Privacy Policy

Version: 2.0

Last Updated: February 25th, 2025

Introduction

DarkInvader is registered in England and Wales, Registration Number: 13636918, with our registered office at Calls Wharf, 2 The Calls, Leeds, West Yorkshire, United Kingdom, LS2 7JU

We are what is known as the 'data controller' of personal information we collect and use. This means that we are responsible for determining the purpose and the means of processing your personal data. We are registered with the Information Commissioner’s Office under number ZB650760

We ensure that we apply the best standards to protecting your personal information and comply with our responsibilities for data protection. If you have any questions about how we handle your personal information or concerns, please contact us using the information provided under ‘How to Contact Us’.

The purpose of this policy is to outline our approach to protecting the personal data we collect, process, hold and share as a Data Controller, this is typically when managing our relationship with you as our customer. Please note that while DarkInvader primarily acts as a data processor when delivering its EASM services, it also functions as a data controller for certain activities, such as managing customer relationships, invoicing, and marketing..

We take your privacy seriously and are committed to protecting information through a range of technical and organisational measures to safeguard all personal information under our control. We maintain records of our processing activities, data protection risk assessments and a range of other measures to support our compliance with data protection law. This privacy policy is a key component of our wider Information Security and Governance Framework incorporating our Data Protection and ICT policies.

Personal Data We Collect

  • Full Name
  • Job Title
  • Industry/Sector
  • Work Email Address
  • Mobile Phone Number
  • Work Phone Number
  • Work Postal Address
  • Social Media Handles
  • Marketing Preferences

How We Use Your Personal Data

DarkInvader use your personal data primarily to manage our relationship with you as our customer. Below is a table of the reasons why we use your personal data and the corresponding lawful basis.

Purposes for Processing Lawful Basis
Keep a record of your personal information to prospect to you our services It is in DarkInvader’s legitimate interests to prospect to potential customers to identify new customers.
Raising Invoices It is in DarkInvader’s legitimate interest to raise invoices to process sales efficiently and ensure proper financial management.
Managing customer and prospective customer relationships It is in DarkInvader’s legitimate interests to manage existing and prospective customer relationships to provide support, improve engagement, and enhance business opportunities.
Sending Marketing Communications Consent is obtained where required by law to send marketing communications and promotional materials to individuals.
Managing Projects It is in DarkInvader’s legitimate interest to manage projects to ensure successful delivery, fulfil contractual obligations, and maintain operational efficiency.
To enter into agreements such as data processing agreements. It is in DarkInvader’s legitimate interest to enter into agreements with its customer to ensure the relationship between DarkInvader and its customers is binding.
Ensuring security and preventing fraud. It is in DarkInvader’s legitimate interest to monitor, detect, and prevent fraudulent activities and maintain the security of its systems and services.
Complying with legal and regulatory requirements. Compliance with legal obligations to adhere to applicable laws, regulatory requirements, and law enforcement requests.
Conducting analytics and improving services. It is in DarkInvader’s legitimate interest to analyse website and service usage to improve the customer experience and business operations.
Responding to customer enquiries and support requests. It is in DarkInvader’s legitimate interest to respond to customer queries, provide assistance, and resolve any issues effectively.

Sharing Your Personal Data

We will share your personal data that we hold with the following organisations:

  • Xero – Accounting software
  • Zoho – CRM software
  • MailChimp – Email campaign and marketing platform
  • Google Analytics – Website analytics and performance tracking
  • AWS (Amazon Web Services) – Cloud hosting and infrastructure
  • Google Business Apps (G Suite) – Email and internal productivity tools

Please note that this list is not exhaustive, if you would like to find out more about who we may share your information with, please contact us using the details under “How to Contact Us”.

International Transfers

We may transfer personal data to a country not in Europe where data subjects’ rights may not be adequately protected or enforceable. Whenever we arrange for international transfers of data overseas, we will ensure the suitable arrangements are in place to provide suitable safeguards for the people whose information we transfer. When we appoint overseas data processors, we check that suitable arrangements are in place such as European Commission Adequacy Decisions, Standard Contractual Clauses, or other permitted mechanisms. These transfers include:

  • Xero – Transfers to New Zealand (UK Adequacy Regulation)
  • Zoho – Transfers to the USA & India (Protected by SCCs)
  • MailChimp – Transfers to the USA (Protected by SCCs)
  • Google Analytics – Transfers to the USA (Protected by SCCs)
  • Google Business Apps (G Suite) – Transfers to the USA (Protected by SCCs)

Data Retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Details of retention periods for different aspects of your personal information are available in our retention policy which can be exercised under the “How to Contact Us” section of this policy. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Automated Decision Making

To be as efficient and streamlined as possible, we may perform automated processing (i.e., processing that is carried out without human intervention) on your personal information to evaluate certain aspects about you.

We may do this to automatically segment prospects based on certain criteria, such as industry type, company size, or engagement level, to ensure enquiries are directed to the most relevant team members and logged accurately in our CRM system.

This helps us to:

  • Improve response times and customer service efficiency.

  • Ensure prospects and clients are assigned to the appropriate team members.

  • Maintain an organised and structured CRM system for better client management.

This does not involve any form of profiling that results in legal effects or significantly impacts individuals' rights, freedoms, or access to services. It is solely used to improve operational efficiency and service delivery.

Your Rights

Under Data Protection Legislation, you have the right in certain circumstances to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check we are lawfully processing it.

  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

  • Request the transfer of your personal information to another party (in certain circumstances; and

  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party). You also have the right to object where we are processing your personal information for direct marketing purposes.

  • Rights in Relation to Automated Decision Making and Profiling

  • Withdraw your consent to the processing of your personal information at any time where consent is being relied upon as the lawful basis for processing.

You can exercise your rights by emailing us on the contact details below or by writing in to us at DarkInvader, Calls Wharf, 2 The Calls, LS2 7JU. Please mark your correspondence for the attention of the Data Protection Officer.

You also have a right to lodge a complaint with Information Commissioners Office (ICO) where you believe we have not complied with UK data protection law. In the first instance, we encourage you to resolve the matter with DarkInvader. However, you can contact the ICO via www.ico.org.uk, [email protected] or 0303 123 1113

How to Contact Us

For further information regarding your personal data or about DarkInvader’s approach to data protection in general please contact us at:

DarkInvader Calls Wharf,
2 The Calls,
Leeds,
West Yorkshire,
United Kingdom,
LS2 7JU

(e) [email protected]

(t) +44 (0)330 053 4420

Contact Information

DarkInvader (13636918), Calls Wharf, 2 The Calls, Leeds, LS2 7JU
[email protected]    [email protected]