Data Privacy Policy


We appreciate your trust in giving us some information about you. You can trust us and expect us to use your information responsibly.

Please send us an email if you have questions or concerns about how we use your data, or if you have comments or suggestions about this Policy. 

Policy updates: 

This policy may be updated periodically, as we review and revise it regularly. Check back here to see the most recent changes. 

Who are we?

Name: Atta Sidhu
Trading Name: Zaoax Ltd
Email address for official notices:

Date this Policy last updated: 07 April 2021

 Words with particular meaning

In this Policy, there are words and phrases that have a specific meaning or that we are using in a special way. They are:
“personal data” – any information about an identifiable living human being
“process” – we “process” your personal data when we do anything with it, which might include: collecting, recording, organising, storing, adapting, altering, retrieving, using, combining, disclosing, or deleting it.
“Special category data” – personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sex life or sexual orientation, health, genetic or biometric data.

Description of this policy

This policy describes how we will collect and use personal data about you.

We process information about:
“Prospects” – potential customers or referrers;
“Customers” – who have bought goods or services from us;
“Suppliers”, “Associates” – suppliers or potential suppliers of goods or services to us;
“Affiliates” – who have signed up to our affiliate scheme (if we have one).

The kind of information we process, and why?


 The majority of the information we process comes from you. We process them so we can respond to you, and if you contact us again, we’ll remember what you asked before, what was sent, and what you told us.

Generally, the information we collect includes name, contact details, and how we found you via social media or other freely available sources, as well as reasons why you might be interested in our products or services or an appropriate contact for our organization.

A copy of any email sent to us using our business email addresses, or if we email you individually using our own email system, will also be stored.

You can submit an inquiry via our website, and we will keep details of the inquiry and response for our data retention period.

Special categories are not routinely kept by us. In the case where we have it, we received it from you or made it publicly available.


After you purchase something from us, we collect information about you at the point of sale.

 In order to provide what we have contracted to, invoice you, and keep records of our business relationship, we collect your email address, phone number, and postal address.

Your data is processed to support the delivery of goods and services you have purchased. As a result of the goods/services provided to you, and the information you give us, we can offer you support when needed and advise you of any additional services you may need.

Financial and credit card details – We do not receive or store your credit card details. Credit card payments are handled by an external secure processor in accordance with their data security policies.

Our processor provides us with limited information about your payment so that we can link it to your invoice. In the case of direct transfers or BACS payments, we know only what the bank tells us, which is normally the name of the person who made the payment, the amount, and the reference number.

Credit scores are not routinely kept nor are credit reference agencies used.

We are operating under the banner of our customer’s data privacy policy when we process your data on behalf of the customer. If you contact us, we will refer you to them, as they are the ‘data controller’ in charge of handling your inquiry. The information will be passed on to you by our customer.

Suppliers and Associates

Our company collects data on potential and actual suppliers and associates. The majority of this info comes from you, but we add the same kind of data we use. 

We keep a copy of the contract between us and your bank details in case you become a supplier or associate. Invoices and payments are also recorded for accounting purposes.

You should keep a record of all the work you have done for us/our clients, along with any comments, reviews, or suggestions related to that work (if any), including complaints (if any), and the resolution of those complaints.

We need all of this information to manage our customer relationships and supply chain.


We will maintain affiliate data in accordance with this policy if we set up an affiliate scheme. When you apply, we will ask for your information and we will keep it for the purposes of administering the affiliate program.

Data Sharing – 3rd Parties

No personal information about you will be sold or exchanged with organizations that may want to sell you something or use it for research or other purposes.


Our business keeps a list of the software platforms we use. We are happy to provide you with a list of all the platforms we use.


Our own business has an outsourced support team, including virtual assistants, web designers, information technology specialists, sales and marketing professionals, accountants, and more. They have limited access to your data, where the service they provide to us requires them to have it.

As an example, if our IT support wants to check out the functionality of a laptop or back up, they may need temporary access to your information.

In the event that we invoice you, our Accountant would need to process the invoice’s information.

We keep your information/advice strictly confidential. All of our team members are bound by strict confidentiality agreements.

Where do you store your data?

As with most small businesses, we have no tailor-made software – we rely on mainstream packages for everything from customer data to emails to accounting.

Therefore, some of your data may be stored in the EEA, while some may be stored in the USA (with adequate data privacy shields) or elsewhere. We have chosen mainstream suppliers with appropriate security standards.

Retention periods

 Our retention policy specifies how long we will keep your information.

In order to satisfy HMRC and our insurers, we need to keep customer information for a reasonable amount of time. Our sales inquiry system keeps information on prospective customers long enough to be effective.

Your rights

It is your right to know what information we are collecting about you, and to correct it if it is inaccurate.

If you feel that we are keeping information that we should not, or it is outdated or otherwise incorrect, please let us know. We will act accordingly.

The majority of the information we collect is not based on individual consent, but on our need to maintain our business and provide our products and services.

We will be happy to let you know what information we have about you (if any) if you email us at the email address shown above and give us your name and email address(es) so that we can retrieve the information that we have on you and how we are using or have used it.

The “right to be forgotten” does have some legal limitations. Please let us know if you want us to remove information about you. Please note that we may not be able to remove all data as we will need to ensure that we continue to meet our legal, accounting, taxation, and insurer’s requirements.


Please contact us at the email address set out above if you have a complaint regarding our handling of your information or how we responded to a request for information or removal.

If we are unable to resolve it, the Information Commissioner for the UK is the appropriate supervisory authority for us. 

You can contact them here.