Privacy Policy

Effective Date: February 2026

At Giness, we treat client confidentiality and digital privacy with the same rigor as our technical engineering. This Privacy Policy outlines how we collect, use, and protect your data when you interact with our digital infrastructure.

We strictly adhere to the principles of the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

1. The Data Controller

The entity responsible for the processing of your personal data is:

Giness LTD

85 Great Portland Street

1st Floor

London, W1W 7LT

United Kingdom

For any inquiries regarding data protection, please contact us at: legal@giness.com

2. The Zero-Cookie Standard & Analytics

We respect your digital sovereignty. Our website does not use tracking cookies, advertising pixels, or invasive third-party surveillance tools (such as Google Analytics or Facebook Pixel). Because we do not store tracking files on your device or monitor your behavior across the internet, you will not encounter a cookie consent banner on this site.

To monitor our infrastructure’s performance, we utilize cookieless, privacy-first server analytics (via Vercel). This system only processes anonymized, aggregated metrics (such as geographic region, device type, and page requests). It is technically impossible for us to identify individual visitors through this data.

3. Data We Collect and Process

We only collect personal data that you explicitly and voluntarily provide to us.

  • Communication Data: If you contact us via email or a secure inquiry form, we process your name, email address, and the contents of your message.
  • Purpose of Processing: This data is processed exclusively to respond to your inquiry, provide technical consultations, or execute preliminary contractual steps.
  • Legal Basis: The processing is based on Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures) and Article 6(1)(f) GDPR (our legitimate interest in communicating with prospective clients).

4. Data Sharing and Confidentiality

We do not sell, rent, or trade your personal data. Your information is only shared with third parties when absolutely necessary for our operational infrastructure (e.g., highly secure cloud hosting providers or encrypted email servers). These sub-processors are legally bound by strict data processing agreements and are not permitted to use your data for their own purposes.

5. Data Security and Retention

We implement enterprise-grade security protocols to protect your data against unauthorized access, alteration, or destruction.

We retain your communication data only for as long as necessary to fulfill the purpose for which it was collected, or to comply with mandatory statutory retention periods under UK law. Once the data is no longer required, it is securely permanently erased.

6. Your Rights

Under the GDPR, you possess absolute rights regarding your personal data. You have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request the correction of inaccurate or incomplete data.
  • Erasure: Request the deletion of your data ("Right to be Forgotten").
  • Restriction: Request the limitation of how we process your data.
  • Objection: Object to our processing of your data based on legitimate interests.
  • Data Portability: Request the transfer of your data to another organization.

To exercise any of these rights, please contact us at the address provided in Section 1. You also maintain the right to lodge a formal complaint with the Information Commissioner’s Office (ICO) in the UK or your local data protection supervisory authority.

7. Modifications to this Policy

We reserve the right to update this Privacy Policy to reflect changes in our operational architecture or legal obligations. The most current version will always be published on this page.