Privacy Policy

1. Introduction

Zyorix ("we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you visit our website (zyorix.com) or engage our services.

This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

Zyorix, operated by Sohil Bhayani, is the data controller responsible for your personal data. For any data protection queries, contact us at: hello@zyorix.com

3. Information We Collect

We collect the following types of information:

• Contact Information: Name, email address, company name when you submit a contact form or book a consultation.
• Cloud Spend Data: Approximate monthly cloud spend and primary cloud provider (AWS, Azure, GCP) for assessment purposes.
• Technical Data: IP address, browser type, device information, and pages visited via cookies and analytics.
• Communications: Records of correspondence when you contact us.

4. How We Use Your Information

We use your personal data for the following purposes:

• Service Delivery: To respond to inquiries, schedule consultations, and deliver the 6-Week FinOps Sprint™ or other services.
• Communication: To send you relevant information about our services, with your consent.
• Website Improvement: To analyze site usage and improve user experience via analytics (Google Analytics, if applicable).
• Legal Compliance: To comply with legal obligations and protect our rights.

5. Legal Basis for Processing

We process your personal data under the following lawful bases:

• Consent: When you submit a form or agree to communications.
• Contract: To fulfill our contractual obligations when you engage our services.
• Legitimate Interest: To improve our website and services, provided your rights are not overridden.

6. Data Sharing and Third Parties

We do not sell your personal data. We may share information with:

• Service Providers: Email hosting (e.g., Google Workspace), analytics tools (e.g., Google Analytics), and payment processors, all bound by data protection agreements.
• Legal Requirements: When required by law or to protect our legal rights.

We ensure all third parties comply with UK GDPR and have adequate safeguards in place.

Scheduling

We use Cal.com to provide online scheduling for consultations. When you book a meeting, Cal.com may collect limited data (such as your name, email address, and timezone) to manage your booking and prevent conflicts. This data is processed under legitimate interest in providing scheduling functionality. You can read Cal.com's privacy policy at cal.com/privacy.

7. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law. Contact form data is typically retained for 2 years; client project data is retained for up to 7 years for accounting and legal compliance.

8. Your Rights

Under UK GDPR, you have the following rights:

• Access: Request a copy of your personal data.
• Rectification: Correct inaccurate or incomplete data.
• Erasure: Request deletion of your data (subject to legal obligations).
• Restriction: Limit how we process your data.
• Portability: Receive your data in a structured, machine-readable format.
• Objection: Object to processing based on legitimate interest.
• Withdraw Consent: Withdraw consent for marketing communications at any time.

To exercise these rights, contact us at hello@zyorix.com.

9. Cookies

Our website uses essential cookies for functionality and analytics cookies (with consent) to understand site usage. You can manage cookie preferences in your browser settings.

For more details, see our Cookie Policy (if separate) or contact us.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. This includes encryption, secure hosting, and access controls.

11. International Transfers

We primarily process data within the UK. If data is transferred outside the UK/EEA, we ensure adequate safeguards are in place (e.g., Standard Contractual Clauses).

12. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect data from children.

13. Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy regularly.

14. Contact and Complaints

For any questions or concerns about this Privacy Policy or how we handle your data, contact us at:

Email: hello@zyorix.com

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk