Gyral Logo

Gyral Privacy Policy

Privacy Policy

1. Introduction

Welcome to Gyral. We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal data, as well as your rights concerning your data.

2. Data Controller

Gyral Ltd is the data controller responsible for your personal data. If you have any questions, you can contact our Data Protection Officer (DPO) at:

  • Name: Neil Fogarty
  • Company Registration Number: 14715069
  • Registered Address: Old Church House, Abbots Salford, Warwickshire, WR11 8UT
  • Email: privacy@gyral.ltd
  • Postal Address: Old Church House, Abbots Salford, Warwickshire, WR11 8UT

3. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data: Name, title, date of birth
  • Contact Data: Address, email, phone number
  • Technical Data: IP address, browser type, device information
  • Usage Data: Information about how you use our platform or services
  • Marketing Data: Preferences for receiving communications
  • Financial Data: Payment details, billing information
  • Sensitive Data: Health data, biometric data (only where explicitly required and with your consent)

4. How We Collect Your Data

We collect data in the following ways:

  • Direct interactions: When you fill out forms, contact us, or subscribe to services
  • Automated technologies: Through cookies, server logs, and other technical tools
  • Third parties: From partners or service providers

5. Purpose and Lawful Basis for Processing Data

We will only process your data when there is a lawful basis to do so. This includes:

  • Contract: To fulfill our contractual obligations, e.g., managing your account and providing services.
  • Consent: When you have given explicit consent, e.g., subscribing to marketing communications.
  • Legitimate Interest: For purposes such as improving our services, fraud prevention, and maintaining security.
  • Legal Obligation: Compliance with legal or regulatory requirements, e.g., tax and financial regulations.

6. Data Sharing

We may share your data with third parties in the following scenarios:

  • Cloud Service Providers (e.g., AWS, Microsoft Azure): For data hosting and storage.
  • Payment Processors (e.g., Stripe, PayPal): For processing financial transactions.
  • CRM Systems (e.g., HubSpot, Salesforce): For managing customer relationships.
  • Analytics Platforms (e.g., Google Analytics): For analyzing user behavior.
  • Legal or Regulatory Authorities: For compliance with legal obligations.
  • Marketing Platforms (e.g., MailChimp): For communication and outreach.

We ensure all third parties adhere to strict data protection and confidentiality standards.

7. International Data Transfers

If your data is transferred outside the UK or European Economic Area (EEA), we will ensure adequate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent mechanisms.

8. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including legal, accounting, or reporting requirements.

  • Account Data: Retained for the duration of the account + 6 years.
  • Financial Records: Retained for 6 years in line with tax regulations.
  • Marketing Preferences: Until consent is withdrawn.
  • Customer Correspondence: Retained for 2 years.
  • System Logs: Retained for 12 months.

9. Your Data Protection Rights

You have the following rights under data protection laws:

  • Right to Access: Access a copy of your personal data.
  • Right to Rectification: Correct inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your data.
  • Right to Restrict Processing: Limit processing of your data.
  • Right to Data Portability: Transfer your data to another service provider.
  • Right to Object: Object to processing based on legitimate interests.
  • Rights in relation to automated decision-making and profiling: Challenge decisions made solely based on automated processing.

To exercise these rights, please contact our DPO.

10. Security Measures

We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These include encryption, access controls, and regular security audits.

11. Cookies

Our website uses cookies to improve user experience and analyze traffic. You can manage your cookie preferences through your browser settings. For more details, please refer to our Cookie Policy.

12. Changes to this Policy

We may update this Privacy Policy occasionally. Any changes will be posted on this page with an updated revision date.

13. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us:

  • Email: privacy@gyral.ltd
  • Postal Address: Old Church House, Abbots Salford, Warwickshire, WR11 8UT

14. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

  • Website: www.ico.org.uk
  • Phone: 0303 123 1113
  • Postal Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

15. Approval and Ownership

Owner: Data Protection Officer
Approved by: Gyral Board of Directors
Date Approved: 1 January 2025
Review Frequency: Annually

16. Version Control

Version: 1.1
Last Reviewed: 30 December 2024
Next Review Date: 20 December 2025