February 2026
Legal Notices and Disclosures
Privacy Statement- GDPR (Data Subjects)
Introduction
Digilytics.ai (“Digilytics,” “we,” or “us”) recognizes the importance of privacy and is committed to protecting the personal information of our customers, our customers’ clients, website visitors, prospective customers, and job applicants. We ensure that all personal data is collected, processed, and safeguarded in full compliance with applicable data protection laws, as well as our internal privacy policies and procedures.
To maintain the confidentiality, integrity, and security of personal data, we implement robust technical and organizational measures ensuring that your information is handled with the highest standards of care and security whenever you interact with us.
1. What do we collect?
We collect and process personal data to provide efficient services, enhance your experience, and ensure transparency in all interactions. This Statement applies to:
- Our websites https://digilytics.ai/
- Services provided by Digilytics.ai
- Marketing activities and communications
- Interactions with us, including downloading resources.
- For any Job or employment purposes
2. Which Categories of Personal Data Do We Collect and How Is It Processed?
- Digilytics.ai collects personal data from individuals, including our employees, clients, their current, former, or prospective employees and directors, suppliers, business partners, shareholders, and users of our website.
- In cases where we collect personal data not explicitly mentioned in this Privacy Statement, we will provide clear notice to the relevant individuals, as required by law, detailing the additional data being collected and the purposes for which it will be used.
2.1. Information We Automatically Collect
When you access our website, we may automatically gather certain information about your device and online activity. This can include details such as your device’s IP address, the pages you visit, and the time and duration of your visit. For more information on how we use such tools, please refer to our Cookie Notice.
2.2. What Personal Data we collect?
The table below outlines the categories of personal data we collect, the purposes for which we process it, and the corresponding legal basis under GDPR:
| Sr. No. | Category of Personal Data | Types of Personal Information Collected | Purpose of Processing | Legal Basis (if applicable) |
|---|---|---|---|---|
| 1 | Website Contact Information | Name, email address, phone number (via website contact forms) | To respond to inquiries and communicate with potential/existing customers | Legitimate Interest in communicating with users |
| 2 | Support & Maintenance Data | Name, email, phone number, customer account identifiers, support ticket details | To provide product support, maintain services, help clients with glitches/issues | Contractual necessity to deliver services |
| 3 | Usage & Application Analytics | IP address, device type, browser information, usage patterns, feature interactions | For product performance monitoring, service improvements, and analytics | Legitimate interest to improve services |
| 4 | Marketing Campaign Interaction | Email open/click data, preferences, engagement metrics | To understand marketing performance and engage users with relevant communications | Consent for direct marketing |
| 5 | Social & Engagement Interactions | Interaction data, social login metadata, browser data | To analyze user engagement and improve user experience within marketing and product | Legitimate interest (product & UX enhancements) |
| 6 | Hosted Service & Third-Party Integrations | Data processed by cloud hosting, analytics & AI engine (platform logs, anonymized metrics) | To deliver reliable SaaS offerings and maintain technological infrastructure | Contractual necessity / Legitimate interest |
| 7 | Personalization & Newsletter | Name, email address, usage preferences | To personalize newsletters, manage subscriptions, and send updates | Consent for communication |
| 8 | Employment & Recruitment Data | Candidate name, contact details, resume/CV, assessment scores, interview feedback, recordings of interview, screenshots | To evaluate job applications, conduct skills assessments, schedule interviews and administer recruiting processes | Legitimate Interest |
| 9 | Employee Record Information | Employee name, email, contact, role, HR records, performance data, payroll identifiers (internal use), biometric, facial recognition | Managing employment relationships, payroll, reviews, performance and workplace administration | Contractual & legal compliance obligations with Consent |
| 10 | Client Account & Billing Data | Company name, account admin contact, billing address, payment details | Managing accounts, billing, subscriptions and invoice processing | Contractual necessity to provide services |
| 11 | Security & Compliance Logs | Authentication logs, security event tracking, access records, CCTV | To safeguard systems, detect abuse or breaches, ensure compliance | Legitimate interest |
| 12 | Feedback & Survey Responses | Contact details, company details, survey responses, ratings | To gather feedback on products & services and derive improvement insights | Consent / Legitimate interest |
We will process your personal data for the purposes described above based on your prior consent, where such consent is required under applicable law.
If you are asked to select or click options such as “I accept,” “I agree,” or similar checkboxes or buttons in connection with a privacy statement, your action will be considered as providing consent to process your personal data, only to the extent that such consent is legally required.
We will not use your personal information for any purposes that are inconsistent with those you have been informed about, except where processing is required or permitted by law.
3. Who do we share your Personal Data with?
3.1 When required to share Personal Information
We may be required to share information with law enforcement or other third parties when compelled to do so by court order or other legal process, or to comply with statutes or regulations.
If we merge with or are acquired by another company, and if all of our assets are acquired by another company, this information will most likely be one of the assets to be transferred. However, we will not transfer any personal information of our customers until necessary to provide you with a continuity of service and only when the new owner maintains and provides the same level of data privacy standards as we do.
3.2 Legal and Regulatory Requirements
We may disclose personal data when required:
- To comply with court orders, legal processes, statutes, or regulations.
- For reasons of national security or law enforcement, where disclosure is legally mandated or justified under our legitimate interests.
3.3 Sharing with Service Providers and Affiliates
Digilytics.ai may share personal data with service providers, vendors, consultants, affiliates, or clients for legitimate business purposes, including operations, marketing, and service delivery. This may include transfers to third parties located in other countries. Before sharing, we ensure:
- Personal data receives protection consistent with GDPR and relevant data privacy laws.
- Contracts with third parties require compliance with these privacy standards.
4. Where do we store this data?
We adhere strictly to the principles of the General Data Protection Regulation (GDPR). We collect and store personal data only to the extent necessary for the purposes described in this Privacy Statement, in accordance with GDPR data minimization principles, ensuring full compliance with GDPR’s data minimization and privacy protection guidelines.
5. How do we secure information collected?
We understand that the security of your information is vital and has in place strong administrative, technical, and physical security controls and measures to keep data safe and secure. Our privacy practices are designed to provide protection for your personal information, all over the world.
We would like to caution our visitors about phishing attacks; wherein unscrupulous third parties seek to extract sensitive and confidential information from you by posing as a genuine website or by sending an email misrepresenting it to be from a genuine source. Please be aware that we never seek sensitive or confidential information such as regarding your financial or health record. If you receive such a message claiming to be from Digilytics.ai, then please do not reply to it and immediately bring it to our attention by contacting us on DPO@ digilytics.ai.
Digilytics.ai also recognizes the receipt, transmission, or distribution of spam emails (unsolicited bulk emails) as a major concern and has taken reasonable measures, to minimize the transmission and effect of spam emails in its computing environment.
5.1 Do we sell personal information collected?
We do not share, sell, or lease any kind of personal information collected to any third party.
5.2 Can this information be reviewed?
Digilytics.ai strives to comply with all applicable laws around the globe that are designed to protect your privacy and information, no matter where that information is collected, transferred, or retained. Although legal requirements may vary from country to country, we intend to adhere to the principles set forth in
this Privacy Statement even if information is transferred from your country to other countries that may not require an adequate level of protection for your information.
6. Data Subjects Rights Regarding Personal Data
6.1 Data Subject Rights
Some data protection rights under General Data Protection Regulation (“GDPR”), provide you with rights in connection with Personal Data you have shared with us when we are the data controller. Subject to applicable laws, conditions, and any legal exceptions, you are entitled to exercise the following rights with respect to your personal data:
- The right to be informed: You are entitled to be informed of the use of your Personal Data. This Privacy Statement provides such information to you.
- The right of access: You have the right to request a copy of the Personal Data we hold about you.
- Right to correction and erasure of personal data: You may direct us to correct any inaccuracies in your personal information, update incomplete, irrelevant or inaccurate data in our systems, and also request complete erasure of your personal data from our records which is no longer necessary for the purpose for which it was processed unless retention is necessary for a legal purpose.
- The right to object (opt-out): You have the right to opt-out of certain uses of your Personal Data, such as direct marketing, at any time.
- The Right to Request restriction of the processing of your personal data: You have the right request that the organization only processes your personal data in limited circumstances, including with your consent.
- The right to data portability: You have the right to a portable copy of your Personal Data that you have submitted to us. This is subjected to technical feasibility.
- The right to refuse to be subjected to automated decision making, including profiling: You have the right not to be subject to automated decision making and insist on human intervention if the decision is based on automated processing and produces a legal effect or a similarly significant effect on you.
- EU Data Subjects: The right to lodge a complaint with a supervisory authority
You can make these requests by emailing us at dpo@digilytics.ai. We will consider your request in accordance with the applicable laws. If you believe that your data privacy rights have been violated, we encourage you to first contact Digilytics.ai so we can address and resolve your concerns. You also have the right to lodge a complaint directly with the relevant supervisory authority or to initiate a claim before a competent court in the country where you reside, work, or where applicable data protection laws may have been breached.
6.2 What is my right to request deletion of the information?
You have the right to request the deletion of your information collected and maintained by us in the cases where (i) information is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) you withdraw consent on which the processing is based, and there is no other legal ground for the processing; (iii) when you object to the processing, and there are no overriding legitimate grounds for the processing, or you object to the processing for direct marketing purposes; (iv) the information have been unlawfully processed; (v) where the information has to be erased for compliance with a legal obligation; (vi) the information have been collected in relation to the offer of information society services directly to a child and subject to consent.
Once we receive and verify your request, we will delete (and direct our service providers to delete) your information from our records unless applicable laws do not provide for the deletion of the information in a particular case (for instance, retaining the information is necessary for us or our service provider(s) to complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you, detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities, comply with a legal obligation, make other internal and lawful uses of that information that are compatible with the context in which you provided it).
6.3 Right to Complain to the Supervisory Authority
You can contact the Supervisory Authority if you have any concerns about how Digilytics.ai has handled your personal data.
7. Retention of Your Personal Data
Digilytics.ai retains personal data only for as long as necessary to fulfil the purposes for which it was collected. Our retention practices are guided by regulatory requirements and internal records management policies to ensure timely and secure deletion of data.
We retain personal data:
a. For the duration of the relevant processing activities and our ongoing relationship with you.
b. As long as necessary to provide the services you have requested.
c. To meet any applicable legal or regulatory obligations.
Once personal data is no longer required for these purposes, it is securely deleted or anonymized in accordance with GDPR principles.
8. Do you engage in automated individual decision-making, including profiling?
No, we do not make decisions based solely on automated processing, including profiling, which would produce legal effects concerning you.
9. International Transfer
We adhere to all applicable laws and regulations regarding personal data protection. As a global organization, personal data may be utilized and transferred worldwide for business purposes within Digilytics.ai, always in line with this Privacy Statement and local legal requirements.
The data protection laws in the countries where we process data may differ and potentially offer less protection than your home country’s laws. To ensure the protection of your personal data when transferred outside your jurisdiction, we implement suitable technical, organizational and contractual safeguards and rely on legally provided mechanisms only.
10. Notification of Changes
If we decide to change our Privacy Statement, we will post those changes on this page, so our users are always aware of the information we collect and how we use it. If at any point we decide to use personally identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email. Users will have a choice as to whether or not, we use their information in this different manner. We will use information in accordance with the Privacy Statement under which the information was collected.
Where links are provided to other websites it should be noted that they are not and cannot be governed by our Privacy Statement. We cannot guarantee your privacy when you access other websites through any link provided on this website
11. Disclaimer
Our sites are not intended for use by children. We do not knowingly collect personal data from visitors under the age of 16 or minors as defined by the jurisdiction from which you are accessing our sites or services. If a child has provided us with personal data, a parent or guardian may contact us to request deletion of this information from our records.
If you believe we may have inadvertently collected information from a child under 16 or a minor in the relevant jurisdiction, please contact us at dpo@digilytics.ai. Upon learning that we have collected such data, we will promptly take steps to delete it.
12. How to Contact Us
If you have any specific questions about this Privacy Statement, you can contact us via email, by writing to us at the address below or by filling in the webform.
Send an email to dpo@digilytics.ai
Send mail to our address:
Digilytics.ai
Attn: DPO
Address: Armon Limited, 84 Richmond Road, London, SW20 0PD
Fill in a request online using our Data Subjects Rights page.
ENVIRONMENTAL, SOCIAL, AND GOVERNANCE (ESG) POLICY
Introduction
This Environmental, Social and Governance (ESG) Policy sets our commitment to responsible
business practices. It applies to all employees, directors, contractors, and third-party partners acting
on behalf of Digilytics™ and governs how ESG principles are embedded across our operations,
technology, and client engagements.
Environmental Responsibility
Digilytics™ is committed to minimising its environmental impact through responsible resource
management and operational efficiency. We seek to reduce energy consumption by optimising cloud
infrastructure, encouraging remote and hybrid working, and limiting unnecessary business travel.
Environmental considerations are incorporated into vendor selection and operational
decision-making where reasonably practicable.
Governance and Ethical Conduct
Digilytics™ maintains high standards of corporate governance, integrity, and accountability. We are
committed to:
- Compliance with all applicable laws, regulations, and industry standards
- Ethical and responsible development and use of artificial intelligence
- Strong data protection, privacy, and information security controls
- Clear accountability and oversight across management and leadership
We maintain internal policies and controls to manage risk, protect client and employee data, and
ensure transparency in our operations and decision-making processes.
MODERN SLAVERY STATEMENT
Digilytics™ is committed to preventing modern slavery and human trafficking in all its business
activities and supply chains. We operate with zero tolerance for forced labour, child labour, or human
trafficking and act ethically in all business relationships.
Given the nature of our technology-focused operations, the risk of modern slavery within our
business and supply chain is considered low. We work with reputable suppliers and expect all
partners to comply with applicable laws and ethical standards.
This statement is made pursuant to Section 54 of the UK Modern Slavery Act 2015 and is reviewed
periodically by senior management.
CSR & SUSTAINABILITY POLICY
Digilytics™is committed to responsible and sustainable business practices. We aim to minimise our
environmental impact, operate ethically, and contribute positively to our employees, clients, and the
wider community.
Our approach includes responsible resource use, promoting inclusive and fair workplace practices,
and developing technology that supports transparency, efficiency, and trust in financial services. This
policy is reviewed periodically to ensure continued alignment with our business and sustainability
objectives.
CONTACT INFORMATION
If you have any questions or comments about our Legal Policies, please email us at contact@digilytics.ai
or write to us at:
Digilytics™
Paddington Central
1 Kingdom Street
Floor 4 Regus
London W2 6BD