Xitex Limited is committed to ensuring that your privacy is protected.
This Policy explains how we use the information we collect about you, how you can instruct us if you prefer to limit the use of that information and procedures that we have in place to safeguard your privacy.
Who are we?
Xitex Limited provides consultancy on defining and launching connected products with particular emphasis on creating secure IoT products and their associated secure supply chains.
Company details: Xitex Limited
Limited company registered in England company number 2818786.
Registered address: 30 Bankside Court, Stationfields, Kidlington, Oxon., OX5 1JE, United Kingdom.
Trading address: The Granary, Sutton Lane, Slough, SL3 3AR, United Kingdom.
VAT Number: GB 614 7820 42
What does this Privacy Policy cover?
This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
What is Personal Data?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
In simpler terms Personal data is, any information about you that enables you to be identified and covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
What Personal Data Do You Collect?
We collect the information necessary to be able to respond to incoming enquiries, sales and account enquiries, technical support, product and service developments.
We do not collect sensitive personal data about you, but if such collection and further processing is necessary, we will only do so where you have
given your explicit consent.
Where do we collect Personal Data about you from?
The following are the different sources we may collect Personal Data about you from:
- You are currently, or have been, a customer of Xitex and/or our suppliers
- You have expressed an interest in our products previously
- You have requested to hear more about our company and/or our suppliers via phone, email and/or our websites
- You have provided your contact details during a meeting or referred by word of mouth, for example as a referral by a colleague or met with us and provided a business card.
How do we use your Personal Data?
Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. Your personal data may be used for one of the following purposes:
- Providing and managing your account.
- Supplying our products and services to you. Your personal details are required in order for us to enter into a contract with you.
- Personalising and tailoring our products and services for you.
- Communicating with you. This may include responding to emails or calls from you.
How long do we keep your Personal Data for?
We will not keep your personal data for any longer than is necessary in the context or reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):
- Indefinitely, whilst required in the performance of our business supply of products, services and support as described in “How do we use your Personal Data”.
- Indefinitely, for the purposes of communication whilst respecting our obligations to honour any requests to cease contact and/or delete personal data.
How and Where Do You Store or Transfer My Personal Data?
We do not transfer personal data out of the EEA, but if we did need to transfer data to a third party based in the US, this may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar levels of data protection to those in Europe.
Who do we share your Personal Data with?
We do not share your data with third parties unless we have your explicit agreement for us to do so.
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
What happens if you we ask that we stop holding or processing your information?
If you do not provide the personal data necessary or withdraw your consent for the processing of your personal data, we may not be able to support you as a customer.
Do we make automated decisions concerning you?
No, we do not carry out automated profiling.
Do we use Cookies to collect personal data on you?
No, our website does not use cookies to collect Personal Data.
How can I access my Personal Data?
In the event that you wish to know what personal data we have about you, you can make a “subject access request” on us, to obtain details of that personal data and for a copy of it (where any such personal data is held). All subject access requests should be made in writing and sent to the email or postal addresses shown above. There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 15 working days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
How can you contact us?
To contact us on anything to do with your personal data and or its protection, including to make a subject access request, please use the following details.
Email: gdpr@xitex.co.uk
Alterations to this Privacy Policy
We reserve the right to change this Privacy Policy from time to time, for example this may be necessary as result of changes in the law, or a change to our business that affects personal data protection.