UK Privacy Notice
1. Introduction
At Pyyrah Limited, we respect your privacy and are committed to protecting your personal data. This Privacy Notice outlines how we collect, use, store, and protect your information when you interact with us, whether by visiting our website (pyyrah.com), engaging with our content, subscribing to our newsletters, attending our events, or using our services.
We believe in transparency, user control, and accountability in how we handle your personal data. This Privacy Notice has been designed to provide clear, straightforward information about:
- What personal data we collect from you
- How we use your data to provide a better experience
- Your rights under the UK General Data Protection Regulation (UK GDPR)
- How you can control your data and update your preferences
- Our commitment to data security and responsible handling of personal information
Who We Are
Pyyrah Limited is a UK-based media company that creates content, hosts events, and provides digital services. We operate under the following details:
- Company Name: Pyyrah Limited
- Company Number: [Insert Company Number]
- Registered Address: [Insert Business Address]
- Email Contact: engage@pyyrah.com
As a data controller, Pyyrah Limited is responsible for determining how and why your personal data is processed. We process data in compliance with the UK GDPR, Data Protection Act 2018, and other relevant regulations.
Scope of This Privacy Notice
This Privacy Notice applies to:
- Visitors to pyyrah.com and other digital platforms operated by Pyyrah
- Subscribers to our newsletters, events, or community forums
- Customers who purchase services, attend events, or interact with us
- Individuals who communicate with us via email, phone, or social media
It does not apply to third-party websites, services, or platforms that we may link to. If you navigate to an external site, we encourage you to review their privacy policies separately.
Changes to This Privacy Notice
We may update this Privacy Notice from time to time to reflect changes in our business practices, legal requirements, or technology improvements. We will notify users of significant changes through:
- An updated date at the top of this page
- A notification on our website
- Direct email communication where required
We recommend checking this page periodically to stay informed about how we protect your data.
If you have any concerns, questions, or requests regarding your privacy, feel free to contact us at engage@pyyrah.com.
2. What Personal Data Do We Collect?
We collect different types of personal data depending on how you interact with Pyyrah Limited. This section outlines the categories of personal data we collect, how we obtain it, and why we collect it.
2.1 Categories of Personal Data We Collect
A. Identity & Contact Data
This includes personal information that identifies you directly, such as:
- Full Name
- Email Address
- Phone Number
- Postal Address
- Social Media Handles (if you interact with us via social platforms)
Why We Collect It:
- To communicate with you about your inquiries, services, or events
- To personalize your experience and provide relevant content
- To send you newsletters, promotions, or updates (with your consent)
B. Financial & Transactional Data
If you purchase services, attend events, or make payments through Pyyrah, we collect:
- Payment Card Details (processed securely via third-party providers)
- Billing Address
- Purchase & Transaction History
- Subscription & Membership Data
Why We Collect It:
- To process payments and fulfill orders
- To provide invoices and payment confirmations
- To manage refunds or billing inquiries
C. Technical Data
When you visit our website (pyyrah.com) or use our digital platforms, we collect:
- IP Address
- Browser Type & Version (e.g., Chrome, Safari)
- Device Information (e.g., mobile, tablet, desktop)
- Operating System (e.g., Windows, macOS, iOS)
- Website Usage Data (e.g., pages viewed, time spent, interaction patterns)
- Cookies & Tracking Data (collected with consent)
Why We Collect It:
- To improve website functionality and user experience
- To detect and prevent security threats or fraudulent activities
- To personalize website content and advertising
- To analyze website traffic and engagement
D. Marketing & Communications Data
This includes information about your preferences for receiving marketing materials and updates:
- Newsletter & Email Subscription Preferences
- Event Attendance History
- Survey & Feedback Responses
- Communication Preferences (e.g., email, phone, SMS)
Why We Collect It:
- To send personalized marketing and event invitations
- To manage communication preferences and comply with marketing laws
- To understand customer interests and improve services
You can opt-out of marketing emails at any time by clicking the “Unsubscribe” link in our emails or contacting engage@pyyrah.com.
E. User-Generated Content & Community Engagement
If you participate in any forums, competitions, surveys, or social media interactions, we may collect:
- Comments, messages, or posts shared on our platforms
- Photos, videos, or media uploaded voluntarily
- Responses to competitions or promotional campaigns
Why We Collect It:
- To engage with our community and provide interactive services
- To showcase user-generated content (with consent)
- To analyze trends and improve our content strategy
F. Customer Support & Complaint Handling Data
If you contact us for customer support, inquiries, or complaints, we may collect:
- Details of your request or issue
- Communication records (e.g., email, chat, phone call)
- Any supporting documents or files you provide
Why We Collect It:
- To resolve queries and provide efficient customer service
- To improve internal processes based on feedback
- To ensure compliance with consumer rights and legal obligations
G. Children’s Data
Our services are not intended for children under 13 years old, and we do not knowingly collect data from them.
- If we discover that a child has provided personal data, we will delete it immediately.
- If you are a parent or guardian and believe your child has shared data with us, please contact engage@pyyrah.com.
For users aged 13-18, we recommend seeking parental consent before sharing personal data.
2.2 How Do We Collect Personal Data?
We collect data through the following methods:
- Direct Interactions – When you:
- Sign up for our newsletter or mailing list
- Register for an event or webinar
- Purchase a service from us
- Contact us via email, phone, or social media
- Automated Technologies – When you:
- Browse our website (via cookies & tracking tools)
- Engage with our ads or digital content
- Click on links in emails or marketing campaigns
- Third-Party Sources – We may receive data from:
- Payment providers processing transactions
- Advertising or analytics platforms (Google Analytics, Meta, etc.)
- Publicly available sources (e.g., LinkedIn, social media platforms)
2.3 What If You Choose Not to Provide Data?
You do not have to provide personal data, but in some cases, we may not be able to offer certain services if data is missing. For example:
- Without contact details, we cannot respond to inquiries.
- Without payment information, we cannot process purchases.
- Without cookie consent, we cannot personalize your website experience.
If you have any concerns about data collection, contact us at engage@pyyrah.com.
2.4 Special Categories of Data We Do NOT Collect
We do not collect or process:
Health Data (e.g., medical history, disabilities)
Political Opinions
Religious or Philosophical Beliefs
Biometric Data
Sexual Orientation or Preferences
Criminal Records
If we ever need to collect such data (e.g., for event accessibility needs), we will request explicit consent and explain the purpose clearly.
2.5 Summary of Key Points
We collect only necessary personal data.
Data is collected through direct interactions, automated tools, and third parties.
We do not collect sensitive personal data unless absolutely required.
Users can control their preferences and opt-out of marketing at any time.
We are transparent about data collection and usage.
For more details, feel free to contact engage@pyyrah.com. 🚀
3. How Do We Use Your Personal Information?
At Pyyrah Limited, we collect and process personal data responsibly to provide the best possible services, experiences, and engagement opportunities. Below is a detailed breakdown of why and how we use your data.
3.1 Main Purposes for Processing Personal Data
We process personal data for seven key purposes:
1. To Provide and Manage Our Services
We use your data to:
Deliver digital content, media, and services you request.
Register and manage accounts for online platforms, subscriptions, or memberships.
Enable participation in events, webinars, and competitions.
Process payments, invoices, and transaction confirmations.
Example: If you register for an event hosted by Pyyrah, we use your contact details to send event-related updates, tickets, and follow-up materials.
2. To Improve and Secure Our Website & Services
We analyze technical data to:
Monitor website performance and user engagement.
Identify and fix errors or bugs.
Prevent fraudulent activities, spam, or security breaches.
Maintain a safe, optimized browsing experience.
Example: If our analytics detect a high bounce rate on a page, we may adjust the layout to improve usability.
3. To Communicate with You
We use your contact data to:
Respond to inquiries or customer support requests.
Send service-related updates (e.g., account confirmations, billing reminders).
Notify you of changes to our policies or services.
Example: If you request support via email, we use your details to respond and resolve your issue.
4. For Marketing & Promotional Activities
We may send you marketing communications if you have opted in to receive them. This includes:
✅ Email newsletters with content, updates, and offers.
✅ Exclusive promotions, discounts, or new product announcements.
✅ Targeted ads or sponsored content (with consent).
💡 Example: If you subscribe to our newsletter, we send you updates about industry trends, upcoming events, and exclusive deals.
Your Control Over Marketing
- You can unsubscribe from marketing emails at any time via the “unsubscribe” link.
- You can update preferences in your account settings.
- You can opt out of personalized ads through cookie settings.
5. To Provide Personalized Content & Recommendations
We use profiling techniques to:
Show you content that matches your interests.
Recommend events, articles, or services based on your past interactions.
Tailor email and website experiences to your preferences.
Example: If you frequently engage with content about music on our website, we may suggest related articles or events in future communications.
No Automated Decision-Making:
We do not use AI or algorithms to make significant automated decisions (such as approving or rejecting service access) that could impact you without human involvement.
6. For Research & Audience Insights
We collect aggregated and anonymized data to:
Understand industry trends and audience demographics.
Conduct internal research and service improvements.
Create reports or statistics (without identifying individuals).
Example: If a survey shows that most of our users are interested in video content, we may prioritize developing more media-related services.
7. To Comply with Legal & Regulatory Requirements
We may process your data when necessary to:
Meet obligations under UK laws and data protection regulations.
Retain financial records for tax and accounting compliance.
Respond to law enforcement requests or court orders.
Protect against fraud, cyber threats, or legal claims.
Example: If authorities require us to retain transaction records for auditing purposes, we comply with legal retention periods.
3.2 Do We Use Cookies & Tracking Technologies?
Yes, we use cookies and similar tracking technologies for:
- Website functionality (session management, preferences).
- Performance analysis (Google Analytics, user behavior tracking).
- Advertising (personalized ads, retargeting).
You can control cookies via your browser settings or our cookie consent banner.
See our Cookie Policy for full details.
3.3 Will Your Data Be Used for Automated Profiling?
We may analyze your interactions with our website, emails, and services to deliver a better user experience, but:
- We do not make legally binding decisions based solely on automated processing.
- We do not sell your data to advertisers without your consent.
- We do not use AI-driven profiling that could affect your rights.
Example of Acceptable Profiling:
If you frequently open emails related to business events, we may tailor future email recommendations to focus on similar content.
Example of What We Do NOT Do:
We do not approve or reject applications, services, or pricing offers based solely on AI-driven profiling.
3.4 Summary of How We Use Your Data
Purpose | Examples | Your Control Options |
Providing Services | Event registration, processing payments, delivering content | Cannot opt out (essential for service) |
Website Improvement | Performance monitoring, bug fixes, security enhancements | Cannot opt out (necessary for website function) |
Customer Support | Responding to inquiries, troubleshooting issues | Cannot opt out (needed for user requests) |
Marketing & Promotions | Newsletters, targeted ads, event invitations | Opt out via email or cookie settings |
Personalized Content | Suggested articles, tailored experiences | Opt out via account preferences |
Research & Analytics | Surveys, audience insights, internal reports | Opt out via request (data is anonymized) |
Legal Compliance | Tax reporting, fraud prevention, regulatory requests | Cannot opt out (legal obligation) |
3.5 Your Choices & Control Over Data Usage
You can customize how we use your data in the following ways:
Unsubscribe from marketing – Use the “unsubscribe” link in emails.
Adjust tracking settings – Manage cookie preferences via our website.
Request data deletion – Contact engage@pyyrah.com to remove your data (subject to legal retention requirements).
Update preferences – Modify email or account settings anytime.
We value transparency and user control, so if you have any concerns about how your data is used, feel free to reach out.
Contact us at: engage@pyyrah.com 🚀
4. Legal Basis for Processing Personal Data
At Pyyrah Limited, we process your personal data in compliance with UK GDPR (UK General Data Protection Regulation) and the Data Protection Act 2018. This section explains the legal bases under which we collect, use, and store your personal information.
4.1 What is a Legal Basis for Processing?
Under UK GDPR, we must have a valid legal reason for processing your data. The law sets out six possible legal bases, but we use the following four in our business operations:
- Consent – When you have given explicit permission for data processing.
- Contractual Obligation – When processing is necessary to fulfill a contract.
- Legitimate Interests – When processing benefits our business while respecting your rights.
- Legal Compliance – When processing is required to meet legal obligations.
Each purpose for which we collect data must have a clear legal justification. Below, we explain how each applies to our services.
4.2 Legal Bases We Rely On
1. Consent (Article 6(1)(a) of UK GDPR)
We will only process your data based on consent if:
You have actively opted in (e.g., subscribing to emails).
You have been provided with clear, specific information about how your data will be used.
You can withdraw your consent at any time.
Examples of Where We Use Consent:
- Sending email newsletters, promotions, or marketing materials.
- Using cookies for personalized advertising and analytics.
- Collecting information for voluntary surveys or research.
- Allowing third-party partners to contact you (where applicable).
How You Can Withdraw Consent:
- Click the “unsubscribe” link in marketing emails.
- Adjust cookie settings via our website.
- Contact engage@pyyrah.com to opt out of communications.
Note: Withdrawing consent will not affect data processing that happened before you opted out.
2. Contractual Obligation (Article 6(1)(b) of UK GDPR)
We must process certain data to fulfill a contract with you. This includes:
Transactions for paid services.
Managing event registrations.
Providing customer support related to contracts.
Examples of Where We Use Contractual Obligation:
- When you purchase a service, we need your payment details to complete the transaction.
- When you sign up for an event, we process your details to send tickets and event information.
- If you request customer support, we may access past interactions to resolve your issue.
📌 Note: If you refuse to provide this data, we may be unable to deliver the service.
3. Legitimate Interests (Article 6(1)(f) of UK GDPR)
We process certain types of data based on legitimate business interests, provided they do not override your rights. This applies when processing is necessary for:
Business operations and growth.
Improving customer experience.
Preventing fraud and security threats.
Examples of Where We Use Legitimate Interests:
- Website Analytics: We analyze visitor data to improve site performance.
- Marketing Optimization: We track engagement with emails and content to refine our strategies.
- Fraud Prevention: We monitor unusual account activity to prevent security risks.
- Customer Feedback: We use surveys to improve our services.
Your Right to Object:
If you feel our use of legitimate interests is unfair, you have the right to object. Contact us at engage@pyyrah.com, and we will review your request.
4. Legal Compliance (Article 6(1)(c) of UK GDPR)
We are legally required to process certain personal data to comply with UK laws and regulations. This applies when:
We need to retain financial records for tax and accounting.
We must comply with a court order or regulatory request.
We are legally required to respond to law enforcement.
Examples of Where We Use Legal Compliance:
- Retaining purchase records for 6 years for tax compliance.
- Storing financial transaction details for audits.
- Cooperating with legal investigations or fraud prevention authorities.
📌 Note: You cannot opt out of processing based on legal compliance.
4.3 Legal Basis Breakdown by Purpose
Purpose | Legal Basis | Can You Opt-Out? |
Processing payments, subscriptions, and purchases | Contractual Obligation | No (essential for service) |
Sending marketing emails or newsletters | Consent | Yes (unsubscribe anytime) |
Conducting surveys and collecting feedback | Consent | Yes (participation is voluntary) |
Personalizing website experience and ads | Consent | Yes (adjust cookie settings) |
Monitoring website traffic and improving content | Legitimate Interests | Yes (but may affect user experience) |
Fraud prevention and security monitoring | Legitimate Interests | No (required for safety) |
Complying with legal, tax, and financial regulations | Legal Compliance | No (required by law) |
4.4 How We Ensure Compliance
To maintain transparency, we follow these best practices:
- Clear Consent Mechanisms – We use opt-in forms for marketing and tracking preferences.
- Privacy by Design – We minimize data collection and only collect what is necessary.
- Data Minimization – We avoid excessive or unnecessary data collection.
- User Control – You can update your preferences at any time via email or our website.
📌 Your Rights:
If you believe we have no valid legal basis for processing your data, you have the right to request deletion or file a complaint with the UK Information Commissioner’s Office (ICO) at ico.org.uk.
4.5 Key Takeaways
Consent is required for marketing, surveys, and advertising.
Contracts must be fulfilled, meaning some data processing is necessary.
Legitimate interests allow website improvements and fraud prevention, but you can object.
Legal obligations require us to keep some data for tax and compliance purposes.
You have control over your data and can request changes, deletion, or opt-outs.
Need assistance? Contact us at engage@pyyrah.com 🚀
5. Data Sharing – Who Do We Share Your Personal Information With?
At Pyyrah Limited, we are committed to protecting your privacy and ensuring that your personal data is shared only when necessary. This section outlines who we share your data with, why we share it, and how we ensure your data remains protected.
5.1 Do We Sell Your Data?
No, we do not sell, rent, or trade your personal data to third parties for marketing purposes. Any sharing of your data is strictly for business, legal, or security reasons.
5.2 Who Do We Share Your Data With?
We share data only when necessary with the following categories of third parties:
1. Service Providers & Business Partners
We work with trusted third-party service providers to deliver and improve our services. These include:
Payment Processors – To securely handle online payments (e.g., Stripe, PayPal).
Cloud & IT Providers – For secure data storage, hosting, and email services.
CRM & Communication Platforms – For managing customer relationships and support (e.g., HubSpot, Mailchimp).
Analytics & Marketing Tools – To track website engagement and optimize services (e.g., Google Analytics, Meta Ads).
Event & Webinar Platforms – If you register for an event, we may share details with webinar hosts (e.g., Zoom, Eventbrite).
Why We Share Your Data:
- To process payments and manage transactions.
- To store and organize data efficiently.
- To send emails, newsletters, and service updates.
- To track and improve website performance.
- To ensure seamless user experience across digital platforms.
How We Protect Your Data:
All service providers are contractually bound to:
- Use your data only for the agreed purpose.
- Protect your data with strict security measures.
- Not share your data with unauthorized third parties.
2. Advertising & Analytics Partners
To provide relevant content and advertisements, we may share non-identifiable data with:
Social Media Platforms – For advertising and retargeting (e.g., Facebook, Instagram, LinkedIn, TikTok).
Ad Networks – To deliver customized ads based on user behavior (e.g., Google Ads, Microsoft Ads).
Analytics Companies – To measure website traffic and engagement (e.g., Google Analytics, Hotjar).
Why We Share Your Data:
- To serve relevant ads based on browsing history and preferences.
- To understand audience demographics and improve our content.
- To track ad performance and optimize marketing efforts.
Your Control Over Advertising Data:
- You can opt out of targeted ads by adjusting your cookie settings.
- You can disable tracking in browser settings or via ad preferences on platforms like Google and Facebook.
3. Research & Audience Insights
We may share aggregated, anonymized data with:
Business Partners & Investors – To showcase audience trends and market insights.
Industry Researchers – To contribute to industry studies and reports.
Academic Institutions – For research on digital marketing trends and content engagement.
No Personally Identifiable Information (PII) is shared in these cases.
4. Law Enforcement & Legal Authorities
We may be legally required to disclose your personal data to:
Regulators or Government Bodies – For compliance with UK laws (e.g., tax authorities, ICO).
Law Enforcement Agencies – If required for fraud prevention or security investigations.
Courts & Legal Representatives – In the event of legal disputes or compliance obligations.
When Will We Share Data With Authorities?
- If we receive a legally valid court order or legal request.
- If required to protect our rights, safety, or property.
- If necessary to investigate fraud or security threats.
Your Rights:
- We will notify you before sharing data unless prohibited by law.
- We will share only what is strictly necessary for compliance.
5. Business Transfers & Mergers
If Pyyrah Limited undergoes a business change (e.g., acquisition, merger, restructuring), your data may be transferred to the new entity.
How We Handle Business Transfers:
- You will be notified in advance of any ownership changes.
- Your data will be protected under the same privacy commitments.
- You can request data deletion if you do not wish to continue with the new entity.
5.3 International Data Transfers
Since we work with global service providers, some of your data may be transferred outside the UK. When this happens, we ensure:
The country has adequate data protection laws (e.g., EEA, Canada).
We use Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO).
Additional security measures (e.g., encryption and access restrictions) are in place.
Your Rights Regarding International Transfers:
- You can request details about how and where your data is stored.
- You can ask for a copy of the safeguards in place for international transfers.
If you have concerns, contact us at engage@pyyrah.com.
5.4 How We Ensure Secure Data Sharing
We take strict precautions when sharing personal data, including:
Data Minimization – Sharing only the essential information needed for the purpose.
Confidentiality Agreements – Requiring third parties to comply with privacy laws.
Access Controls – Limiting data access to authorized personnel only.
Encryption & Secure Transfers – Protecting data using SSL/TLS encryption.
Regular Audits – Ensuring partners maintain high security standards.
5.5 Your Control Over Data Sharing
Data Sharing Category | Can You Opt Out? | How to Opt Out |
Payment Processing & Transactions | No | Essential for service |
Cloud & IT Services | No | Essential for website function |
Marketing & Advertising | Yes | Adjust cookie/ad preferences |
Research & Analytics | Yes | Contact us to request exclusion |
Legal Compliance | No | Required by law |
Business Transfers | Yes | You will be notified & can request deletion |
To modify data sharing preferences, email us at engage@pyyrah.com 🚀
5.6 Summary of Key Points
No data selling – We never sell your personal data to third parties.
Strict security measures – We protect your data with encryption & confidentiality agreements.
Control over ads & marketing – You can opt out of tracking and marketing communications.
Legal compliance required – Some data must be shared for legal and financial obligations.
International transfers protected – We apply security measures for cross-border data sharing.
Questions or concerns? Contact us at engage@pyyrah.com 🚀
6. How Long Do We Keep Your Data?
At Pyyrah Limited, we retain personal data only as long as necessary for the purposes outlined in this Privacy Notice, while also ensuring compliance with UK GDPR, the Data Protection Act 2018, and other applicable regulations. This section explains how long we keep different types of personal data, why we retain it, and how you can request deletion of your data.
6.1 General Data Retention Principles
We follow these key principles when managing data retention:
Minimization – We do not keep data longer than necessary.
Purpose-Limitation – Data is stored only for the specific purpose for which it was collected.
Legal & Regulatory Compliance – Some data must be retained for legal reasons (e.g., tax, contracts).
User Control – You can request deletion or withdraw consent at any time.
Once data is no longer needed, we securely delete or anonymize it.
6.2 Data Retention Periods Based on Data Type
The retention period depends on the category of data and its intended purpose:
1. Identity & Contact Data (Name, Email, Address, Phone Number)
Retention Period: Up to 6 years after your last interaction.
Reason for Retention:
- To respond to future inquiries or customer service requests.
- To maintain communication records (e.g., if you return as a client).
Opt-Out Options: You can request deletion of your contact data at any time (unless legally required).
2. Financial & Transactional Data (Payments, Billing Information, Invoices)
Retention Period: 6 years (as required by UK tax laws).
Reason for Retention:
- To comply with HMRC tax and accounting regulations.
- To process refunds, chargebacks, or dispute resolutions.
Opt-Out Options: You cannot request deletion before the legal retention period ends.
3. Marketing & Communication Data (Email Subscriptions, Preferences, Engagement History)
Retention Period: Until you unsubscribe or request deletion.
Reason for Retention:
- To send newsletters, promotions, or event invites (only if opted in).
- To personalize future communications based on past interactions.
Opt-Out Options:
- Click “Unsubscribe” in emails to stop marketing communications.
- Contact engage@pyyrah.com to have all marketing data removed.
4. Technical & Website Usage Data (IP Address, Cookies, Browsing Behavior)
Retention Period: Up to 24 months, depending on the type of data.
Reason for Retention:
- To analyze website traffic and performance.
- To improve user experience and security.
Opt-Out Options:
- Adjust cookie settings via your browser or our Cookie Policy.
- Clear your browser cache and cookies to remove stored data.
5. Customer Support & Complaint Records (Emails, Chats, Tickets)
Retention Period: Up to 3 years after resolution of the issue.
Reason for Retention:
- To track service history for better customer support.
- To comply with consumer rights and complaint-handling regulations.
Opt-Out Options: You can request earlier deletion if no ongoing dispute exists.
6. Event Registration & Participation Data (Webinar, Competitions, Sign-ups)
Retention Period: 12 months after the event.
Reason for Retention:
- To send event follow-ups and content.
- To provide verification if you request participation records.
Opt-Out Options: You can request earlier deletion after the event has ended.
7. Research & Surveys (Feedback, Questionnaires, Analytics Data)
Retention Period: Up to 2 years, unless anonymized.
Reason for Retention:
- To analyze trends and improve our services.
- To conduct internal research and industry reports.
Opt-Out Options: If you participated in a survey, you can request your responses to be deleted.
8. Legal & Regulatory Compliance Data
Retention Period: As legally required (typically 6 years or longer for compliance records).
Reason for Retention:
- To comply with UK legal obligations (e.g., tax, anti-fraud, regulatory investigations).
- To maintain proper business and financial records.
Opt-Out Options: You cannot request deletion of legally required records.
6.3 How We Delete or Anonymize Data
Once data is no longer required, we securely delete or anonymize it using:
Data Encryption – Securely erasing stored digital files.
Permanent Deletion – Removing records from databases.
Anonymization – Converting data into a non-identifiable format for research use.
Physical Destruction – Shredding paper records (if applicable).
6.4 Your Rights Regarding Data Retention
Right to Erasure (‘Right to Be Forgotten’) – You can request permanent deletion of your personal data if no legal obligation requires us to keep it.
Right to Access – You can request a copy of the personal data we store about you.
Right to Object – You can object to data processing if you feel it is unnecessary.
Right to Restrict Processing – You can ask us to limit how we use your data instead of deleting it.
To exercise your rights, contact us at: engage@pyyrah.com
6.5 How to Request Data Deletion
If you want to delete your personal data, follow these steps:
Send a request via email to engage@pyyrah.com.
Provide identity verification (to prevent unauthorized deletion requests).
Specify which data you want deleted (e.g., marketing data, support records).
We will respond within 30 days to confirm data deletion.
Exceptions:
- Data cannot be deleted if required for legal or financial compliance.
- If you have ongoing services with us, we may retain necessary data until completion.
6.6 Summary of Data Retention & Deletion
Data Type | Retention Period | Deletion Available? |
Contact Data (Email, Name) | 6 years after last interaction | Yes (request removal) |
Payment & Billing Data | 6 years (legal requirement) | No (required by law) |
Marketing Data | Until you unsubscribe | Yes (unsubscribe anytime) |
Website Usage Data | Up to 24 months | Yes (clear cookies/cache) |
Customer Support Data | Up to 3 years | Yes (if no ongoing case) |
Event Registration | 12 months after event | Yes (after event ends) |
Research & Surveys | Up to 2 years | Yes (unless anonymized) |
Legal Compliance Data | Minimum 6 years | No (required by law) |
📩 For deletion requests, contact: engage@pyyrah.com 🚀
6.7 Key Takeaways
We retain data only as long as necessary and delete it securely.
You can request deletion of personal data that is not legally required.
We follow UK GDPR retention rules for financial and legal compliance.
Marketing data can be deleted anytime by unsubscribing or requesting removal.
You have full control over your personal data and how long we keep it.
Need to update or delete your data? Contact us at: engage@pyyrah.com 🚀
7. Profiling and Personalized Marketing
At Pyyrah Limited, we strive to deliver a tailored and engaging experience by using profiling techniques to analyze user behavior, interests, and preferences. This section explains how profiling works, how it affects you, and how you can control it.
7.1 What is Profiling?
Profiling refers to the automated processing of personal data to assess or predict aspects of an individual’s behavior, preferences, or interests.
We use profiling to:
- Improve content recommendations.
- Deliver more relevant marketing messages.
- Enhance user experience through personalization.
- Analyze customer behavior and engagement trends.
We do not use profiling to make automated decisions that significantly affect you, such as loan approvals or employment decisions. Profiling is used only for marketing, analytics, and service improvements.
7.2 How Do We Use Profiling?
We collect and analyze data from various sources to create customer profiles based on the following:
Data Type | Examples of Profiling Uses |
Website Activity | Pages visited, time spent on content, interactions |
Email Engagement | Whether emails were opened, clicked, or ignored |
Purchase History | Products or services bought, frequency of purchases |
Social Media Interaction | Likes, shares, and comments on Pyyrah content |
Advertising & Cookies | Interest-based ads based on browsing behavior |
Surveys & Feedback | Information voluntarily provided about preferences |
For example, if you frequently read content about social media marketing, we may recommend similar blogs or invite you to relevant webinars.
7.3 Personalized Marketing – How It Works
We use profiling to customize marketing messages based on:
- Email personalization – Tailored newsletters and promotions based on past engagement.
- Targeted advertising – Showing ads related to your browsing history or interactions.
- Content suggestions – Recommending articles, videos, or events you might find interesting.
- Dynamic website experiences – Displaying customized homepage content based on user behavior.
We do not sell your personal data to advertisers. We respect your marketing preferences and provide opt-out options.
7.4 Cookies and Tracking Technologies
We use cookies and tracking pixels to collect data for profiling. These technologies help us:
- Recognize returning visitors and tailor content accordingly.
- Measure the effectiveness of ads and marketing campaigns.
- Identify trends in how users interact with our website.
Managing Your Cookie Preferences:
- You can adjust settings through our Cookie Policy.
- You can disable cookies in your browser to limit tracking.
- You can opt out of interest-based ads via platforms like Google Ads and Facebook Ads.
For more information, refer to our Cookie Policy or email engage@pyyrah.com.
7.5 Your Rights and Control Over Profiling
You have the right to control how we use profiling and personalized marketing.
Your Rights and How to Exercise Them
Your Rights | What It Means | How to Take Action |
Right to Object | You can object to profiling for direct marketing. | Contact us to opt out of profiling. |
Right to Access | You can request details on how we use your data for profiling. | Email engage@pyyrah.com to request a profiling report. |
Right to Opt-Out | You can stop receiving personalized ads or recommendations. | Adjust cookie settings and unsubscribe from emails. |
Right to Restrict Processing | You can ask us to limit how we use profiling. | Contact us if you want to restrict specific data usage. |
We honor all opt-out and restriction requests within 30 days.
7.6 How to Opt-Out of Personalized Marketing
- Emails and newsletters: Click “unsubscribe” in marketing emails.
- Social media ads: Adjust ad preferences on Facebook, Instagram, and LinkedIn.
- Cookies and tracking: Disable cookies via browser settings or our Cookie Policy.
- Account preferences: Update settings in your user account, if applicable.
- Direct request: Email engage@pyyrah.com to opt out of profiling.
Opting out of profiling does not mean you will not see ads—just that they will not be personalized.
7.7 Summary of Key Points
- Profiling is used for marketing and content personalization, not automated decision-making.
- We analyze user activity, email engagement, and interactions to create better experiences.
- You can opt out of profiling, personalized ads, and targeted emails at any time.
- We respect your rights and allow full control over your data usage.
For any questions, contact us at engage@pyyrah.com.
8. Data Security and Cross-Border Transfers
At Pyyrah Limited, we take the security of your personal data seriously. We have implemented industry-standard security measures to protect your data from unauthorized access, loss, or misuse. This section explains how we safeguard your data, how we manage international data transfers, and what steps you can take to protect your information.
8.1 How We Protect Your Data
We have put in place technical, organizational, and administrative security measures to ensure that your data remains secure. These include:
1. Technical Security Measures
- Encryption: We use Secure Socket Layer (SSL) encryption to protect your data during transmission.
- Access Controls: Access to your data is restricted to authorized personnel only, based on the principle of least privilege.
- Multi-Factor Authentication (MFA): Required for internal systems to prevent unauthorized access.
- Regular Security Audits: We conduct periodic security reviews to identify and fix vulnerabilities.
- Firewall Protection: We use firewalls to prevent unauthorized network access.
- Data Backups: Regular backups ensure that data is not lost in case of an incident.
2. Organizational Security Measures
- Employee Training: Our staff undergoes regular training on data protection and security best practices.
- Confidentiality Agreements: Employees and third-party contractors are required to sign data protection agreements.
- Access Management: We implement strict user roles to ensure data is accessed only by those who need it.
3. Incident Response Plan
In the event of a security breach, we have a data breach response plan in place that includes:
- Identifying and containing the breach.
- Investigating the cause and assessing the impact.
- Notifying affected individuals and relevant authorities (if required by law).
- Implementing corrective actions to prevent future breaches.
If you believe your personal data has been compromised, contact us immediately at engage@pyyrah.com.
8.2 How We Store Your Data
Your personal data is stored securely in data centers that comply with international data protection laws. We may use cloud storage providers who adhere to ISO 27001 security standards, ensuring high levels of protection.
We keep data only for as long as necessary, following our data retention policy outlined in Section 6.
8.3 International Data Transfers
Since Pyyrah Limited may operate globally and use third-party service providers located outside the United Kingdom (UK) or European Economic Area (EEA), some personal data may be transferred to countries that have different data protection laws.
1. How We Ensure Security for International Transfers
Whenever we transfer personal data outside the UK or EEA, we ensure that it is adequately protected through one of the following safeguards:
- Adequacy Decision: If the country has been deemed by the UK government to have adequate data protection laws (e.g., Canada, Japan).
- Standard Contractual Clauses (SCCs): We use legally approved contractual obligations to protect data in countries without adequacy decisions.
- Binding Corporate Rules (BCRs): If we transfer data within a corporate group, BCRs ensure compliance with UK data protection laws.
- Technical Security Measures: Additional safeguards, such as data encryption and pseudonymization, are applied when required.
2. Transfers to the United States and Other Countries
Some of our third-party service providers (such as cloud hosting, payment processors, or analytics tools) may be located in the United States or other non-EEA countries.
- These providers are required to comply with UK GDPR standards.
- We review and ensure they have strong security policies in place.
- If you have concerns about data transfers, you may request further information by contacting engage@pyyrah.com.
8.4 Your Responsibilities for Data Security
While we take every precaution to protect your data, you also play a role in keeping your information secure. Here are some steps you can take:
- Use Strong Passwords: Ensure your account passwords are unique and secure.
- Enable Two-Factor Authentication (2FA): If applicable, enable 2FA for an extra layer of security.
- Beware of Phishing Scams: We will never ask for sensitive information via email. If you receive suspicious messages claiming to be from us, report them immediately.
- Keep Your Devices Secure: Use antivirus software and keep your operating system up to date.
- Log Out After Using Public Computers: If accessing our website from a public or shared device, always log out after use.
If you suspect any unauthorized access to your account, contact us immediately at engage@pyyrah.com.
8.5 How We Handle Data Breaches
Despite strong security measures, data breaches can occur. In such cases, we will:
- Assess the Impact: Identify which data has been compromised and take steps to contain the breach.
- Notify Affected Users: If personal data is exposed, we will inform affected individuals in a timely manner.
- Report to Authorities: If legally required, we will report the breach to the UK Information Commissioner’s Office (ICO) within 72 hours.
- Strengthen Security Measures: Take immediate corrective actions to prevent similar incidents in the future.
If you have concerns about how a data breach may affect you, contact engage@pyyrah.com for support.
8.6 Your Rights Regarding Data Security and Transfers
Under UK GDPR, you have the right to:
Your Rights | What It Means | How to Take Action |
Right to be Informed | Know how your data is protected and transferred. | Review this privacy notice or contact us. |
Right to Data Portability | Request a copy of your data in a structured format. | Contact engage@pyyrah.com. |
Right to Object | Object to international data transfers. | Contact us to discuss restrictions. |
Right to Restrict Processing | Request that we limit data transfers if concerned about security. | Submit a restriction request via email. |
Right to Complain | File a complaint if you believe your data is not being handled securely. | Contact the UK Information Commissioner’s Office (ICO) at ico.org.uk. |
8.7 Summary of Key Points
- We use technical, organizational, and administrative security measures to protect your data.
- Your data is stored in secure data centers, following UK GDPR standards.
- International data transfers are safeguarded with SCCs, BCRs, and encryption.
- You can take action to secure your own data, such as using strong passwords and enabling two-factor authentication.
- If a data breach occurs, we have a response plan in place to notify affected users and authorities.
- You have the right to access, object, and restrict data transfers, and you can request more information at any time.
For any concerns regarding data security, email engage@pyyrah.com.
9. Links to Other Websites
Pyyrah Limited may provide links to external websites, platforms, or third-party services for informational, marketing, or business purposes. This section explains how these external links function, what responsibilities you and Pyyrah Limited have when using them, and how you can protect your personal data when navigating third-party websites.
9.1 Third-Party Websites and External Links
Our website, newsletters, emails, and other digital platforms may contain links to third-party websites. These links may direct you to:
- Social media platforms such as Instagram, Twitter, LinkedIn, and Facebook.
- Partner websites or affiliates offering services relevant to our audience.
- Third-party advertisers or sponsored content providers.
- External resources, blogs, and news articles.
- Payment processors, webinar platforms, or registration pages for events.
Pyyrah Limited provides these links for convenience and informational purposes only.
9.2 No Responsibility for Third-Party Websites
While we aim to share links to reliable and secure sources, we cannot guarantee or control how external websites handle personal data. When you leave our website and visit a third-party website, the following applies:
- Different Privacy Policies: Third-party sites have their own privacy notices and may collect, use, or share data differently from Pyyrah Limited.
- Security Risks: We are not responsible for the security practices, content, or reliability of third-party websites.
- Cookies and Tracking: Some third-party sites may use cookies or tracking technologies that differ from our policies.
We encourage you to review the privacy and cookie policies of any external websites you visit.
9.3 Affiliate Links and Sponsored Content
Some links on our website or in our marketing emails may be affiliate links, meaning we may earn a commission if you make a purchase through that link.
- Transparency: Any sponsored or affiliate content will be clearly marked.
- No Extra Cost to You: Clicking an affiliate link does not increase the price of a product or service.
- Opt-Out: If you do not want to be tracked through affiliate links, you can disable cookies in your browser.
If you have concerns about a specific affiliate partnership, contact us at engage@pyyrah.com for further details.
9.4 Social Media and User-Generated Content
Our website and marketing materials may contain links to our official social media pages. If you choose to interact with Pyyrah Limited on social media, keep the following in mind:
- Public Visibility: Comments, likes, shares, and direct messages may be visible to other users depending on the platform’s settings.
- Platform Terms Apply: Social media platforms have their own privacy policies and terms of use. We encourage you to review these before engaging.
- Moderation: We reserve the right to moderate, hide, or remove comments that violate our community guidelines.
If you post personal information on social media in response to our content, we are not responsible for how third parties may use or collect that information.
9.5 Embedded Content from Third-Party Sources
Some pages on our website may include embedded content such as:
- YouTube videos
- Twitter feeds
- Instagram posts
- Embedded forms or surveys from third-party services
Embedded content from other websites behaves as if you are visiting that website directly. These third-party sites may collect data about you, use cookies, and monitor your interaction with their content.
To limit tracking:
- Use browser settings to disable third-party cookies.
- Adjust privacy settings within the embedded platform (e.g., YouTube, Twitter).
- Avoid logging into external services when interacting with embedded content.
9.6 How to Protect Your Data When Using External Links
When clicking on external links, take the following precautions:
- Check the URL: Verify that the website address is correct and uses a secure connection (HTTPS).
- Review Privacy Policies: Read the privacy statement of any third-party website before providing personal data.
- Avoid Phishing Attempts: Be cautious of links sent via email or social media that request personal information.
- Limit Data Sharing: Do not enter sensitive information on unverified websites.
If you believe an external link on our website is unsafe or compromised, report it to engage@pyyrah.com.
9.7 Your Rights Regarding External Links
While Pyyrah Limited does not control third-party websites, you have the following rights regarding data shared with them:
Your Rights | What It Means | How to Take Action |
Right to Know | You can request information about affiliate partnerships and external links used on our website. | Contact engage@pyyrah.com for details. |
Right to Opt-Out | You can disable cookies to avoid being tracked by third-party websites. | Adjust your browser or cookie settings. |
Right to Be Informed | You have the right to understand how clicking a link may impact your privacy. | Review this privacy notice and third-party privacy policies. |
If you have concerns about a link shared on our website, reach out to engage@pyyrah.com for clarification.
9.8 Summary of Key Points
- Pyyrah Limited provides external links for convenience but is not responsible for third-party data collection.
- External websites have their own privacy policies, security practices, and tracking technologies.
- Some links may be affiliate links, which will be disclosed.
- Social media interactions and embedded content may track data based on platform-specific policies.
- Users should verify external websites before sharing personal information.
- Pyyrah Limited does not endorse or guarantee the safety of third-party sites.
For more information or to report concerns about an external link, contact engage@pyyrah.com.
10. Your Rights
Under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, you have specific rights regarding your personal data. These rights give you control over how your data is collected, stored, used, and shared.
This section explains your legal rights, how you can exercise them, and what to expect when making a request.
10.1 Your Data Protection Rights
Your Rights | What It Means | How to Exercise This Right |
Right to Be Informed | You have the right to know how we collect, use, and store your data. | Read this Privacy Notice or contact us for more details. |
Right to Access | You can request a copy of the personal data we hold about you. | Submit a Subject Access Request (SAR) via email. |
Right to Rectification | You can ask us to correct or update inaccurate or incomplete personal data. | Contact us with the correct information. |
Right to Erasure (“Right to Be Forgotten”) | You can request deletion of your personal data in certain circumstances. | Request deletion unless legal requirements prevent it. |
Right to Restrict Processing | You can ask us to limit how we process your data. | Request restrictions for specific data usage. |
Right to Data Portability | You can ask for your data in a machine-readable format for transfer to another service. | Request a structured data export. |
Right to Object | You can object to certain types of data processing, including marketing. | Contact us to opt out of processing. |
Rights Related to Automated Decision-Making | You can ask for human intervention if automated decisions affect you. | Contact us if an automated process impacts your rights. |
Each of these rights is subject to certain conditions and legal exemptions. If we are unable to comply with your request, we will explain the reason.
10.2 How to Access Your Data (Subject Access Requests – SARs)
You have the right to request a copy of the personal data we hold about you. This is called a Subject Access Request (SAR).
To make a SAR:
- Send an email to engage@pyyrah.com with “Subject Access Request” in the subject line.
- Include your full name and email address to help us identify your records.
- Specify whether you want a full copy of your data or specific details.
- Provide proof of identity if required for security purposes.
Response Time:
- We will respond within one month (30 days) of receiving your request.
- If your request is complex, we may extend the deadline by an additional two months.
- If we need more information to verify your identity, we will contact you.
Exemptions:
- We may be unable to share certain data if it contains confidential business information or legal records.
- If data has been anonymized, it cannot be retrieved.
10.3 How to Correct or Update Your Data (Right to Rectification)
If your personal information is incorrect, incomplete, or outdated, you can request that we correct or update it.
To request a correction:
- Email engage@pyyrah.com with your updated details.
- Specify the incorrect information and provide the correct version.
- We may ask for supporting documentation if needed.
We will update your information within 30 days, unless further verification is required.
10.4 How to Request Data Deletion (Right to Erasure – “Right to Be Forgotten”)
You have the right to request the deletion of your personal data in certain circumstances.
You can request deletion if:
- The data is no longer necessary for the purpose it was collected.
- You withdraw your consent for marketing or other optional services.
- You object to processing and there is no overriding legitimate interest.
- Your data was processed unlawfully.
We may deny deletion requests if we must keep the data for:
- Legal compliance, such as tax, fraud prevention, or record-keeping.
- Defending legal claims or dispute resolution.
To request deletion, email engage@pyyrah.com with “Data Deletion Request” in the subject line.
10.5 How to Restrict Processing of Your Data
You can ask us to restrict the processing of your personal data in the following situations:
- You contest the accuracy of your data and we need time to verify it.
- Your data is being processed unlawfully, but you do not want it deleted.
- We no longer need your data, but you require it for a legal claim.
- You have objected to processing, and we are considering whether we have legitimate grounds to continue.
During the restriction period, we will store your data but will not use it unless required by law.
To make a restriction request, email engage@pyyrah.com.
10.6 How to Transfer Your Data (Right to Data Portability)
You can request that we provide your personal data in a structured, machine-readable format (such as CSV or JSON) so that you can transfer it to another service provider.
This applies if:
- The data was provided by you.
- The data is processed based on consent or contractual necessity.
- Processing is carried out by automated means.
To request a data transfer, email engage@pyyrah.com with “Data Portability Request” in the subject line.
10.7 How to Object to Data Processing
You can object to processing in these cases:
- Marketing purposes – You can object to direct marketing at any time.
- Legitimate interests – If we rely on this basis for processing, you can object if you feel it impacts your rights.
- Profiling and automated decision-making – You can request human intervention in automated decisions.
If we have compelling legitimate grounds for continuing processing, we may decline your request. We will provide an explanation if this occurs.
To object, email engage@pyyrah.com with “Objection to Data Processing” in the subject line.
10.8 Automated Decision-Making and Profiling
We may use automated decision-making and profiling for marketing and website personalization.
- We do not use AI or algorithms to make legally binding decisions about individuals.
- If automated processing significantly affects you, you can request human intervention.
If you believe an automated process has unfairly impacted you, email engage@pyyrah.com.
10.9 How to File a Complaint
If you believe we have not handled your data properly, you can:
- Contact Us First:
- Email engage@pyyrah.com explaining your concerns.
- We will respond within 30 days and work to resolve the issue.
- Complain to the UK Information Commissioner’s Office (ICO):
- If we do not resolve your concern, you can file a complaint with the ICO.
- Visit www.ico.org.uk or call 0303 123 1113 for more details.
10.10 Summary of Your Rights
- You can access, correct, delete, or restrict processing of your data.
- You can opt-out of marketing and object to profiling.
- You can request data portability if you need your data transferred.
- You have the right to human intervention if automated decisions impact you.
- You can file a complaint if you believe your data rights are not being upheld.
For any data-related requests, email engage@pyyrah.com.
11. Contact Us
Pyyrah Limited is committed to transparency and ensuring that you have a clear way to contact us for any privacy-related inquiries, concerns, or requests regarding your personal data. This section provides details on how you can get in touch with us, what types of inquiries we handle, and how we respond to different types of data-related requests.
11.1 How to Contact Us
If you have any questions about this Privacy Notice, need to exercise your data protection rights, or have concerns about how your personal data is handled, you can contact us using the following details:
Company Name: Pyyrah Limited
Email: engage@pyyrah.com
Postal Address: [Insert Business Address]
Website: www.pyyrah.com
We recommend contacting us by email for the fastest response.
11.2 Types of Inquiries We Handle
You can contact us for the following reasons:
1. General Privacy Questions
If you have questions about how we collect, use, or store personal data, we are happy to provide further clarification.
2. Data Subject Rights Requests
As explained in Section 10, you have specific rights under the UK GDPR. You can contact us to:
- Request access to your personal data.
- Correct or update inaccurate information.
- Request deletion of your data where applicable.
- Restrict or object to certain types of processing.
- Request data portability.
3. Marketing Preferences and Opt-Out Requests
If you no longer wish to receive marketing communications from us, you can:
- Click the unsubscribe link in marketing emails.
- Contact us at engage@pyyrah.com to update your preferences.
4. Security Concerns or Suspected Data Breach
If you believe your personal data has been compromised, leaked, or misused, contact us immediately at engage@pyyrah.com with the subject line “Data Security Concern”.
We will investigate the issue and, if necessary, notify you and the relevant authorities following our Data Breach Response Plan (outlined in Section 8).
5. Complaints and Dispute Resolution
If you are dissatisfied with how we have handled your personal data, you can:
- Contact us directly at engage@pyyrah.com and allow us to resolve your issue.
- If you are not satisfied with our response, you can escalate the matter to the UK Information Commissioner’s Office (ICO).
11.3 Response Times for Inquiries
We aim to respond to all inquiries within the following timeframes:
Type of Inquiry | Response Time |
General Privacy Questions | Within 7 business days |
Data Subject Rights Requests | Within 30 days |
Marketing Opt-Out Requests | Within 3 business days |
Security Breach Reports | Within 48 hours |
Complaints | Initial response within 14 days |
If a request is particularly complex, we may require additional time, but we will notify you if this is the case.
11.4 How to Contact the UK Information Commissioner’s Office (ICO)
If you are not satisfied with how we have handled your data or if you believe we are not complying with data protection laws, you have the right to file a complaint with the UK Information Commissioner’s Office (ICO).
ICO Contact Details:
- Website: www.ico.org.uk
- Phone: 0303 123 1113
- Postal Address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Before contacting the ICO, we encourage you to reach out to us first so we can try to resolve your concern.
11.5 Summary of Contact Procedures
- Use engage@pyyrah.com for all privacy-related inquiries.
- Expect a response within 7 to 30 days, depending on the request type.
- Contact us if you need to update, access, or delete your personal data.
- If you suspect a data breach, report it immediately.
- If you are not satisfied with our response, you can file a complaint with the ICO.
For any further questions, reach out to engage@pyyrah.com.