Skip to content
LEGAL

Privacy Policy

Last updated: March 2026

1. Who We Are

This Privacy Policy explains how Diixtra Ltd ("Diixtra", "we", "us", or "our") collects, uses, and protects personal data when you visit our website or engage with our services.

Data Controller: Diixtra Ltd, Manchester, United Kingdom
Contact: hello@diixtra.com

We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this policy or our practices, please contact us using the details above.

2. What Data We Collect

We collect personal data in the following ways:

Contact Form Submissions

When you submit an enquiry through our contact form, we collect your name, email address, and the content of your message. This information is used solely to respond to your enquiry.

Website Analytics

We use Cloudflare's analytics tools to understand how visitors interact with our website. This may include data such as pages visited, browser type, approximate geographic location, and referring URLs. This data is aggregated and does not directly identify you as an individual.

Booking and Scheduling Data

When you schedule a meeting or consultation through Cal.com (our scheduling platform), Cal.com collects your name, email address, and the details of your booking. Please refer to Cal.com's Privacy Policy for information on how they process your data.

Service Engagement Data

When you engage Diixtra for services, we may collect additional personal and business information necessary to deliver those services, as outlined in our engagement agreement with you.

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Legitimate interests — to operate our website, respond to enquiries, and improve our services, where our interests are not overridden by your rights.
  • Consent — where you have freely given your consent, such as by submitting a contact form or subscribing to communications.
  • Contractual necessity — to perform services agreed between us.
  • Legal obligation — where we are required to process data to comply with applicable law.

4. How We Use Your Data

We use the personal data we collect to:

  • Respond to your enquiries and provide the information or services you have requested.
  • Schedule and manage consultations and meetings.
  • Deliver consulting, advisory, automation, and security assessment services to clients.
  • Analyse and improve the performance and usability of our website.
  • Comply with legal and regulatory obligations.
  • Maintain records of our business activities as required.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

5. Third-Party Services

We use the following third-party services in the operation of our website and business. Each has its own privacy policy governing how they handle data:

Cloudflare

Our website is hosted and delivered via Cloudflare's infrastructure. Cloudflare may process your IP address and request metadata as part of providing its services. Cloudflare also provides our website analytics. See Cloudflare's Privacy Policy.

Cal.com

We use Cal.com for scheduling consultations and meetings. When you book a session, Cal.com processes your name and email address. See Cal.com's Privacy Policy.

GitHub

Our website source code is hosted on GitHub. GitHub may process repository metadata. See GitHub's Privacy Statement.

6. Data Retention

We retain personal data for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions — retained for up to 2 years from receipt, or until your request has been resolved and no further follow-up is required.
  • Analytics data — retained in accordance with Cloudflare's data retention policies.
  • Booking data — retained in accordance with Cal.com's data retention policies.
  • Client engagement data — retained for the duration of the engagement and for a reasonable period thereafter, as required by law or legitimate business need.

When data is no longer required, we will securely delete or anonymise it.

7. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights regarding your personal data:

  • Right of access — you may request a copy of the personal data we hold about you.
  • Right to rectification — you may ask us to correct inaccurate or incomplete data.
  • Right to erasure — in certain circumstances, you may ask us to delete your personal data.
  • Right to restriction of processing — you may ask us to restrict how we use your data in certain circumstances.
  • Right to data portability — where applicable, you may request a copy of your data in a structured, machine-readable format.
  • Right to object — you may object to our processing of your data where we rely on legitimate interests as our legal basis.
  • Right to withdraw consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at hello@diixtra.com. We will respond within one calendar month of receiving your request.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

8. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These measures include the use of secure, reputable third-party service providers and access controls on systems where personal data is stored.

While we strive to protect your data, no method of transmission over the internet is 100% secure. If you have concerns about the security of information you have shared with us, please contact us immediately.

9. International Transfers

Some of our third-party service providers may process data outside the United Kingdom or European Economic Area. Where this occurs, we ensure that appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions, in accordance with applicable data protection law.

10. Cookies

Our website may use cookies or similar technologies as part of Cloudflare's infrastructure and analytics. These are used to ensure the website functions correctly and to gather aggregated usage statistics. You can control cookies through your browser settings. Disabling cookies may affect the functionality of parts of our website.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The most current version will always be available on this page, with the "last updated" date shown at the top. We encourage you to review this policy periodically.

12. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or our data practices, please contact:

Diixtra Ltd
Manchester, United Kingdom
hello@diixtra.com