Legal

    Privacy Policy

    Last updated: 17 July 2025

    Introduction

    At Xharvoc Limited ("Xharvoc", "XIT", "we", "us", or "our"), we value your privacy and are committed to being transparent about how we collect, use, share, and protect your personal data.

    This Privacy Policy explains:

    • what personal data we collect,
    • why we collect it,
    • how it is used and shared, and
    • the rights available to you under applicable data protection laws.

    This Privacy Policy is issued in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

    1. Who We Are (Data Controller)

    Company Name: Xharvoc Limited
    Company Number: 16590285
    Jurisdiction: England and Wales
    Company Type: Private Limited Company

    Registered Office:
    71–75 Shelton Street
    Covent Garden
    London, WC2H 9JQ
    United Kingdom

    Data Protection: We are exempt from ICO registration under the Data Protection (Charges and Information) Regulations 2018, but we comply fully with UK GDPR.

    For the purposes of UK data protection law, Xharvoc Limited is the data controller for personal data collected through our UK websites, services, and business operations.

    2. Scope of This Privacy Policy

    This Privacy Policy applies to:

    • visitors to our websites (including xharvoc.co.uk),
    • business contacts, clients, and partners,
    • users of our products, platforms, and services,
    • participants in Xharvoc initiatives, events, and communications.

    Certain services, products, or events may have additional privacy notices, which should be read together with this policy.

    3. Personal Data We Collect

    a) Information You Provide Directly

    We may collect personal data when you:

    • contact us,
    • submit enquiries or proposals,
    • register for events or services,
    • enter into contracts with us.

    This may include:

    • full name, company name, job title or role,
    • business email address, telephone number,
    • postal address, communication content,
    • contractual or billing information.

    b) Information Collected Automatically

    When you visit our website, we may automatically collect:

    • IP address, browser type and version,
    • device and operating system information,
    • language preferences, pages visited and interaction data,
    • referral source.

    This information is used to ensure website functionality, security, performance, and analytics.

    c) Information from Third Parties

    Where permitted by law, we may receive personal data from:

    • business partners, service providers,
    • event organisers, publicly available sources,
    • social networks (where you have given permission).

    4. Cookies and Similar Technologies

    We use cookies and similar technologies to:

    • ensure website functionality,
    • analyse traffic and usage,
    • improve user experience,
    • maintain security.

    You can control cookies through your browser settings. For more details, please refer to our Cookie Policy.

    5. How We Use Your Personal Data

    We process personal data for the following purposes:

    • providing and administering our services,
    • responding to enquiries and support requests,
    • managing contracts and client relationships,
    • operating, maintaining, and improving our websites and platforms,
    • organising events and initiatives,
    • sending business communications and updates,
    • conducting analytics and business insights,
    • complying with legal, regulatory, and contractual obligations,
    • protecting our business against fraud and security risks.

    We do not sell personal data.

    6. Legal Basis for Processing

    We process personal data under one or more of the following lawful bases:

    • Consent – where you have provided clear permission,
    • Contractual necessity – where processing is required to perform a contract,
    • Legal obligation – where required by law,
    • Legitimate interestsLegitimate interests – Our legitimate interests include maintaining business relationships, improving our services, ensuring network and information security, and promoting our services to relevant business contacts, provided these interests are not overridden by your rights and freedoms.

    7. Marketing Communications

    We may send marketing or promotional communications to business contacts where:

    • you have provided consent, or
    • it is otherwise permitted under UK law in a business-to-business context.

    You may opt out at any time by:

    • using the unsubscribe link in emails,
    • contacting us via our website,
    • emailing our Data Protection Team.

    8. Events, Initiatives, and Media

    For events and initiatives, we may collect:

    • name, role, company,
    • contact details,
    • photographs, videos, or recordings.

    Where required, we will provide additional notices and obtain consent. Events may be recorded and used for promotional or internal purposes with appropriate safeguards.

    9. Sharing Your Personal Data

    We may share personal data with:

    • trusted service providers (hosting, IT, analytics, communications),
    • professional advisers (legal, accounting),
    • regulators or authorities where required by law,
    • other Xharvoc group entities for operational purposes.

    All third parties are required to:

    • process data only on our instructions,
    • implement appropriate security measures,
    • comply with applicable data protection laws.

    10. International Data Transfers

    Your personal data may be processed outside the UK or EEA (including India) for operational or support purposes.

    Where such transfers occur, we ensure appropriate safeguards are in place, such as:

    • UK adequacy regulations,
    • standard contractual clauses,
    • equivalent data protection measures.

    You may request further information about these safeguards.

    11. Data Security

    We implement appropriate technical and organisational measures to protect personal data against:

    • unauthorised access,
    • loss or destruction,
    • alteration or disclosure.

    Access is limited to individuals who require it for legitimate business purposes and are bound by confidentiality obligations.

    In the event of a data breach, we will act promptly and notify affected individuals and regulators where required by law.

    12. Data Retention

    We retain personal data only for as long as necessary to:

    • fulfil the purposes for which it was collected,
    • comply with legal, accounting, and regulatory requirements.

    Retention periods vary depending on data type and purpose. Anonymised data may be retained for analytics or research purposes.

    13. Your Rights Under UK GDPR

    You have the right to:

    • access your personal data,
    • request correction of inaccurate data,
    • request erasure in certain circumstances,
    • restrict processing,
    • object to processing,
    • data portability,
    • withdraw consent at any time.

    Requests can be made using the contact details below.

    14. Complaints

    If you believe your data protection rights have been violated, you may lodge a complaint with:

    Information Commissioner's Office (ICO)
    Website: https://www.ico.org.uk

    We encourage you to contact us first so we can address your concerns.

    15. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time. Any changes will be published on our website with an updated revision date.

    16. Contact Us

    For questions, concerns, or data protection requests:

    Email: [email protected]

    Company: Xharvoc Limited
    Registered Office:
    71–75 Shelton Street
    Covent Garden
    London, WC2H 9JQ
    United Kingdom