At Codixera, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage with our services.
1. Information We Collect
1.1 Information You Provide
We collect information that you voluntarily provide to us, including:
- Contact Information: Name, email address, phone number, company name, and job title when you contact us or request information about our services.
- Business Information: Details about your company, project requirements, and technical specifications shared during consultations.
- Communication Data: Content of emails, messages, and other communications you send to us.
- Career Information: CV, work history, and qualifications if you apply for a position with us.
1.2 Information Collected Automatically
When you visit our website, we automatically collect certain information:
- Device Information: Browser type, operating system, device type, and unique device identifiers.
- Usage Data: Pages visited, time spent on pages, referring URLs, and navigation patterns.
- Location Data: General geographic location based on IP address.
- Cookies and Similar Technologies: See our Cookie Policy for details.
2. How We Use Your Information
We use the information we collect for the following purposes:
- Service Delivery: To provide, maintain, and improve our product engineering and software development services.
- Communication: To respond to enquiries, send project updates, and provide customer support.
- Business Operations: To process contracts, manage client relationships, and conduct business analysis.
- Marketing: To send relevant information about our services, with your consent where required.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
- Security: To detect, prevent, and address technical issues, fraud, and security breaches.
3. Legal Basis for Processing (GDPR)
Under the UK GDPR and EU GDPR, we process your personal data based on the following legal grounds:
- Contract Performance: Processing necessary to fulfil our contractual obligations to you.
- Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services and marketing.
- Consent: Where you have given explicit consent for specific processing activities.
- Legal Obligation: Processing necessary to comply with legal requirements.
4. Data Sharing and Disclosure
We may share your information with:
- Service Providers: Trusted third parties who assist in operating our website and providing services (e.g., cloud hosting, analytics, email services).
- Business Partners: Partners with whom we collaborate on projects, subject to confidentiality agreements.
- Legal Requirements: When required by law, court order, or governmental authority.
- Business Transfers: In connection with any merger, acquisition, or sale of company assets.
We do not sell your personal information to third parties.
5. International Data Transfers
As we serve clients across the UK and Europe, your data may be transferred to and processed in countries outside your location. We ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses approved by the European Commission
- Adequacy decisions for transfers to countries with adequate protection levels
- Additional security measures and contractual protections
6. Data Retention
We retain your personal information for as long as necessary to:
- Fulfil the purposes for which it was collected
- Comply with legal, accounting, and regulatory requirements
- Resolve disputes and enforce our agreements
Typical retention periods:
- Client project data: 7 years after project completion
- Marketing contact data: Until consent is withdrawn or 3 years of inactivity
- Website analytics: 26 months
7. Your Rights
Under data protection laws, you have the following rights:
- Right of Access: Request a copy of your personal data we hold.
- Right to Rectification: Request correction of inaccurate or incomplete data.
- Right to Erasure: Request deletion of your data in certain circumstances.
- Right to Restrict Processing: Request limitation on how we use your data.
- Right to Data Portability: Receive your data in a structured, machine-readable format.
- Right to Object: Object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent.
To exercise these rights, contact us at privacy@codixera.com.
8. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption of data in transit and at rest
- Access controls and authentication mechanisms
- Regular security assessments and audits
- Employee training on data protection
- Incident response procedures
9. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us.
10. Changes to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a notice on our website or sending an email.
11. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
12. Supervisory Authority
If you are not satisfied with our response to a complaint, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):