blur

Privacy Policy

Last updated: 10 July 2026

This Privacy Policy explains how Xium Labs ("we", "us", or "our") collects, uses, discloses, and safeguards your personal data when you visit our website or use our products and services (the "Services"). We are the data controller for the personal data described in this policy. We are committed to processing your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Information We Collect

We collect the following categories of personal data:

  • Information you provide: your name, email address, organisation, project details, and any message content you submit through our contact forms or when you engage our services.
  • Usage data: information about how you interact with our website, such as pages visited, referring URLs, and approximate location derived from your IP address.
  • Device and technical data: browser type, operating system, device identifiers, and similar technical information.
  • Cookies and similar technologies: as described in our Cookie Policy.

2. How We Use Your Information

  • to respond to your enquiries and provide the Services you request;
  • to operate, maintain, secure, and improve our website and Services;
  • to communicate with you about your requests, updates, and relevant offerings;
  • to comply with legal obligations and enforce our terms; and
  • to analyse usage so that we can improve performance and user experience.

3. Legal Bases for Processing

We rely on the following legal bases under the UK GDPR: your consent (for example, for non-essential cookies and marketing); the performance of a contract with you; our legitimate interests in operating and improving our business, provided these are not overridden by your rights; and compliance with a legal obligation.

4. How We Share Your Information

We do not sell your personal data. We may share it with:

  • Service providers who process data on our behalf, such as hosting, database, email delivery, and analytics providers, under contractual confidentiality and security obligations;
  • Professional advisers and authorities where required by law; and
  • Successors in the event of a merger, acquisition, or reorganisation.

5. International Transfers

Some of our service providers may process data outside the UK or European Economic Area. Where this occurs, we put appropriate safeguards in place, such as the UK International Data Transfer Agreement or Standard Contractual Clauses, to ensure your data receives an adequate level of protection.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including to satisfy legal, accounting, or reporting requirements. When data is no longer needed, we securely delete or anonymise it.

7. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure, including encryption in transit, access controls, and regular review of our practices. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security.

8. Your Rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request erasure of your data;
  • restrict or object to certain processing;
  • request portability of data you provided to us;
  • withdraw consent at any time, without affecting prior processing; and
  • lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact us at talk@xiumlabs.com.

9. Cookies

We use cookies and similar technologies as described in our Cookie Policy. You can control non-essential cookies through our consent banner and your browser settings.

10. Third-Party Links

Our website may contain links to third-party sites. We are not responsible for the privacy practices of those sites, and we encourage you to review their policies.

11. Children's Privacy

Our Services are not directed to children under 16, and we do not knowingly collect their personal data. If you believe a child has provided us with personal data, please contact us so we can delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Last updated" date above. Material changes may be communicated to you directly where appropriate.

13. Contact Us

For any questions about this Privacy Policy or how we handle your data, contact us at talk@xiumlabs.com.