Privacy Policy

1. Introduction


Welcome to Hex Digital Ltd ("we," "us," or "our"). As a leading digital agency specialising in designing and building websites (“Sites”) and applications (“Applications”) for businesses, we are dedicated to safeguarding the privacy of our clients' and users' ("you" or "your") personal information. We extend this to every person who visits or interacts with the websites and/or applications we build for our clients. This Privacy Policy outlines how we collect, use, disclose, and secure personal data in accordance with the General Data Protection Regulation (GDPR) and other relevant data protection laws. We are committed to ensuring transparency in terms of how we process personal data within our business.

This privacy policy explains our approach to collecting and processing personal information, whether directly from you or obtained from a third party. We outline the purposes for which we process your personal information and your rights concerning our handling of your personal data.

Within this Privacy Policy, we aim to detail the scope of personal information processing undertaken by us and how you can exercise your rights, including requesting updates, transfers, access, and deletions.

We have designed this Privacy Policy to give you all the information you need to know when using our Sites and Applications. We encourage you to review and understand it.

1.1 Who we are

Hex Digital Ltd is the data controller responsible for your personal information. We are a digital product and growth studio, registered with the UK Information Commissioner’s Office under registration number ZA251524. Hex Digital Ltd is a registered company in England and Wales under registration number 06519793 , and our registered office is at First Floor,12 Greenhill Rents, London EC1M 6BN.

1.2 Contact Hex Digital

If you have any questions about this Privacy Policy or want to exercise your rights set out in this Privacy Policy, please contact us by sending an email to privacy@hexdigital.com. We will respond to any queries within one to three business working days.

1.3 Third parties

Please take into consideration that this Privacy Policy only applies to the personal information we collect and process. Our sites and applications may contain links to third party websites and services. Please remember that when you use a link to go from our Sites to another website or you request a service from a third party, this Privacy Policy no longer applies.

Your browsing and interaction on any other websites, or your dealings with any other third party service provider, is subject to that website’s or third party service provider’s own rules and policies.

We do not monitor, control, or endorse the privacy practices of any third parties linked to our Sites. We encourage you to become familiar with the privacy practices of every website you visit or third party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices.

2. Information We Collect

We may collect and process various types of personal data about you and our clients, including but not limited to:

  • Contact information (e.g., name, email address, postal address, phone number)
    Account details (e.g., username, password)
    Payment information (e.g., credit card details)
    Demographic information (e.g., age, gender)
    Usage data (e.g., browsing history, interactions with our websites and applications)
    Communication preferences
    Any other information provided to us voluntarily

We use this data in order to:

  • Provide goods and/or services to our clients
    Manage our client relationships
    Handle new inquiries
    Maintain and improve our service
    Promote and market our services
    Conduct surveys, user insight and other analysis
    Recruit external personnel
    Comply with any applicable law, court order, other judicial process, or the requirements of a regulator; and use as otherwise required or permitted by law.

3. How We Use Your Information

We use personal data for the following purposes:

  • Providing and managing our web design and application development and maintenance services
    Processing orders, payments, and project management
    Personalising and enhancing your experience with our products
    Sending you relevant marketing and promotional materials (with your consent)
    Responding to inquiries and providing client support
    Adhering to legal obligations
    Safeguarding our rights and interests
  • When you visit or log in to our website, cookies  and similar technologies may be used by our online data partners or vendors to associate these activities with other personal information they or others have about you, including by association with your email or home address. We (or service providers on our behalf) may then send communications and marketing to these email or home addresses. You may opt out of receiving this advertising by visiting https://app.retention.com/optout

3.1 Usage data

We may process usage data, such as IP address, geographical location, browser type, and page navigation paths, obtained from Google Analytics. This data helps us analyse website and service usage, driven by our legitimate interests in monitoring and improving our offerings.

3.2 Account data

Account data including your name and email address, is processed for operating our website, delivering services, securing our operations, and communicating with you. This processing is based on the performance of a contract and our legitimate interests.

3.3 Profile data

Profile data encompassing personal information like name, address, and interests, is processed to facilitate and monitor your website and service usage, ensuring proper administration of our business.

3.4 Service data

Service data including contact details and content uploaded via our CV uploader, is processed to operate our website, provide services, secure our operations, back up databases, and communicate with you. This processing aligns with our legitimate interests.

3.5 Publication data

Publication data submitted for website or service publication is processed to enable publication and manage our business.

3.6 Enquiry data

Enquiry data submitted for goods and/or services enquiries may be processed for offering, marketing, and selling relevant goods and/or services, based on consent.

3.7 Customer relationship data

Customer relationship data, comprising customer contact information, is processed to manage relationships, communicate, maintain records, and promote our offerings, driven by legitimate interests.

3.8 Notification data

Notification data provided for email notifications and/or newsletters is processed to send relevant notifications and/or newsletters, based on consent.

3.9 Correspondence data

Correspondence data, such as communication content and metadata, is processed for communication and record-keeping, aligning with our legitimate interests.

4. Client Data Handling

During the course of building, developing and maintaining websites, applications or products on behalf of our clients we may be granted access to certain user data (including personal data).  We hold client data to the same high standards as our own. We respect the confidentiality and security of the data you entrust to us. Our commitment includes:

  • Implementing strict access controls and encryption methods
    Ensuring that our staff members are trained in data protection practices
    Adhering to non-disclosure agreements to protect sensitive information
    Regularly reviewing and enhancing our security measures

5. Legal Basis for Processing

We process personal data based on the following legal grounds:

  • Execution of contractual obligations
    Compliance with legal requirements
    Consent obtained from you or our clients
    Legitimate interests pursued by us or a third party

For more information on the precise process used for each type of personal data we collect, please see the examples outlined in section 3 of this document.

6. About cookies

6.1 Cookie definitions

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.

6.2 Persistent and session cookies

Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.

6.3 Personal information in cookies

Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

7. Cookies that we use
For a detailed list of the cookies used on our website, please view our Cookie Policy.


8. Managing cookies

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Contact your browser's support services for more information.

9.1 Blocking cookies

Blocking all cookies will have a negative impact upon the usability of many websites.
If you block cookies, you will not be able to use all the features on our website.

10. Sharing Your Information

We may share personal data with:

  • Service providers and partners assisting us in delivering our services
    Regulatory authorities or law enforcement agencies as required by law
    Third parties in case of business mergers, acquisitions, or sales

11. Your Rights

Under the GDPR, you possess the following rights:

  • Access to personal data
    Rectification of inaccurate data
    Erasure of personal data (subject to conditions)
    Restriction of processing
    Data portability
    Objection to processing (in specific situations)
    Withdrawal of consent (for consent-based processing)

11.1 Your right of access

Upon request from you, we will confirm whether we’re processing your personal information and, if so, provide you with a copy of that information. A reasonable fee may be charged, should you require further copies.

11.2 Your right to rectification

At any time, if you believe the personal information we hold about you to be inaccurate or incomplete, you have the right to have this rectified. In the event that we have shared your personal information with others, we’ll let them know about the rectification where possible. Where it is possible and lawful to do so, and upon request from you, we’ll also tell you who we’ve shared your personal information with so that you are able to contact them directly.

11.3 Your right to erasure

You can ask us to delete or remove your personal information in some circumstances such as where we no longer need it or if you withdraw your consent (where applicable). If we’ve shared your personal information with others, we’ll let them know about the erasure where possible. Where it is possible and lawful to do so, and upon request from you, we’ll also tell you who we’ve shared your personal information with so that you are able to contact them directly.

11.4 Your right to restrict processing

You can ask us to restrict or suppress the processing of your personal information in certain circumstances such as if you contest the accuracy of that personal information or you object to us processing it. We will continue to store your information in this instance. We will tell you before any such restriction is lifted. If we’ve shared your personal information with others, we’ll let them know about the restriction where it is possible for us to do so. Where it is possible and lawful to do so, and upon request from you, we’ll also tell you who we’ve shared your personal information with so that you are able to contact them directly.

11.5 Your right to data portability

With effect from 25 May 2018, you have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice.

11.6 Your right to object

You can ask us to stop processing your personal information, and we will do so, if we are:

relying on our own or someone else’s legitimate interests to process your personal information, except if we can demonstrate compelling legal grounds for the processing; or
processing your personal information for direct marketing.

11.7 Your rights in relation to automated decision-making and profiling

You have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us.

11.8 Your right to withdraw consent

If we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time. We will assess any deletion request on a case by case basis and will endeavour to respond as soon as possible, at most within 10 working days.

11.9 Your right to lodge a complaint with the supervisory authority

If you have a concern about any aspect of our privacy practices, including the way we’ve handled your personal information, you can report it to the UK Information Commissioner’s Office (ICO). You can find details about how to do this on the ICO website at https://ico.org.uk/concerns/ or by calling their helpline on 0303 123 1113.

12. Data Security

We employ appropriate technical and organisational measures to protect personal data against unauthorised access, disclosure, alteration, or destruction.

13. Data Retention

We retain personal data for as long as necessary to fulfil the purposes stated in this Privacy Policy or where required by legal obligations, vital interests, or the establishment, exercise, or defence of legal claims.. We retain data relating to job and new business enquiries for no longer than 5 years.

14. Data Protection Officer

For data protection matters, contact our data protection officer at privacy@hexdigital.com.

15. Changes to this Privacy Policy

This Privacy Policy may be updated periodically. We will notify you of material changes and seek your consent if mandated by law.

16. Contact Us

For queries, concerns, or requests related to this Privacy Policy or personal data, please contact us at privacy@hexdigital.com.