At RIBEIROX Technologies Ltd, we believe your data belongs to you.
This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website, contact us, use our products or services, or work with us on consultancy, software, or research and development projects.
We do not sell your personal data.
We do not use your personal data for third-party advertising.
We only use your data where we have a lawful reason to do so.
This policy applies to RIBEIROX Technologies Ltd and our website, products, services, communications, and related business activities.
RIBEIROX Technologies Ltd is a UK-based technology company focused on products, software systems, consultancy, and research and development.
For the purposes of UK data protection law, we are usually the data controller for personal data collected through our website, business communications, marketing, sales, and our own service operations.
Where we process personal data on behalf of a customer as part of a product, consultancy engagement, technical implementation, or managed service, we may act as a data processor. In that case, the relevant customer agreement or data processing agreement will also apply.
Company: RIBEIROX Technologies Ltd
Company number: [Insert company number]
Registered office: [Insert registered office address]
Privacy contact: [Insert privacy email address]
Website: [Insert website address]
This policy explains how we handle personal data when you:
visit our website;
contact us through a form, email, phone, or social platform;
request information about our products or services;
use or enquire about our products;
work with us as a client, supplier, contractor, or partner;
subscribe to updates, newsletters, or product communications;
take part in product research, user testing, or R&D activity;
interact with our support, sales, or consultancy teams.
Some products, platforms, or customer projects may have their own additional privacy notices or contractual terms. Where that happens, those documents should be read alongside this Privacy Policy.
We collect different types of personal data depending on how you interact with us.
You may provide us with:
name;
email address;
phone number;
company or organisation name;
job title;
country or location;
project details;
enquiry details;
support messages;
meeting notes;
feedback;
newsletter preferences;
information you include in forms, emails, documents, or messages.
If you use a RIBEIROX product or SaaS service, we may collect:
account registration details;
login and authentication information;
organisation or workspace details;
subscription or plan information;
product settings;
usage logs;
support requests;
billing information;
invoice and payment status;
content or files you choose to upload, create, or process through the product.
Payment card details are normally handled by our payment provider. We do not intend to store full card details ourselves.
When you use our website or products, we may collect technical information such as:
IP address;
device type;
browser type and version;
operating system;
pages visited;
referring website;
dates and times of access;
approximate location;
cookie identifiers;
diagnostic logs;
security logs;
usage and performance information.
For consultancy, software development, technical advisory, R&D, or implementation work, we may process:
business contact details;
project requirements;
system information;
technical documentation;
meeting records;
project communications;
access credentials where strictly necessary;
data shared by clients for project delivery.
Where a client provides personal data to us, the client is responsible for making sure they have the right to share that data with us.
If you take part in research, testing, product feedback, prototype evaluation, or R&D collaboration, we may process:
contact details;
feedback responses;
survey answers;
product usage observations;
test data;
prototype interaction data;
technical or business information you choose to provide.
Where research involves more sensitive data or higher-risk processing, we will provide additional information before collecting that data.
We do not intentionally collect special category data through our general website forms or standard business communications.
Special category data includes information about health, race or ethnicity, political opinions, religious beliefs, trade union membership, genetic data, biometric data, sex life, or sexual orientation.
Please do not send us sensitive personal data unless we have specifically asked for it and provided a secure way to share it.
We use personal data to operate our website, provide our products and services, communicate with you, improve our systems, and meet our legal obligations. We may use your data to respond to enquiries, such as replying to website forms, emails, and requests, where this is necessary for our legitimate interests or to take steps before entering into a contract. We use personal data to provide products and services, including SaaS access, consultancy, software delivery, and support, where this is necessary for the performance of a contract or for our legitimate business interests. We may also use account-related data to manage logins, authentication, workspace administration, and user settings. Billing and finance data is used to issue invoices, process payments, maintain accounting records, and comply with legal obligations. Support information is used to diagnose issues, answer questions, and resolve incidents. Website and technical data is used for hosting, security, forms, performance monitoring, troubleshooting, and service improvement. We may use product and usage information to improve features, fix bugs, test functionality, and understand how our products and services are used, relying on legitimate interests or consent where required. R&D-related data may be used for prototyping, technical research, product experiments, and feasibility studies, depending on the relevant lawful basis. Marketing data may be used to send product updates, newsletters, or business communications where you have consented or where legitimate interests apply. We also process personal data for security purposes, including fraud prevention, abuse detection, access control, and system logging, and for legal compliance, including tax, accounting, regulatory duties, and the establishment, exercise, or defence of legal claims.
RIBEIROX works with software systems, automation, AI-enabled tools, and research-led development.
Where we use personal data in connection with AI, automation, or R&D, we will consider the purpose, risks, lawful basis, transparency requirements, and appropriate safeguards.
We do not use private customer content to train public or third-party AI models unless you have agreed to this, instructed us to do so, or it is clearly covered by separate terms.
We may use anonymised or aggregated data to understand product performance, improve services, conduct research, or develop new features. Where data is properly anonymised, it is no longer personal data.
Our website may use different types of cookies and similar technologies. Strictly necessary cookies are used where they are required for the website to function properly, including core website operation, security, forms, and basic technical functionality. Preference cookies may be used to remember choices such as language, region, or website settings. Analytics cookies help us understand how visitors use the website, measure performance, identify issues, and improve the structure and content of the site. Marketing cookies may be used, where applicable, to support advertising, retargeting, campaign measurement, or similar promotional activities. We will ask for consent before placing non-essential cookies where required, and you can manage your preferences through the website’s cookie settings or your browser settings. Cookie information page.
We may send you product updates, company news, technical insights, or service information where we are allowed to do so.
You can unsubscribe from marketing emails at any time by:
clicking the unsubscribe link in the email;
contacting us at [Insert privacy email address].
We may still send service, security, billing, or administrative messages where necessary.
We do not sell your contact details to third parties for marketing.
We only share personal data where necessary and appropriate.
We may share data with:
hosting and cloud infrastructure providers;
email and communications providers;
analytics providers;
CRM and sales tools;
payment processors;
accounting and finance providers;
customer support tools;
software development and infrastructure providers;
contractors, consultants, or technical partners working with us;
professional advisers such as lawyers, accountants, and insurers;
regulators, authorities, or law enforcement where required;
another organisation if our business is sold, merged, restructured, or transferred.
Where third parties process personal data for us, we require them to protect it and use it only for the agreed purpose.
We do not sell personal data.
We may use trusted third-party suppliers to help deliver our website, products, consultancy, support, infrastructure, and business operations.
These suppliers may process personal data on our behalf.
We aim to work with suppliers that provide appropriate security, confidentiality, and data protection commitments.
A current list of key subprocessors may be made available at:
[Insert subprocessor page or “available on request”]
Some of our suppliers, systems, or technical infrastructure may process personal data outside the UK.
Where we transfer personal data internationally, we will use an appropriate legal mechanism where required. This may include:
UK adequacy regulations;
the UK International Data Transfer Agreement;
the UK Addendum to the EU Standard Contractual Clauses;
contractual safeguards;
transfer risk assessments;
another lawful transfer mechanism.
We use technical and organisational measures to protect personal data.
These may include:
encryption where appropriate;
secure hosting;
access controls;
multi-factor authentication where appropriate;
least-privilege access;
logging and monitoring;
backups;
vulnerability management;
supplier due diligence;
confidentiality obligations;
internal security processes;
incident response procedures.
No online service is completely secure. However, we take reasonable steps to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
If a personal data breach occurs and we are legally required to notify you or the Information Commissioner’s Office, we will do so.
We keep personal data only for as long as needed.
Typical retention periods are:
We retain personal data only for as long as necessary for the purposes for which it was collected. Website enquiry data is usually kept for up to 24 months after the last interaction. Sales and business communications are retained for as long as needed to manage the relationship, after which they are archived or deleted. SaaS account data is kept for the life of the account and is then deleted or anonymised within a reasonable period. Support records are usually retained for up to 3 years after the issue has been resolved, while consultancy and project records are usually kept for up to 7 years after the relevant project or client relationship ends. Billing, tax, and accounting records are usually retained for 6 to 7 years, depending on legal requirements. Newsletter data is kept until you unsubscribe or we stop sending the relevant communications. Analytics data is retained according to the settings of the analytics tools we use and your cookie preferences. Legal records are kept for as long as needed to establish, exercise, or defend legal claims.
Depending on the circumstances, you may have the right to:
access the personal data we hold about you;
ask us to correct inaccurate or incomplete data;
ask us to delete your data;
ask us to restrict how we use your data;
object to how we use your data;
request a copy of your data in a portable format;
withdraw consent where we rely on consent;
complain to the Information Commissioner’s Office.
These rights are not absolute. They depend on the type of data, the reason we process it, and any legal obligations we have.
You can control certain uses of your data by:
unsubscribing from marketing emails;
managing cookie preferences;
changing account settings where available;
contacting us to update or delete information;
asking us to stop processing your data in certain cases.
Our website and services are intended for businesses, professionals, and adult users.
They are not directed at children.
We do not knowingly collect personal data from children. If you believe a child has provided personal data to us, contact us and we will take appropriate steps.
If we launch a product or service likely to be used by children, we will provide additional privacy information where required.
Our website or products may link to third-party websites, tools, services, or platforms.
We are not responsible for the privacy practices or security of third-party services. You should review their privacy information before using them or providing personal data.
We may update this Privacy Policy from time to time.
When we make changes, we will update the “Last updated” date at the top of this page.
Where changes are significant, we may provide additional notice, such as a website notice, product notice, or email notification.
If you have any questions about our privacy practices or this Privacy Policy, please contact us at team@ribeirox.com.
Last updated: 1 June 2026