Privacy
How we handle data.
Pulse is a wellbeing tool, so trust in how we handle data isn't a nice-to-have — it's the product. This page is the plain-English summary. The full legal Privacy Policy is being finalised by our DPO and will be published here shortly; an interim version is available on request from privacy@pulse-hr.co.uk.
What we collect
Account details for managers (name, work email, team name). Anonymous check-in responses with no link to the person who submitted them. Standard server logs needed to operate a secure service.
What we never collect
We do not collect names, email addresses, or any identifying metadata against individual check-in responses. The data model itself prevents reconstructing who said what.
Where data lives
All customer data is stored in the United Kingdom on enterprise-grade infrastructure with SOC 2 and ISO 27001 alignment. We do not transfer data outside the UK without explicit consent.
How long we keep it
Account data for as long as the account is active, plus a short retention window after closure. Anonymous response data is retained for trend analysis and deleted on request from the controlling employer.
Your rights
Under UK GDPR you have rights of access, rectification, erasure, restriction, portability, and objection. Email privacy@pulse-hr.co.uk to exercise any of them — we respond within the statutory one-month window.
For more on how we build anonymity into the architecture, see our Security page. For contractual data terms (DPAs, sub-processor list, breach notification), email privacy@pulse-hr.co.uk.