Privacy Policy

Last updated: 1 May 2025

1. Who We Are

CoinBrumblex ("we", "us", "our") is a digital consulting company registered in England and Wales, with its principal place of business at 15 Finsbury Square, London, EC2A 1AH, United Kingdom. We are the data controller for personal data collected through this website and our consulting services. You can contact us regarding data protection matters at [email protected].

2. What Personal Data We Collect

We collect and process the following categories of personal data:

• Contact information: name, business email address, telephone number, and job title provided via enquiry forms or direct correspondence.
• Usage data: IP address, browser type and version, pages visited, time spent on pages, referral sources, and device identifiers collected automatically when you visit our website.
• Communication records: the content of emails, messages, and other communications you send to us.
• Cookie data: preferences and consent choices stored locally in your browser. Please refer to our Cookie Policy for full details.

3. How We Use Your Personal Data

We process your personal data for the following purposes and on the following legal bases under UK GDPR:

• Responding to enquiries (Legitimate interest / Contract performance): When you submit a contact form or email us, we use your data to respond to your query and progress any potential commercial engagement.
• Service delivery (Contract performance): Where you engage our consulting services, we process relevant personal data to fulfil our contractual obligations to you.
• Website analytics (Legitimate interest): We analyse aggregated usage data to understand how visitors interact with our website and to improve its content and functionality.
• Legal compliance (Legal obligation): We may process and retain personal data where required by applicable UK law, regulation, or court order.
• Marketing communications (Consent): Where you have explicitly opted in, we may send you information about our services and insights relevant to your industry. You may withdraw consent at any time.

4. Data Sharing and Third Parties

We do not sell, rent, or trade your personal data to third parties. We may share data with:

• Technology service providers who host and maintain our website and email systems, subject to appropriate data processing agreements.
• Analytics providers that help us understand website usage on an aggregated, pseudonymised basis.
• Professional advisers including solicitors and accountants, where required in connection with our business operations.
• Law enforcement or regulatory authorities where we are legally required to disclose information.

Any third party with whom we share personal data is required to handle that data in accordance with UK GDPR and maintain appropriate technical and organisational security measures.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Enquiry data from individuals who do not become clients is retained for twelve months. Data relating to client engagements is retained for seven years following the conclusion of the engagement in accordance with our legal and regulatory obligations. Website analytics data is retained for twenty-four months before anonymisation or deletion. You may request earlier deletion of your data by contacting us at [email protected], subject to any overriding legal retention obligations.

6. Your Rights Under UK GDPR

As a data subject, you have the following rights:

• Right of access: to obtain a copy of the personal data we hold about you.
• Right to rectification: to have inaccurate personal data corrected.
• Right to erasure: to request deletion of your personal data, subject to legal retention obligations.
• Right to restriction: to restrict how we process your data in certain circumstances.
• Right to data portability: to receive your personal data in a structured, machine-readable format.
• Right to object: to processing based on legitimate interests or for direct marketing purposes.
• Right to withdraw consent: where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at [email protected]. We will respond within thirty days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data lawfully.

7. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include encrypted data transmission (TLS), access controls, regular security reviews, and staff training on data protection obligations. However, no method of internet transmission is completely secure, and we cannot guarantee absolute security.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will update the "last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website following any update constitutes your acknowledgement of the revised policy.