Privacy Policy.

Last updated: 24/05/2018


This document explains how we collect, store and use information from you and how we will protect your privacy rights.

It covers:

(1) any of our websites, including or on the subdomain *

(2) any of our products or services (including Sandman) on any platforms; and

(3) any of our products or services (including support services) which may be accessible via a web application, third party platform or social network.

Together, we call these our “Services”. By using any of our Services, you confirm that you have read, understood and agree to this Privacy Policy – in particular that you consent to us collecting certain information from you and using it as outlined below. If you do not agree to this policy, please do not use any of the Services. If you have any queries, please email us at Please see our Cookie Policy for information about our use of cookies and similar tracking technologies.

Who we are

We are Sandtable Limited, a company registered in England and Wales (under company number 05338372) with our registered office at 69 Old Street, London, EC1V 9HX, UK.

About this Privacy Policy

We are committed to protecting and respecting your privacy. This Privacy Policy (together with any other applicable legal documents relating to the Services) sets out the basis on which we will process information we collect from you or that you provide to us through your use of our Services or otherwise. This may include:

(a) personal data (sometimes referred to as personally identifiable information), meaning information which, on its own or in combination with other information, can be used to identify individual people; and

(b) non-personal data (sometimes referred to as non-personally identifiable information), meaning information which cannot be used to identify individual people.

Our Services are not intended for children and we do not knowingly collect data relating to children.

What information is being collected

The information we collect about you can include:

  • identity data such as your name;
  • your email address;
  • any user name (such as a user account or forum user name) used to identify yourself in any Services;
  • details of any digital platform accounts used to access our Services (e.g. your GithubID);
  • any other information which you supply to us via the Services (including via any third parties);
  • technical or other details about any device which you use to access the Services, including IP address, MAC address; Unique Device Identifier or equivalent, operating system, browser type, engine type, and/or other hardware or software; and
  • details of your use of our Services including, but not limited to: metrics information about when and how you use the Services, developer and non-developer generated logs, traffic data, and your geographical location data.

How we use your personal data

We only use your personal data where we are allowed to by law. For example, this may include:

(a) to notify you about changes to our Services;

(b) to improve or modify our Services based on how you use them and to ensure that content from our Services is presented in the most effective manner for you;

(c) where we need it to perform any contract we have with you;

(d) for payment processing (either by us or by payment processors on our behalf);

(e) to allow you to participate in interactive features of our Services;

(f) where we need to use it for our legitimate interest (or those of a third party);

(g) where we need to comply with any legal or regulatory obligations; and

(h) to prevent or detect fraud or abuse of our Services.

Where you wish to withdraw your opt-in consent for any direct marketing, you can use the unsubscribe button in the relevant email or email us at

Where we store your personal data

You agree that personal data we obtain from you and your users may be processed by our service providers, who may be based in countries outside of the EEA, for the purposes of providing you with the Software and Services. Such countries may not have laws offering the same level of protection for personal data as those inside the EEA. However, where such transfers of data occur we will take steps to prevent the transfer of personal data without adequate safeguards being put in place and will ensure that your and your users’ personal data collected in the EEA and transferred internationally is afforded the same level of protection as it would be inside the EEA. For further information on the adequate safeguards adopted by us for the international transfer of personal data, please contact

If you have a password which enables you to access certain parts of our Services, you are responsible for keeping this password confidential. Please don’t share it with anyone.

The transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your data transmitted to our servers via any of our Services; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Sandtable takes cyber security seriously. We are committed to safeguarding our information and that which is entrusted to us by our partners. Our commitment is demonstrated through our award of a Cyber Essentials.

How long will you use my personal data for?

We will only retain your personal data for as long as necessary to fulfil whatever purpose we collected it for. When we think about how long might be relevant, we’ll consider the amount, nature and sensitivity of your personal data as well as the potential risk of any unauthorised use or disclosure.

By law, we can keep different personal data for different periods of time. For example, we can keep certain basic information for six years after you stop being a customer for tax purposes.

Sharing your information with third parties

We may share your information with third party partners who work with us to provide the Services to you in order to support, improve or amend any Services. We may also share your information with partner data analysis services, our third party cloud service providers (AWS), our professional advisers and HM Revenue and Customs.

Except with your consent, we do not disclose personal information about identifiable individuals to advertisers. We may provide them with aggregate and/or anonymised information about our users to help advertisers reach the kind of audience they` want to target. We may make use of the information we have collected from you to enable us to comply with our advertisers’ wishes by displaying their advertisement to that target audience.

Please remember that any communications you have via our Services (or products using our Services) may reveal your screen name, other details about you and the content of any communications by you to other users. We are not responsible for the activities of other users or other third parties whom you choose to provide your information to or otherwise interact with (whether via our Services or otherwise).

Other ways in which we may share your information

We may disclose your personal information to any member of Sandtable. We may disclose your personal information to third parties if we sell or buy appropriate business or assets, in which case we may disclose your personal information to the prospective or actual seller or buyer of such business or assets. If we or substantially all of our assets are merged with or acquired by a third party, personal information held by us about our customers will be one of the transferred assets. We may share or disclose your personal information with third parties: (a) if we are under a legal duty to do so; (b) to enforce any terms and conditions applying to any of the Services; or (c) to protect our rights and property or the safety of our customers or others.

Links to third party sites

Our Services may, from time to time, contain links to and from the websites or services of partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites or services may have their own privacy policies and we do not accept any responsibility or liability for these policies, nor do we endorse such websites or services. We advise that you check any relevant terms before you submit any personal information to these third parties.

Your rights

We are the data controller responsible for your data. If you are a European Union citizen, you have the right to ask us not to process your personal information for marketing purposes by contacting us at EU data protection legislation gives EU citizens the right to access information held about you. In relation to your data, you may also have the right to:

(a) require its correction or deletion;

(b) object to or restrict its processing and/or transfer; or

(c) withdraw any applicable consents.

Please email us at if you have any of these requests. We will aim to respond to all legitimate requests as soon as we reasonably can and in any event within 30 days.

It is important that the personal data we hold about you is accurate. Please let us know if your personal data changes.

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any changes. We may also notify you in other ways from time to time.

Contact us

We welcome any questions and comments regarding this Privacy Policy, which should be addressed to