Privacy Policy

1. Who We Are Quake Ventures Management Ltd is the Data Controller responsible for your personal information. Contact: Privacy Team / DPO at [privacy@quake.dev]

2. What We Collect & Why We process data under the legal bases of Legitimate Interest (recruitment), Contract (SaaS access), and Legal Obligation (compliance).

Candidates: We collect Identity, Contact, CV/Professional history, and Right to Work documentation to match you with employment opportunities. We source this directly from you or public profiles (e.g., LinkedIn).

Clients: We collect Work Contact details, Technical data (IP/Cookies), and Financial data to manage your account and SaaS access.

3. Sharing & Security We do not sell your data. We share data only with:

Clients: To introduce candidates for specific vacancies.

Infrastructure: Trusted processors including AWS (Hosting) and Google Workspace (Email, Storage & Identity).

4. International Transfers (Remote Work) Quake is a remote-first company. While our servers are in the UK/EU, authorized staff in Malaysia and Kenya may access data via secure, encrypted connections. These transfers are strictly protected by the UK International Data Transfer Agreement (IDTA).

5. Retention & Your Rights

Retention: We keep Candidate data for 2 years after last contact, and Client data for 6 years after contract end (for tax purposes).

Your Rights: Under UK GDPR, you have the right to Access, Correct, Erase, or Object to our processing. To exercise these rights, email [privacy@quake.dev].