Privacy Policy

Oplytics.digital ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. By accessing or using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access our services.

We collect information that you provide directly to us, including: • Name, email address, and company name when you fill out contact forms or register interest • Account information when you register for our services (name, email, role, organisation) • Payment and billing information when you subscribe to paid plans • Usage data and analytics when you interact with our platform • Device and browser information for security and optimisation purposes • Manufacturing operational data that you input into our services We also collect certain information automatically when you visit our website, including IP address, browser type, operating system, referring URLs, and pages visited. We use analytics tools to understand how visitors interact with our website.

We use the information we collect to: • Provide, maintain, and improve our services • Process transactions and send related information • Respond to your enquiries and provide customer support • Send you technical notices, updates, and administrative messages • Send marketing communications (with your consent, where required) • Monitor and analyse trends, usage, and activities • Detect, investigate, and prevent fraudulent transactions and other illegal activities • Personalise and improve your experience with our platform • Train and improve our AI models using anonymised and aggregated data only

We process your personal data on the following legal bases under GDPR: • Contract: Processing necessary for the performance of our contract with you (providing our services) • Consent: Where you have given explicit consent for specific processing activities (marketing communications) • Legitimate Interest: Processing necessary for our legitimate business interests (improving our services, security) • Legal Obligation: Processing necessary to comply with legal requirements You may withdraw your consent at any time by contacting us at [email protected].

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except: • To trusted service providers who assist us in operating our platform (hosting, payment processing, analytics) • When required by law or to respond to legal process • To protect our rights, privacy, safety, or property • In connection with a merger, acquisition, or sale of assets (with prior notice) All third-party service providers are contractually obligated to protect your data and process it only as instructed by us. Our primary infrastructure is hosted in UK/EU data centres.

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. • Account data: Retained for the duration of your account plus 12 months after closure • Contact form submissions: Retained for 24 months • Analytics data: Retained in anonymised form indefinitely • Financial records: Retained for 7 years as required by law You may request deletion of your data at any time, subject to legal retention requirements.

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes: • Encryption at rest and in transit (TLS 1.3) • Regular security audits and penetration testing • Role-based access controls and principle of least privilege • Automated threat detection and monitoring • Regular backups with tested recovery procedures • Employee security awareness training While we strive to protect your personal data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

We use cookies and similar tracking technologies to enhance your experience on our website. These include: • Essential cookies: Required for the website to function properly (session management, security) • Analytics cookies: Help us understand how visitors interact with our website (anonymised) • Preference cookies: Remember your settings and preferences We do not use advertising or tracking cookies from third-party ad networks. You can control cookie settings through your browser preferences.

Your data is primarily stored and processed in the United Kingdom and European Economic Area. If we need to transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, including: • Standard Contractual Clauses approved by the European Commission • Adequacy decisions where applicable • Binding Corporate Rules where relevant We will always inform you before transferring your data to a jurisdiction outside the UK/EEA.

Under applicable data protection laws (GDPR and UK Data Protection Act 2018), you have the right to: • Access: Request a copy of the personal data we hold about you • Rectification: Request correction of inaccurate or incomplete data • Erasure: Request deletion of your personal data ("right to be forgotten") • Restriction: Request restriction of processing in certain circumstances • Portability: Request your data in a structured, machine-readable format • Objection: Object to processing based on legitimate interests or direct marketing • Automated decisions: Not be subject to decisions based solely on automated processing To exercise these rights, please contact us at [email protected]. We will respond within 30 days.

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us at: Data Protection Officer Oplytics.digital Email: [email protected] General enquiries: [email protected] You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe your data protection rights have been violated.