Privacy Policy

1. Introduction

Welcome to the privacy policy of Xerini Limited ("we", "us", "our"), the company behind Xefr.

We respect your privacy and are committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information when you:

• Visit our website; or
• Engage with us as a client, partner, or supplier.

It also explains your rights and how the law protects you.

2. Who We Are

Xerini Limited is the controller responsible for your personal data.

We are registered in England and Wales under company number 10639218.

If you have any questions about this policy or wish to exercise your rights, please contact:

3. The Data We Collect

We may collect and process the following categories of personal data:

• Identity Data: name, title, date of birth, gender.
• Contact Data: address, email, telephone number.
• Financial Data: bank details, payment information.
• Transaction Data: details about payments or services provided.
• Technical Data: IP address, browser type, device information.
• Profile Data: feedback, preferences, communication history.
• Usage Data: how you use our website and services.
• Marketing Data: preferences for receiving information from us.

4. How We Collect Personal Data

We collect data through:

• Direct interactions: when you contact us, request a service, or sign up to communications.
• Automated technologies: cookies and analytics on our website (Google Analytics).
• Third parties: such as payment processors and analytics providers.

5. How We Use Personal Data

We process personal data to:

• Provide and manage our services.
• Communicate with you regarding proposals, projects, or contracts.
• Manage payments, fees, and invoices.
• Maintain our business records and comply with legal obligations.
• Improve our services and client experience.
• Send relevant updates or marketing, if you have not opted out.

We will not sell or rent your personal data to third parties.

Lawful Bases for Processing

• Contract: to perform a contract with you.
• Legitimate Interests: to run our business effectively.
• Legal Obligation: to comply with laws or regulations.
• Consent: where you have specifically agreed.

6. Marketing

You can opt out at any time by following the unsubscribe link in our emails or contacting us directly.

7. Disclosures of Your Personal Data

We may share your data with:

• Service providers: IT, hosting, accounting, and professional advisers.
• Regulators: HMRC or other authorities when required by law.
• Business transfers: if Xerini undergoes a merger or acquisition.

8. Data Security

We use appropriate security measures to prevent unauthorised access, disclosure, alteration, or loss of your data. We are ISO 27001 and ISO 9001 certified.

9. Data Retention

We keep personal data only as long as necessary to fulfil the purposes it was collected for, including legal, tax, or accounting requirements.

10. Cookies

Our website uses cookies to enhance user experience and for analytics (Google Analytics). You can control cookie settings via the cookie banner or your browser settings.

11. Your Rights

Under UK data protection law, you have the right to:

• Access your personal data.
• Request correction of inaccurate data.
• Request erasure ("right to be forgotten").
• Object to processing or marketing.
• Restrict processing in certain cases.
• Request data portability.
• Withdraw consent at any time.

Contact us at admin@xerini.co.uk to exercise your rights.

12. Contact Us

If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk.