Sign in

Privacy Policy

Last updated: February 2025

Introduction

This Privacy Policy explains how Cartographix Ltd ("we", "us", "our"), trading as SiteSpry, collects, uses, and protects your personal data when you use our website and services.

We are committed to ensuring that your privacy is protected and that we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Cartographix Ltd is the Data Controller for the personal data we collect. We are registered in England and Wales under company number 09852882.

What information we collect

We may collect and process the following types of personal data:

Registration Data

When you create an account, we collect your name, email address, and any other information you provide during registration.

Client Data

Data you upload to SiteSpry, including documents, files, and any content you choose to share through our platform. This may include personal data contained within those documents.

Communication Data

Information from your interactions with our chatbots, support requests, and any correspondence with us via email or other channels.

Technical Data

Information about your device, browser type, IP address, and how you interact with our website. This is collected automatically through cookies and similar technologies.

Usage Data

Information about how you use our services, including features accessed, files uploaded, and chatbot interactions.

Cookies

Our website uses cookies to distinguish you from other users and to provide you with a better experience. For detailed information about the cookies we use and how to manage them, please see our Cookie Policy.

How we use your information

We use your personal data for the following purposes:

  • To provide and maintain our services
  • To manage your account and provide customer support
  • To process and respond to support requests
  • To improve our services and develop new features
  • To send you service-related communications
  • To comply with legal obligations

Legal basis for processing

We process your personal data on the following legal bases:

  • Contract: Processing necessary to perform our contract with you (providing our services)
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services
  • Legal obligation: Processing necessary to comply with legal requirements
  • Consent: Where you have given us consent to process your data for specific purposes

Disclosing personal data to others

We may share your personal data with:

  • Service providers: Third-party companies that help us operate our services, including cloud hosting providers, payment processors, and analytics services
  • Legal authorities: When required by law or to protect our legal rights
  • Business transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal data to third parties.

Where we store personal data

Your personal data may be stored and processed in the European Economic Area (EEA) and the United Kingdom.

Where we transfer data outside the EEA or UK, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or UK Information Commissioner's Office, or transfers to countries with an adequacy decision.

Storage and deletion of personal data

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

When you delete your account, we will delete or anonymise your personal data within 30 days, unless we are required to retain it for legal purposes.

Client data (files you upload) will be deleted when you remove them from the platform or when your account is closed.

Data security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Staff training on data protection

Your rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you
  • Right to rectification: You can ask us to correct inaccurate or incomplete data
  • Right to erasure: You can ask us to delete your personal data in certain circumstances
  • Right to restrict processing: You can ask us to limit how we use your data
  • Right to data portability: You can request your data in a machine-readable format
  • Right to object: You can object to processing based on legitimate interests
  • Rights related to automated decision-making: You have rights regarding automated processing and profiling

To exercise any of these rights, please contact us at [email protected].

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal data properly. Visit ico.org.uk for more information.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting a notice on our website or by email.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

Information about us

SiteSpry is a trading name of Cartographix Ltd, a company registered in England and Wales.

  • Company name: Cartographix Ltd
  • Company number: 09852882
  • Country of registration: England and Wales

Contact details

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: [email protected]