Who We Are
This Privacy Policy is provided by Rubixness ("we", "us", "our"). We are a business consulting firm based in the United Kingdom, offering services in strategy, operations, finance, sales, marketing, human resources, and information technology.
For the purposes of UK GDPR and EU GDPR, Rubixness acts as the Data Controller for personal data collected through this website and through our service delivery processes.
We are committed to protecting your personal data and processing it responsibly. This policy explains what data we collect, why we collect it, how we use it, and what rights you have in relation to it.
What Personal Data We Collect
Depending on how you interact with us, we may collect and process the following categories of personal data:
| Category | Examples | Source |
|---|---|---|
| Identity Data | First name, last name, job title, company name | Forms, emails, calls |
| Contact Data | Email address, phone number, business address | Forms, emails, contracts |
| Communication Data | Messages, enquiries, feedback, meeting notes | Email, contact forms |
| Technical Data | IP address, browser type, device type, pages visited, time on site | Analytics tools, cookies |
| Usage Data | How you interact with our website and content | Cookies, analytics |
| Marketing Data | Communication preferences, newsletter subscriptions | Forms, opt-ins |
| Financial Data | Invoice information, payment records (we do not store card details) | Contracts, billing |
How We Collect Your Data
We collect personal data through the following means:
- Direct interactions — When you complete a contact form, send us an email, book a consultation, or engage us for services
- Website usage — Automatically via cookies and analytics technologies when you browse rubixness.com
- Third-party sources — Publicly available information such as LinkedIn profiles, company websites, or referral partners
- Service delivery — Information you provide during the course of our working relationship
- Marketing communications — When you sign up to receive updates, newsletters, or resources from us
Why We Process Your Data
We use your personal data for the following purposes:
- To respond to your enquiries and provide you with information about our services
- To deliver consulting services you have engaged us to provide
- To manage our contractual relationship with you
- To send you marketing communications where you have opted in or where we have a legitimate interest
- To comply with our legal and regulatory obligations
- To improve our website, services, and business processes
- To send invoices, process payments, and manage financial records
- To protect our legal rights and interests
- To conduct client satisfaction surveys or feedback requests
Legal Basis for Processing
Under UK GDPR and EU GDPR (Article 6), we rely on the following legal bases to process your personal data:
| Legal Basis | When We Rely on It |
|---|---|
| Contractual necessity (Art. 6(1)(b)) | Processing required to deliver our consulting services or take steps prior to entering a contract |
| Legitimate interests (Art. 6(1)(f)) | Business development, improving services, direct marketing to existing clients, fraud prevention |
| Legal obligation (Art. 6(1)(c)) | Compliance with accounting, tax, anti-money laundering, and other legal requirements |
| Consent (Art. 6(1)(a)) | Newsletter subscriptions, marketing emails to new contacts, non-essential cookies |
Where we rely on legitimate interests, we have balanced our interests against your rights and freedoms and determined that our processing does not override your fundamental rights. You have the right to object to such processing at any time.
How Long We Keep Your Data
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements.
| Data Type | Retention Period |
|---|---|
| Client data (contracts, communications) | 7 years from end of engagement (HMRC requirement) |
| Enquiry / prospect data | 2 years from last contact if no engagement commenced |
| Marketing contact data | Until you unsubscribe or withdraw consent |
| Website analytics data | 26 months (standard Google Analytics cycle) |
| Financial records | 7 years (Companies Act / HMRC) |
| Employee / contractor records | 6 years after employment ends |
After the applicable retention period, data is securely deleted or anonymised.
Who We Share Your Data With
We do not sell or rent your personal data to third parties. We may share your data with the following categories of recipients where necessary:
- Service providers and processors — IT services, cloud hosting, CRM platforms, email marketing tools, and accounting software who process data on our behalf under strict data processing agreements
- Professional advisers — Lawyers, accountants, and auditors under professional confidentiality obligations
- Business partners — Sub-contractors or associate consultants engaged to deliver services you have requested (with your knowledge)
- Regulatory and government bodies — HMRC, Companies House, or law enforcement where we are legally required to do so
- Business transfers — In the event of a merger, acquisition, or sale of business assets, your data may be transferred to the relevant parties
All third parties we engage are required to maintain the confidentiality and security of your data and may only process it for specified, agreed purposes.
International Data Transfers
Some of our third-party service providers may process data outside the UK or European Economic Area (EEA). When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:
- UK Adequacy Regulations — Transfers to countries deemed adequate by the UK Government
- Standard Contractual Clauses (SCCs) — EU Commission-approved or UK-adapted clauses ensuring equivalent protection
- ICO-approved transfer mechanisms — In line with the UK International Data Transfer Agreement (IDTA)
You may request details of the safeguards in place for any specific transfer by contacting us at privacy@rubixness.com.
Your Data Protection Rights
Under UK GDPR and EU GDPR, you have the following rights in relation to your personal data:
To exercise any of these rights, contact us at privacy@rubixness.com. We will respond within one calendar month of receiving your request, free of charge.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you have concerns about how your data has been handled. We would, however, always appreciate the opportunity to address your concerns directly before you escalate — please contact us first at privacy@rubixness.com.
Cookies
Our website uses cookies — small text files placed on your device — to improve your browsing experience and help us understand how our site is used.
| Cookie Type | Purpose | Legal Basis |
|---|---|---|
| Strictly Necessary | Essential for the website to function (session management, security) | Legitimate interests — no consent required |
| Analytics | Understanding how visitors use our site (Google Analytics) | Consent |
| Functional | Remembering preferences and improving your experience | Consent |
| Marketing | Tracking for retargeting and advertising campaigns | Consent |
Non-essential cookies are only placed on your device with your explicit consent via our cookie consent banner. You can change or withdraw your cookie preferences at any time by adjusting your browser settings or contacting us.
Third-Party Links
Our website may contain links to third-party websites, plug-ins, or applications. Clicking on those links may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy practices.
We encourage you to read the privacy policy of every website you visit when leaving ours.
Children's Privacy
Our services are directed at business professionals and are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately at privacy@rubixness.com and we will delete that information promptly.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will update the "Last updated" date at the top of this page.
We encourage you to review this policy periodically. Where required by law, we will notify you directly of significant changes via email or a prominent notice on our website.
Your continued use of our website or services after any update constitutes your acknowledgement of the revised policy.
How to Contact Us
If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a concern about how we handle your personal data, please contact us:
Email: privacy@rubixness.com
Website: www.rubixness.com
We aim to respond to all data-related requests within one calendar month. In complex cases, this may be extended by a further two months, in which case we will notify you.
If you feel your concern has not been resolved to your satisfaction, you may also contact the Information Commissioner's Office (ICO) at ico.org.uk.
