Privacy Policy

Stride Workplace Limited (in formation) · Last updated: 7 April 2026 · Version 1.0

1. Who We Are

CompanyStride Workplace Limited (in formation)
Registered address[To be confirmed]
Company number[To be confirmed]
ICO registration[To be confirmed]
Emailhello@strideworkplace.com
Data protection contacthello@strideworkplace.com

We are a workplace pension administration platform that helps UK employers manage their pension scheme obligations. We are the data controller for the personal data processed through our platform.

2. What Data We Collect

For Employers (via the employer portal)

  • Company name, registered address, Companies House number, PAYE reference
  • Contact name, email, phone, job title of authorised contacts
  • Pension scheme details (provider, scheme reference, contribution rates)
  • Signatory details for document signing

For Employees (provided by their employer)

  • Full name, date of birth, email address, phone number
  • National Insurance number
  • Job title, employment start date, annual salary
  • Pension contribution details, salary exchange status, auto-enrolment status
  • Tax code, Scottish taxpayer status
  • Beneficiary nomination status

Data employees provide directly through the platform

  • Financial Healthcheck answers (family status, property ownership, protection cover, pension confidence, retirement preferences)
  • Retirement planner inputs (target retirement age, fund values)
  • Estate planner inputs (property value, investments, pension value)
  • Referral preferences (services of interest, contact preferences)
  • Beneficiary nomination confirmations

For Website Visitors and Lead Capture

  • Name, email, phone number, company name (from calculator/score tools)
  • Estimated pension savings calculations
  • Browser cookies (essential only — authentication tokens)

3. How We Use Your Data

Our lawful bases under UK GDPR:

Contract performance (Article 6(1)(b))

  • Providing the Stride platform to employers under our service agreement
  • Managing pension scheme administration
  • Processing salary exchange calculations
  • Generating compliance reports and documents

Legitimate interests (Article 6(1)(f))

  • Improving our platform and developing new features
  • Analysing aggregated (anonymised) usage data
  • Sending service-related communications
  • Fraud prevention and security monitoring

Consent (Article 6(1)(a))

  • Financial Healthcheck participation (employees choose to complete this)
  • Referral generation (employees explicitly consent before any data is shared)
  • Marketing communications (lead capture forms)
  • Cookie preferences (non-essential cookies, if any)

Legal obligation (Article 6(1)(c))

  • Maintaining records as required by The Pensions Regulator
  • Responding to regulatory enquiries
  • Tax reporting obligations

4. How We Share Your Data

Employers

We share aggregated scheme data with your employer (they are already your employer and have provided your data to us). We do not share your Financial Healthcheck answers, retirement planner inputs, or referral choices with your employer.

Financial advice providers

Only when you explicitly request a consultation via the platform. When you click “Connect me” or submit a referral enquiry, your name, contact details, and selected service areas are shared with the relevant adviser. Your employer is not informed of individual referral requests. The financial advice relationship is then governed by the adviser’s own privacy notice (currently Quilter Financial Advisers — see quilter.com/privacy).

Third-party introducers

Where your employer has an introducer relationship (e.g., accountant, solicitor), referrals in those categories may be directed to the relevant professional. You are always informed of who will receive your details before you consent.

Sub-processors

  • Supabase — database hosting, EU region
  • Vercel — application hosting, London region
  • Resend — transactional email
  • HubSpot — CRM for employer leads only (not employee data)

We will never:

  • Sell your personal data to third parties
  • Share your individual Financial Healthcheck results, salary, or personal financial details with your employer

5. Data Security

  • All data encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Application hosted on Vercel (London, lhr1 region)
  • Database hosted on Supabase (EU region, eu-west-2)
  • Row-level security (RLS) ensures employees can only access their own data
  • Regular security reviews and access controls
  • Passwords hashed using bcrypt
  • Session tokens expire after inactivity

6. Data Retention

Data typeRetention period
Active employer accountsDuration of service + 7 years (regulatory requirement)
Leaver/alumni records7 years from last activity, then anonymised
Financial Healthcheck responses7 years
Lead capture data2 years, then deleted if not converted
Website analyticsAnonymised, no personal data retained

7. Your Rights (UK GDPR)

You have the following rights regarding your personal data:

  • Right of access — request a copy of your data (Subject Access Request)
  • Right to rectification — request correction of inaccurate data
  • Right to erasure — request deletion (where not overridden by regulatory retention requirements)
  • Right to restrict processing — request we limit how we use your data
  • Right to data portability — receive your data in a machine-readable format
  • Right to object — object to processing based on legitimate interests
  • Right to withdraw consent — where processing is based on consent

To exercise any of these rights, contact hello@strideworkplace.com. We will respond within 30 days.

8. Children’s Data

Our platform is not intended for use by anyone under the age of 16. We do not knowingly collect personal data from children.

9. International Transfers

Your data is processed and stored within the United Kingdom and European Economic Area. We do not transfer personal data outside these regions. Our hosting providers (Supabase and Vercel) maintain servers in the EU/UK.

10. Cookies

We use only essential cookies required for authentication and session management. We do not use tracking cookies, advertising cookies, or analytics cookies that process personal data. No cookie consent banner is required as we only use strictly necessary cookies.

See our full Cookie Policy for details.

11. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated effective date. For significant changes, we will notify you via the platform or email.

12. How to Complain

If you have concerns about how we handle your personal data, please contact us first at hello@strideworkplace.com.

If you are not satisfied with our response, you have the right to complain to:

The Information Commissioner’s Office (ICO)

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Tel: 0303 123 1113

Website: ico.org.uk/concerns

13. Financial Advice Data

Stride Workplace Limited does not provide financial advice. Where you request a consultation through our platform, your data is passed to Quilter Financial Advisers, who are authorised and regulated by the Financial Conduct Authority (FCA register references 440703 and 440718). From that point, Quilter’s own privacy notice governs the processing of your data for advice purposes.

You can view Quilter’s privacy notice at quilter.com/privacy.

Stride Workplace Limited (in formation). This privacy policy was last updated on 7 April 2026. Version 1.0.