Privacy Policy
Effective date: 1 April 2026
This privacy policy explains how Datafly (“we”, “us”, “our”) collects, uses, and protects your personal data when you visit www.dataflysignal.com (the “Website”). Datafly is a company registered in England and Wales. We are committed to protecting your privacy and processing your data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data Controller
The data controller for information collected through this Website is Datafly. If you have any questions about how we handle your data, you can contact us at [email protected].
2. What Data We Collect
We collect the following categories of personal data through this Website:
2.1 Website Analytics Data
When you visit this Website, we collect anonymous usage data to understand how visitors interact with our content. This includes pages visited, time spent on pages, referral source, browser type, device type, and approximate geographic location (country/region level). This data is collected via our own first-party analytics technology (Datafly Signal) and is processed entirely on infrastructure owned and operated by Datafly. No data is shared with third-party analytics providers.
2.2 Contact Form Submissions
If you submit a contact form or request a demo, we collect the information you provide, which may include your name, email address, company name, job title, phone number, and message content. This data is used solely to respond to your enquiry and, where you have consented, to send you information about our products and services.
3. Cookies
This Website uses only first-party cookies. We do not use any third-party tracking scripts, advertising pixels, or cross-site tracking technologies. The cookies we use are:
| Cookie | Purpose | Type | Duration |
|---|---|---|---|
| _dfid | Datafly anonymous visitor identifier. A randomly generated, opaque ID used to associate events from the same browser for first-party analytics. Does not contain personally identifiable information. | First-party | 400 days |
| _dfdid | Datafly device recognition identifier. Used to recognise the same device across sessions for analytics and fraud-prevention purposes. Does not contain personally identifiable information. | First-party | 400 days |
| df_consent | Stores your cookie consent preferences so we can respect your choices on subsequent visits. | First-party | 365 days |
You can manage or delete cookies through your browser settings at any time. Disabling cookies may affect the functionality of certain parts of the Website.
4. Legal Basis for Processing
We process your personal data on the following legal bases under Article 6 of the UK GDPR:
- Legitimate interest (Article 6(1)(f)): We use anonymous analytics data to understand website usage patterns and improve our content and services. This processing is minimally intrusive, uses no third-party trackers, and is balanced against your right to privacy.
- Consent (Article 6(1)(a)): Where you opt in to receive marketing communications from us, we process your contact details on the basis of your freely given consent. You may withdraw consent at any time.
- Contractual necessity (Article 6(1)(b)): When you submit a contact form or demo request, we process your data as necessary to respond to your enquiry and take pre-contractual steps at your request.
5. How We Use Your Data
We use the data we collect for the following purposes:
- To analyse website traffic and improve our content and user experience
- To respond to your enquiries and demo requests
- To send marketing communications where you have consented
- To detect and prevent security threats or abuse of the Website
- To comply with legal obligations
6. Data Sharing and Third Parties
We do not sell, rent, or trade your personal data. All analytics data is processed on Datafly's own infrastructure using our first-party technology. No data collected through this Website is sent to third-party analytics, advertising, or tracking services.
We may share your data with the following categories of recipients only where necessary:
- Infrastructure providers: Our servers are hosted in the United Kingdom and European Union. Hosting providers process data on our behalf under data processing agreements.
- Professional advisors: Legal, accounting, or audit professionals where required.
- Law enforcement: Where we are legally required to disclose data in response to a valid legal request.
7. Data Retention
We retain your data only for as long as necessary for the purposes described in this policy:
- Analytics data: Aggregated and anonymised data is retained indefinitely. Raw event data is retained for up to 13 months and then automatically deleted.
- Contact form submissions: Retained for up to 24 months after your last interaction with us, unless you request earlier deletion.
- Marketing consent records: Retained for as long as we process your data for marketing purposes, plus 6 months after withdrawal of consent for audit purposes.
8. International Data Transfers
Your data is processed and stored on servers located in the United Kingdom and the European Union. We do not transfer your personal data outside of the UK and EU. If this changes in the future, we will ensure appropriate safeguards are in place, such as Standard Contractual Clauses or an adequacy decision, and will update this policy accordingly.
9. Your Rights
Under the UK GDPR, you have the following rights in relation to your personal data:
- Right of access: You may request a copy of the personal data we hold about you.
- Right to rectification: You may request that we correct any inaccurate or incomplete personal data.
- Right to erasure: You may request that we delete your personal data, subject to any legal obligations we have to retain it.
- Right to restrict processing: You may request that we limit the processing of your data in certain circumstances.
- Right to data portability: You may request that we provide your data in a structured, commonly used, machine-readable format.
- Right to object: You may object to our processing of your data where we rely on legitimate interest as the legal basis.
- Right to withdraw consent: Where processing is based on consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month.
10. Complaints
If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection. You can contact the ICO at ico.org.uk or by calling 0303 123 1113.
11. Children's Privacy
This Website is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.
12. Changes to This Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the effective date at the top of this page. We encourage you to review this policy periodically.
13. Contact Us
If you have any questions about this privacy policy or our data practices, please contact us:
Datafly
Email: [email protected]