Privacy Policy

Introduction

Pivoryn Ltd ("we", "our", or "us") is committed to protecting and respecting your privacy. This privacy policy explains how we collect, use, and protect your personal information when you visit our website or use our services.

As a data controller, Pivoryn Ltd is registered in England and Wales under company registration number 14585235. Our registered office is located at 49 Queens Road, Birmingham B9P 9FD, West Midlands, United Kingdom.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as the EU General Data Protection Regulation (GDPR) for our European Union operations.

Data We Collect

The data we collect depends on how you interact with our services. We may collect and process the following types of personal information:

Information You Provide Directly

• Contact information (name, email address, phone number, company name)
• Account registration details
• Communication preferences
• Messages and enquiries sent through our contact forms
• Business information relevant to our analytics services

Information We Collect Automatically

• Website usage data and analytics
• IP address and location information
• Browser type and version
• Device information and operating system
• Pages visited and time spent on our website
• Referral sources and website navigation patterns

Business Data

When you use our analytics platform, we may process business data that you upload or connect to our services. This data collection is governed by separate data processing agreements and is processed strictly according to your instructions.

How We Use Your Information

We use of your data is based on legitimate legal grounds under applicable data protection laws. We process your personal information for the following purposes:

Service Provision

• Providing our AI-powered analytics services
• Managing your account and user profile
• Processing payments and managing subscriptions
• Providing customer support and technical assistance
• Delivering requested information and responding to enquiries

Business Operations

• Improving our services and developing new features
• Conducting business analysis and market research
• Ensuring security and preventing fraud
• Complying with legal obligations and regulatory requirements

Marketing and Communications

With your consent or where we have a legitimate interest, we may use your information to send you marketing communications about our services, industry insights, and relevant updates. You can opt out of marketing communications at any time.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner.

Our website uses various types of cookies including necessary cookies for basic functionality, analytics cookies for understanding website usage, and marketing cookies for advertising purposes. For detailed information about the cookies we use, please refer to our Cookie Policy.

Data Sharing and Disclosure

We do not sell your personal information to third parties. We may share your information in the following circumstances:

Service Providers

We work with trusted third-party service providers who assist us in operating our business and providing services to you. These providers are contractually bound to protect your information and use it only for the purposes we specify.

Legal Requirements

We may disclose your information if required by law, court order, or regulatory authority, or to protect our rights, property, or safety, or that of our users or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

Data Retention

We retain your personal information for as long as necessary to fulfil the purposes outlined in this privacy policy, unless a longer retention period is required by law. Our data retention practices include:

• Account information: Retained while your account is active and for up to 7 years after closure for legal and regulatory compliance
• Website analytics data: Retained for up to 26 months in accordance with Google Analytics settings
• Marketing communications: Retained until you unsubscribe or withdraw consent
• Support communications: Retained for up to 3 years for quality assurance and training purposes

When we no longer need your personal information, we will securely delete or anonymise it in accordance with our data retention schedule and applicable legal requirements.

Your Rights

Under applicable data protection laws, you have the following rights regarding your personal information:

• Right of access: You can request a copy of the personal information we hold about you
• Right to rectification: You can request that we correct any inaccurate or incomplete information
• Right to erasure: You can request that we delete your personal information in certain circumstances
• Right to restrict processing: You can request that we limit how we use your information
• Right to data portability: You can request a copy of your data in a structured, machine-readable format
• Right to object: You can object to certain types of processing, including direct marketing
• Right to withdraw consent: Where processing is based on consent, you can withdraw it at any time

To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request within one month of receipt, unless the request is complex, in which case we may extend the response time by up to two additional months.

International Data Transfers

We primarily process and store data within the United Kingdom and European Economic Area (EEA). When we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognising equivalent data protection standards
• Certification schemes and codes of conduct

All international transfers are conducted in compliance with applicable data protection laws and regulations.

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. Our security measures include:

• Encryption of data in transit and at rest
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection and security
• Incident response and data breach procedures

While we strive to protect your personal information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security but will notify you of any data breaches that pose a high risk to your rights and freedoms.

Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

Changes to This Privacy Policy

We may update this privacy policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting the updated policy on our website and updating the "last updated" date.

For significant changes that affect how we use your personal information, we may provide additional notice through email or prominent website notifications. Your continued use of our services after any changes indicates your acceptance of the updated privacy policy.

Contact Us

If you have any questions about this privacy policy or our privacy practices, or if you would like to exercise your rights regarding your personal information, please contact us:

You also have the right to lodge a complaint with the relevant supervisory authority if you believe we have not handled your personal information in accordance with applicable data protection laws. In the UK, this is the Information Commissioner's Office (ICO), and in the EU, your local data protection authority.