How we handle your data.

Vectiqx Ltd is a UK-registered company based in Rochford, England. We're the data controller for personal data collected via vectiqx.app. For data processed on behalf of our operator customers, we act as a data processor under their instruction.

• Visitors: name, email, company, role, message content (when you fill in a contact form or book a demo). Browser type, IP address, and pages visited (via analytics).
• Operators: account credentials, billing details, the operational data you enter or upload (workforce records, schedules, evidence, etc.).
• Frontline users: name, role, work location, time-and-attendance data, photo evidence, GPS at the moment of an action (only when in active use, never background tracking).

• To respond to your enquiries and provide demos.
• To deliver the Vectiqx platform to operator customers.
• To maintain the audit trail that is the platform's core feature.
• To improve the product (via aggregated, anonymized usage patterns).
• To comply with our legal obligations.

• Legitimate interests: for responding to enquiries, running the platform for operators, and product improvement.
• Contract: for delivering the platform to paying operators.
• Consent: where explicitly given (e.g. marketing emails).
• Legal obligation: for tax, employment, or regulatory record-keeping.

• Enquiry data: 24 months from last contact.
• Operator account data: duration of contract + 7 years, unless legally required longer.
• Frontline action logs: per the operator's retention policy, configured within the platform.
• Marketing data: until you unsubscribe.

We don't sell personal data. We share it only with:

• Sub-processors who help us run the platform (cloud hosting, email delivery, payment processing). A current list is available on request.
• Regulators or law enforcement when legally compelled.
• Our operator customers — for data their own staff or service users generate within the platform.

Vectiqx is hosted in the UK and EEA. We don't transfer personal data outside the UK/EEA without an appropriate safeguard (standard contractual clauses, adequacy decision, etc.).

Under UK GDPR you have the right to:

• Access the personal data we hold about you.
• Request correction or deletion.
• Object to processing or request restriction.
• Data portability.
• Withdraw consent at any time (where consent is the lawful basis).
• Complain to the ICO if you're unhappy with our response.

To exercise any of these rights, email privacy@vectiqx.app. We'll respond within 30 days.

See our separate Cookies Policy for details on how we use cookies and similar technologies.

We follow industry-standard practices: encryption at rest and in transit, least-privilege access, immutable audit trails, regular penetration testing, and 24-hour breach notification to affected operators.

We'll update this policy when our practices change. Material changes will be notified to existing operators via email and posted at the top of this page with the updated date.

For any privacy-related question: privacy@vectiqx.app. For everything else: sales@vectiqx.app.