Privacy Policy

Last updated: [July 31st, 2019]

Yleos is committed to protecting the safety and privacy of individuals, and takes its responsibilities regarding the security of each individual’s personal data very seriously. This privacy policy explains what personal data we collect about individuals, how and why we use it, who we disclose it to, and how we protect your privacy.

1. This policy

This policy (and any documents referred to in it) sets out the basis on which we process data about individuals including anyone who visits our website (“Website Visitors”).

Yleos reserves the right to make amendments to this policy from time to time. Any changes to this policy will be posted on this page.  Please check back frequently to see any updates or changes to our privacy policy.

2. Who is responsible for your data

Our Privacy Policy applies to the personal data that Yleos collects and uses.

References in this Privacy Policy to “Yleos”, “we”, “us” or “our” mean Growth Mechanics Limited (a company registered in England and Wales with registration no. 10188690 and registered office at Halifax House, 30-34 George Street, Hull, HU1 3AJ). We control the ways your personal data are collected and the purposes for which your personal data are used by Yleos. Yleos is the “data controller” for the purposes of the UK Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) (each as amended or replaced) and other applicable European data protection legislation (together the “Data Protection Legislation”).    

3. Personal data we collect about you

When using the term “personal data” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include for example your name, your contact details and date of birth. 

4. How we collect data about you

We gather data about Website Visitors from our website. 

We collect data from Website Visitors in two main ways: (1) the data that you give to us on any forms on the website; and (2) the data we collect about you using cookies and similar technologies (see below).

5. Categories of data we collect

The categories of data that we collect about you include your full name, email address, job title, LinkedIn profile and interview data.

The lawful basis for this processing of data is that you have either consented for us to process it or it is within our legitimate interest to collect information about customers who may be interested in our products and allow for improvements to the service.  

6. Special categories of data 

Yleos does not collect any “Special Categories of data” that could reveal information such as racial or ethnic origin, sexual orientation, political opinions, physical or mental health, religious or philosophical beliefs, trade union membership or genetic or biometric data).

7. Disclosure of your personal information     

We may disclose your personal data, in various ways and for various reasons, with the following categories of people: 

  • tax, audit or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation); 
  • any member of our group, which means our subsidiaries, our ultimate holding company and/or its subsidiaries; 
  • a third party who acquires us or substantially all of our assets; 
  • third party service providers who perform functions on our behalf (including professional advisors such as lawyers, auditors, accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);
  • our cloud based storage provider and other IT systems (e.g. Amazon Web Services, Auth0, Stripe, G-Suite, Google log-in).

8. Transferring your information internationally

Yleos may need to transfer your information globally. We want to make sure your information is stored and transferred in a way which is secure. We will therefore only transfer data outside of the European Economic Area (“EEA”) (i.e. the member states of the European Union, together with Norway, Ireland and Liechenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:

  • By way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission for the transfer of personal data by controllers in the EEA to controllers and processors in jurisdictions without adequate data protection laws;
  • By signing up to the EU-US Privacy Shield Framework for the transfer of personal data from entities in the EU to entities in the USA or any equivalent agreement in respect of other jurisdictions; or
  • Transferring your data to a country where there has been a finding of adequacy by the European Commission in respect of that country’s levels of data protection via its legislation; or
  • Where it is necessary for the conclusion or performance of a contract between you and us or the implementation of pre-contractual measures taken at your request; or
  • Where you have consented to the proposed transfer, after having been informed of the possible risks of such transfers. 

9. Retaining/Deleting your information

We only keep your information for as long as it is necessary to fulfil the purpose for which it was collected. 

We use the following criteria to determine how long we need to keep your data:

  • Whether the purpose has been fulfilled, e.g. you are no longer a customer or interested in our products;
  • To comply with company record keeping obligations including the keeping of accounting records;
  • To represent our interactions with you in the event that a complaint is made against us; and
  • Whether we consider the data may need to be retained for legal or regulatory purposes.

10. Security

We will use technical and organisational measures to safeguard your information, for example, we rely on the security measures provided by Auth0 and AWS, and we use password protection where necessary.

11. Cookies, Pixels, Local Storage and other similar technologies 

We have outlined below the individual cookies we use and why we use them:

Cookie name - ga

Expiry period - 2 years

Purpose - Used by Google Analytics to distinguish users

More information -

Cookie name - _gat

Expiry period - 10 minutes

Purpose - Used by Google Analytics to throttle request rate

More information -

Cookie name - n/a

Expiry period - 2 years

Purpose - Used by Mixpanel for user analytics

More information -

Cookie name - 

Expiry period - 

Purpose - Used by Intercom

More information -

Cookie name - 

Expiry period - 

Purpose - Used by Sentry for tracking production errors

More information -

Cookie name - Hotjar Pixel

Expiry period - 

Purpose - Used by Hotjar for tracking visitor behaviour

More information -

Cookie name - Facebook Pixel

Expiry period - 

Purpose - Used by facebook for tracking users for marketing audiences

More information - https:/

Cookie name - Linkedin Pixel

Expiry period - 

Purpose - Used by Likendin for tracking users for marketing audiences

More information - https:/

12. Third Party Properties 

Our platform and website may contain links to and from the online properties of third parties.  If you follow a link to any of these online properties, please note that these online properties have their own privacy policies and that we cannot and do not accept any responsibility or liability for these policies or for any personal data that may be collected through these online properties. Please check these policies carefully before you click on any links and/or submit any personal data to these online properties.

13. Your rights

You have the following rights in relation to your information:

  • Right to request a copy of your information. You can request a copy of your information which we hold (this is known as a subject access request).  
  • Right to correct any mistakes in your information. You can require us to correct any mistakes in your information which we hold. 
  • Right to request we stop processing your information. In certain circumstances, you may request that we cease processing your information. 
  • Right to request deletion of your information. You can ask us to erase your information (also known as the “right to be forgotten”) in certain circumstances.
  • Right of data portability. You have the right to transfer your personal data between data controllers in certain circumstances.  

If you would like to request any of the above, please contact us at to make any such requests. We will comply with the Data Protection Legislation in responding to any such requests.

14. Right to lodge a complaint 

If you have any complaints about the way in which we collect, store and use your information, you can contact the supervisory authority in the United Kingdom, the Information Commissioner’s Office: