Privacy Policy

Last updated: December 15, 2024

1. Introduction

Croscimbul ("we," "our," or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how and why we collect, use, store, and share personal information when you use our website at croscimbul.com and our services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information We Collect

2.1 Information You Provide

We may collect and process the following personal information that you provide to us:

  • Contact information (name, email address, phone number)
  • Company information (company name, job title, industry)
  • Information you provide when subscribing to our newsletter
  • Information you provide when contacting us or requesting services
  • Information provided during consultations or project discussions

2.2 Information We Collect Automatically

When you visit our website, we may automatically collect:

  • Technical information (IP address, browser type, device information)
  • Usage information (pages visited, time spent, click patterns)
  • Location information (general location based on IP address)
  • Cookie and similar technology information

3. How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: To provide our digital innovation services and support
  • Communication: To respond to your inquiries and provide customer support
  • Marketing: To send you newsletters and marketing communications (with your consent)
  • Website Improvement: To analyze usage patterns and improve our website
  • Legal Compliance: To comply with legal obligations and protect our rights
  • Business Operations: To manage our business relationships and operations

4. Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Consent: When you have given clear consent for specific processing activities
  • Contract: When processing is necessary to perform a contract with you
  • Legitimate Interests: When processing is necessary for our legitimate business interests
  • Legal Obligation: When we are required to process data to comply with legal requirements

5. Information Sharing and Disclosure

We may share your personal information in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in our operations
  • Legal Requirements: When required by law or to protect our legal rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • Consent: When you have given explicit consent for sharing

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against:

  • Unauthorized access or disclosure
  • Accidental loss or destruction
  • Malicious attacks or data breaches
  • Unlawful processing or use

Our security measures include encryption, access controls, regular security assessments, and staff training on data protection.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Generally:

  • Contact information: Retained while you remain a client or subscriber
  • Marketing data: Retained until you unsubscribe or withdraw consent
  • Website usage data: Typically retained for 2 years
  • Project-related data: Retained for 7 years for business and legal purposes

8. Your Rights

Under UK GDPR, you have the following rights regarding your personal information:

  • Right of Access: Request copies of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your personal data
  • Right to Restrict Processing: Request limitation of processing
  • Right to Data Portability: Request transfer of your data
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw consent for processing

To exercise these rights, please contact us using the information provided in Section 12.

9. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your browsing experience. Our Cookie Policy provides detailed information about:

  • Types of cookies we use
  • Purposes of cookie usage
  • How to manage cookie preferences
  • Third-party cookies

Please refer to our Cookie Policy for more information.

10. International Transfers

We primarily process data within the UK. If we need to transfer your personal information outside the UK, we ensure appropriate safeguards are in place, including:

  • Adequacy decisions by the UK government
  • Standard contractual clauses
  • Binding corporate rules
  • Certification schemes

11. Children's Privacy

Our services are not directed at children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

12. Contact Information

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Data Protection Officer
Croscimbul
Innovation House, 42 Technology Drive
Manchester M1 4ET
United Kingdom

Email: [email protected]
Phone: +44 161 123 4567

13. Complaints

If you believe we have not handled your personal information in accordance with this policy or applicable law, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
United Kingdom

Website: ico.org.uk
Helpline: 0303 123 1113

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by:

  • Posting the updated policy on our website
  • Updating the "Last updated" date
  • Sending email notifications for significant changes

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

15. Definitions

For the purposes of this Privacy Policy:

  • Personal Data: Information relating to an identified or identifiable individual
  • Processing: Any operation performed on personal data
  • Data Controller: The entity that determines the purposes and means of processing
  • Data Processor: The entity that processes personal data on behalf of the controller