Legal
Privacy
Policy
Summary: Orionix Ltd is committed to protecting your personal data. We collect only what we need, use it transparently, and never sell it. This policy explains everything in plain English alongside the legal detail required by UK GDPR.
1. Who we are
Orionix Ltd (“Orionix”, “we”, “us”) is a limited company registered in England and Wales operating www.orionix.uk and providing AI-powered digital services and SaaS products. For UK data protection law (UK GDPR and the Data Protection Act 2018), Orionix Ltd is the data controller of personal data collected through our website and services.
Contact details
Data Protection enquiries: privacy@orionix.uk
Post: Data Protection Officer, Orionix Ltd, London, United Kingdom
You have the right to complain to the Information Commissioner’s Office (ICO) at any time. We would appreciate the opportunity to address your concerns first.
2. Data we collect
Data you give us directly
- Enquiry and contact forms: name, email address, company name, and message content.
- Account registration: name, email address, password (stored hashed), job title, and company details.
- Billing and payments: billing name, address, and payment method (processed by our PCI-certified payment provider; we do not store full card numbers).
- Support requests: any information you include when contacting our support team.
- Marketing preferences: email address and communication preferences when you subscribe to updates.
Data we collect automatically
- Usage data: pages visited, features used, time spent, referring URLs, and actions taken within our platform.
- Device and browser data: IP address, browser type and version, operating system, and device identifiers.
- Cookie data: see our Cookie Policy for full details.
- Server logs: access timestamps, request paths, and error codes retained for 90 days.
Data from third parties
- Single sign-on: if you log in using Google or Microsoft, we receive your name, email address, and profile picture.
- Analytics partners: aggregated and anonymised behavioural data.
We do not collect special category data (health, biometric, religious beliefs, etc.) unless you explicitly provide it in a support message, where it is processed only to resolve your issue.
3. How we use your data
| Purpose | Data used | Legal basis |
|---|---|---|
| Respond to enquiries | Name, email, message content | Legitimate interests |
| Provide and manage your account | Account details, usage data | Contract performance |
| Process payments | Billing details | Contract performance |
| Service communications | Email address | Contract performance |
| Marketing emails (with consent) | Email address, preferences | Consent |
| Improve products and website | Usage and device data | Legitimate interests |
| Security and fraud prevention | IP address, log data | Legitimate interests / Legal obligation |
| Comply with legal obligations | As required by law | Legal obligation |
4. Legal basis for processing
- Contract performance (Art. 6(1)(b)): processing necessary to provide the services you have requested.
- Legitimate interests (Art. 6(1)(f)): improving our services, preventing fraud, responding to enquiries — where our interests do not override your rights.
- Legal obligation (Art. 6(1)(c)): compliance with tax, financial reporting, and other legal requirements.
- Consent (Art. 6(1)(a)): marketing emails. Withdraw consent at any time via privacy@orionix.uk or by clicking “unsubscribe” in any email.
5. Data sharing
We do not sell, rent, or trade your personal data. We share it only with:
Service providers (data processors)
- Cloud infrastructure: hosting and storage providers in the UK and EU.
- Payment processing: regulated, PCI-certified payment service providers.
- Customer support tooling: helpdesk software for managing support tickets.
- Analytics: tools that provide aggregated, anonymised usage data.
- Email delivery: transactional email providers for service and account communications.
All processors are contractually bound to protect your data and act under our instructions only.
Legal disclosures
We may disclose data to law enforcement or regulatory authorities if required by law, court order, or to protect the rights, property, or safety of Orionix, our users, or the public.
Business transfers
If Orionix is involved in a merger, acquisition, or asset sale, we will notify you and inform you of any applicable choices before your data is transferred.
6. International transfers
Where we transfer personal data outside the UK, we ensure appropriate safeguards including UK adequacy regulations, International Data Transfer Agreements (IDTAs), or Standard Contractual Clauses (SCCs) approved by the ICO. Contact privacy@orionix.uk for details of specific safeguards.
7. Retention periods
| Data type | Retention period | Reason |
|---|---|---|
| Account data | Duration of account + 2 years | Service provision and dispute resolution |
| Contact enquiry data | 3 years from last contact | Legitimate interests |
| Billing records | 7 years | Legal and tax obligation (HMRC) |
| Marketing consent records | Until consent withdrawn + 1 year | Evidencing consent |
| Server access logs | 90 days | Security monitoring |
| Analytics data | 26 months (anonymised thereafter) | Performance improvement |
After the applicable period, data is securely deleted or anonymised.
8. Your rights
Under UK GDPR you have the right to: access your data; rectify inaccurate data; erase your data (right to be forgotten); restrict processing; data portability; object to processing; and rights around automated decision-making.
To exercise any right, email privacy@orionix.uk. We respond within 30 days. We may ask you to verify your identity. Most requests are free; we may charge a reasonable fee for manifestly unfounded or excessive requests.
ICO complaints: ico.org.uk/make-a-complaint or call 0303 123 1113.
9. Cookies
We use cookies and similar technologies to operate our website. See our Cookie Policy for full details of what cookies we use, why, and how to manage them.
10. Children’s privacy
Our services are not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with data, email privacy@orionix.uk and we will delete it promptly.
11. Changes to this policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by a prominent notice on our website. Your continued use of our services after changes take effect constitutes acceptance of the updated policy.
12. Contact us
- Email: privacy@orionix.uk
- Post: Data Protection Officer, Orionix Ltd, London, United Kingdom
- Web: orionix.uk/pages/contact.html