District 7's Privacy Statement
Last updated April 2025
Who is District 7?
District 7’s expertise spans full-stack development, artificial intelligence and machine learning, blockchain, Web3, cybersecurity, and enterprise cloud architecture. We also offer recruitment, relocation, and staffing solutions, allowing organizations to scale efficiently through nearshoring, remote engineering, or dedicated international teams. Our partners include Fortune 500 firms, emerging tech ventures, and innovation-driven government bodies across industries such as finance, health, logistics, retail, education, automotive, energy, and more.
We place a strong emphasis on data security, ethical technology practices, and compliance. This commitment is foundational to our service delivery and the trust clients place in our platforms. This Privacy & Security Statement (“Statement”) explains how District 7 and our affiliated entities collect, use, store, share, and safeguard your personal information when acting as a data controller. It also outlines your rights under regional and international data protection laws, such as the GDPR and UK GDPR.
Why should you read this statement and what does it cover?
- What kinds of personal data we collect and how we obtain it
- The lawful bases we rely on to process your data
- How we use your personal information and for what purposes
- Whether and with whom we share your data
- How we secure your information
- How long we retain your data
- The technologies we use to collect and analyse usage data
- Your rights under applicable data protection laws (such as the GDPR, UK GDPR, and others)
- How to exercise those rights or contact us with questions
Important: This Statement does not apply to personal data that we process on behalf of our clients using our technology platforms, staffing services, or delivery teams. In such cases, we operate as a data processor under contract with our clients. To understand how personal data is handled in those circumstances, please consult the privacy policy of the respective client.
What personal data do we collect?
- Full name, email address, phone number, and physical address
- Company details, job title, department, and contact info
- Résumés, portfolios, cover letters, education, and employment history
- Bank and payment data (IBAN, SWIFT, invoices, tax information)
- Written communication (emails, messages, contact form responses)
- Event participation info (sign-up details, preferences, or travel details)
- IP addresses, MAC addresses, session activity, and time stamps
- Browser, operating system, device model, and connection metadata
- Visitor metrics (pages visited, session duration, clickstreams)
- Authentication logs, cookies, tokens, and web analytics
- Public profiles (e.g. LinkedIn), job boards, ad campaigns
- Partner platforms, client referrals, or industry events
- Business directories and commercial data aggregators We aim to limit data collection to only what is strictly necessary and proportionate to each purpose.
Why and how do we use your personal data?
We use your personal data in lawful, fair, and transparent ways, based on the following purposes:
1. To deliver our services:
- To assess candidates for job opportunities, including relocation roles
- To onboard, deploy, and manage engineering teams for clients
- To run technical systems, platforms, communication tools, and CRM
2. To communicate effectively:
- To respond to messages, troubleshoot requests, or provide support
- To respond to messages, troubleshoot requests, or provide support
3. For marketing, research, and engagement (based on consent or opt-out options):
- To promote our services, share newsletters or thought leadership
- To invite participation in webinars, workshops, or user feedback
- To personalise content across our website and platforms
4. For legal, compliance, and audit reasons:
- To meet tax, employment, anti-money laundering, and export laws
- To satisfy external audits, due diligence, or contract enforcement
5. For operational analytics and platform improvement:
- To evaluate and improve user journeys, platform performance, and UX
- To identify bugs or incidents, and deploy fixes or updates
6. For security and risk prevention:
- To detect, report, and mitigate unauthorised access or misuse
- To protect physical and network infrastructure
When do we share your personal data?
We only disclose personal data to trusted recipients under strict contractual obligations. These include:
- District 7 entities and internal teams for HR, project delivery, legal, finance, and support
- IT and SaaS providers for cloud hosting, email, CRM, job boards, or identity management
- Client or partner organisations during job placement or joint service delivery
- Event organisers, co-marketing partners, and communication platforms
- Authorities or courts when required by subpoenas, investigations, or regulations
- Buyers or acquirers in case of merger, restructuring, or acquisition
We never sell your data. Any data transfer is subject to privacy assessments, technical safeguards, and contractual protection.
Cookies and tracking technology
We use a mix of session and persistent cookies, pixels, SDKs, and analytics scripts to support the following:
- Website navigation and login continuity
- Understanding user preferences and product usage
- Marketing optimisation across channels (e.g. LinkedIn, Google Ads)
- Security protection, such as fraud detection
You can control cookies via browser settings or opt-out banners. For full details, see our Cookies Statement.
How long do we keep your personal data?
Data is only stored for the duration necessary to:
- Fulfil contractual or legal obligations
- Provide ongoing services or maintain business continuity
- Maintain audit logs and dispute records
- Comply with retention periods in applicable jurisdictions
- Meet backup, cybersecurity, and recovery protocols
After that, data is securely destroyed, pseudonymised, or archived.
International transfers of your personal data
When transferring data across borders, we assess the legal landscape and enforce:
- EU/UK Standard Contractual Clauses (SCCs)
- Country-specific binding corporate rules (where applicable)
- Strong encryption, access control, and data classification protocols
Whether your data is processed in Europe, North America, the Middle East, or Asia, we ensure that safeguards meet GDPR and international standards.
Your rights in relation to your personal data
- Access your personal data and understand how it’s used
- Correct inaccurate, outdated, or incomplete records
- Request deletion of data (when legally applicable)
- Restrict processing in certain scenarios
- Object to processing, including for direct marketing
- Transfer your data to another provider (portability)
- Withdraw your consent for optional services
- File a complaint with a regulator or authority
United Kingdom and European Economics area
If you reside in the UK or EEA, your personal data is processed according to:
- The General Data Protection Regulation (EU) 2016/679
- The UK GDPR and Data Protection Act 2018
- Applicable guidance from the ICO or local DPAs
You are entitled to clear disclosures of our legal bases, and can file complaints directly with your national supervisory authority.
CONTACT US
Email: [email protected]
We aim to respond to all privacy inquiries within 5 business days and provide transparent communication throughout any data rights process.
This Privacy & Security Statement may evolve over time. When updates are made, we’ll revise the “Effective” date and notify users if material changes occur.
District 7
Your global partner in technology innovation, secure systems, and responsible data management.