Privacy Policy

This Privacy Policy explains how we collect, use, protect, and share your personal information when you visit our website, contact us, or use our services. We're committed to safeguarding your privacy and complying with the General Data Protection Regulation (GDPR) and UK data protection laws.

Who We Are

Company Name: Aurion Digital Ltd
Website: aurioncompany.com
Data Controller: Aurion Digital Ltd
Address: Aurion Digital Ltd, 3B Phoenix Business Park, Goodlass Road, Liverpool, L24 9HL, UK

What Personal Data We Collect

We collect the following types of personal data:

  • Contact Information: Name, email address, phone number
  • Technical Information: IP address, browser type, device information
  • Survey & Form Data: Responses to surveys, contact forms, and questionnaires you submit to help us understand your business needs
  • Communication Records: Emails, messages, and correspondence between you and our team

We collect this data when you:

  • Fill out our contact form
  • Subscribe to our newsletter
  • Complete surveys on our website (such as the Slingshot Workshop survey)
  • Communicate with us via email or other channels

How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To understand your business requirements and recommend appropriate ecommerce services
  • Communication: To respond to your enquiries and maintain contact with you
  • Marketing: To send you newsletters, updates, and information about our services via email
  • Research & Analysis: To conduct internal analysis and research to improve our understanding of your business and serve you better (see Section 5 for details)
  • Service Improvement: To improve our website, services, and customer experience
  • Legal Compliance: To comply with legal obligations and protect our rights

Artificial Intelligence & Automated Processing

In addition to the information you directly provide, we use artificial intelligence and automated decision-making tools to conduct background research on your business. This may include:

  • Researching your company website and online presence
  • Reviewing publicly available information (such as LinkedIn profiles and social media)
  • Analysing your business needs to better tailor our recommendations

This processing happens automatically and does not require your explicit opt-in. It is conducted internally to help us gain deeper insights into your business so we can serve you more effectively.

Legal Basis for Processing

We process your data based on the following legal grounds:

  • Contract: Where processing is necessary to provide you with services you've requested
  • Legitimate Interests: To improve our services, conduct business analysis, and maintain effective communication
  • Consent: For marketing communications (you can withdraw this at any time)
  • Legal Obligation: To comply with applicable laws and regulations

Who We Share Your Data With

We don't sell your personal data to third parties. However, we share your data with the following service providers who help us deliver our services:

  • Email & Communications: Mailgun (for transactional emails), Beehiiv (for newsletter management)
  • Customer Database: Supabase (secure cloud database hosted via Vercel)
  • Analytics: Google Analytics (to understand website usage), Sweet Analytics, Calendly (for scheduling)
  • CRM & Business Tools: Folk App, Google Workspace
  • Payment Processing: Stripe (if you make payments in the future)

All service providers are contractually obligated to protect your data and use it only for the purposes we specify. Where appropriate, we have ensured that data processing occurs within the EU/UK in accordance with GDPR requirements.

International Data Transfers

Some of our service providers may process data outside the EU/UK. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions, to protect your data in accordance with GDPR requirements.

Data Retention

We retain your personal data as follows:

  • Contact Information & Survey Data: Retained for up to 6 years from your last interaction with us, unless there is a legal or contractual reason to retain it longer (such as tax or accounting obligations)
  • Communication Records: Retained for up to 6 years
  • Technical Data (IP addresses): Retained for a shorter period in accordance with our service providers' policies

If you request deletion of your data, we will remove it within 30 days, unless we are legally required to retain it.

Your Rights

Under GDPR and UK data protection law, you have the following rights:

  • Right of Access: You can request a copy of the personal data we hold about you
  • Right of Correction: You can request that we correct inaccurate data
  • Right of Erasure: You can request deletion of your data (subject to legal exceptions)
  • Right to Restrict Processing: You can request that we limit how we use your data
  • Right to Object: You can object to certain types of processing, including marketing communications
  • Right to Data Portability: You can request your data in a structured, portable format

To exercise any of these rights, please contact us at the address below.

Marketing Communications

We use your email address to send newsletters, service updates, and information about our offerings. You can:

  • Unsubscribe: Click the unsubscribe link in any email
  • Opt Out: Email us requesting removal from our mailing list
  • Manage Preferences: Contact us to adjust the types of communications you receive

Cookies & Tracking

We don't directly use cookies or tracking technologies on our website. However, some of our third-party service providers may use cookies and tracking technologies (for example, Google Analytics uses cookies to track website usage). These are used to:

  • Understand how visitors use our website
  • Improve website performance
  • Gather anonymised analytics

You can control cookie preferences through your browser settings.

Security

We take the security of your personal data seriously. We have implemented the following measures:

  • Access Controls: Restricted access to personal data, limited to authorised staff members
  • Encryption: Use of secure, encrypted connections (HTTPS) for data transmission
  • Vendor Security: Our service providers maintain robust security controls and certifications
  • Incident Response: We maintain incident response procedures in case of any data breaches

However, no system is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

Children's Data

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If we become aware that we have collected data from a child under 13, we will promptly delete it.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by updating the "Last Updated" date at the top of this policy. Your continued use of our website constitutes your acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your data rights, or have concerns about how we process your data, please contact us:

Email: hello@aurioncompany.com
Address: Aurion Digital Ltd, 3B Phoenix Business Park, Goodlass Road, Liverpool, L24 9HL, UK
Response Time: We aim to respond to data subject requests within 30 days

Data Protection Authority: If you believe we have not handled your data in accordance with GDPR, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ICO Contact: ico.org.uk | 0303 123 1113

Last Updated: December 2025