GDPR Statement

As a third party data processor (your data which is hosted on our services) we commit to:

- Processing data solely for the purposes of providing our services: We will never use this data for anything other than the essential operation of the service i.e. not for marketing or data mining.
- Informing you should we ever use a subcontractor to process your personal data.
- Reporting any data breach to you without undue delay (caused by our actions as a processor).
- Securely storing your data and applying strict security standards and processes.
- Never storing or transferring your data outside the UK and therefore not transferred outside the EEA.

We use a number of techniques and processes to ensure that data is secured, including but not limited to;

- Vulnerability scanning
- Role-based access controls
- Firewalls and ACLs
- Network monitoring and intrusion detection
- Patch management processes

All data (not just personal data) that you host on our servers is yours and will not be used by Hex Collective for our own purposes.

Any questions, queries or requests for further information regarding our GDPR compliance should be sent to Data Protection, Hex Collective Ltd, St Brandon’s House, 29 Great George Street, Bristol, BS1 5QT