Privacy Policy
​(updated on 1st July 2026)
​​
This Privacy Policy applies between you, the User of this Website, and PressHop Media UK Limited, the owner and provider of this Website. Presshop Media UK Limited takes the privacy of your information very seriously. This Privacy Policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website.
Please read this Privacy Policy carefully.
​​
Introduction​
At PressHop Media UK Limited ("PressHop", "Cerebera", "we", "our" or "us"), we are committed to protecting your privacy and handling your personal information responsibly, securely and transparently.
This Privacy Policy explains how we collect, use, store, protect and disclose personal information when you access or use the CEREBERA platforms, including our website, web applications, mobile applications, APIs and related services (collectively, the "Services"). Please read this Privacy Policy carefully before using the Services.
Who this Privacy Policy applies to
- Organisations subscribing to Cerebera's products
- Customer administrators.
- Managers and supervisors.
- Employees.
- Workers.
- Contractors.
- Consultants.
- Temporary staff.
- Agency workers.
- Volunteers.
- Visitors to our website.
- Individuals contacting Cerebera.
- Anyone authorised to use Cerebera's platforms or mobile applications.
Who we are
Our products are operated by PressHop Media UK Limited, a company incorporated in England and Wales. For the purposes of applicable data protection legislation:
- PressHop acts as a Data Controller when processing personal information relating to its own business activities, including customer accounts, billing, website enquiries, marketing communications and customer support.
- PressHop acts as a Data Processor when processing personal information on behalf of a customer organisation using the PressHop® Enterprise platform.
Information we collect
Depending on how you use the Services, we may collect the following categories of personal information:
Identity Information
- Name
- Job title
- Organisation
- Employee or worker ID
- Username
- Profile photograph (if provided)
Contact Information
- Business email address
- Telephone number
- Company address
- Emergency contact details (where enabled by your organisation)
Account Information
- Login credentials
- Password (stored in encrypted form)
- Authentication information
- User preferences
- Language settings
Device Information
- Device type
- Operating system
- Browser type
- Device identifiers
- Mobile device identifiers
- IP address
- App version
- Crash reports
Location Information:Â
Where enabled by your organisation or permitted by you, we may collect:
- Live GPS location
- Historical location data
- Geofencing events
- Route information
- Time and location stamps
Operational Information:Â
Information generated through your use of the Platforms, including:
- Tasks
- Attendance records
- Shift information
- Forms
- Reports
- Inspections
- Checklists
- Workflow activity
- Communications
- Audit logs
- Activity history
Content:Â
Information uploaded through the Platforms, including:
- Photographs
- Videos
- Audio recordings
- Documents
- Digital signatures
- Notes
- Comments
- Incident reports
- Other work-related content
Payment Information:Â
Where applicable, we may collect limited billing information for subscription management. Payment card information is processed securely by our third-party payment providers and is not stored by Cerebera.
How we collect information
We may collect information:
- directly from you;
- from your organisation;
- when you create an account;
- when you use the Platform;
- when you upload content;
- when you communicate with us;
- through cookies and similar technologies;
- through integrated third-party services;
- automatically through your device and browser.
How we use your information
We use personal information to:
- provide the Services;
- authenticate users;
- manage user accounts;
- allocate and manage operational tasks;
- enable communications;
- provide worker safety features;
- generate reports and analytics;
- provide customer support;
- improve platform performance;
- maintain platform security;
- detect fraud and misuse;
- comply with legal obligations;
- develop new features and functionality;
- communicate important service updates.
We will only process personal information where we have a lawful basis to do so.
Lawful basis for processing
Where required by applicable law, we process personal information on one or more of the following legal bases:
- performance of a contract;
- compliance with a legal obligation;
- legitimate interests;
- consent (where required);
- protection of vital interests;
- performance of a task carried out in the public interest, where applicable.
Where Cerebera acts as a Data Processor, the Customer determines the lawful basis for processing personal information.
Location services
CEREBERA's products include optional location-based functionality. Where enabled by your organisation, location information may be used for:
- workforce coordination;
- task allocation;
- attendance verification;
- route optimisation;
- worker safety;
- emergency response;
- operational reporting.
Your organisation determines how location information is used within the Platforms and is responsible for ensuring compliance with applicable employment and privacy laws.
Camera, microphone, and device permissions
Certain features require access to your device's:
- camera;
- microphone;
- GPS;
- storage;
- notifications.
These permissions are used only to provide the functionality requested by you or your organisation. You may manage these permissions through your device settings, although disabling them may limit certain features of the Platforms.
Artificial Intelligence
Cerebera may use artificial intelligence technologies to assist with:
- workflow automation;
- operational insights;
- reporting;
- recommendations;
- task management;
- document analysis;
- productivity improvements.
AI-generated outputs are intended to assist users and should not be relied upon as the sole basis for business, legal, medical or safety-critical decisions.
Cookies
Our website and web applications use cookies and similar technologies to:
- keep you signed in;
- remember preferences;
- improve security;
- analyse usage;
- enhance performance.
Further information is available in our Cookie Policy.
How we share your information
We only share personal information where necessary to provide the Services, comply with legal obligations or protect our legitimate business interests. Depending on how the Platforms are used, personal information may be shared with:
- your organisation;
- authorised administrators within your organisation;
- authorised users of the Platform;
- our trusted service providers;
- payment providers;
- cloud hosting providers;
- identity verification providers;
- communication service providers;
- analytics providers;
- artificial intelligence service providers (where AI features are enabled);
- regulators, courts or law enforcement authorities where required by law.
We do not sell your personal information.
Our service providers
To deliver the Services, CEREBERA may engage carefully selected third-party providers, including providers of:
- cloud infrastructure;
- payment processing;
- email delivery;
- SMS and communication services;
- mapping services;
- customer support;
- identity verification;
- security monitoring;
- analytics;
- artificial intelligence functionality.
All service providers are required to maintain appropriate security and confidentiality obligations.
Regional data hosting
Cerebera is committed to storing Customer Data within the geographical region selected by the Customer wherever commercially and technically practicable.
Unless otherwise agreed:
- Customers in the United Kingdom are hosted within AWS UK regions.
- Customers in India are hosted within AWS India regions.
- Customers in the United States are hosted within AWS United States regions.
- Customers in other countries may be hosted within the agreed regional infrastructure.
Certain operational metadata, encrypted backups, audit logs and support information may be processed outside the primary hosting region where necessary to maintain the security, resilience and continuity of the Services and where permitted by applicable law.
International data transfers
Where personal information is transferred outside the country in which it was collected, Cerebera will implement appropriate safeguards required under applicable data protection legislation.
These safeguards may include:
- the UK International Data Transfer Agreement (IDTA);
- the UK Addendum to the EU Standard Contractual Clauses;
- the European Commission Standard Contractual Clauses (SCCs);
- other legally recognised transfer mechanisms.
Data retention
We retain personal information only for as long as necessary to:
- provide the Services;
- comply with legal obligations;
- resolve disputes;
- enforce our agreements;
- maintain business records;
- protect our legitimate business interests.
Retention periods may vary depending on the nature of the information and the requirements of applicable law. Where personal information is no longer required, it will be securely deleted, anonymised or irreversibly destroyed.
Security
We take the security of personal information seriously and maintain appropriate technical and organisational measures designed to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access.
These measures may include:
- encryption in transit;
- encryption at rest where appropriate;
- secure cloud infrastructure;
- role-based access controls;
- multi-factor authentication for privileged accounts where appropriate;
- audit logging;
- network security controls;
- vulnerability management;
- penetration testing;
- disaster recovery procedures;
- business continuity planning;
- staff confidentiality obligations;
- regular security awareness training.
While we strive to protect personal information, no internet-based service or electronic storage system can be guaranteed to be completely secure.
Your privacy rights
Subject to applicable law, you may have the right to:
- request access to your personal information;
- request correction of inaccurate information;
- request deletion of personal information;
- request restriction of processing;
- object to certain processing activities;
- request portability of your personal information;
- withdraw consent where processing is based on consent;
- lodge a complaint with the relevant supervisory authority.
Where CEREBERA processes personal information on behalf of your organisation, requests relating to your personal information should generally be directed to your organisation in the first instance. Cerebera will assist customer organisations in responding to such requests where required by applicable law.`
Marketing communications
Where permitted by law, CEREBERA may send business-related updates, newsletters, product announcements and marketing communications.
You may opt out of receiving marketing communications at any time by:
- clicking the unsubscribe link included in our emails;
- updating your communication preferences within your account settings; or
- contacting us directly.
Operational, security and account-related communications are not marketing communications and cannot generally be opted out of while you continue to use the Services.
Children's privacy
CEREBERA's platforms are intended for business use and is not designed for children.
We do not knowingly collect personal information directly from children through Cerebera's platforms.
Where a Customer uses the Services in a way that involves information relating to minors, the Customer remains responsible for ensuring that all necessary legal requirements, notices and permissions have been obtained.
Third-party websites and services
The Platforms may contain links to third-party websites, applications or services.
CEREBERA is not responsible for the privacy practices, content or security of third-party services.
Users should review the privacy policies of those third-party providers before using their services.
Changes to this privacy policy
We may update this Privacy Policy from time to time to reflect:
- changes in applicable law;
- new features or functionality;
- improvements to the Services;
- changes in our business operations;
- developments in industry best practice.
Where material changes are made, we will notify Customers through the Platforms, by email or by other appropriate means.
The updated Privacy Policy will become effective from the date specified at the top of the document.
Continued use of the Services after the effective date constitutes acceptance of the updated Privacy Policy.
Contacting Cerebera
If you have any questions about this Privacy Policy or how your personal information is processed, you may contact us using the contact details available on the CEREBERA website.
For privacy-related enquiries, data protection requests or questions regarding your personal information, please contact our Privacy Team through the contact methods published on our website.
We will use reasonable endeavours to respond to your enquiry as promptly as possible and in accordance with applicable law.
Exercising your privacy rights
If you wish to exercise any of your privacy rights, including requests to:
- access your personal information;
- correct inaccurate information;
- delete personal information;
- restrict processing;
- object to processing;
- request data portability; or
- withdraw consent where applicable,
You may submit your request through:
- your organisation (where CEREBERA processes information on its behalf);
- your CEREBERA account (where available within the CEREBERA products); or
- the contact details published on our website.
We may request reasonable information to verify your identity before responding to your request.
Where CEREBERA acts as a Data Processor on behalf of your organisation, we may refer your request to your organisation, which is responsible for determining how your request should be handled under applicable data protection legislation.
Complaints
If you believe that your personal information has not been handled in accordance with applicable data protection laws, we encourage you to contact us first so that we have an opportunity to investigate and resolve your concerns.
Depending on your location, you may also have the right to lodge a complaint with the relevant data protection authority or supervisory authority responsible for privacy matters in your jurisdiction.
Nothing in this Privacy Policy limits any rights you may have under applicable law.
Customer responsibilities
Where CEREBERA processes personal information on behalf of a customer organisation, that organisation is responsible for:
- determining the lawful basis for processing;
- providing any required privacy notices;
- obtaining any necessary consents where required by law;
- configuring the Platform in accordance with its legal obligations;
- responding to requests from its employees, workers or other data subjects.
Cerebera processes such information only in accordance with the Customer's instructions and the Cerebera Data Processing Agreement.
Your responsibilities
When using the Cerebera platforms, you agree to:
- provide accurate information;
- keep your account credentials secure;
- use the Platform lawfully;
- respect the privacy of others;
- upload only information that you are authorised to upload;
- promptly notify your organisation or PressHop of any suspected unauthorised access or security incident.
Relationship with other policies
This Privacy Policy should be read together with the following CEREBERA documents:
- Master Subscription Agreement
- End User Terms of Use
- Data Processing Agreement (DPA)
- Cookie Policy
- Information Security Policy
- Acceptable Use Policy
- Service Level Agreement (SLA)
- Support & Maintenance Policy
- AI Usage Policy
- Regional Data Residency Policy
Where there is any conflict between this Privacy Policy and the Data Processing Agreement in relation to the processing of Customer Personal Data, the Data Processing Agreement shall prevail.



