Privacy Policy

Information We Collect

Personal Information

• Email address and full name when you create an account
• Professional information (role, company, employment type, tenure)
• Feedback content and ratings you submit
• Communication preferences and consent records

Technical Information

• IP address and browser information
• Device type and operating system
• Usage patterns and interaction data
• Cookies and similar tracking technologies

How We Use Your Information

Service Provision (Legal Basis: Contract)

• Process and display feedback submissions
• Facilitate communication between organizations and feedback providers
• Maintain account security and prevent fraud
• Provide customer support and respond to inquiries

Legitimate Interests

• Improve our platform and develop new features
• Analyse usage patterns and optimize performance
• Ensure platform security and prevent misuse
• Conduct research and analytics for business improvement

Consent-Based Processing

• Send marketing communications (only with explicit consent)
• Use analytics cookies to understand user behavior
• Personalise content and advertisements

Data Security & Protection

Security Measures

• End-to-end encryption for all data transmission
• Encrypted storage of personal and sensitive information
• Regular security audits and vulnerability assessments
• Multi-factor authentication for administrative access
• Employee training on data protection and privacy

Access Controls

• Role-based access control with principle of least privilege
• Regular access reviews and permission audits
• Secure authentication protocols for all system access
• Automatic session timeouts for inactive users

Data Retention

Retention Periods

• Feedback Data: Retained for 7 years for legal and accountability purposes
• User Accounts: Deleted 30 days after account closure request
• Audit Logs: Retained for 7 years for security and compliance
• Consent Records: Retained for 10 years as proof of compliance
• Session Data: Retained for 90 days for security monitoring
• Support Communications: Retained for 3 years for service quality

Automated Deletion

We have implemented automated systems to delete data according to our retention schedule. You can request earlier deletion of your data subject to our legitimate interests and legal obligations.

Your Rights Under GDPR

Access & Portability

• Right to access your personal data
• Right to data portability in machine-readable format
• Right to information about processing activities

Control & Correction

• Right to rectify inaccurate information
• Right to erasure (“right to be forgotten”)
• Right to restrict processing

Consent & Objection

• Right to withdraw consent at any time
• Right to object to processing
• Right to opt-out of automated decision-making

Legal Remedies

• Right to lodge a complaint with supervisory authority
• Right to judicial remedy
• Right to compensation for damages

Cookie Policy

Types of Cookies We Use:

Necessary Cookies – Essential for website functionality, security, and user authentication. These cannot be disabled as they are required for the service to work.

Analytics Cookies – Help us understand how visitors interact with our website by collecting anonymous information about usage patterns.

Marketing Cookies – Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.

Contact Information

Data Protection Officer

Email: hello@ethixly.com

Privacy Inquiries

For any privacy-related questions or to exercise your rights under GDPR, please contact us at hello@ethixly.com. We will respond to your request within 30 days as required by law.

Supervisory Authority

You have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO): ico.org.uk