Privacy Policy

Whats important

Apexiar Limited understands that your privacy is important to you and that you care about how your personal data is used.

We respect and value the privacy of everyone who visits this website, www.apexiar.co.uk (“Our Site”) and only collect and use your personal data as described in this Privacy Policy. Any personal data we collect will only be used as permitted by law.

Our Site is owned and operated by Apexiar Limited, a limited company registered in England and Wales under company number 16690592.

Please read this Privacy Policy carefully and ensure that you understand it.

This Privacy Policy explains how APEXIAR, a SaaS and consulting business based in the United Kingdom, collects, uses, shares, and protects information in connection with our SaaS platforms. We handle client information such as operational incidents and performance data, but we do not collect or process names, addresses, or other directly identifiable personal information about individuals unless explicitly stated otherwise in this policy. 

As a UK-based business, we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is effective as of September 01, 2025 and was last updated on the same date. 

What Data Do We Collect? 

We collect the following types of data in providing our Service: 

Account and Usage Data:

Information you provide when creating an account or using the Service, such as email addresses, usernames, or login credentials (if applicable). We do not collect names, physical addresses, or other direct personal identifiers. 

Client Information:

Operational incidents, performance data, and related business data provided by our clients.  

Automatically Collected Data:

Technical data such as IP addresses, device types, browser details, access times, and usage patterns (e.g., pages viewed or features used) to improve the Service. 

Cookies and Similar Technologies:

If our Service uses cookies, we may collect data on your browsing behaviour. 

We do not collect sensitive personal data (e.g., health, racial, or political information) or data related to children. 

How Do We Collect Your Data? 

You directly provide us with most of the data we collect. We collect and process data when you: 

  • Register for an account on our platform. 
  • Upload or input client information, such as incident reports. 
  • Interact with our Service, including submitting forms or using features. 
  • Contact us via email or support channels. 

 We may also collect data automatically through: 

  • Server logs and analytics tools when you access the Service.
  • Cookies or similar tracking technologies (if enabled). 

We do not receive personal data from third-party sources unless you authorize integrations (e.g., with client systems), in which case we would only process anonymised incident data as described. 

How Will We Use Your Data?

  • To provide and maintain the Service, including processing incident reports and generating insights for clients.
  • To manage user accounts and authenticate access. 
  • To improve the Service, such as analysing usage patterns for bug fixes or feature enhancements.
  • To communicate with you, e.g., sending service updates or responding to inquiries. 
  • For security and fraud prevention, such as monitoring for unauthorised access.
  • To comply with legal obligations, such as record-keeping for audits. 

We do not use your data for marketing purposes unless you explicitly opt in. We do not share client incident data for any purpose other than providing the Service. 

  • Contractual necessity (e.g., to fulfil our SaaS agreement with clients).
  • Legitimate interests (e.g., improving service efficiency and security). 
  • Consent (e.g., for optional features like newsletters, if applicable). 

 We may share your data with: 

  • Service providers (e.g., cloud hosting like AWS or analytics tools) who act as processors under strict data protection agreements. 
  • Legal authorities if required by law (e.g., court orders). 
  • In the event of a business merger or acquisition, but only with safeguards.

We do not sell your data. All sharing complies with UK GDPR, and we ensure processors provide adequate protections. Client incident data remains confidential and is not shared outside the necessary scope. 

International Transfers

If we transfer data outside the UK (e.g., to EU or US-based servers), we use UK-approved mechanisms such as Standard Contractual Clauses or adequacy decisions to ensure equivalent protection. 

How Do We Store and Secure Your Data? 

We store your data securely on UK-based servers. Security measures include encryption, access controls, firewalls, and regular audits. 

  • Account data: Retained for the duration of your active use plus one year after account closure for legal reasons.
  • Client business data (performance, operational data etc): Retained as per client agreements, or until deleted at client request. 
  • Logs and analytics: Retained for duration of contract for operational purposes.

Cookies

Our Service may use cookies to enhance functionality, such as remembering login sessions or analysing usage. Types include:

  • Essential cookies: For core Service operation. 
  • Analytics cookies: To understand usage (e.g., Google Analytics, anonymized).

Your Data Protection Rights 

Under UK GDPR, you have the following rights regarding your personal data: 

  • Right to Access: Request copies of your data. 
  • Right to Rectification: Correct inaccurate data. 
  • Right to Erasure (“Right to be Forgotten”): Request deletion under certain conditions.
  • Right to Restrict Processing: Limit how we use your data. 
  • Right to Object: Object to processing based on legitimate interests. 
  • Right to Data Portability: Receive your data in a transferable format. 
  • Right to Withdraw Consent: If processing is based on consent. 

Our lawful bases for the collection and use of your data 

Our lawful bases for collecting or using personal information to provide and improve products and services for clients are:

  • Consent – we have permission from you after we gave you all the relevant information. All of your data protection rights may apply, except the right to object. To be clear, you do have the right to withdraw your consent at any time. 
  • Contract – we have to collect or use the information so we can enter into or carry out a contract with you. All of your data protection rights may apply except the right to object. 

Changes to Our Privacy Policy 

We may update this policy. Changes will be posted here with the updated date. Continued use of the Service constitutes acceptance. 

How to Contact Us 

For questions or rights requests: 

Changes to Our Privacy Policy 

We may update this policy. Changes will be posted here with the updated date. Continued use of the Service constitutes acceptance.