Privacy and Data Principles takes the privacy rights of our Company users and their staff using our site very seriously and seeks to ensure the highest standards of compliance with UK Data Protection Laws and Regulations. This Privacy Policy is incorporated in and subject to the site Terms and Conditions. This Privacy Policy explains to you the relevant privacy terms governing the use of this site. You expressly consent to the use of your data in accordance with this Privacy Policy.

We (WhosOffice a trading name of Xdrive Computing Ltd) collect information from you via the website or web aps in a manner expressly described in this privacy statement which outlines how this information is then used. By 'you' we mean your company, organisation or collective group or an individual user using the software. When you provide us with your personal data in the manner described, you consent to the processing of all such personal data as set out in the privacy statement. Please read our privacy statement carefully and revisit this page from time to time to review any changes that we may have made. If you have any questions or comments about how we handle your personal information, please contact us. 

1. Your Data

Your Data means any information about your company or staff which is identifiable, including, without limitation, company name, your staffs names, company address, company telephone numbers, company email address, staff email address, user passwords, comments, all staff holiday & sickness dates and other information from which your company and staff can be identified and which you may disclose to or otherwise via, but not limited to, the site at any time.

2. When does collect your company data and your staff data?

  • If you sign up as a user, we collect data when you:
    • Sign up your company as a user;
    • update your user company details or settings; and
    • post an entry on the site.
    • Request, approve or decline holiday requests.
    • Staff details are limited to name and email address, plus other optional details added or edited by them at the "edit my details" area.
    • When your company or your staff update holiday requests, sickness or any other leave/vacation information.
  • If you otherwise use the site (whether or not you are a user), we collect your data from you when you:
    • make a complaint or enquiry or provide other feedback to us;
    • disclose your data to us or otherwise through the site at any other point.
  • And also when we
    • monitor your communications sent via and use of the site

3. How do we use Your Data:

  • We use Your Data to:
    • monitor, develop and improve the site, services and your experience;
    • process your registration as a user;
    • process the addition of new members of staff to your user group
    • process all requests, approvals, declines, holiday, sickness out of office and meeting data information.
    • process and deal with any complaints or enquiries made by you;
    • we use your data to update, develop our services.
    • investigate any suspected breach of the Terms and Conditions of Use or user Terms and Conditions (as relevant) made by or otherwise relating to you or your company or staff and to monitor compliance including by way of checking messages to the site.
    • where requested by you, to send you and keep you updated with information by email about existing and new services and special offers from and any other companies within the group;
    • where requested by you, to send you information by e-mail about related products or services of selected third parties that may be of interest to you; and
  • To opt-out of receiving any information pursuant to the above paragraph you can:
    • 1. request us to amend your preferences accordingly in your company details or Settings (email;
    • 2. use the facility contained in any such communication.

4. Will we pass on your data to third parties?

  • We may pass your data to other parties as follows:
    • Where other staff within your company wish to contact you, they will be able to identify you by your name and any other information you may yourself disclose via the Edit My Details page. To our employees and agents to administer your usage and the services provided to you by now or in the future.
    • Some general statistical information about the site user base, patterns, traffic volumes and related matters may be passed on to reputable third parties but these details will not include information personally identifying your staff or your company.
    • We may disclose your data or staff data to the police, regulatory bodies or legal advisers in connection with any alleged criminal offence or suspected breach of the Terms and Conditions of use and (where appropriate) User Terms and Conditions by you or your company otherwise where required by law.
    • We do not pass or sell your data to third persons for any other purpose than those set out above. Any marketing under this paragraph is conducted by on behalf of third parties and they do not have any access to your data unless you yourself or your Company choose to contact them.
    • As stated in the Terms and Conditions, We have no responsibility or control over the contents of communications made between your staff and/or your Company to your staff.

5. Giving Information for other people

  • For UK based companies, your company must be registered as a data controller in line with the United Kingdom Data Protection Act, 1998. If you are processing data in order to fulfil your statutory obligations (e.g. to record absence under statutory sick pay regulations), consent from employees is not necessary, and the ICO guidance also makes it clear that consent is not required where you process data in order to determine whether an employee is fit and well and therefore able to perform their duties, to make reasonable adjustments to their duties, to fulfil health and safety obligations etc. or to pay health benefits.
    In other countries similar laws will apply, and you are responsible for making sure that you comply with relevant local/national legislation.

6. Data Security

  • We have security measures in place to make sure any personal information we collect is secure. Your account is password protected and all information including your password is held on secure servers, which only a limited number of employees and sub-contractors can access. All parties with access to your information are subject to confidentiality obligations. If you think your password is known by someone else you must change it immediately. Additionally all passwords are held in an encrypted form. Once logged into, all information is transmitted via industry-standard encryption (SSL).

7. Cookies

  • Cookies are small pieces of information stored by your browser on your computer's hard drive
  • use cookies to allow us to understand who has seen which pages and advertisements, to determine how frequently particular pages are visited, to determine the most popular areas of the Site and generally in order to monitor usage of the Site.
  • Most web browsers automatically accept cookies, though you do not have to.
  • We do not control the use of cookies by third parties. If you wish to disable cookies then you can do so by readjusting your browser settings although please note that by disabling cookies you may not be able to register with or use all features of the Site.

8. Access to and updating your data

  • Where you are a Staff or Approver user, you may access and update your data contained in your user area accessed by the Edit My Details link. You must make sure that you update your data as soon as possible with any and all relevant changes.

9. Other links

  • Please be aware that you may access other websites through our site
  • is not responsible for the data protection policies, content or security of these linked web sites. We do not have any control over the use to which third parties may put your data where you choose to purchase products or services or otherwise to contact them via this Site.

10. Transfer Outside the EEA

  • This site is accessible via the internet and therefore may potentially be accessed by anyone around the world.
  • This means that, where you post your data on the site, this could be accessed from anywhere around the world and therefore a transfer of your data outside of the European Economic Area may be deemed to have occurred. You consent to such transfer of your data for and by way of this purpose.

11. Contact Us

  • If you have any comments or queries in connection with our privacy policy, please contact us by email at
----------------------------- PRIVACY POLICY ENDS ----------------------------- Data Principles

  • Notice: giving individuals notice, as outlined in the above Privacy Policy, of the purposes for which their data is collected, notice that third party contractors, to whom data may be disclosed, information to enable the individuals to contact the organisation for enquiries or complaints and the means offered for limiting use and disclosure.
  • Choice: offering individuals the choice of opting out of disclosure to third parties and the choice of whether or not to allow the organisation to use the data for purposes other than those for which they were originally collected.  An opt-in approach is required if sensitive data are involved. However, only uses data as outlined in our Privacy Policy. does NOT hold sensitive data such as; racial or ethnic origin of the data subject, his/her political opinions, his/her religious beliefs or other beliefs of a similar nature, whether he/she is a member of a trade union, his/her sexual life, the commission or alleged commission by him of any offence.
  • Onward transfers: data may be disclosed only to our approved third parties, working on our behalf, who offer the equivalent level of privacy protection.
  • Access: providing the individual with access to their data and giving them the right to have the information corrected upon request, unless the burden or expense of doing so is disproportionate or would violate the rights of another individual.
  • Security: taking reasonable precautions to protect personal data from loss or misuse and from unauthorised access, disclosure, alteration and destruction.
  • Data integrity: ensuring that data are accurate, up-to-date, relevant and reliable for their intended use.
  • Effective Procedures: providing effective procedure mechanisms and dispute resolution procedures 


Stay connected - Latest blog posts


Posted on Fri, 22nd Sep 2017 The RyanAir leave saga is not uncommon in UK businesses

With the saga of RyanAir unfolding in the media and the storm that is currently chasing CEO Michael O’Leary, other companies may well be taking a good look at themselves to ensure their staff are taking their annual leave entitlement

Posted on Tue, 16th May 2017 Updates published 16th May 2017 We have published a number of updates to the WhosOffice platform today, including Password requirements, Event timings, and an update to your personalised dashboard.
Posted on Wed, 26th Apr 2017 Security Update (Auto Account Lockout) We have introduced a new security feature to the platform surrounding failed login attempts by users.
Posted on Thu, 29th Sep 2016 Service updates for September 2016 The latest updates to the WhosOffice platform include Mutliple Allowance pots, automatic approvals and a general improvement to the (UI) user interface.

Start your long trial today get until Tuesday, 26th Dec 2017 absolutely FREE! No credit card, no setup fees and no hidden costs!