Privacy Policy

1. Introduction

This Privacy Policy explains how Hudl Global Ltd, trading as hudl ("we", "us", "our"), collects, uses, and protects your personal data when you visit our website and use our services (including submitting information via our contact form). We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are (Data Controller)

The data controller responsible for your personal data is:

Hudl Global Ltd (trading as hudl)
Unit 4, The Corn Works, Station Road
Radlett, WD7 8JY
United Kingdom

3. Data Protection Officer (DPO)

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this privacy policy. If you have any questions about this policy or our privacy practices, please contact the DPO using the details below:

• Email: [email protected]
• Postal Address: FAO: Data Protection Officer, Unit 4, The Corn Works, Station Road, Radlett, WD7 8JY, United Kingdom

4. What Personal Data We Collect

We collect the following types of personal data directly from you:

• Name
• Email Address

5. How We Collect Your Data

We collect this data exclusively when you provide it to us through the Contact Form on our website.

We do not collect any 'special category' (sensitive) data.

We do not collect personal data from third-party sources.

6. How We Use Your Personal Data and Our Lawful Basis

We use your personal data for the following purposes, based on your Consent, which you provide by initiating contact or signing up via our website form:

• To Respond to Your Inquiries: To provide information you request via the contact form.
• To Provide Services You Request: Such as processing requests for service demonstrations ("demos") or fulfilling service orders initiated by you.(Note: While initiated by consent via the form, processing related to demos/orders may also rely on 'taking steps at your request prior to entering into a contract' or 'performance of a contract' as a lawful basis once initiated).
• To Send Marketing Communications: Where you have consented to receive them, we may send you information about our products and services we think may interest you.

Our primary lawful basis for processing your Name and Email address collected via the form is your Consent. For activities directly related to fulfilling requested services or contracts, the lawful basis may shift to Contractual Necessity.

7. Data Sharing

We may share your personal data (Name and Email) with trusted third-party service providers who assist us in carrying out our business activities, specifically for our own marketing purposes. These categories of recipients may include:

• Email Marketing Services: To manage and send marketing communications where you have consented.
• Customer Relationship Management (CRM) Platforms: To help us manage interactions and communications with potential and existing clients.

These third parties act as Data Processors on our behalf. They are contractually bound to process your data only in accordance with our instructions, to provide the agreed services to us, and to implement appropriate security measures.

We do not sell your personal data or share it with third parties for their own independent marketing purposes. We will disclose data if required by law.

8. International Data Transfers

Your personal data is primarily stored within the United Kingdom (UK) or the European Union (EU). Data stored within the EU benefits from UK Adequacy Regulations, meaning it is deemed to have an adequate level of protection.

Data backups may be stored in Singapore. For transfers to Singapore (and any other country outside the UK/EU without an adequacy decision), we ensure appropriate safeguards are in place. These include technical measures such as transferring data over private networks and ensuring data is encrypted both in transit and at rest. We will rely on appropriate legal transfer mechanisms, such as the UK's International Data Transfer Agreement (IDTA) or Addendum to the EU Standard Contractual Clauses (SCCs), as required by UK GDPR.

9. Data Retention

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for satisfying any legal, accounting, or reporting requirements. Our retention periods are determined based on the purpose of the data collection:

• Customer Data (Contracts, Orders, Demos): If you become a customer or engage with us for services (like demos leading to potential orders), we will retain your personal data (Name, Email, and any associated contract/service data) for the duration of your contract or active engagement with us, plus an additional 7 years following the termination of the contract or completion of the service. This retention period allows us to meet our legal and regulatory obligations, resolve potential disputes, and maintain appropriate business records.
• Marketing Consents: If you provide your data solely for the purpose of receiving marketing communications (and do not become a customer), we will retain your Name and Email address for this purpose until you withdraw your consent (e.g., by unsubscribing).
• General Inquiries: Data provided via the contact form for general inquiries that do not result in a customer relationship or marketing consent will be kept for as long as necessary to respond and resolve your query.

You have the right to request the erasure of your personal data. This request will be assessed against our legal obligations and the specific grounds for erasure under UK GDPR. Particularly after any contractual relationship has ended and the main justification for retention relates to the 6-year legal record-keeping period, we will honour valid erasure requests where possible. You can make such requests by contacting our DPO (see Section 11).

10. Data Security

We have implemented appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. Access to your personal data is limited to those employees or agents who have a business need to know.

11. Your Data Protection Rights

Under UK data protection law, you have rights including:

• Right of Access: To ask for copies of your personal data.
• Right to Rectification: To ask us to rectify inaccurate information or complete incomplete information.
• Right to Erasure: To ask us to erase your personal data (in certain circumstances).
• Right to Restriction of Processing: To ask us to restrict the processing of your data (in certain circumstances).
• Right to Object to Processing: To object to processing (e.g., for direct marketing).
• Right to Data Portability: To ask that we transfer the data you gave us to another organisation, or to you (in certain circumstances).
• Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time.

To exercise any of these rights, please contact our DPO at [email protected].

You can withdraw consent for marketing communications at any time by clicking the "unsubscribe" link in any marketing email you receive from us, or by contacting the DPO.

12. Cookies and Tracking Technologies

Currently, our website does not use cookies or similar tracking technologies.

Should we introduce cookies in the future (for example, for essential website functionality, performance analytics, or functional preferences), we will:

• Update this Privacy Policy accordingly.
• Provide clear information about the cookies used, potentially via a separate Cookie Policy.
• Implement a mechanism to obtain your consent for any non-essential cookies before they are placed on your device, in compliance with the Privacy and Electronic Communications Regulations (PECR).

13. Children's Data

Our website is not intended for children, and we do not knowingly collect data relating to children under the age of 18.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The effective date at the top indicates the latest revision. We reserve the right to update this policy as necessary, and we encourage you to review it periodically. For significant changes, we may provide a more prominent notice on our website or notify you directly if appropriate and feasible.

15. How to Complain

If you have any concerns about our use of your personal information, you can make a complaint to us via our DPO at [email protected].

You also have the right to lodge a complaint with the UK's data protection regulator, the Information Commissioner's Office (ICO).

• ICO Website: https://www.ico.org.uk
• ICO Helpline: 0303 123 1113