top of page
GDPR Guidelines

Effective Date: 10/05/2025

​

The following outlines how Waxlytical adheres to GDPR when handling data owned by our clients. For our policy on how we handle information relating to our clients themselves, please refer to our Privacy Policy.

 
1. Introduction

​

At Waxlytical, we are committed to protecting the privacy and personal data of our clients, partners, employees, and website visitors. This GDPR Privacy Policy explains how we collect, use, share, and protect personal data in accordance with the General Data Protection Regulation (EU) 2016/679 (GDPR).

​

2. Who We Are

​

Waxlytical is a data analytics company specializing in predictive modeling, customer insights, marketing analytics, etc. We process personal data on behalf of clients and for our own business operations.

​

3. Data We Collect

 

  • Client Data: Contact details (name, email, job title, phone number), billing information, usage data, and communication history.

  • End-User Data (on behalf of clients): Personal identifiers (e.g., email, IP address), behavioral data, and transaction records.

  • Website Data: IP address, cookies, browser type, time zone, and pages visited.

  • Employee and Contractor Data: HR records, payroll data, and background checks.

​

4. Legal Basis for Processing

​

  • Consent (Article 6(1)(a))

  • Contract performance (Article 6(1)(b))

  • Legal obligation (Article 6(1)(c))

  • Legitimate interests (Article 6(1)(f))

​

5. How We Use Personal Data

​

  • Providing analytics services to clients

  • Managing customer relationships

  • Marketing and communication

  • Internal analysis and research

  • Legal compliance and security
     

6. Data Sharing and Transfers

​

  • Service providers and sub-processors

  • Clients (when acting as a data processor)

  • Regulatory authorities

  • International Transfers: SCCs or equivalent safeguards

​

7. Data Retention

​

We retain personal data as long as necessary for the purposes for which it was collected or as required by law.

​

8. Data Subject Rights

​

  • Right of access, rectification, and erasure

  • Restriction and objection to processing

  • Data portability

  • Withdrawal of consent

  • Complaint to supervisory authority

​

Email: hello@waxlytical.com

​

9. Security Measures

​

We implement appropriate security measures including encryption, access controls, audits, and staff training.

​

10. Role as Data Processor and Data Controller

​

  • Controller for internal and marketing data

  • Processor when handling client data

 

DPAs are in place per Article 28 GDPR.

​

11. Updates to This Policy

​

Policy may be updated periodically. Changes will be posted with a revised effective date.

​

12. Contact Us

 

Email: hello@waxlytical.com
 

bottom of page