GDPR Data Protection Policy

Last updated: 1 January 2026

This page explains how boardixa.com complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting your personal data and being open about how we use it.

1. Data Controller

The data controller for personal data collected through this website is:

Data Controller: boardixa.com

Address: 172 Queensbury Road, Twickenham, TW1 4EJ, United Kingdom

Email: support@boardixa.com

As the data controller, we decide why and how your personal data is processed. We are responsible for keeping your data safe.

2. Your GDPR Rights

Under UK GDPR, you have these rights over your personal data. We take each one seriously.

2.1 Right of Access (Article 15)

You can ask us for a copy of all personal data we hold about you. This is called a "Subject Access Request." We will respond within 30 days. There is no charge for the first request. If requests are repeated or excessive, we may charge a fair fee.

2.2 Right to Correction (Article 16)

If any of your data is wrong or incomplete, you can ask us to fix it. We will correct it without undue delay. If we have shared the wrong data with others, we will tell them about the correction too.

2.3 Right to Deletion (Article 17)

You can ask us to delete your personal data. This is also called the "right to be forgotten." We will delete your data when:

  • It is no longer needed for the purpose we collected it.
  • You withdraw your consent and there is no other legal basis.
  • You object to processing and there are no overriding reasons.
  • The data was processed unlawfully.
  • The law requires us to delete it.

There are some cases where we must keep data, such as for legal claims or compliance with law.

2.4 Right to Restriction (Article 18)

You can ask us to limit how we use your data. This means we will store it but not process it further. You can ask for restriction when:

  • You question the accuracy of the data (while we check it).
  • Processing is unlawful but you prefer restriction over deletion.
  • We no longer need the data but you need it for legal claims.
  • You have objected to processing (while we consider your objection).

2.5 Right to Data Portability (Article 20)

You can ask us to give you your personal data in a structured, common, machine-readable format (such as CSV or JSON). You can also ask us to send it directly to another controller where this is possible. This right applies to data you gave us based on consent or a contract.

2.6 Right to Object (Article 21)

You can object to us processing your data based on legitimate interest or for direct marketing. If you object to direct marketing, we will stop straight away. For other objections, we will stop unless we have strong legitimate grounds that override your interests.

2.7 Right to Withdraw Consent

Where we process your data based on consent, you can withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing done before you withdrew.

3. How to Exercise Your Rights

To use any of the rights above, contact us at:

Email: support@boardixa.com

Address: 172 Queensbury Road, Twickenham, TW1 4EJ, United Kingdom

Please include your name and email so we can find your data. We may ask for proof of identity before we act on your request. We will respond within 30 days. If your request is complex, we may extend this by up to 60 more days, but we will tell you why.

4. How to Withdraw Consent

You can withdraw consent in these ways:

  • Email consent: Click the "unsubscribe" link in any email from us, or email support@boardixa.com with "Unsubscribe" in the subject line.
  • Cookie consent: Clear your browser cookies and the cookie consent banner will appear again. Choose "Necessary Only" to withdraw consent for analytics and marketing cookies.
  • Account data: Email us at support@boardixa.com to ask us to delete your account and all related data.

5. How to Manage Cookies

When you first visit our site, a cookie banner asks for your consent. You can:

  • Accept all cookies: We will set necessary, analytics, and marketing cookies.
  • Accept necessary only: We will only set cookies needed for the site to work.
  • Open settings: Choose which types of cookies to allow.

To change your choices later, clear your browser cookies and reload the page. The banner will appear again.

You can also block cookies in your browser settings. Note that blocking all cookies may affect how the site works.

Cookie Types We Use

  • Necessary cookies: Required for basic site functions. Cannot be turned off. They remember your cookie choices and keep the site secure.
  • Analytics cookies: Help us count visitors and see how the site is used. Data is collected in a way that does not identify you directly. Optional -- only set with your consent.
  • Marketing cookies: Used to track the success of our campaigns. Optional -- only set with your consent.

6. What Data We Collect and Why

Here is a clear list of data we collect and the reason for each:

Data Purpose Legal Basis Retention
Name Sign-up, communication Consent 24 months
Email Sign-up, updates, support Consent 24 months
Phone Sign-up, account recovery Consent 24 months
IP Address Security, analytics Legitimate interest 14 months
Browser/Device info Site compatibility Legitimate interest 14 months
Cookie preferences Compliance Legal obligation 12 months

7. Data Security

We use these measures to protect your data:

  • SSL/TLS encryption for all data in transit.
  • Encrypted storage for personal data at rest.
  • Access controls so only authorised staff can view data.
  • Regular security audits and vulnerability checks.
  • Staff training on data protection.

8. Data Breach Procedures

If a data breach occurs that is likely to put your rights at risk, we will:

  • Notify the ICO within 72 hours.
  • Notify you without undue delay if the breach poses a high risk to you.
  • Take steps to contain and fix the breach.
  • Record all breaches and our response.

9. International Transfers

Your data is stored in the United Kingdom. If we need to transfer data outside the UK, we will use one of these safeguards:

  • Adequacy decisions by the UK government.
  • Standard contractual clauses approved by the ICO.
  • Your explicit consent (after informing you of the risks).

10. Children

We do not knowingly collect data from children under 13. If you are a parent and believe your child has given us data, contact us. We will delete it promptly.

11. Automated Decision Making

We do not use automated decision-making or profiling that has legal or significant effects on you.

12. Complaints

If you believe we are not handling your data properly, you have the right to complain to:

Information Commissioner's Office (ICO)

Website: ico.org.uk

Phone: 0303 123 1113

We would appreciate the chance to address your concerns first. Please contact us at support@boardixa.com before going to the ICO.

13. Changes to This Policy

We may update this GDPR policy from time to time. Changes will be posted on this page with a new "last updated" date. If changes are significant, we will notify you by email.

14. Contact Us

Data Protection Enquiries: support@boardixa.com

General: info@boardixa.com

Contact: contact@boardixa.com

Address: 172 Queensbury Road, Twickenham, TW1 4EJ, United Kingdom

All rights reserved 2026. boardixa.com