Privacy Policy
Last updated: 16 October 2025
1. Introduction
Numen Technology ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website numentechnology.co.uk and use our services.
In Plain English: We only collect data that helps us provide better service to you. We're transparent about what we collect and give you full control over your privacy preferences.
Company Details:
Numen Technology
Company No. 13262519
Registered in England and Wales
Numen Technology Limited, 86-90 Paul Street, London, United Kingdom, EC2A 4NE
2. Information We Collect
2.1 Personal Information You Provide
When you submit our contact form, we collect:
- First name and last name (required)
- Email address (required)
- Company name (optional)
- Phone number (optional)
- Message/inquiry details (optional)
2.2 Automatically Collected Information
Vercel Analytics and Speed Insights: We use Vercel Analytics and Speed Insights to understand website usage and performance. These services collect anonymous, aggregated data including:
- Page views and navigation patterns
- Referral sources (where visitors came from)
- Device type and browser information
- Geographic location (country/region level only)
- Website performance metrics (Core Web Vitals: page load speed, interactivity, visual stability)
Both Vercel Analytics and Speed Insights are privacy-friendly and do not use cookies or track individual users across websites. No personally identifiable information is collected. Learn more at: Vercel Analytics Privacy Policy and Vercel Speed Insights Privacy Policy
Server Logs: Our hosting provider (Vercel) automatically collects certain technical information for security, performance monitoring, and troubleshooting purposes:
- IP addresses (anonymized after 7 days)
- Browser type and version
- Operating system
- Pages visited and time spent
- Date and time of access
- Referring website addresses
Legal Basis: Legitimate interest in maintaining security, preventing abuse, and ensuring proper website functionality. Server logs are retained for up to 30 days and then automatically deleted.
2.3 Cookies
We use cookies and similar tracking technologies to improve your browsing experience, analyze site traffic, and understand where our visitors are coming from. You can control your cookie preferences at any time using our cookie consent banner.
What are cookies?
Cookies are small text files that are placed on your device when you visit a website. They are widely used to make websites work more efficiently, provide information to website owners, and enhance your browsing experience.
Necessary Cookies
Essential cookies required for the website to function properly.
These cookies are essential for the website to function and cannot be disabled.
We do not use any necessary cookies. Your consent preferences are stored in your browser's local storage.
Analytics Cookies
Help us understand how visitors use our website to improve your experience.
| Cookie Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| _ga | Google Analytics | Identifies unique visitors | 2 years | HTTP |
| _ga_* | Google Analytics | Counts page views | 2 years | HTTP |
| _gid | Google Analytics | Identifies visitors for 24 hours | 24 hours | HTTP |
| _clck | Microsoft Clarity | Stores user ID and preferences | 1 year | HTTP |
| _clsk | Microsoft Clarity | Connects page views in a session | 1 day | HTTP |
| CLID | Microsoft Clarity | Identifies returning visitors | 1 year | HTTP |
| hubspotutk | HubSpot | Tracks visitor identity and page views | 13 months | HTTP |
| __hstc | HubSpot | Tracks visitor sessions | 13 months | HTTP |
| __hssc | HubSpot | Tracks session information | 30 minutes | HTTP |
| __hssrc | HubSpot | Detects session restarts | Session | HTTP |
Marketing Cookies
Help us show you relevant ads and measure their effectiveness.
| Cookie Name | Provider | Purpose | Expiry | Type |
|---|---|---|---|---|
| _gcl_au | Google Ads | Tracks conversions from ad campaigns | 3 months | HTTP |
| _gcl_aw | Google Ads | Measures ad click performance | 3 months | HTTP |
| _gac_* | Google Ads | Stores campaign information | 90 days | HTTP |
| li_gc | Stores cookie consent status | 6 months | HTTP | |
| lidc | Optimizes network routing | 1 day | HTTP | |
| UserMatchHistory | Tracks ad conversion events | 30 days | HTTP | |
| bcookie | Identifies browser for advertising | 1 year | HTTP | |
| li_sugr | Enables B2B ad targeting | 3 months | HTTP |
How to manage cookies
You can control and manage cookies in several ways:
- Cookie Banner: Use our cookie consent banner to accept or reject specific categories of cookies.
- Browser Settings: Most browsers allow you to refuse or delete cookies. Please note that disabling cookies may affect the functionality of our website.
- Third-Party Tools: You can opt out of certain third-party cookies through industry opt-out mechanisms like Digital Advertising Alliance.
3. How We Use Your Information
3.1 Contact Form Data
We use the information you provide through our contact form for the following purposes:
- To respond to your inquiries and provide customer support
- To communicate with you about our services
- To process and manage business relationships
- To comply with legal obligations
Legal Basis: We process your data based on your consent (when you submit the form) and our legitimate business interests in responding to inquiries and providing services.
3.2 Cookie Data
We use cookies and similar tracking technologies for the following purposes:
- Essential Cookies: To remember your cookie preferences and enable core website functionality
- Analytics Cookies: To understand how visitors interact with our website, identify popular content, and improve user experience
- Marketing Cookies: To deliver personalized advertising, measure ad performance, and enable retargeting
Legal Basis: Essential cookies are necessary for the website to function (legitimate interest). Analytics and marketing cookies are only set with your explicit consent, which you can withdraw at any time.
Manage Your Preferences: You can change your cookie settings at any time by clicking "Cookie Settings" in the footer of any page.
4. Third-Party Data Processing
We work with trusted third-party service providers to help us deliver our services. All our data processors are GDPR-compliant and have signed Data Processing Agreements (DPAs) with us to protect your data.
4.1 HubSpot (CRM and Analytics)
We use HubSpot for two purposes:
- Contact Form Storage (No consent required): When you submit our contact form, your information is sent to and stored in HubSpot CRM, our customer relationship management system. This is necessary to respond to your inquiry.
- Website Analytics (Requires analytics consent): With your analytics consent, HubSpot tracking code monitors website visitor behavior, page views, and form interactions to help us improve user experience.
Data Location: EU data center (GDPR-compliant)
Cookies Set: hubspotutk, __hstc, __hssc, __hssrc (only with analytics consent)
Privacy Policy: HubSpot Privacy Policy
4.2 Analytics and Advertising Services
With your consent, we use third-party analytics and advertising services to understand website usage and deliver relevant advertising. These services only load if you accept analytics or marketing cookies.
Google Analytics (GA4)
Website analytics and user behavior insights
Requires: Analytics consent •Privacy Policy
Microsoft Clarity
Heatmaps, session recordings, and behavior analytics
Requires: Analytics consent •Privacy Policy
HubSpot Tracking
Website visitor tracking and form submission analytics
Requires: Analytics consent •Privacy Policy
Google Ads
Conversion tracking and campaign performance measurement
Requires: Marketing consent •Privacy Policy
LinkedIn Insight Tag
B2B advertising and conversion tracking
Requires: Marketing consent •Privacy Policy
4.3 Hosting
Our website is hosted on Vercel, which may process technical data (such as IP addresses) for the purposes of delivering the website. Vercel is GDPR-compliant and participates in the EU-US Data Privacy Framework.
5. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
Data Retention Schedule
| Data Type | Retention Period | Legal Basis |
|---|---|---|
| Contact form leads (name, email, phone, company, message) | 2 years from last contact | Legitimate interest in business relationship management |
| Active business relationships (customers, prospects) | Duration of relationship + 2 years | Contract performance and legitimate interest |
| Cookie consent records (preferences, timestamp) | Stored in browser until cleared or 2 years of inactivity | Legal obligation (GDPR consent tracking) |
| Google Analytics data (anonymized usage patterns) | 26 months (Google default) | Consent-based analytics |
| Microsoft Clarity data (session recordings, heatmaps) | 12 months | Consent-based analytics |
| HubSpot tracking data (visitor behavior, page views, form interactions) | 13 months (HubSpot default) | Consent-based analytics |
| Email correspondence (business inquiries, support) | 7 years | Legal obligation (UK tax law, potential disputes) |
| Server logs (IP addresses, access logs) | 30 days (IP anonymized after 7 days) | Legitimate interest in security and fraud prevention |
| Deleted data in backups | Up to 30 days | Technical necessity for disaster recovery |
Data Deletion: When the retention period expires, we securely delete or anonymize your personal data. You can also request early deletion by exercising your "Right to Erasure" (see Section 6).
Legal Hold: In some cases, we may be legally required to retain data for longer periods (e.g., ongoing legal proceedings, regulatory investigations, or tax audits). We will inform you if this applies to your data.
6. Your Rights Under GDPR
If you are a resident of the European Economic Area (EEA) or UK, you have the following data protection rights:
- Right to Access: You can request a copy of the personal data we hold about you
- Right to Rectification: You can request that we correct inaccurate or incomplete data
- Right to Erasure ("Right to be Forgotten"): You can request that we delete your personal data
- Right to Restrict Processing: You can request that we limit how we use your data
- Right to Data Portability: You can request a copy of your data in a structured, machine-readable format
- Right to Object: You can object to our processing of your personal data
- Right to Withdraw Consent: You can withdraw your consent at any time (e.g., through our cookie settings)
- Right to Lodge a Complaint: You can file a complaint with the Information Commissioner's Office (ICO) if you believe your rights have been violated
How to Exercise Your Rights
To exercise any of these rights, please contact our Data Protection team:
- Email: privacy@numentechnology.co.uk
- Subject Line: "Data Protection Request - [Your Request Type]"
Subject Access Request Process
- Submit Your Request: Email privacy@numentechnology.co.uk with details of your request
- Identity Verification: We'll ask you to verify your identity (to protect your data from unauthorized access)
- Data Search: We'll search all our systems (HubSpot CRM, email, analytics) for your personal data
- Data Export: We'll compile a comprehensive report of all data we hold about you
- Response: We'll send you the report within 30 days (1 month from receipt of your request)
What Information You'll Receive
Your Subject Access Request response will include:
- All personal data we hold about you
- The purposes for processing your data
- The categories of data we process
- Who we share your data with (if anyone)
- How long we'll retain your data
- Your rights regarding your data
Response Time: We will respond to your request within 30 calendar days as required by UK GDPR. If your request is complex or we receive multiple requests from you, we may extend this period by a further 2 months, but we'll let you know within the first month if this is necessary.
No Fee: Subject Access Requests are free of charge unless your request is manifestly unfounded, excessive, or repetitive, in which case we may charge a reasonable administrative fee or refuse to act on the request.
7. Data Security
We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.
7.1 Security Measures
Our security measures include:
- Encryption in Transit: All data transmissions use HTTPS/TLS 1.3 encryption
- Encryption at Rest: Data stored by our third-party processors (HubSpot, Google, Microsoft) is encrypted
- Access Controls: Strict access controls limit data access to authorized personnel only
- Regular Updates: We maintain up-to-date software and security patches
- Secure Development: Environment variables for API keys, no sensitive data in code repositories
- Third-Party Security: All data processors are ISO 27001 and/or SOC 2 certified
7.2 Data Breach Notification
In the unlikely event of a data breach that affects your personal information, we are committed to transparency and swift action in accordance with UK GDPR requirements.
Our Breach Response Process
- Detection & Assessment - Identify the breach and assess its scope and severity
- Containment - Immediately contain the breach to prevent further data exposure
- ICO Notification - Notify the Information Commissioner's Office (ICO) within 72 hours of discovery if the breach poses a risk to individuals' rights and freedoms
- User Notification - Notify affected individuals without undue delay if the breach is likely to result in a high risk to their rights and freedoms
- Remediation - Take immediate steps to mitigate the impact and prevent future occurrences
- Documentation - Maintain detailed records of the breach, our response, and lessons learned
What We'll Tell You: If we are required to notify you of a breach, our notification will include:
- The nature of the personal data breach
- The categories and approximate number of data subjects affected
- The likely consequences of the breach
- The measures we have taken or propose to take to address the breach
- Contact details for our privacy team (privacy@numentechnology.co.uk)
- Recommendations for steps you can take to protect yourself (if applicable)
Your Right to Report: If you believe a breach has occurred or have concerns about how we handled a breach, you can report it directly to the ICO at ico.org.uk/make-a-complaint
8. International Data Transfers
Your data may be transferred to and processed in countries outside the EEA/UK. When we do so, we ensure appropriate safeguards are in place.
Our Data Transfer Safeguards
- HubSpot CRM: Data stored in EU data center (no international transfer)
- Google (Analytics & Ads): Standard Contractual Clauses (SCCs) + EU-US Data Privacy Framework
- Microsoft Clarity: Standard Contractual Clauses (SCCs)
- LinkedIn: Standard Contractual Clauses (SCCs)
- Vercel (Hosting): EU-US Data Privacy Framework participation
All data transfers comply with UK GDPR requirements for international data protection.
9. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with personal data, please contact us.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.
11. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: hello@numentechnology.co.uk
Address:
Numen Technology Limited
86-90 Paul Street
London
EC2A 4NE
United Kingdom
12. Complaints
If you believe we have not handled your personal data in accordance with applicable data protection laws, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: https://ico.org.uk