and processing methods
  • Availability: ensuring that authorised users have access to information when they need it

ISO 27001

For further information about our Information Security policy, please get in touch.