Privacy Policy

Our Site is owned and operated by HypaMaps Ltd, a private limited company registered in England and Wales. Our registered office and primary contact email are set out in Part 14. HypaMaps Ltd is the Data Controller for the personal data we collect through this Site and our services.

This Privacy Policy covers personal data we collect and process when you use Our Site, request a demo, sign up for marketing communications, become a client, or otherwise engage with us. It applies whether you interact with HypaMaps as an individual, an employee of a client organisation, or a representative of a partner.

Our Site may contain links to third-party websites, products and services. We are not responsible for the privacy practices of those third parties. We recommend reading their privacy policies before sharing any personal data with them.

Under UK GDPR, you have the following rights in relation to your personal data:

• →The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 14.
• →The right of access to the personal data we hold about you. Part 11 tells you how to do this.
• →The right to rectification if any of your personal data is inaccurate or incomplete.
• →The right to erasure ("the right to be forgotten") - i.e. the right to ask us to delete or otherwise dispose of any personal data we hold.
• →The right to restrict (i.e. prevent) the processing of your personal data.
• →The right to object to us using your personal data for a particular purpose or purposes.
• →The right to data portability. If you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business.
• →Rights relating to automated decision-making and profiling. We do not use your personal data in this way.

For more information about our use of your personal data or to exercise any of your rights, please contact us using the details in Part 14. Further information about your rights can also be obtained from the Information Commissioner's Office (ICO) at ico.org.uk.

Personal data is defined by the UK GDPR as "any information relating to an identified or identifiable natural person." In simpler terms, personal data is any information about you that enables you to be identified - either on its own or in combination with other information.

Depending on how you interact with Our Site and our services, we may collect:

• ·Name
• ·Job title and organisation
• ·Business email address
• ·Telephone number
• ·Postal address (clients only)
• ·Information about your role and interests
• ·IP address
• ·Web browser type and version
• ·Operating system
• ·Pages viewed on Our Site and the referring URL

We do not knowingly collect or process payment information, special-category personal data (such as health or biometric data), or personal data relating to children through Our Site.

We use the personal data we collect for the following purposes:

• →Providing and managing your access to Our Site.
• →Personalising and tailoring your experience on Our Site.
• →Supplying our products or services to you. Your contact details are required for us to enter into a contract.
• →Communicating with you. This may include responding to emails or calls from you and following up on demo requests.
• →Supplying you with information by email that you have opted in to. You may unsubscribe or opt out at any time using the link provided in any such email.
• →Analysing how Our Site is used, to improve content, navigation, and performance.

With your explicit consent and/or where permitted by law, we may also use your personal data for marketing purposes - typically inviting you to events, webinars, or sharing material relevant to your role. You have the right to withdraw consent at any time.

We legally base our processing on one or more of the following: your consent; performance of a contract with you (or steps requested by you to enter a contract); compliance with a legal obligation; or our legitimate interests in operating and improving our business, provided those interests do not override your rights.

We do not sell your personal data. We share it only with trusted third parties who help us operate the business and only to the extent necessary. This includes:

• →Form processor (Web3Forms) - contact-form submissions are routed via Web3Forms to [email protected].
• →Hosting and CDN provider (Cloudflare) - serves Our Site and handles DNS, security, and analytics.
• →Communications and CRM tools - used to manage client and prospect correspondence.
• →Analytics providers - used to understand how Our Site is used, in aggregated form.
• →Professional advisors - accountants, auditors, and legal counsel where required.

Where any of these third parties are located outside the UK or EEA, we ensure appropriate safeguards (such as Standard Contractual Clauses or equivalent) are in place to protect your data.

We will not keep your personal data for longer than is necessary in light of the reason(s) it was collected. Specifically:

• →Contact-form submissions are retained while we are corresponding with you, plus a short period thereafter (typically 24 months) to maintain a record of the enquiry.
• →Client records are retained for the duration of the contractual relationship plus the periods required by applicable tax, accounting, and regulatory law (typically 6 years).
• →Marketing subscriptions are retained until you unsubscribe.

In addition to your rights set out in Part 3, when you submit personal data through Our Site you may be given options to restrict our use of it. You can always opt out of marketing communications using the unsubscribe link in any email, or by contacting us directly.

You may access Our Site without providing any personal data at all. However, to use certain features (such as the demo-request form) you will need to provide certain information. We will only request what is reasonably necessary for the relevant purpose.

You have the right to ask for a copy of any of the personal data we hold about you. Under UK GDPR, no fee is payable and we will respond within one month. To make a request, contact us using the details in Part 14 and include "Subject Access Request" in your subject line.

Our Site may use cookies and similar technologies to provide essential functionality and to understand how the Site is used. We do not use cookies for advertising tracking. For more detail, see our cookie information at the bottom of every page or contact us using the details in Part 14.

We take appropriate technical and organisational measures to protect personal data from unauthorised access, disclosure, alteration, or destruction. These measures include access controls, encryption in transit, secure hosting, and regular review of our systems. While no internet transmission is completely secure, we treat the security of your data as a priority.

To exercise any of your rights, make a complaint, or ask any question about this Privacy Policy or how we handle your personal data, please contact us at:

If you are not satisfied with our handling of your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint.

We may update this Privacy Policy from time to time to reflect changes in the law, best practice, or how we operate. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this Privacy Policy periodically so you are aware of how we are protecting your personal data.