1. Who we are
Axulu Ltd is a business technology, cyber, evidence, AI, software and advisory services provider. For privacy queries, contact: privacy@axulu.com.
2. Scope of this notice
This notice explains how Axulu handles personal data when acting as controller, including website enquiries, sales activity, customer administration, supplier management, marketing, events, platform administration and business operations. Where Axulu processes personal data on behalf of a customer as processor, the relevant customer remains controller and the Axulu Data Processing Schedule may apply.
3. Personal data we may collect
We may collect business contact details, account details, communications, enquiry details, proposal and contract records, billing details, usage records, support records, uploaded materials, event/workshop attendance information, website and analytics data, security logs, system identifiers and information needed to provide our services.
4. Sources of personal data
We may receive personal data directly from you, from your employer or organisation, from customers, suppliers, public sources, business databases, CRM systems, event partners, website forms, platform usage, email, calls, documents you upload, and third-party services used to deliver our services.
5. Purposes and lawful bases
We may use personal data to respond to enquiries, provide services, administer accounts, manage contracts, deliver workshops, provide platform access, generate reports, manage security, maintain evidence and service history, improve products and services, comply with legal obligations, protect our rights, manage suppliers, send relevant B2B marketing and run our business. Lawful bases may include contract, legitimate interests, legal obligation and consent where required.
6. AI and third-party tools
We may use AI tools, automation, analytics, cloud services, CRM systems, support systems, hosting providers, security tools and other third-party platforms to support our business and services. We use reasonable care when selecting and using such tools, but customers should not provide sensitive or restricted personal data unless authorised and appropriate for the service.
7. Sharing personal data
We may share personal data with service providers, hosting providers, CRM and support platforms, AI and automation providers, professional advisers, insurers, regulators, authorities, payment providers, subcontractors, event partners and other parties where necessary for service delivery, business administration, legal compliance, security, dispute resolution or legitimate business purposes.
8. International transfers
Some third-party services may process data outside the UK or EEA. Where required, we use appropriate transfer mechanisms such as adequacy regulations, approved contractual clauses or another lawful mechanism.
9. Retention
We keep personal data for as long as reasonably required for the purposes described in this notice, including service delivery, evidence history, auditability, legal rights, regulatory compliance, insurance, security, accounting, dispute resolution, product improvement, operational continuity and legitimate business purposes, subject to applicable data protection law. We may retain anonymised or aggregated data indefinitely.
10. Your rights
Depending on the circumstances, individuals may have rights to access, correct, delete, restrict or object to processing, request portability, withdraw consent and complain to the Information Commissioner's Office. These rights may be subject to exemptions or limitations.
11. Security
We use reasonable organisational and technical measures to protect personal data. No system or transmission method is completely secure.
12. Contact and complaints
For privacy questions, contact privacy@axulu.com. You can also complain to the Information Commissioner's Office if you are unhappy with how we handle personal data.
13. Changes to this notice
We may update this notice from time to time. The current version will be published on our website.