Our Privacy Policy - Separating better

Privacy and Data Protection is at the heart of our organisation and business culture. Here at OnePlusOne, we have a number of policies which refer to how we collect and process your data.

Our Policies
Two images, one showing a couple under an umbrella and the other showing two mums holding their child's hand.

1. Introduction

1.1 Purpose

This privacy policy outlines how Separating better (referred to as "we," "us," or "our") collects, processes, and protects personal data in adherence to the Data Protection Act 2018 and General Data Protection Regulations (GDPR).

1.2 Scope

This policy applies to all users of our Separating better app. By using our app, you agree to the terms outlined in this privacy policy.

1.3 Definitions

2. Information We Collect

2.1 Onboarding Process

During the onboarding process, we collect various types of personal data to enhance your experience and provide potential support. This includes your full name, email address, age, gender, ethnicity, sexual orientation, relationship status, relationship length, time since separation, details about your children, income bracket, and first four digits of your postcode. Additionally, we inquire about your engagement with the United Kingdom court system.

2.2 Parenting Plan Data

In the parenting plan feature, two users or separated parents create a plan for their child/children. Users have the option to invite an additional user to participate in the co-parenting plan. Both users must agree to create a co-parenting plan, and they can collectively agree or disagree on the information contained within the plan. The co-parenting plan can be modified or deleted with mutual consent.

It is important to note that both parents participating in the co-parenting plan can view all the data shared within the plan. Users are encouraged to exercise caution when sharing personal information in this format with another user.

While we prioritise maintaining confidentiality, there is a potential risk of personal information being shared inadvertently. Users are urged to carefully consider their responses and interactions within the co-parenting plan feature.

2.3 Children’s Privacy

The safety and privacy of children are paramount to us. Therefore, the use of our App is restricted to individuals who are 18 years old or older. If you are under 18 years of age, you are considered a "Minor" and are prohibited from using our services. We do not knowingly collect personal information from Minors. If you believe that a Minor may have provided us with personal information, please contact us at privacy@oneplusone.org.uk. We reserve the right to request users to verify their age, and failure to provide such verification may result in the termination of the user's account and the deletion of all personally identifiable information associated with the account.

2.4 Standardised Questionnaires

We collect data through standardised questionnaires measuring emotional readiness, couple conflict, psychological well-being, communication skills, and co-parenting cooperation. Versions of these questionnaires, available within the App, contribute to our research evaluation process.

2.5 Mediation Efficacy

To assess the efficacy of mediation, we collect data on how successful mediation has been and how well users have engaged. This information is crucial for our research and evaluation purposes.

3. How We Use Your Data

We process personal data to operate, improve, understand and personalise our App. For example, we use personal data to:

3.1 Legal Bases for Processing Personal Data

Our processing of personal data is conducted based on various legal grounds, ensuring transparency and compliance with applicable data protection regulations. The following categories represent the legal bases for processing personal data:

3.1.2 Contractual Necessity

We process personal data as a matter of "contractual necessity." This means that processing is essential for the performance of our Terms and Conditions, enabling us to provide you with access to and use of the App. Failure to provide such personal data may result in your inability to use some or all portions of the App that require this data.

3.1.3 Legitimate Interest

We process personal data based on our legitimate interests or those of third parties. Our legitimate interests include:

3.1.4 Consent

In some cases, we may process personal data based on the explicit consent granted by users at the time of data collection. When personal data is processed based on user consent, it will be expressly indicated at the point and time of collection.

3.1.5 Other Processing Grounds

We may also process personal data to comply with legal obligations, protect the vital interests of users or other data subjects, or perform tasks carried out in the public interest.

3.1.6 Legitimate Interests in Research Data Collection

In the context of research data collection, we may process personal data based on our legitimate interests. This includes anonymising the data to ensure privacy while contributing valuable insights to our research efforts.

3.2 Data Access

Access to the data is limited to specific roles within our organisation, and our App development company for ongoing support.

3.3 Data Sharing

No personal data is shared without prior consent from users. We respect your privacy choices, and within the onboarding process, you have the option to provide consent for specific data-sharing scenarios.

3.3.1 User Feedback and Support

Users can choose to be contacted by us for App usage feedback. This feedback helps us enhance the user experience and improve our services. Additionally, users have the option to allow us to share their email address with National Family Mediation (NFM) (our mediation partners) for additional support. If you do not opt-in to these data sharing purposes, your information will not be passed on to NFM or our App usage feedback team.

3.3.2 Evaluation Data

Evaluation data shared with the Department for Work and Pensions (DWP) is anonymised before analysis. Data shared for analysis purposes is aggregated and de-identified to ensure the privacy of individual users.

Your control over the sharing of personal information is fundamental to our commitment to user privacy. If you have any questions or concerns about data sharing, please contact us at privacy@oneplusone.org.uk.

3.4 Analysis Tools

SPSS (Statistical Package for the Social Sciences) is employed for analysing extracted data within the OnePlusOne research team, while UXCam is used for app analytics within our UX and Operations team.

3.5 Retention Periods

Personal data collected for research purposes will be retained only as long as necessary to achieve research objectives. Upon the completion of the evaluation report, scheduled for March 2025, personal data will be anonymised or deleted, following data minimisation principles.

While the completion of the evaluation report is scheduled for March 2025, users will have until the 20th December 2024, to request the removal of their personal data from the evaluation. After this date, all user data up to this point will be extracted and anonymised. However, it's important to note that users may continue to interact with the App after this period.

By choosing to use the App beyond the specified date (20th December 2024), users implicitly agree to the continued use of their data for further research purposes unless they explicitly request the removal of their data or delete their account within the App.

If you wish to have your data removed from our evaluation datasets before the 20th December 2024, please contact privacy@oneplusone.org.uk for further information. After this period, we will not be able to remove your data from the anonymised datasets.

3.6. Third-party Software/Service Providers

In our commitment to providing a seamless and optimised user experience, we utilise third-party software and service providers to enhance various aspects of our App.

3.6.1 Google Firebase

We leverage Google Firebase services for secure data storage and accessibility. Firebase services encrypt data in transit using HTTPS, logically isolate customer data, and employ encryption measures to protect user information. For more information about Google Firebase's privacy practices, please refer to Google Firebase Privacy Policy.

3.6.2 UXCam

Additionally, we use UXCam, an analytics solution designed to enhance our App's functionality. UXCam may record information such as screens visited, interaction patterns (including screen actions and gestures like taps and scrolls), and device details (type, version, model, operating system). The information collected by UXCam is crucial for improving our App.

It's important to note that UXCam does not collect personally identifiable information and does not track your browsing habits across Apps. For a more detailed understanding of the information collected by the UXCam service, please review their UXCam Privacy Policy for comprehensive details.

4. Data Security

4.1 Technical Measures

To safeguard your data, we implement robust technical security measures. Firebase services encrypt data in transit using HTTPS, and customer data is logically isolated, enhancing security. Each Firestore object's data and metadata are encrypted under the 256-bit Advanced Encryption Standard (AES). Users are required to select robust passwords when completing the onboarding/registration process.

4.2 User Awareness

Our staff is educated on the importance of data security. Training programs ensure that team members are aware of and adhere to security measures, minimising the risk of unauthorised access or mishandling of personal data.

Users are solely responsible for the content submitted and actions taken within the App. It is strongly advised not to share account access, and in the event of such sharing, users retain full responsibility for any consequences arising from shared access, including but not limited to the content shared and actions performed within the App. We offer the option to invite another user to create a co-parenting plan to reduce the need for shared account access.

4.3 Data Accuracy

Accurate recording of data is crucial. We have mechanisms in place to ensure accurate data recording, and users can update their profile data within the App. If inaccuracies are identified, you have the option to update your profile details via the App. Otherwise, you can contact us using privacy@oneplusone.org.uk to request additional updates.

4.4 Data Deletion

In our commitment to data privacy and security, we implement a structured approach to data deletion and retention, aligning with data protection principles.

We maintain two datasets to manage user data effectively. The first is an anonymised dataset, where user IDs replace email addresses and names. The second dataset includes email addresses linked to user IDs and is stored separately in an encrypted and password protected location.

To adhere to data retention rules, raw data is not deleted; instead, it undergoes anonymisation. However, it's crucial to note that anonymisation processes will be completed on or after the 20th December 2024. Beyond this date, data up to this point will be anonymised, ensuring continued privacy and aligning with data minimisation principles.

If you have any queries or concerns regarding data deletion or anonymisation, please contact us at privacy@oneplusone.org.uk.

5. Data Subject Rights

5.1 User Control

Users have control over their data. They can delete their accounts at any time by using the options within the App, resulting in removing their data from the App and our systems. Additionally, they can update their profile data within the App or contact us using privacy@oneplusone.org.uk if additional requirements need to be actioned.

5.2 Rights Management

We respect and acknowledge the data protection rights afforded to users under the General Data Protection Regulation (GDPR). To exercise these rights, users can utilise features within the App, empowering them with control over their personal data.

The rights include, but are not limited to:

Features within the App provide a seamless and user-friendly way for individuals to manage their data protection rights. If you need additional assistance in exercising your rights, or you have any questions, please contact us at privacy@oneplusone.org.uk.

5.3 Anonymisation Deadlines and Continued App Usage

As part of our commitment to data protection and privacy, we have established an anonymisation deadline scheduled for the 20th December 2024. This means that after this date, personal data collected up to that point will be anonymised, rendering it non-identifiable.

5.3.1 Impact on User Rights

Users have the right to exercise certain data protection rights, such as access, rectification, erasure, and data portability. However, it's important to note that the effectiveness of these rights may be influenced by the anonymisation status of the data:

5.3.2 Continued App Usage and Research

The anonymisation of data may not affect the continued functionality of the App. Users may still be able to interact with the App and benefit from its features post the anonymisation deadline. However, it's important to understand that any data generated or shared within the App after this date will be subject to the anonymisation process during subsequent evaluation periods of potential future research.

5.3.3 User Agreement to Continued Use

By choosing to continue using the App after the anonymisation deadline, users implicitly agree to the use of anonymised data for research, analytical, and improvement purposes. The anonymisation process ensures that individual identities are protected while allowing valuable insights to be gained for ongoing research and development.

If you wish to remove your data from any future research, analytical, and improvement purposes after the anonymisation deadline, you will be required to delete your account via the App. If you have any questions or require further clarification regarding the anonymisation process and its implications on user rights, please contact us at privacy@oneplusone.org.uk.

6. Data Transfer

6.1 Geographic Area

All personal data is processed within the European Economic Area (EEA). Geo-locking mechanisms are in place to ensure data is not transferred outside of the EEA.

6.2 Privacy Protections

Since no data is processed outside the EEA, there are no formal or recognised adequacy measures needed for privacy protection. Data remains within the geographic boundaries covered by EEA regulations.

7. Governance and Compliance

7.1 Compliance Documentation

We comply with the Data Protection Act 2018 and the General Data Protection Regulations (GDPR). Users are directed to company documents, including data protection policies, GDPR policies, terms and conditions, and research policies during the onboarding journey.

7.2 Oversight

Governance arrangements involve utilising two datasets – one anonymised and another with identifying information. This approach aligns with British Psychological Society (BPS) ethical guidance for research with human participants. Oversight and compliance with data protection principles are integral to our ongoing operations.

8. Changes to this Privacy Statement

OnePlusOne reserves the right to update or modify this Privacy Policy at any time. Any changes made to the policy will be reflected with an updated effective date. Users are encouraged to review this Privacy Policy periodically for any amendments. If significant changes are made in the way personal information is handled, a notice will be posted on our website, within the app, or sent via email to inform users of the modifications. Continued use of the app after such changes indicates your acceptance of the updated Privacy Policy.

9. Questions or Concerns

If you have any questions or concerns about our privacy practices or this Privacy Policy, please contact us at privacy@oneplusone.org.uk. We are committed to addressing and resolving any issues promptly.

Effective Date: Thursday 11th January 2024