Privacy Policy

Last updated January 2023

Ardenix Systems Ltd (“we”, “us”, “our”) is a UK Limited company (registration number 08328044) registered at 124 City Road, London, EC1V 2NX.

This privacy policy covers how we will use, collect and process any personal information provided to us.

Summary

  • We are Ardenix Systems Ltd, and you can contact us at support@ardenix-systems.com
  • We process your data to provide our services to you, to meet our legal obligations, and for our legitimate interests
  • We only process your data for as long as we need to, and then we delete it
  • We do not sell or share your data with others unless they are providing a service to us (such as payment service providers).
  • We do not market to you without your consent and, if you give us your consent, you can withdraw it at any time
  • We take security seriously, we only use services provided by reputable companies who adhere to worldwide standards.

You’ve got lots of rights, including the right to complain to the Information Commissioner’s Office. If you need a hand in exercising your rights, feel free to contact us: support@ardenix-systems.com.

How we process your data

Throughout your interactions with us we will collect only the data that we require in order to provide you with the service that you are requesting. The key information that we process is shown below for your information:

IP Addresses

When you access any of our websites or servers we will store a record of your IP address along with details of your request in our logs. This information is stored and used by our system team to ensure the integrity of our services.

Authorisation & session data

Whenever you login to one of our websites we will use cookies that will identify your session to our services. This is necessary to provide our service to you.

Retention: This data is stored until such time as the associated user account is deleted.

Your name

We will store the names of individuals who are authorised to access an Ardenix Systems account.

Retention: Your name will be retained until your user account is deleted.

E-mail addresses

We will store your e-mail address for the purposes of managing your account with us. This will be used for transactional e-mails that relate directly to your Ardenix Systems account or services. This information is required in order to ensure you are informed aboutyour account and can take appropriate actions in various situations. This is necessary to provide our service to you.

We may also use your e-mail address to send you messages about our services which may include notifications about newly launched features & tools, improvements to existing services, upcoming maintenance as well as information about our services that you we believe you’ll find useful. If you would rather not receive these messages, please let us know or click the unsubscribe link in any of these e-mails

We will not send you any other marketing messages unless you subscribe to our newsletter which you can do through our website or our portal. When you do this, you will be consenting with us to use your email address for this purpose. You maywithdraw this consent at any time by unsubscribing from the messages or contacting us.

Outgoing e-mails

If we send you transaction e-mails (for example: invoice notifications, payment confirmations/receipts , balance warnings etc…), these will be passed through our internal mail server and stored for a period of time to assist with debugging delivery problems and ensuring messages are appropriately delivered to their destinations.

The information stored includes the contents of the message sent, the e-mail addresses of the recipients and any other headers.

Retention: The contents of messages are stored for a period of 30 days from the date the message is received by our mail system. The meta data for any messages is kept for 60 days from this date.

Mobile numbers

If you enable two step authentication, we may ask for your mobile number which will be used to allow you to restore access to your account in the event that you lose access to your account. This is necessary to provide our service to you.

Retention: Your mobile number will be kept until you disable two step authentication or your user account is deleted.

Company name & your postal address

We require your postal address in order to provide you with an invoice for your services. This information is collected as a legal obligation and will be stored on our systems along with invoices for a minimum period of 7 years.

Payment cards

We do not store full payment card details on our own servers. We work with an external PCI compliant payment processor who handles this.

We may store the last 4 digits of your card and the card type of our systems so that you can identify which card was used for your payments.

Note about PayPal: If you pay for our services using PayPal, we do not control the data that you provide to PayPal in order to make your payment. PayPal share minimal information with us regarding your payment. You should refer to their privacy notices for details on how they manage this information.

Bank account details

We do not store your full bank account details on our own servers. We only provide our services through an external PCI compliant payment processor, and will never ask you for bank account details..

Website analytics

We use Google Analytics to help us track the details of visitors browsing our public websites. We do not use Google Analytics on any URLs once you have been authenticated. We do not send any personal data to Google’s services through Google Analytics and we configure our tracking codes to anonymise any IP addresses. This is necessary for our legitimate interests of understanding the use made of our websites.

Support by e-mail

If you contact us by e-mail or through one of our websites, you will be sharing your contact details (e-mail address and/or phone number) with us for the purposes of responding to your query. This is necessary to provide our service to you.

Retention: We retain all support requests (including the name & contact details of the recipient) that we receive for the purposes of auditing and training of staff.

Push notifications to mobile devices

If you use one of our mobile applications that send push notifications to your phone (including our Phone apps), we will store a unique token which identifies your mobile device and allows us to address push notifications to your phone. This is necessary to provide our service to you.

We may also store the content of push notifications for the purposes of debugging.

Retention: The device token is stored until such time as you disable push notifications within our application (note: disabling notifications on your phone alone will not remove the token from our service). Historical push notification content is stored for a period of 3 days from the date it was sent.

Transfer of data to between projects

Designed for Pixels is a project run by Ardenix Systems Ltd. We may share and/or transfer your data with other projects run by Ardenix Systems Ltd for the legitimate interests of administration, business operations & company structuring.

Third party processors

In some cases, we may use third parties to provide services and we need to share data with them. We maintain a list of all third parties where data is shared and data is only shared on a need-to-have basis.

CategoryPersonal Data
Professional ServicesWe may share your details with processional service companies such as accountants or accounting software.
Payment service providersWe may share your details with company who provide us with payment services for taking payments from credit/debit cards.
Technical service providersWe may share your details with providers we use to provide computing services.
E-mail marketing softwareWe may share your details with e-mail marketing software providers to allow us to send e-mails to customers.
Communication servicesWe may share your details with companies who provide us with communication services such as a live chat or e-mail providers.

Some of our services allow users to configure integrations with third party services. When using any of these integrations, you share your data with the organisations who operate these services. You should review their own privacy information with regard to how they will treat this information once it has been provided.

Cancellation of accounts

When your Ardenix Systems account is cancelled, we will store your account details for a period of 1 month before they are fully removed from our systems.

Correcting your personal data

It is important to us that the information we store is up to date and accurate. You may update your details at any time through our website or by contacting us.

Removal of your personal data

In some cases, you may be able to request that we remove your personal data from our systems. As with correcting your data, you can often delete your data yourselves through our website. In other cases, though, please feel free to contact us.

Your rights

You have a lot of rights, including right to request access to and rectification or erasure of your personal data or restriction of processing of it. You also have the right to object to our processing of your data in some situations, as well as the right to data portability.

Notification of data breaches

Upon discovering any data breaches, we will notify any affected individuals as soon as its practical following our data breach notification policy. This policy dictates that in the event of a data breach concerning personal data, the affected parties will be notified by e-mail to the main e-mail address we store with your account.

Electronic storage of data

No method of electronic storage can be 100% secure, however, we have sophisticated and detailed security & development policies that govern our systems & applications to help ensure your data is as secure as it can be.

Use of our services by persons under the age of 16

We do not allow anyone under the age of 16 to signup, use or store any personal data with us on any of our services. If we discover or are notified about the presence of a user under this age, we will remove their data from our systems without notice.

Transferring your personal data internationally

Like many other organisations, we use third parties in other countries to help us run our business. This includes countries outside the European Economic Area. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EEA are done lawfully. If we transfer personal data to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will use a mechanism which covers the requirements for the transfer of personal data outside the EEA, such as the European Commission approved standard contractual clauses.

Changes to our privacy policy

We may need to make changes to this privacy policy from time to time. All changes will be published to our websites and we recommend reviewing it to stay up to date. If we make any changes that we feel may affect your privacy rights, we will notify you by e-mail or by displaying the information within our customer portal.

Our lawful basis for data processing

Under the General Data Protection Regulation, unless we have otherwise specified above, we will be processing your data in our legitimate interest. These interests include staff training, ensuring the security of our systems and to allow us to operate our business in an efficient manner.

Where our processing is based on consent, you may withdraw consent at any time.

Where our processing is necessary for us to perform our contract with you, or to take steps to enter into a contract with you, we will not be able to enter into a contract with you or deliver our services to you if you do not give us the data in question.

Disclosure of information to law enforcement agencies

We may disclose your information if we are requested to by any law enforcement agency where we believe we are required to comply with the request under any applicable laws.

Data protection authority

You may have the right to lodge a complaint with your local data protection authority or the Information Commissioner’s Office (ICO) in the United Kingdom (our authority).

The ICO can be contacted at: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. Other information can be found on their website at ico.org.uk.

Contacting us

If you have any questions about our privacy policy or any other aspects of our services, you may contact us by e-mail on support@ardenix-systems.com.