FIELD.IO Website Privacy Policy

Last updated: May 2026

This Privacy Policy explains how FIELD collects and uses personal data when you use our website (field.io), subscribe to our newsletter, or contact us through the site.

If you apply for a job, please also read our Candidate Privacy Notice (Recruitment Data), linked from our careers page.

1. Who we are

FIELD operates through two entities:

  • United Kingdom: FIELD.IO Ltd, Hackney Depot, 5 Sheep Lane, London E8 4QS·hello@field.io

  • Germany: FIELD.IO Berlin GmbH & Co KG, Niemetzstraße 47–49, 12055 Berlin, Germany

For the field.io website, the controller is generally FIELD.IO Ltd, with support from the wider FIELD group where relevant.

2. What personal data we collect

Depending on how you use our website, we may collect:

a) Newsletter sign-ups

Email address and any preferences you provide.

b) Website analytics and cookies

Technical and usage data such as pages visited, approximate location, device and browser type, referral source, and usage statistics. Online identifiers such as cookie IDs and IP address.

c) Log and security data

Server logs including IP address, timestamps, and pages requested, used for security, troubleshooting, and maintaining the site.

d) Contact and enquiries

Your email address and any information you include in your message if you contact us via hello@field.io, enquiries@field.io, or press@field.io.

3. How we use your data

a) To send newsletters you subscribe to

Lawful basis: Consent. You can unsubscribe at any time using the link in any email or by contacting hello@field.io.

b) To understand and improve our website

We use Google Analytics to measure site performance and understand how visitors use the site. We only set non-essential analytics cookies if you consent via our cookie banner.

Lawful basis: Consent.

c) To keep the website secure and operating properly

We maintain server logs to detect misuse, maintain security, and troubleshoot issues.

Lawful basis: Legitimate interests. We have a legitimate interest in keeping our website and systems secure, and this processing is necessary and proportionate to that interest.

d) To respond to enquiries

We use the information you send us solely to respond to your message.

Lawful basis: Legitimate interests. We have a legitimate interest in responding to people who contact us, and this processing does not override your rights.

We do not use your website data to make decisions based solely on automated processing.

4. Cookies

We use cookies and similar technologies on our website. You can choose which non-essential cookies to accept or decline through our cookie banner when you first visit the site, and update your preferences at any time via the cookie settings link in the footer.

The categories of cookies we use:

  • Strictly necessary cookies — essential for the website to function, including remembering your cookie consent choice. These do not require consent.

  • Functionality cookies — remember your preferences and improve your experience (for example, language or display settings). Only set with your consent.

  • Analytics cookies — help us understand how visitors use the site. We use Google Analytics for this purpose. Only set with your consent. Google Analytics data is retained for up to 14 months for user data and 2 months for event data.

We do not use targeting or advertising cookies.

You can withdraw your consent at any time by updating your cookie preferences via the link in the footer. You can also delete cookies already stored on your device through your browser settings, though this may affect how the website functions.

For more information on how Google processes analytics data, see Google’s Privacy Policy.

5. Newsletter platform (Mailchimp)

We use Mailchimp to manage our mailing list and send newsletter emails. When you subscribe, your email address is stored within Mailchimp and used to send you the newsletter. You can unsubscribe at any time using the link in any email.

Mailchimp acts as a data processor on our behalf and processes your data only on our instructions.

6. How we keep your data secure

We take the security of your personal data seriously. Appropriate technical and organisational measures are in place to protect your data against unauthorised access, loss, or disclosure. These include:

  1. Encrypted data transmission (HTTPS) across our website
  2. Access controls limiting who can access personal data
  3. Use of reputable third-party service providers with their own security standards

While we take reasonable steps to protect your data, no internet transmission is completely secure. If you have concerns about a specific security issue, please contact us at hello@field.io.

7. Who we share data with

We may share personal data with trusted service providers who help us operate our website and communications, including:

  1. Website hosting and IT providers — for the operation and maintenance of field.io
  2. Cloudinary — our media delivery platform, used to serve images and video content on the website. Cloudinary may process technical data such as IP addresses as part of content delivery. See Cloudinary’s Privacy Policy for more information.
  3. Google Analytics — for website analytics (only where you have consented to analytics cookies)
  4. Mailchimp — for newsletter delivery (only where you have subscribed)

We only share data where necessary and require all providers to handle data securely and in line with applicable law. We may also disclose information where required by law or to protect our legal rights.

8. International transfers

Some service providers (including Google Analytics, Mailchimp, and Cloudinary) may process personal data outside the UK and EEA. Where transfers are restricted under data protection law, we use appropriate safeguards such as Standard Contractual Clauses and/or the UK International Data Transfer Agreement.

9. How long we keep your data

Data type

Retention period

Newsletter subscribers

Until you unsubscribe. A suppression record may be kept after to honour your opt-out.

Google Analytics — user data

Up to 14 months

Google Analytics — event data

Up to 2 months

Security / server logs

30–90 days, unless needed for an ongoing investigation

Enquiries

Up to 12 months, unless there is an ongoing relationship or legal need

10. Your rights

Depending on your location, you may have the right to:

  1. Access the personal data we hold about you
  2. Correct inaccurate data
  3. Request deletion of your data
  4. Restrict or object to certain processing
  5. Data portability (where applicable)
  6. Withdraw consent at any time (where we rely on consent, such as for newsletter sign-ups and analytics cookies)

To exercise any of these rights, contact us at hello@field.io. We will respond within one month.

11. How to complain

If you have a concern about how we handle your personal data, please contact us first at hello@field.io and we will do our best to resolve it.

You also have the right to complain to a supervisory authority:

  1. UK: Information Commissioner’s Office (ICO) — ico.org.uk/make-a-complaint — 0303 123 1113
  2. Germany: The Federal Commissioner for Data Protection and Freedom of Information (BfDI) — bfdi.bund.de — or your relevant state authority
  3. Other EU countries: Your local supervisory authority

12. Updates to this policy

We may update this Privacy Policy from time to time. The latest version will always be posted on this page with the date it was last updated.