Privacy Policy

iinix is a software development company. Our website is at iinix.com. When we refer to "we", "us", or "iinix" in this policy, we mean the iinix business and its operators.

We take privacy seriously. This policy explains what personal data we collect when you use this website, why we collect it, how long we keep it, and what rights you have over it.

Enquiry form submissions

When you submit the contact form, we collect your name, email address, company name (if provided), the service you are enquiring about, your budget range (if provided), and your project description. We use this information solely to respond to your enquiry and assess whether we can help with your project. We do not add you to any marketing list without your explicit consent.

Analytics (Google Analytics 4)

If you consent, we use Google Analytics 4 to understand how visitors use the site — which pages are visited, how long people stay, and what devices and browsers are used. This helps us improve the site. We have configured Google Analytics with IP anonymisation enabled and we do not use it for advertising or remarketing. Analytics cookies are only set after you give explicit consent via our cookie banner. You can withdraw consent at any time through the Cookie Settings in the footer.

Google acts as a data processor on our behalf. For details on how Google processes data, see Google's Privacy Policy.

Server logs

Our web server automatically records standard access logs, including your IP address, browser type, referring URL, and pages visited. These logs are used for security monitoring, diagnosing technical problems, and understanding aggregate traffic patterns. Logs are retained for 30 days and then deleted.

We use the following categories of cookies:

Necessary cookies (always active)

• csrftoken — protects forms against cross-site request forgery. Session-scoped.
• sessionid — admin area session cookie, set only when staff log in. Secure and HttpOnly in production.
• iinix_consent — stores your cookie preferences. Expires after 1 year.

Analytics cookies (require consent)

• _ga — Google Analytics: distinguishes unique visitors. Expires after 2 years.
• _ga_* — Google Analytics: maintains session state. Expires after 2 years.

Analytics cookies are only set if you click "Accept" or enable analytics in the Cookie Settings panel. If you reject cookies or do not interact with the banner, no analytics cookies are set.

For enquiry form data, our legal basis is legitimate interests (Article 6(1)(f) UK GDPR): you have contacted us to discuss a potential business relationship, and responding to that enquiry is the expected outcome.

For analytics, our legal basis is consent (Article 6(1)(a) UK GDPR): analytics cookies are only placed after you explicitly opt in. You may withdraw consent at any time.

For server logs, our legal basis is legitimate interests in operating a secure and functional website.

Enquiry records are retained for up to 24 months from the date of submission. If a project engagement begins, associated records may be retained for up to 7 years for legal and accounting purposes. Server logs are deleted after 30 days. Google Analytics data is retained for 14 months. If you would like your data deleted sooner, contact us and we will do so promptly.

We do not sell, rent, or share your personal data with third parties for marketing or advertising purposes.

If you consent to analytics, anonymised usage data is processed by Google LLC (acting as a data processor) via Google Analytics. Google may transfer this data outside the UK/EEA; such transfers rely on Google's approved safeguards.

In the unlikely event that we are required by law to disclose your data (for example, in response to a court order), we will do so only to the extent required.

Under UK GDPR and the Data Protection Act 2018, you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data.
• Erasure: ask us to delete your data.
• Restrict how we process your data.
• Object to processing based on legitimate interests.
• Portability: receive your data in a structured, machine-readable format.
• Withdraw consent at any time (for analytics) without affecting prior lawful processing.

To exercise any of these rights, email us at privacy@iinix.com. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data lawfully.

If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you additional rights:

• Right to know what personal information we collect, use, and disclose.
• Right to delete personal information we hold about you.
• Right to correct inaccurate personal information.
• Right to opt out of sale or sharing — we do not sell or share your personal information as defined by the CCPA/CPRA.
• Right to non-discrimination — we will not discriminate against you for exercising your privacy rights.

We do not sell personal information. We do not use personal information for cross-context behavioural advertising. The analytics data we collect (when you consent) is used solely for our internal purposes.

To make a request, email privacy@iinix.com. We will verify your identity and respond within 45 days.

We respect the Global Privacy Control (GPC) signal. If your browser sends a GPC signal, we treat it as an opt-out of analytics cookies. We do not currently respond to the older DNT (Do Not Track) header, as there is no industry standard for compliance.

If you consent to analytics cookies, data may be transferred to Google servers in the United States. Google provides appropriate safeguards for these transfers in accordance with applicable data protection law.

We take reasonable technical and organisational measures to protect your data, including encrypted connections (HTTPS), server hardening, and restricted access to production systems. No method of transmission over the internet is 100% secure, but we don't take that as an excuse to be careless. See our Security Policy for more detail.

We may update this policy from time to time. The "Last updated" date at the top of this page will always reflect when changes were last made. We will not retroactively reduce your rights without clear notice.

Questions about this policy? Email privacy@iinix.com or use the contact form.