Let's Talk
Let's Talk

Privacy Policy

Last Updated: June 13, 2025

This Privacy Policy explains how Xperiensys Limited ("Xperiensys," "we," "us," or "our") handles your personal data. We're a data controller based here in the United Kingdom, and this policy covers how we collect, use, and protect your information when you visit our website at www.xperiensys.com or get in touch with us and use our services. We're fully committed to keeping your privacy safe and your information secure, all in line with the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

Xperiensys Limited
Registered Address: 1 Golden Court, Richmond, United Kingdom TW9 1EU
Company Number: 09511055

1. What Personal Information We Collect

When you pop over to our website, we gather some bits of information about your device and how you interact with our site. We also collect info you kindly provide us when you use our services or fill out our forms.

a) Information We Collect Automatically ("Device Information"):

When you visit www.xperiensys.com, we automatically collect data about your device and what you're doing on our site. This includes:

  • Demographics: General age ranges, gender, and interests (these come from analytics tools like Google Analytics).

  • Engagement Data: How you use our website, like which pages you look at, how long you stay on them, and how often people leave after viewing just one page (bounce rates).

  • Traffic Sources: Where you came from to find our website (e.g., search engines, social media, other websites).

  • Device and Browser Information: The type of device (e.g., desktop, mobile) and web browser you're using.

  • User Sessions: Stats on how many users visit and how long their visits last.

  • Completions: Keeping track of specific actions and things you finish on our website (e.g., submitting forms, clicking key features).

  • Technical Information: Your Internet Protocol (IP) address, time zone, and the cookies our website sets on your device.

b) Information You Provide to Us:

We collect personal data you voluntarily give us, mostly through the forms on our website. This might include:

  • Contact Information: Your name, email address, phone number, where you live, and your organisation.

  • Enquiry Details: Anything else you choose to tell us in your form submissions.

c) Sensitive Data:

We don't intentionally collect any "special category data" (things like health info, racial or ethnic origin, political views, religious beliefs, trade union membership, genetic, biometric, or sexual orientation data). While Google Analytics might give us aggregated demographic data (age, gender, interests), this isn't personal sensitive data that identifies you individually.

2. Why and How We Process Your Data (Our Legal Reasons)

We process your personal data based on specific legal grounds, as required by GDPR. Our main aim is to make sure your data is handled lawfully, fairly, and transparently.

a) For Keeping the Website Running and Secure (Legitimate Interest):

  • Purpose: To spot any potential misuse, get statistics on website usage, keep the website safe and stable, and make sure it's working properly.

  • Legal Basis: It's in our legitimate interest to manage and protect our website, stop fraud, and ensure our network and information are secure.

b) For Analytics and Making Things Better (Consent for non-essential cookies; Legitimate Interest for aggregated data):

  • Purpose: To understand how visitors behave, measure how well our website is doing, and improve your experience (e.g., through performance and functionality cookies, and anonymised analytics data).

  • Legal Basis: For cookies that aren't absolutely essential (performance, functionality, targeting/marketing), we rely on your consent, which we get through our cookie consent banner. For aggregated and anonymised statistical info that doesn't identify anyone specifically, we do this because it's in our legitimate interest to analyse and improve our services.

c) For Answering Your Questions and Providing Services (Performance of a Contract or Legitimate Interest):

  • Purpose: To respond to your enquiries from forms, send you the information you've asked for (like newsletters), and fulfil any agreements or pre-contract steps related to our services.

  • Legal Basis:

    • Performing a contract or taking steps you requested before entering into a contract, when you submit a form to ask for a specific service or information that might lead to an agreement.

    • It's in our legitimate interest to chat with you, give you customer support, and handle general questions when there's no contract yet.

    • Consent, specifically for signing up to our newsletter or getting marketing messages. You can always change your mind and withdraw this consent.

d) For Our AI-Powered Chatbot (Legitimate Interest):

  • Purpose: To offer automated help, answer visitor questions, and make it easier for you to get in touch with Xperiensys via an AI-powered chatbot on our website.

  • Legal Basis: It's in our legitimate interest to offer efficient customer support and make your experience better. Just so you know, while the chatbot processes what you type to give you answers, Xperiensys doesn't use it to specifically collect or process data beyond that immediate chat. We don't store personally identifiable chat history for profiling or any other secondary uses.

3. Our Cookie Policy

Our website uses "cookies" to make your browsing experience smoother, provide essential functions, and help us understand how our site is used. Cookies are tiny text files that websites put on your device.

Here are the types of cookies we use:

  • Strictly Necessary Cookies: These are absolutely vital for our website to work securely and effectively. They enable core functions like getting content to you safely. You can't opt out of these because the website simply wouldn't work without them.

  • Performance Cookies: These cookies help us see how many visitors we get and how you move around our site. This helps us make our website better, for instance, by making sure you can easily find what you're looking for.

  • Functionality Cookies: These cookies recognise you when you come back to our website. This lets us personalise our content for you, greet you by name, and remember your preferences (like your language or region).

  • Targeting and Marketing Cookies: These cookies keep a record of your visit to our website, the pages you've looked at, and the links you've clicked. We use this info to make our website and any adverts you see on it more relevant to your interests. We might also share this info with third parties for this reason, so when you're on another website, you might see content based on your browsing habits on our site. We might also show you content on our website, including for remarketing, which means sharing marketing stuff with you again based on your preferences and browsing patterns we've picked up from our advertising partners.

Your Cookie Choices:

We'll ask for your clear consent for all cookies that aren't strictly necessary (that's Performance, Functionality, and Targeting/Marketing cookies) using a cookie consent banner when you first land on our site. You'll have the choice to accept all, reject all, or manage your preferences. You can usually control your cookie settings through your web browser. Just a heads-up, disabling certain cookies might affect how well our website works for you.

4. How We Share Your Information

We definitely don't sell your personal data. We might share your information with trusted third-party service providers and partners who help us run our website, do our business, or provide services to you. These third parties are legally bound by contract to protect your data and only use it for the reasons we've given them permission for. For example, this includes:

  • Analytics Providers: Like Google Analytics, to help us understand how people use our website.

  • Website Hosting Providers: Who host our website and its content.

5. International Data Transfers

Xperiensys operates worldwide. So, your personal information might be transferred to, and stored in, countries outside the UK or EU that might have different data protection standards.

We'll always take proper steps to make sure that these transfers of personal information follow the applicable data protection laws. We manage them carefully to protect your privacy rights and interests. Transfers are only made to countries that are recognised as having adequate legal protection (e.g., countries with EU or UK adequacy decisions) or where we're confident that alternative, appropriate safeguards are in place to protect your privacy rights.

When we transfer personal information to third parties (service providers or processors) who help us process data outside our company or its group, we get contractual promises from them to protect your personal information. These promises typically involve using Standard Contractual Clauses (SCCs) approved by the European Commission, and where it applies, the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the SCCs. These require them to provide an equivalent level of data protection to what you get in the UK and EU.

6. How Long We Keep Your Data

We only hold onto your personal data for as long as it's necessary for the reasons we collected it, as explained in this Privacy Policy.

  • Automatically Collected Information (Device Information and Analytics Data): This data is generally kept for as long as needed to analyse website performance and trends, usually up to 26 months for Google Analytics data, or until it's grouped together or anonymised.

  • Information You Provide Via Forms (e.g., contact enquiries): Data submitted via a form with your consent might be kept for longer if it's in our legitimate business interest to do so (for example, to keep a record of our conversations or to fulfil ongoing service needs), or until you take back your consent or ask us to delete it.

  • Legal Obligations: We might keep personal data for longer if the law requires it, or to meet legal duties (e.g., for tax records).

Once your personal data isn't needed anymore for these reasons, we'll securely delete or anonymise it.

7. Your Rights

If you live in the UK or the European Economic Area (EEA), you have certain rights regarding your personal data under GDPR:

  • The Right to Be Informed: You've got the right to get clear, easy-to-understand information about how we use your personal data and what your rights are. This Privacy Policy is here to give you that info.

  • The Right of Access: You can ask us if we're processing your personal data, and if we are, you can ask for access to that data and some details about how we're processing it.

  • The Right to Rectification: If your personal data is wrong or incomplete, you have the right to get it corrected.

  • The Right to Erasure ("Right to Be Forgotten"): You can ask us to delete or remove your personal data if there's no good reason for us to keep processing it.

  • The Right to Restrict Processing: You have the right to 'block' or stop us from processing your personal data in certain situations.

  • The Right to Data Portability: You can get your personal data from us and reuse it for your own purposes across different services, especially where the processing is based on your consent or a contract.

  • The Right to Object: You can object to certain types of processing, including when we process data based on our legitimate interests or for direct marketing.

  • Rights in Relation to Automated Decision-Making and Profiling: You have the right not to be subject to a decision made purely by automated processing, including profiling, if it has legal effects on you or significantly affects you. As we've said, our AI chatbot doesn't do automated decision-making or profiling that legally affects individuals.

To exercise any of these rights, please email us at dpo@xperiensys.com. We might need some specific info from you to check your identity and make sure it's really you asking to access your data or use your other rights. We'll get back to you without undue delay, and definitely within one month of getting your request. If things are really complex or we get a lot of requests, this period might be extended by up to two more months.

If you're not happy with how we've handled your personal data, you have the right to make a complaint to a supervisory authority.

  • For UK residents: The relevant supervisory authority is the Information Commissioner's Office (ICO). You can find their contact details and how to complain at www.ico.org.uk.

  • For EU residents: The relevant supervisory authority is the Data Protection Authority (DPA) in your country of residence within the European Union.

8. Children's Personal Data

Our website doesn't contain anything inappropriate for children, so there's no minimum age limit to use it. We do not identify individual users by age. We process everyone's personal data, including children's, according to this Privacy Policy.

9. Information Security

We keep the information you provide on computer servers in a controlled, secure environment, protected from unauthorised access, use, or disclosure. We have sensible administrative, technical, and physical safeguards in place to protect against unauthorised access, use, modification, and disclosure of personal data under our control. However, it's worth remembering that no data transmission over the internet or wireless network can be guaranteed to be 100% secure.

10. Legal Disclosure

We'll disclose any information we collect, use, or receive if the law requires or permits it – for instance, to comply with a subpoena or similar legal process. We'll also disclose information if we genuinely believe it's necessary to protect our rights, your safety, or the safety of others, to investigate fraud, or to respond to a government request.

11. Changes to This Privacy Policy

We might update this Privacy Policy from time to time to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons. We'll let you know about any changes by putting the new Privacy Policy on this page and updating the "Last Updated" date at the top. We encourage you to check this Privacy Policy regularly for any updates.

12. Get in Touch

If you have any questions about this Privacy Policy or want to contact us about your individual rights or personal information, please send an email to:

dpo@xperiensys.com

© 2025 Xperiensys Limited | Terms of Use | Privacy Policy | Cookie Policy | Modern Slavery Statement

Let's Talk