Privacy & Cookie Policy

Last updated: [DATE] · Applies to the cirvex.io website

⚠️ Draft starter. This covers the public website only. It must be reviewed and finalised by a data-protection lawyer before launch, and bracketed placeholders […] must be completed. Processing of end-user data through the Cirvex product is governed separately by our Data Processing Agreement.

1. Who we are

This website is operated by Cirvex (“Cirvex”, “we”, “us”). Registered entity: [LEGAL ENTITY NAME], [REGISTERED ADDRESS]. For any privacy question, contact us at privacy@cirvex.io.

This policy explains what personal data we collect from visitors to this website, why, and your rights under the EU General Data Protection Regulation (GDPR) and UK GDPR.

2. Scope

This policy applies to the cirvex.io marketing website and to people who visit it, contact us, or request a demo. It does not cover personal data that we process on behalf of our business customers through the Cirvex platform (identity, age and AML verification data). For that processing, Cirvex acts as a data processor under a separate Data Processing Agreement with each customer.

3. What we collect

Category	Examples	Why
Contact / demo requests	Name, work email, company, message	To respond and arrange a demo
Usage & analytics	Pages viewed, approximate location, device/browser	To understand and improve the site
Technical logs	IP address, timestamps	Security and reliability

We do not collect special-category data through this website, and we do not knowingly collect data from children.

4. Legal bases (GDPR)

We rely on: your consent (analytics cookies; you can withdraw it anytime); our legitimate interests in responding to enquiries and securing the site; and taking steps at your request before entering a contract (handling a demo request).

5. Cookies

We use a small number of cookies and similar technologies:

Strictly necessary — required for the site to function; always on.
Analytics — help us measure usage (e.g. [Plausible / Google Analytics]); set only with your consent.

You can accept or reject non-essential cookies via our cookie banner and change your choice at any time. You can also block cookies in your browser settings.

6. Sharing & processors

We share data only with service providers who help us run the site, under contract and only as needed: [HOSTING PROVIDER], [ANALYTICS PROVIDER], [EMAIL PROVIDER]. We do not sell personal data. Where providers are outside the EEA/UK, transfers are protected by appropriate safeguards (e.g. Standard Contractual Clauses).

7. Retention

We keep enquiry and demo-request data for as long as needed to follow up and for a reasonable period afterwards (default: [24] months), then delete or anonymise it. Analytics and logs are kept for shorter periods.

8. Your rights

Under the GDPR/UK GDPR you may request: access to your data, correction, deletion, restriction, portability, and you may object to processing based on legitimate interests. To exercise any right, email privacy@cirvex.io. You also have the right to complain to your local supervisory authority.

9. Changes

We may update this policy; the “last updated” date will change accordingly. Material changes will be highlighted on this page.