Last updated on 29 June 2026
Notchup, operated by Future of Work Limited, is a global digital platform that lets companies hire digital talent and lets talent provide digital software products and services. To provide the full range of Notchup products and services, we need to collect and process information about you. This Privacy Policy and our Cookies Policy apply to all visitors to and users of our website, online services and customers (both individuals and companies).
For the purposes of this Policy, the data controller is Future of Work Limited (registered in England and Wales under company number 12752302), whose registered office is at The Retreat, 406 Roding Lane South, Woodford Green, Essex, United Kingdom, IG8 8EY. References to "Notchup" also apply to its channels, including the Talent Dashboard, Company Dashboard and Admin Portal.
This policy applies to our website at www.notchup.com, any Notchup website that links to this Privacy Policy or our Cookies Policy, our apps, and information you provide by phone, SMS, email, in correspondence or in person.
We are committed to protecting your personal information, being transparent about the data we hold, and wherever possible giving you control over how it is used. Please read this policy to understand what information we may hold about you, how we use it, and how you can access, update or delete it.
We do not sell your personal data. We use your information only for the purposes described in this policy, and we apply heightened safeguards to sensitive information such as your identity-verification documents and financial details.
We process personal data in line with applicable laws, including the UK GDPR, the EU GDPR, the UK Data Protection Act 2018, the Privacy and Electronic Communications Regulations, the California Consumer Privacy Act (as amended) and other U.S. state privacy laws. We may update this policy from time to time; revisions will be posted on this page with a new "Last updated" date.
We collect the following categories of personal data:
We use the information we collect to:
If you are in the United Kingdom or European Economic Area, we rely on the following legal bases under the UK GDPR and EU GDPR, and may rely on more than one depending on the specific purpose:
Where consent is required for us to process certain personal data, it must be clearly given. You may give consent to receive our marketing communications, or when you ask us to share your details with a client or other third party in connection with the services.
Where you have given consent, you may withdraw it at any time by emailing dataprotection@notchup.com. We will stop the processing based on that consent, although this does not affect any processing carried out before withdrawal. If your details have already been shared with a client or third party at your request, you may need to contact them directly to withdraw your consent to their use of your data.
We do not sell your personal data. We disclose it only as described here:
We use appropriate technical, organizational and administrative safeguards designed to protect your personal data, including encryption of data in transit and at rest, access controls, secure servers and strict procedures to prevent unauthorized access. No method of transmission or storage is completely secure, so we cannot guarantee absolute security; please help protect your account by using a strong password and keeping your credentials confidential.
Protection of sensitive data. Some of the data we process is especially sensitive — in particular your identity-verification documents (such as passport, driver's license or national ID) and your financial and bank account details. We apply heightened safeguards to this data, including: encryption in transit and at rest; strict role-based, least-privilege access limited to personnel who genuinely need it; restricted and isolated storage; use of this data only for identity verification, KYC/AML and payment purposes; contractual confidentiality and security restrictions on the verification and payment providers who process it on our behalf; monitoring, logging and access reviews; and defined retention limits after which the data is securely deleted. We never use sensitive data for unrelated purposes.
International transfers. All information you provide is stored securely, and where possible within the UK or EU. Where we transfer personal data outside the UK or EEA, we put appropriate safeguards in place, such as the UK International Data Transfer Agreement/Addendum and the European Commission's Standard Contractual Clauses, or rely on another lawful transfer mechanism. Some third parties to whom we disclose data may process it outside the UK/EEA under their own privacy policies.
Cookies. We use cookies and similar technologies to operate and secure our sites, remember your preferences, understand usage and improve performance and marketing; please see our Cookies Policy. You can control cookies through your browser settings.
Children. Notchup is not directed to children, and we do not knowingly collect personal data from children under 16. If you believe a child has provided us personal data, contact us at dataprotection@notchup.com and we will delete it.
We retain personal data for as long as necessary to fulfil the purposes we collected it for, including to provide the services and to satisfy our legal, accounting, AML and reporting requirements, and for as long as necessary for the prevention and detection of fraud or criminal activity. Where you hold an account, we retain your data for as long as your account is active and for a period afterwards to meet those obligations.
In some circumstances you can ask us to delete your data (see "Your rights as a data subject" below). We may also anonymize your data so it can no longer be associated with you, in which case we may use it indefinitely without further notice.
UK and EEA residents. While we hold or process your personal data, you have the right to access a copy of your data, to rectify inaccurate or incomplete data, to request erasure, to restrict processing, to data portability, to object to certain processing (such as direct marketing), and to withdraw consent. You also have the right to lodge a complaint with a supervisory authority — in the UK, the Information Commissioner's Office (ico.org.uk).
U.S. state privacy rights. Depending on your state of residence (including under the California Consumer Privacy Act as amended by the CPRA, and the privacy laws of Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana and other states), you may have the right to:
We do not sell your personal information for money, and we do not use or disclose sensitive personal information for purposes beyond those described in this policy. To exercise any of these rights, email dataprotection@notchup.com. You may use an authorized agent and may appeal a decision by replying to our response. We may need to verify your identity before responding and will respond within the timeframes required by law.
If you have any questions, requests or complaints about how your personal data is processed by Notchup (or by third parties as described above), or about how a complaint has been handled, please contact us in the first instance at dataprotection@notchup.com.
Future of Work Limited (Notchup), The Retreat, 406 Roding Lane South, Woodford Green, Essex, United Kingdom, IG8 8EY.
You also have the right to lodge a complaint directly with the UK supervisory authority, the Information Commissioner's Office, via ico.org.uk. If we update this policy, we will post the revised version on this page with a new "Last updated" date.