Last updated July 2021


Fireproof Studios Ltd (also known as Fireproof Games), a company registered in England and Wales with company number 06687549 and registered address Hays House North Wing, Ground Floor, Millmead, Guildford, Surrey, England, GU2 4HJ (“Fireproof”, “we”, “us” or “our”) collects and processes personal data relating to you in the course of you:

  • applying for job vacancies published on (the “Website”) or through any other means; and
  • interviewing or taking part in any other application process with Fireproof.

This applicant privacy notice (the “Applicant Privacy Notice”) has been prepared to provide you with an explanation of how and why we process the personal data that we hold about you in relation to you working for us.

If you have any questions or comments about this Applicant Privacy Notice, please contact us at:

If, following an interview or application process with Fireproof, you are successful, throughout the time you are working with us and for a period afterwards, we will collect, use and store additional personal data about you in order to meet our obligations in connection with your engagement with us, and issue you with a separate privacy notice (the “Employee Privacy Notice”).

When we collect and use information about you, we will likely do so as the “data controller”. This means that we are responsible for deciding the purposes and means for which the personal data that we hold about you is being processed. We will comply with all applicable data protection laws, including without limitation the General Data Protection Regulation 2016/679, the Data Protection Act 2018 and the UK GDPR (as defined under the Data Protection Act 2018).

It is important that you read, understand and comply with any policies, notices or other information regarding personal data. We reserve the right to update this Applicant Privacy Notice at any time, and we will provide you with a new Applicant Privacy Notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.



We may collect, store, and use the following categories of personal data about you:

Personal details such as your full name, title, date of birth, home address, personal telephone numbers, personal email addresses, photograph, copy of or details of your driving licence and/or passport.

  • Information or materials submitted in advance of interviews, assessments or phone-screenings (such as portfolios of work, social media usernames or handles or links to personal websites or social media pages and channels).
  • Information from interviews, assessments or phone-screenings (such as interview notes, tests or assessment forms).
  • Information about previous applications for roles made to us and any previous employment or other work engagement
  • Correspondence produced during the course of the application process (including emails exchanged with Fireproof employees, workers and contractors).

  • Health and medical data (including information relating to medical conditions, short or long-term disabilities, physical limitations, visual or hearing impairments and special needs and health and sickness records).
  • Equal opportunities monitoring data (including information relating to racial or ethnic origin, religious beliefs and sexual orientation).


We may collect personal data about you in a variety of ways. Mostly, we collect personal data directly from you in circumstances where you actively provide your personal data to us. For example, through application and recruitment processes, application forms, CVs or resumes, identity documents, forms completed by you, correspondence with you or through interviews or other assessments.

We may sometimes collect additional information about you from third parties, including recruiters, former employers or customers, educational institutions or professional accreditation bodies.



It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your application process.



We need to process the information listed in paragraph 2 above in order to:

  • enable us to comply with our legal obligations; and
  • to pursue legitimate interests of our own or of third parties to operate our business, provided that the resulting impact on your interests and fundamental rights does not override those interests.

We will process your personal data to:

  • determine your suitability for a specific role (including ascertaining your fitness to work);
  • assess your skills and qualifications;
  • verify the information that you have provided to us;
  • carry out reference checks or background checks (where necessary);
  • determine the terms on which you work for us; and
  • manage the hiring process and communicate with you about it.

Sometimes the legal bases for processing will overlap and there may be several legal bases that support our processing of your personal data.



‘Special categories’ of personal data such as (without limitation) data concerning health, are granted higher levels of protection by data protection laws. We will only process special categories of personal data if it is appropriate given the nature of the circumstances of your engagement and where we are legally able to do so. Under certain circumstances, we may use such personal data, in accordance with our legal obligations or to exercise specific rights in the field of employment law.

We need to have further justification for collecting, storing and using this type of personal data. We may process special categories of personal data in the following circumstances:

  • In limited circumstances with your prior explicit consent.
  • Where we need to carry out our legal obligations or exercise rights.
  • Where it is needed in the public interest, such as for equal opportunities monitoring.

Less commonly, we may process this type of information where it is needed in relation to legal claims or where it is needed to protect your interests (or someone else’s interests) and you are not capable of giving your consent, or where you have already made the information public.

We may need to process your special categories of personal data, for example, by using information about your physical or mental health or disability status to ensure your health and safety in the workplace and to assess your fitness to work.



We do not foresee that we will process criminal conviction related information about most of our recruitment candidates or staff. If we do, we will only do so because: (i) there is a legal basis to justify that processing; (ii) the law permits us to do so (such as so that we can carry out legal rights and obligations necessary in the context of the particular role); and (iii) we find it necessary, taking account of the particular role and levels of responsibility and access of the member of staff.

Our background checks may involve, for example, DBS checks in some cases or voluntary disclosure by you.

Where we do undertake this processing activity, we rely upon the legal bases of our legitimate interests (being our interests in promoting the success of our business).

Where the background check is a voluntary disclosure by you of criminal records, we may then rely upon the legal basis of your consent – and we will make that clear to you at the relevant time during the recruitment process. If we undertake this processing on the basis of your consent, you can withdraw your consent at any time by getting in touch with us.



We may share personal data with third party service providers insofar as it is reasonably necessary for the purposes set out in this Applicant Privacy Notice, provided that they do not make independent use of the information. We only permit them to process your personal data for specified purposes and in accordance with our instructions. All our third party service providers are required to take appropriate security measures to protect your personal data in line with our policies.

We may share your personal data with other entities in our group as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support and hosting of data.

We may share your personal data with other third parties, for example where using professional advisors (e.g. bankers, accountants, auditors, legal representatives) or where required by law, court order, administrative agency or other government body (e.g. to HMRC), public authority or regulator to meet national security, law enforcement or other legal requirements.


Our servers are located in Germany and the UK. Where we transfer your information outside of the UK and/or EEA, we will have agreements in place with the recipient which include standard data protection clauses adopted by a data protection regulator and/or approved by the European Commission to ensure that appropriate safeguards are in place to protect your personal data.  If you would like to find out more about these safeguards, please let us know by writing to



We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal data.

Please be aware that, while we place a high priority on the security of all information that we hold and process and we endeavour to provide robust, commercially reasonable security at all times, no security system can prevent every possible kind of security breach.



If, following an interview or application process with Fireproof, you are successful, throughout the time you are working with us and for a period afterwards, the personal data described in this Applicant Privacy Notice will be we will held within your HR personnel file, and retained in accordance with the Employee Privacy Notice.

If, following an interview or application process with Fireproof, you are unsuccessful,



  • Request access. You have the right to ask for a copy of personal data we are processing about you.
  • Request correction. You have the right to request correction of the personal data we hold about you, such as if it is incomplete or inaccurate.
  • Request erasure. You have the right to request erasure of your personal data, where there is no legitimate reason for us to continue to process it, or where you have exercised your right to object to the processing (see below).
  • Object to processing. You have the right to object to the processing of your personal data where we rely upon the legal basis of our (or a third party’s) legitimate interests for that processing.
  • Request processing restriction. You have the right to ask us to suspend processing of your personal data, such as if you want to establish its accuracy or the reasons for it being processed.
  • Request machine-readable copy and transfer. You have the right to request a machine-readable copy of your personal data, which you can use with another data controller. Where it is technically feasible, you can also ask us to send this information directly to another data controller if you prefer.
  • Right to make a complaint. You have the right to make a complaint to a data protection supervisory authority. In the UK, the relevant supervisory authority would be the Information Commissioner’s Office.
  • Right to withdraw consent. In the limited circumstances for any processing by us of your personal data for which we rely upon the legal basis of your consent, you have the right to withdraw your consent at any time upon notice to us. If you do, we will no longer process the relevant personal data.


If you wish to make a request or exercise your rights, please contact us at: We aim to comply without undue delay, and within one month at the latest.

Please be aware that we may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.