This policy explains how Marduxx collects, uses and protects your personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take your privacy seriously. We do not sell your data. We do not share it with advertisers. We collect only what we need.
Who We Are
Marduxx Ltd is an AI and software solutions company incorporated in England and Wales. We are the data controller for personal data collected through our website and services.
Our registered address and contact details are set out in Section 12 of this policy. For all data protection matters, you may contact us directly at privacy@marduxx.com.
What Personal Data We Collect
We collect personal data only where it is necessary for a legitimate purpose. The table below sets out what we collect and why.
| Data Type | What It Includes | How Collected |
|---|---|---|
| Identity data | Full name | Interest registration form |
| Contact data | Email address | Interest registration form |
| Professional data | Organisation name, job role (optional) | Interest registration form |
| Preference data | Product interest areas, stated intentions (early access, research participation etc.) | Interest registration form |
| Message content | Free-text responses about your AI challenges or requirements | Interest registration form |
| Technical data | IP address, browser type, device type, pages visited, time on site | Automatically via cookies and server logs |
| Communications data | Records of emails or messages exchanged with us | Direct correspondence |
We do not collect any special category data (such as health data, political opinions, or biometric data) and we do not request it.
How We Use Your Data
We use your personal data for the following purposes:
| Purpose | Description |
|---|---|
| Product development | To understand market interest in our products and services, and to shape our development roadmap based on genuine customer need. |
| Early access programme | To contact you about beta access, product launches and pre-release opportunities you have expressed interest in. |
| User research | To invite you to participate in interviews or research sessions where you have indicated willingness to do so. |
| Commercial communications | To send you updates about Marduxx products, services and company news. You may opt out at any time. |
| Responding to enquiries | To respond to direct messages, questions or bespoke project enquiries. |
| Website improvement | To analyse how visitors use our website and improve the user experience. |
| Legal compliance | To comply with our legal obligations under UK law. |
Our Legal Basis for Processing
Under UK GDPR, we are required to have a lawful basis for processing your personal data. We rely on the following bases:
Consent — where you have submitted our interest registration form, you have actively provided your data and expressed clear intent to hear from us. You may withdraw this consent at any time by emailing privacy@marduxx.com.
Legitimate interests — we process certain data (such as technical/analytics data) on the basis that we have a legitimate interest in understanding how our website is used and improving our services. We have assessed that these interests do not override your rights and freedoms.
Legal obligation — in some circumstances we may be required to process your data to comply with a legal obligation, such as responding to a lawful request from a public authority.
Contract — where you engage Marduxx for services, we will process your data as necessary to fulfil our contractual obligations to you.
Sharing Your Data
We do not sell your personal data to any third party. We do not share your data with advertisers.
We may share your data with a limited number of trusted third-party service providers who assist us in operating our business, including:
Email and communication platforms — to send and manage communications (e.g. Google Workspace). These providers act as data processors under our instruction and are bound by appropriate data processing agreements.
Website hosting and analytics — our website is hosted on a third-party platform (e.g. Netlify). Basic analytics may be processed by third-party tools. We use privacy-respecting configurations and, where possible, anonymised data only.
AI development tools — we use AI platforms including Anthropic's Claude in the development and operation of our services. Where any personal data may be processed by such tools, we ensure appropriate contractual safeguards are in place.
All third-party processors are required to handle your data securely, in accordance with UK GDPR, and only for the purposes we specify. We do not transfer your personal data outside the UK or EEA without ensuring adequate protections are in place.
How Long We Keep Your Data
We retain your personal data only for as long as necessary for the purposes for which it was collected, or as required by law.
| Data Type | Retention Period |
|---|---|
| Interest registration data | Until you withdraw consent, or 3 years from last meaningful contact — whichever is sooner |
| Email correspondence | 3 years from the date of correspondence, unless related to a contract or legal matter |
| Technical / analytics data | Up to 26 months, in line with standard analytics practice |
| Contract and billing data | 7 years, as required by HMRC and UK tax law |
When data is no longer required, it is securely deleted or anonymised.
Your Rights Under UK GDPR
You have the following rights in relation to your personal data. To exercise any of these rights, contact us at privacy@marduxx.com. We will respond within one calendar month.
Request a copy of the personal data we hold about you (a Subject Access Request).
Ask us to correct any inaccurate or incomplete data we hold about you.
Request that we delete your personal data, subject to certain legal exceptions.
Ask us to limit how we use your data in certain circumstances.
Receive your data in a structured, machine-readable format to transfer to another provider.
Object to processing based on legitimate interests, including direct marketing.
Withdraw consent at any time where processing is based on your consent. This does not affect prior processing.
Lodge a complaint with the ICO at ico.org.uk or by calling 0303 123 1113.
Cookies
Cookies are small text files stored on your device when you visit our website. We use cookies to make our site function correctly and, where you consent, to understand how visitors use it.
| Cookie Type | Purpose | Consent Required |
|---|---|---|
| Essential | Required for the website to function. Cannot be disabled. | No |
| Analytics | Help us understand how visitors interact with the site (e.g. pages visited, time on site). Data is aggregated and anonymised where possible. | Yes |
| Preference | Remember your choices (e.g. cookie consent status). | No |
You can manage or withdraw your cookie consent at any time using the cookie settings link in the footer of our website, or by adjusting your browser settings. Note that disabling certain cookies may affect site functionality.
We do not use advertising or tracking cookies, and we do not allow third-party advertisers to place cookies on our site.
How We Protect Your Data
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, destruction or alteration. These include:
Encryption in transit — all data transmitted between your browser and our website is encrypted using TLS (HTTPS).
Access controls — personal data is accessible only to Marduxx personnel who need it to perform their role, subject to confidentiality obligations.
Secure service providers — we use reputable, security-certified third-party platforms for hosting and communication.
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and will inform affected individuals without undue delay, as required by UK GDPR.
Children's Privacy
Our website and services are directed at business professionals and individuals aged 18 and over. We do not knowingly collect personal data from anyone under the age of 18. If you believe we have inadvertently collected data from a minor, please contact us immediately at privacy@marduxx.com and we will delete it promptly.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services or legal obligations. When we make material changes, we will update the version number and effective date at the top of this page.
We encourage you to review this policy periodically. Continued use of our website or services after an update constitutes acceptance of the revised policy. Where changes are significant, we will notify registered users directly by email.
Contact Us
For any questions, concerns or requests relating to this Privacy Policy or your personal data, please contact us using the details below. We aim to respond to all data protection enquiries within five working days.
Marduxx Ltd
England and Wales
Email: privacy@marduxx.com
General enquiries: hello@marduxx.com
If you are not satisfied with our response to a data protection concern, you have the right to complain to the Information Commissioner's Office (ICO) — the UK's independent data protection regulator. Visit ico.org.uk or call 0303 123 1113.