Privacy Policy

At PivotPoint, a strategy and communications consultancy, we are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you interact with our website, services, and communications.

We are dedicated to complying with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws.

1. Who We Are (Data Controller)

PivotPoint, Durham United Kingdom
For any questions regarding this Privacy Policy or our data practices, please contact us at ed@pivotpoint.rocks

2. Types of Data We Collect

We may collect and process the following categories of personal data:

a) Data You Provide to Us Directly:

• Contact Information: Name, email address, phone number, company name, job title, postal address.

• Inquiry Details: Information you provide when you contact us via forms, email, phone, or during consultations, including details about your project, needs, and preferences.

• Communication Data: Records of your correspondence with us.

• Marketing Preferences: Your choices regarding receiving marketing communications from us.

b) Data Collected Automatically (Usage Data & Metadata): When you visit our website, hosted on Wix, certain information is collected automatically. This data, often referred to as usage data or metadata, helps us understand how our site is used and improve your experience.

• Technical Data: IP address, browser type and version, operating system, device type (desktop, mobile), screen resolution, language settings.

• Usage Data: Pages visited, time spent on pages, dates and times of access, referring/exit pages, clickstream data, and other statistics related to your interaction with our website.

• Location Data: General geographical location derived from your IP address.

c) Data from Other Sources: We may receive personal data from third parties, such as professional networking sites (e.g., LinkedIn) or public databases, where you have made your information publicly available and where it is relevant to our legitimate business interests in identifying potential clients or partners.

​

3. How We Collect Your Data

• Direct Interactions: You provide data when you fill out forms on our website, send us emails, call us, or engage in consultations.

• Automated Technologies (Cookies & Tracking): As our website is hosted on Wix, we and Wix use cookies, web beacons, and similar tracking technologies to collect usage data automatically. These technologies help us analyze trends, administer the website, track users’ movements around the site, and gather demographic information about our user base. For more details, please see our cookie policy below.].

• Third-Party Platforms: Data may be collected when you interact with our profiles on social media platforms or professional networking sites.

 

4. Legal Basis for Processing Personal Data (GDPR)

We process your personal data only when we have a valid legal basis to do so under GDPR. These include:

• Consent (Art. 6(1)(a) GDPR): Where you have given clear consent for us to process your personal data for a specific purpose (e.g., for marketing communications). You have the right to withdraw your consent at any time.

• Contractual Necessity (Art. 6(1)(b) GDPR): Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into such a contract (e.g., providing consultancy services).

• Legal Obligation (Art. 6(1)(c) GDPR): Where processing is necessary for compliance with a legal obligation to which we are subject (e.g., tax and accounting requirements).

• Legitimate Interests (Art. 6(1)(f) GDPR): Where processing is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override those interests. Our legitimate interests include:

  • Operating and improving our website and services.

  • Communicating with current and prospective clients.

  • Marketing our services to relevant businesses.

  • Ensuring the security of our systems.

  • Analyzing website usage to enhance user experience.

 

5. How We Use Your Data

We use your personal data for the following purposes:

• To Provide and Manage Our Services: To deliver our strategy and communications consultancy services, manage our relationship with you, and fulfill our contractual obligations.

• To Communicate with You: To respond to your inquiries, provide information about our services, send administrative notices, and deliver updates.

• For Marketing and Business Development: To send you relevant information about our services, insights, and events that may be of interest to you, based on your preferences or our legitimate interests. You can opt-out of marketing communications at any time.

• To Improve Our Website and Services: To analyze website usage, identify trends, and gather demographic information to enhance our website's functionality, content, and user experience.

• For Security and Fraud Prevention: To protect our website, systems, and data from unauthorized access, cyber threats, and other illicit activities.

• To Comply with Legal Obligations: To meet our legal and regulatory requirements.

 

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

• Wix.com Ltd.: As our website hosting provider, Wix processes data on our behalf. Please refer to Wix's own Privacy Policy for details on their data practices.

• Service Providers: Third-party companies and individuals who perform services on our behalf, such as IT support, analytics providers (e.g., Google Analytics), email marketing services, CRM systems, and professional advisors. These providers are obligated to protect your data and use it only for the purposes for which we disclose it to them.

• Legal and Regulatory Authorities: When required by law, court order, or governmental regulation, or if we believe it is necessary to protect our rights, property, or safety, or the rights, property, or safety of others.

• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred to the acquiring entity.

• With Your Consent: We may share your data with other third parties when we have your explicit consent to do so.

We do not sell your personal data to third parties.

 

7. International Data Transfers

As our website is hosted on Wix, and we may use other third-party service providers, your personal data may be transferred to, stored in, and processed in countries outside the European Economic Area (EEA), including the United States, where data protection laws may differ from those in your jurisdiction.

When we transfer your data outside the EEA, we ensure that appropriate safeguards are in place to protect your personal data, such as:

• Transferring data to countries deemed to provide an adequate level of protection by the European Commission.

• Using Standard Contractual Clauses (SCCs) approved by the European Commission, which require recipients to protect personal data to the same standards as in the EEA.

 

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (SSL/TLS).

• Access controls and authentication procedures.

• Regular security assessments and updates.

• Employee training on data protection.

While we strive to protect your personal data, no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee its absolute security.

 

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

 

10. Your Data Protection Rights (GDPR)

Under GDPR, you have the following rights regarding your personal data:

• Right to Access (Art. 15 GDPR): You have the right to request a copy of the personal data we hold about you.

• Right to Rectification (Art. 16 GDPR): You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.

• Right to Erasure (Art. 17 GDPR - "Right to be Forgotten"): You have the right to request the deletion of your personal data under certain circumstances (e.g., if the data is no longer necessary for the purposes for which it was collected).

• Right to Restriction of Processing (Art. 18 GDPR): You have the right to request that we restrict the processing of your personal data under certain conditions (e.g., if you contest the accuracy of the data).

• Right to Data Portability (Art. 20 GDPR): You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.

• Right to Object (Art. 21 GDPR): You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

• Rights in Relation to Automated Decision-Making and Profiling (Art. 22 GDPR): You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, unless certain exceptions apply.

• Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at [Your Email Address]. We will respond to your request within one month.

Right to Lodge a Complaint: If you believe that our processing of your personal data infringes data protection laws, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement.

 

11. Cookies Policy

Our website uses cookies and similar technologies to enhance your browsing experience, analyze site traffic, and for marketing purposes. Cookies are small text files placed on your device.

• Essential Cookies: Necessary for the website to function correctly (e.g., security, network management).

• Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting information anonymously.

• Marketing Cookies: Used to track visitors across websites to display relevant advertisements.

You can manage your cookie preferences through your browser settings or our website's cookie consent banner. Please note that disabling certain cookies may affect the functionality of the website.

 

12. Third-Party Links

Our website may contain links to third-party websites, plugins, and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

 

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any significant changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.

 

14. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: ed@pivotpoint.rocks