Effective Date: [Date of Publication, e.g., July 31, 2025] Last Updated: [Date of last review/update]

1. Introduction

This Privacy Policy describes how SafeOneX (“we,” “us,” or “our”) collects, uses, processes, and protects your personal data when you visit our website www.safeonex.com or use our services. We are committed to protecting your privacy and handling your data in an open and transparent manner, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws in the United Kingdom.

2. Definitions (Relevant to GDPR)

• Personal Data: Any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
• Processing: Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• Data Controller: The natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. For the purposes of this Privacy Policy, SafeOneX is the Data Controller.
• Data Processor: A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the Controller.
• Data Subject: The individual to whom the personal data relates (i.e., you).

3. Data We Collect

We may collect and process the following types of personal data about you:

• Information You Provide to Us:
  • Contact Data: Your name, email address, phone number, company name, and any message content when you use our contact forms, quote request forms, or communicate with us via email or phone.
  • Account Data: If you create an account on our website, your username, password, and related profile information.
  • Newsletter Data: Your email address if you subscribe to our newsletter.
  • Service-Related Data: Information provided during the engagement for software development or cybersecurity services, which may include access credentials, system information, or data relevant to the project scope. (Note: For cybersecurity services like pen-testing, you might collect sensitive system data; ensure your contract/SOW covers this data processing relationship explicitly.)
• Information Collected Automatically (via Website Usage):
  • Technical Data: Internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Usage Data: Information about how you use our website, products, and services, including pages viewed, links clicked, time spent on pages, and navigation paths.
  • Cookie Data: Information collected via cookies and other similar tracking technologies (see Section 11).
• Information from Third Parties:
  • We may receive data about you from third parties such as analytics providers (e.g., Google Analytics), advertising networks, search information providers, or technical, payment, and delivery services.

4. How and Why We Use Your Data (Purposes and Legal Basis for Processing)

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances and based on the following legal bases:

• To Provide Services (Contractual Necessity):
  • To fulfill our contractual obligations to you, such as delivering software development projects, performing cybersecurity assessments, and providing support.
  • To respond to your inquiries and requests (e.g., quote requests, contact form submissions) in preparation for entering a contract.
• For Communication (Legitimate Interest or Consent):
  • To respond to your questions, feedback, and support requests.
  • To send you service-related updates or important notices.
  • To send you marketing communications (only if you have given explicit consent, where required by law, or based on legitimate interest if prior business relationship exists and you haven’t opted out).
• For Website Improvement & Analytics (Legitimate Interest or Consent):
  • To improve our website, products, and services.
  • To analyze website usage and trends to enhance user experience.
  • To understand the effectiveness of our marketing.
• For Security & Fraud Prevention (Legitimate Interest or Legal Obligation):
  • To protect our website, systems, and clients from fraud, cyber threats, and unauthorized access (highly relevant for SafeOneX).
  • To detect and prevent malicious activity.
• For Legal Compliance (Legal Obligation):
  • To comply with legal obligations, regulatory requirements, or law enforcement requests.

5. How We Share Your Data

We may share your personal data with third parties in the following situations:

• Service Providers: We use third-party service providers (e.g., hosting providers, analytics services, email marketing platforms, CRM systems) to help us operate our business. These providers are contractually bound to process your data only for specified purposes and to implement appropriate security measures.
• Legal Requirements: We may disclose your data if required to do so by law or in response to valid requests by public authorities (e.g., a court order or government agency).
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.
• With Your Consent: We may share your data with other third parties when we have your explicit consent to do so.

6. International Data Transfers

As part of providing our services, your personal data may be transferred to, and stored at, a destination outside the United Kingdom and the European Economic Area (EEA). This includes processing by staff operating outside the UK/EEA who work for us or for one of our service providers.

• We will ensure that any such international transfers are made with appropriate safeguards in place to protect your data, such as standard contractual clauses approved by the European Commission or other legally recognized transfer mechanisms.

7. Data Security

We have implemented appropriate technical and organizational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. These measures include encryption, access controls, regular security audits (as a cybersecurity firm, you should detail your internal practices a bit more here if comfortable).

Despite these measures, no data transmission over the internet or electronic storage is entirely secure. We strive to protect your personal data but cannot guarantee its absolute security.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

9. Your Data Protection Rights (Under GDPR)

As a data subject under GDPR, you have the following rights regarding your personal data:

• The Right to Access: You have the right to request a copy of the personal data we hold about you.
• The Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
• The Right to Erasure (“Right to be Forgotten”): You have the right to request that we delete your personal data under certain conditions.
• The Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
• The Right to Object to Processing: You have the right to object to our processing of your personal data under certain conditions.
• The Right to Data Portability: You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
• The Right to Withdraw Consent: If we are relying on consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing before the withdrawal.

To exercise any of these rights, please contact us using the details provided in Section 14. We will respond to your request within one month.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your Browse experience, analyze site usage, and support our marketing efforts.

• What are Cookies? Cookies are small text files placed on your device by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
• Types of Cookies Used: [List the types of cookies you use, e.g., essential/strictly necessary, analytics/performance, functionality, targeting/advertising.]
• Managing Cookies: You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. Please note that if you disable or refuse cookies, some parts of this website may become inaccessible or not function properly.
• [Important: You MUST implement a Cookie Consent Banner/Pop-up on your website, especially under GDPR, to gain user consent for non-essential cookies.]

11. Third-Party Links

Our website may contain links to third-party websites. This Privacy Policy does not apply to these third-party sites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

12. Children’s Privacy

Our Services are not intended for individuals under the age of 18 (“Children”). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from Children without verification of parental consent, we take steps to remove that information from our servers.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date at the top. We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Us & Complaints

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your data protection rights, please contact us:

• Email: info@safeonex.com

Get A Quote