Privacy Statement
Home / Privacy Statement
Scope and core principles
This statement describes how we process personal information when you use this website, including mobile-friendly pages, embedded forms, and on-site chat widgets. If you have a separate offline contract, purchase order, NDA, or statement of work that conflicts with this page, the separate agreement governs for that engagement.
We follow principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, and accountability. Unless another legal basis applies or we obtain your separate consent, we do not use personal information for purposes that are incompatible with the purposes described here.
“Personal information” means information relating to an identified or identifiable natural person. We may also process business contact details about your employer; where those details identify you as an individual, we treat them under this statement as well.
Categories of information we may collect
Depending on how you interact with us, we may process one or more of the categories below. A casual visit to public pages typically involves fewer categories than a logged-in customer workflow.
- Identity and account data such as name, work email, phone, organisation, and role;
- Technical and log data such as IP address, device type, browser, pages viewed, and diagnostics;
- Transactional data such as orders, billing and shipping contacts, and delivery milestones;
- Communications and preferences such as enquiry threads, subscription choices, and meeting notes.
Where we obtain information indirectly (for example from a colleague referral or a public business directory), we take reasonable steps regarding lawful sourcing and, where required, inform you about the source and categories at the first meaningful interaction.
Accounts and identifiers
When you register, request a demo, download gated assets, subscribe to updates, or access authenticated features, we may collect name, organisation, department, job title, business address, email, phone, country or region, and time zone. If you enable single sign-on or link a third-party identity, we may receive basic profile elements you authorised (such as display name or avatar) but not unrelated sensitive scopes.
Passwords, tokens, and similar secrets are used only for authentication and session management. We store them using salted hashing or other industry-accepted controls and do not display them in plain text to unrelated staff.
Where a profile centre is available, you can update or supplement your details. Accurate information helps us perform contracts, deliver security notices, and send operational messages such as invoices or deployment windows.
Browsing and device information
When you browse the site, servers automatically log technical data such as timestamps, referrer URLs, browser type and version, operating system, approximate screen size, language preferences, and session identifiers. We may use analytics and diagnostics services to understand performance, popular paths, conversion funnels, and error rates so we can improve navigation and stability.
Coarse location derived from IP is typically used for routing traffic, compliance banners (for example language or region hints), and abuse detection. It is not intended for continuous precise geolocation of individuals.
If you block or clear cookies and local storage, features that rely on sessions or remembered preferences (such as staying signed in or retaining form drafts) may degrade, but most public content should remain readable.
Orders, contracts, and delivery
When you place orders, request trials, sign electronic agreements, or submit procurement requests, we collect information needed to prepare quotes, perform contracts, ship goods or deliver services, invoice, reconcile accounts, and maintain audit trails. Certain records may be retained for statutory periods for tax, accounting, or dispute resolution.
If someone else places an order on your behalf, please ensure they are properly authorised. We may perform reasonable checks to reduce impersonation and fraud risk.
For corporate credit, anti-money laundering, or export-control scenarios, we may collect additional identity or corporate documents where the law requires us to do so, and we will explain the necessity where practicable.
Marketing and preferences
With your consent or where otherwise permitted, we may send product updates, invitations, or industry insights by email, phone, or in-product messages. We aim to keep communications relevant and proportionate, and we provide unsubscribe or preference controls (for example links in emails, account settings, or a manual opt-out channel).
Withdrawing marketing consent does not affect transactional, service, or security notices that we must send to perform a contract or meet legal duties.
For joint campaigns with partners, we describe data sharing and opt-out paths in the campaign terms. We do not sell or rent your contact details to unrelated advertisers.
Business correspondence
Emails, call notes, instant messages, meeting recordings where used, and chat transcripts may be retained to clarify requirements, prepare proposals, execute agreements, deliver after-sales support, and perform internal compliance reviews. When there is no ongoing legitimate need, we delete, anonymise, or archive content to non-operational storage.
For quality assurance or training, we may use redacted or consent-based excerpts. Sensitive topics are restricted to staff with a need to know.
Customer support and technical assistance
When you open tickets, upload logs, or share screenshots, we may temporarily process environmental details such as version numbers, configuration keys, or stack traces solely to diagnose issues. After resolution, we generally stop active use of that material unless we need a limited retention to evidence service delivery or handle disputes.
Remote assistance sessions run only with your clear permission and can be stopped at any time. We do not browse unrelated personal files or applications without authorisation.
Security and fraud prevention
To protect accounts and infrastructure, we may collect sign-in times, source IP addresses, failed attempt counts, device signals where enabled, risk scores, and audit trails to detect brute force, credential stuffing, bot abuse, or unusual geography logins. We may require step-up verification, temporarily lock accounts, or block suspicious traffic.
We may use third-party anti-abuse or CAPTCHA services; those vendors process data only to provide the service and are bound by contract and applicable law.
Visits and events
If you visit our offices, attend trade shows, or join closed-door sessions, we may register visitor name, organisation, government ID or vehicle plate where local security rules require it, and entry/exit times. We may capture event photography or video for promotion or archives; where individuals are identifiable, we seek consent or apply blurring unless law or legitimate public interest applies.
Logs from visitor Wi‑Fi, access control, or parking systems are typically kept for shorter periods and used for safety investigations.
Recruitment
CVs, portfolios, assessment results, and referee contacts are used only for recruitment, interviewing, background checks where permitted, and onboarding preparation. We may share limited data with recruitment vendors (such as assessment platforms) under instructions to use it solely for hiring.
If you are not selected, we usually delete or anonymise materials after the recruitment cycle unless you ask to join a talent community with clear consent, or law requires longer retention.
Internal analytics and product improvement
We may use aggregated or de-identified metrics for roadmaps, capacity planning, A/B tests, and market analysis. Public reports generally do not identify individuals.
In research environments we prefer synthetic or minimised datasets; where real samples are indispensable, access is tightened and approvals apply.
Cookies and similar technologies
We use cookies, local storage, pixels, and similar tools to maintain sessions, remember language, measure traffic, detect fraud, and—where you consent—deliver more relevant content. You can manage categories through your browser or any cookie banner or preference centre we provide.
Third-party embeds (maps, videos, social plugins) may set their own cookies; their processing is governed by their policies, and we encourage you to review them before enabling.
Children
This site is primarily intended for adults engaging in business with us. If you are under the age of majority in your region, please use the site with a guardian’s consent and involvement.
If we learn that we collected personal information from a child without appropriate authority, we will delete it or otherwise restrict processing as soon as reasonably practicable. Please contact us via the footer if you believe this has occurred.
Sharing, processors, and international transfers
We do not sell personal information. We disclose or allow access only where needed to achieve the purposes in this statement, where you consent when consent is required, or where another lawful basis applies.
Typical cases include using processors for hosting or email, complying with lawful requests, intra-group sharing for consistent service and compliance, or joint activities you have agreed to.
Service providers and partners
We may engage vendors for hosting, content delivery, email and SMS, webinars, ticketing and CRM, analytics, payments, and anti-fraud. Contracts require them to process only on documented instructions, implement appropriate safeguards, assist with deletion or return of data, and erase or anonymise data when the relationship ends except where law requires retention.
In a merger, acquisition, or asset sale involving personal information, we require successors to honour protections at least equivalent to this statement, or to obtain fresh consent where the law demands it.
When we receive binding requests from courts or regulators, we review the legal validity and scope, disclose the minimum necessary information, and notify you when we are permitted to do so.
Cross-border transfers and safeguards
Because of server locations, vendor footprints, or group operations, personal information may be transferred across borders. We follow applicable transfer mechanisms such as regulatory assessments, certification schemes, standard contractual clauses, or explicit consent, depending on what the law in force requires at the time.
We may apply encryption, pseudonymisation, access segregation, and logging to reduce risk, and we update this page or an appendix with representative regions or recipient categories when meaningful changes occur.
Controller and contact channels
The organisation operating this website is the primary controller for the processing described here. You can reach us using the email, phone, or enquiry form shown in the footer. We verify identity before fulfilling privacy requests to prevent fraud.
Where local law requires a representative or domestic recipient, we list those contacts in supplementary notices when applicable.
Retention, security, and incidents
We keep personal information no longer than necessary for the purposes above and compatible legal duties such as tax, accounting, or litigation holds. When retention ends, we delete, anonymise, or isolate data; where limited retention is still required, we restrict access.
We implement layered access controls, encryption in transit where appropriate, vulnerability management, logging, backups, confidentiality commitments for staff, and periodic training. Access to personal information is limited to personnel who need it for their job.
If a personal data breach occurs or is likely to occur and may affect your rights, we activate our response plan, contain the issue, assess impact, notify regulators and affected individuals when legally required, and describe remedial steps you can take.
Your rights and how to exercise them
Where applicable law grants rights, you may request access, rectification, erasure, restriction, portability, objection, or explanation of automated decision-making. Statutory exceptions may apply (for example where processing is necessary for establishment or defence of legal claims).
We respond within reasonable timelines defined by law and may ask for proof of identity or additional detail to locate records. Complex requests may lawfully be extended; we explain reasons when that happens.
You may also lodge a complaint with a competent supervisory authority. We nevertheless encourage you to contact us first so we can try to resolve the issue quickly.
Legal bases (illustrative list)
Depending on jurisdiction and context, we may rely on one or more of the following bases:
- Contract performance—for example processing orders, provisioning services, or supporting customers;
- Consent—for example marketing communications, non-essential cookies, or sensitive categories where required;
- Legitimate interests—for example securing systems, improving products, or conducting aggregate analytics, balanced against your rights;
- Legal obligation—for example responding to lawful requests or retaining tax records.
Where multiple bases could apply, we document the primary basis internally and explain it to you when transparency is required.
Updates and versioning
We may update this statement when our practices, products, or legal environment change. The revised version will appear on this page with a new effective date. If an update materially affects your rights or choices, we will highlight it on the site or communicate through reasonable channels.
Where consent is the sole basis for a specific processing activity, we obtain fresh consent when required after substantive changes.