Privacy Policy

1. Introduction

Walk the Floors is a product of myCandr Group Limited ("Company", "we", "us", or "our"), a company registered in England and Wales (Company Number: 15597109) with registered office at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Walk the Floors service at walkthefloors.ai (the "Service"). Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: When you register, we collect your name, email address, and password.
• Company Information: Names and identifiers of companies you choose to monitor.
• Payment Information: Billing details processed securely through our payment processor, Stripe. We do not store your full payment card details.
• Communications: Information you provide when contacting our support team.

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, time spent on the Service.
• Device Information: Browser type, operating system, IP address.
• Cookies: We use essential session cookies to maintain your logged-in state. We do not use tracking or advertising cookies.

2.3 Information from Third Parties

Our Service aggregates and analyses publicly available employee review data from platforms such as Glassdoor. This data is publicly posted by employees and does not contain personal information about individual reviewers that we can identify.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the Service
• Process your subscription and payments
• Send you service-related communications (e.g., trial expiration notices, analysis completion alerts)
• Respond to your enquiries and provide customer support
• Improve and develop new features for the Service
• Detect and prevent fraud or abuse
• Comply with legal obligations

4. Legal Basis for Processing (GDPR)

If you are in the European Economic Area (EEA) or United Kingdom, our legal basis for collecting and using your personal information depends on the data concerned and the context in which we collect it:

• Contract: Processing necessary to provide the Service you have requested
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving the Service
• Legal Obligation: Processing necessary to comply with applicable laws
• Consent: Where you have given consent for specific processing activities

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party companies that help us operate the Service:
  • Supabase (database and authentication)
  • Vercel (hosting)
  • Stripe (payment processing)
  • Anthropic (AI analysis processing)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets

6. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States where some of our service providers are located. These countries may have different data protection laws than your country.

When we transfer personal data outside the UK/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the relevant authorities.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. After account cancellation:

• Your account data is retained for 6 months to allow for reactivation
• After 6 months, personal data is deleted or anonymised
• We may retain certain information as required by law or for legitimate business purposes

8. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Rectification: Request correction of inaccurate data
• Erasure: Request deletion of your personal data
• Restriction: Request restriction of processing
• Portability: Request transfer of your data to another service
• Objection: Object to processing based on legitimate interests
• Withdraw Consent: Where processing is based on consent

To exercise these rights, please contact us at privacy@walkthefloors.ai.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal information, including:

• Encryption of data in transit (TLS/SSL)
• Encryption of data at rest
• Regular security assessments
• Access controls and authentication

However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

10. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. For material changes, we will provide additional notice via email.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: