Privacy Policy

Last updated: 28 August 2025

1. Who We Are & Scope

This Privacy Policy explains how Praxima (“Praxima”, “we”, “us”, “our”) collects, uses, discloses, and protects personal data when you visit our websites (including www.praxima.com), interact with our forms, download content, subscribe to communications, or engage with our digital services (together, the “Services”).

For purposes of the EU GDPR, UK GDPR, and POPIA, Praxima is the data controller for the processing described in this Policy.

2. Data We Collect

We collect the following categories of data, depending on how you interact with us:

Identity & Contact Data: name, job title, company, business email, business phone.
Company & Project Data: country/countries of operation, approximate employee numbers, and high-level payroll or compliance needs you choose to share in enquiries or downloads.
Communications Data: inquiries, preferences, meeting notes, and your subscriptions (e.g., newsletters, country guides).
Usage & Device Data: pages viewed, referring URLs, timestamps, IP address, browser/OS, and interaction events (e.g., clicks), collected via cookies or similar technologies.
Consent & Preference Data: your marketing consents, cookie choices, and related records.

We do not intentionally collect special category data via the website (e.g., health information) and request that you do not submit it through forms or uploads.

3. Sources of Personal Data

Directly from you when you complete forms, request content, book meetings, or communicate with us.
Automatically through cookies and similar technologies when you use our Services.
From third parties such as referral partners or publicly available business sources (e.g., professional profiles, company websites, trade directories) where lawful.

4. Our Legal Bases

Where GDPR/UK GDPR applies, we rely on the following legal bases:

Consent (e.g., for certain marketing communications and non-essential cookies).
Legitimate Interests (e.g., to operate, secure, and improve the Services; respond to enquiries; develop our business; defend legal claims). We balance our interests against your rights.
Contract (e.g., to take steps at your request prior to entering into a contract).
Legal Obligations (e.g., to comply with applicable laws and regulatory requests).

Where POPIA applies, we process personal information lawfully, reasonably, and minimally, with due regard to purpose specification and information quality principles.

5. How We Use Personal Data

Respond to enquiries and provide requested information (e.g., country guides, brochures).
Operate and improve our websites and Services, including analytics, troubleshooting, and security.
Personalize content and recommend material relevant to your stated interests.
Send service communications (e.g., important updates to this Policy or our Services).
Send marketing communications where permitted by law and your preferences.
Maintain records for audits, compliance, and to establish or defend legal claims.

6. Marketing Preferences

Where required by law, we obtain your consent before sending marketing emails. You can withdraw consent or opt out at any time using the unsubscribe link in our emails or by contacting us (see Contact Us). We will continue to send essential service notices where necessary.

7. Cookies & Tracking

We use cookies and similar technologies to operate the site, enable security, perform analytics, remember your preferences, and measure campaigns.

Strictly Necessary – required for core functionality and security.
Analytics – help us understand site usage and improve performance.
Marketing – help us tailor and measure communications and content.

We use trusted service providers to support these functions, including (non-exhaustive):

Key service providers (expand)

HubSpot (forms, CRM, marketing automation, cookie consent). If deployed in the EU region, scripts may load from js-eu1.hs-scripts.com. Review HubSpot’s privacy/DPA in your account.
Webflow (site hosting and delivery). Review Webflow’s privacy/security and, where applicable, DPA.

You can manage non-essential cookies via our banner or your browser settings. To reopen the banner and adjust preferences now, use: Cookie Settings

8. Retention

We keep personal data only as long as necessary for the purposes described above (e.g., handling your enquiries, complying with law, maintaining records). We apply documented retention periods and delete or anonymize data when it is no longer needed.

10. Security

We implement technical and organizational measures appropriate to the risk, including access controls, MFA where applicable, encryption in transit (HTTPS), security monitoring, and staff confidentiality commitments. No system can be 100% secure, but we work to protect personal data against unauthorized access, use, alteration, or loss.

11. Your Rights

Depending on your location, you may have rights such as: access, rectification, erasure, restriction, objection, portability, and withdrawal of consent. You also have the right to lodge a complaint with a supervisory authority (e.g., the ICO in the UK, an EU DPA, or the Information Regulator in South Africa).

EU/UK: GDPR/UK GDPR rights; complaint to your local DPA or the UK ICO.
South Africa: POPIA rights; complaint to the Information Regulator (South Africa).

To exercise your rights, contact us using the details in Contact Us. We may need to verify your identity before responding.

12. Children

Our Services are intended for business and professional users. We do not knowingly collect personal data from children.

13. Changes to This Policy

We may update this Policy from time to time to reflect legal, technical, or business developments. When we update it, we will revise the “Last updated” date above. If changes materially affect your privacy rights, we will take reasonable steps to notify you.

14. Contact Us

For questions, requests, or complaints regarding this Policy or our handling of personal data, please contact our privacy team:

Email: privacy@praxima.com