Last updated: 1 March 2026
This Privacy Policy explains how Crux Intelligence LTD ("Crux", "we", "us", "our"), a company registered in England, collects, uses, and protects your personal data when you use the Crux platform ("the Service"). We process your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
Crux Intelligence LTD is the data controller for the personal data processed through the Service. For any data protection enquiries, contact us at privacy@getcrux.co.uk.
We collect and process the following categories of personal data: (a) Account information — such as your name, email address, and password. (b) Content you create — data you input, upload, or generate while using the Service. (c) Technical data — information collected automatically when you use the Service, such as session data and browser information, used for security and service operation. (d) Communications — information you provide when contacting our support team or subscribing to communications.
We process your personal data on the following legal bases under UK GDPR: (a) Contract performance (Article 6(1)(b)) — processing necessary to provide the Service to you. (b) Consent (Article 6(1)(a)) — for optional features such as analytics cookies, marketing communications, and push notifications. You may withdraw consent at any time. (c) Legitimate interests (Article 6(1)(f)) — for security, fraud prevention, and service improvement. We have assessed that these interests do not override your fundamental rights and freedoms.
We use your personal data to: (a) provide, operate, and maintain the Service; (b) retrieve information from publicly available data sources relevant to your use of the Service; (c) send you transactional communications related to your account; (d) send you marketing communications where you have opted in; (e) monitor and improve the security, performance, and reliability of the Service; and (f) respond to your enquiries and support requests.
We do not sell your personal data. We share data with third-party service providers only as necessary to operate the Service, including providers of hosting, email delivery, security infrastructure, and analytics (with your consent). We may also query publicly available data sources on your behalf. Each provider is bound by their own data processing terms and we select providers who maintain appropriate security measures. A list of current sub-processors is available on request by contacting privacy@getcrux.co.uk.
Your data may be processed outside the United Kingdom by our service providers. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the Information Commissioner's Office, or transfers to countries with an adequacy decision.
We retain your personal data only for as long as necessary for the purposes set out in this policy. Account data is retained while your account is active. Following account deletion, personal data is permanently deleted within 30 days, except where retention is required by law. Security logs are retained for a limited period for monitoring purposes and then purged.
Under UK GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure; request data portability; restrict processing; object to processing based on legitimate interests; and withdraw consent at any time without affecting the lawfulness of prior processing. To exercise any of these rights, contact us at privacy@getcrux.co.uk. We will respond within 30 days.
We use cookies and browser storage for essential functionality and, with your consent, for analytics. For full details, see our Cookie Policy at /cookies.
We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit, access controls, and security monitoring. No system is completely secure, and we cannot guarantee absolute security. If you discover a security vulnerability, please report it to security@getcrux.co.uk.
The Service is not directed at individuals under 18. We do not knowingly collect personal data from children.
We may update this Privacy Policy from time to time. If we make material changes, we will notify you at least 30 days before they take effect. The "Last updated" date at the top of this page will be revised accordingly.
Contact us at privacy@getcrux.co.uk. You also have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk).