Privacy Policy – Civic Net Zero

CIVIC NET ZERO PRIVACY POLICY

Last updated: 27 October 2025

KEY DETAILS

This website privacy policy describes how Civic Net Zero Limited (“we”, “our”, “us”) protects and uses the information you give us when you use this website.

If you are asked to provide information, it will only be used in the ways described in this policy.

We may update this policy from time to time — the latest version will always be published on this page.

OUR CONTACT DETAILS

Name: Civic Net Zero Limited
Address: C/O Arch Law, Floor 2, 8 Bishopsgate, London, United Kingdom, EC2N 4BQ
E-mail: [email protected]

THE TYPE OF PERSONAL INFORMATION WE COLLECT

We currently collect and process the following information:

Personal identifiers, contacts and characteristics (e.g. name, business, and business contact details)
Website user statistical and technical data (e.g. IP address, browser type, pages visited, and interactions with our website)

HOW WE GET THE PERSONAL INFORMATION AND WHY WE HAVE IT

Most of the personal information we process is provided directly by you for one of the following reasons:

You have signed up to find out more about our company and services
You have requested a demonstration of our technology
You have requested a call to discuss our products, services, or events

We use this information to:

Send you details about our products, services, events, and insights
Manage customer enquiries and service requests
Improve our website and services through analytics data

We may share this information with our trusted sales and marketing partners who assist in communicating with you and managing product or service requests.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

Your consent – you can withdraw this at any time by contacting us at [email protected]
Legitimate interests – for example, where we send business-to-business marketing communications that are relevant to your role or organisation, consistent with the Privacy and Electronic Communications Regulations (PECR)

COOKIES AND ANALYTICS

We use cookies and similar technologies to improve your browsing experience and understand how our website is used.

Cookies are small files placed on your device that help us analyse web traffic and tailor content.

We may use:

Essential cookies – required for site functionality
Analytics cookies – to understand how visitors use our site (e.g. via HubSpot or Google Analytics)
Preference cookies – to remember your settings

When you first visit our website, you can choose whether to accept or decline non-essential cookies. You can change your preferences or delete cookies at any time through your browser settings.

HOW WE STORE YOUR PERSONAL INFORMATION

Your information is securely stored in our customer database, provided by HubSpot. HubSpot’s infrastructure is hosted on Amazon Web Services (AWS) in the United States East region or AWS in the Germany region.

We keep names, business names, and business contact details for 18 months. After this period, we will contact you to confirm whether you wish to remain on our records.

If you request deletion, all records will be removed from our system.
If you do not respond, we will retain your data for no longer than 2 years before permanently deleting it.

INTERNATIONAL DATA TRANSFERS

Because HubSpot and Amazon Web Services (AWS) may process and store data in the United States or other regions outside the UK, your information may be transferred internationally.

Both HubSpot and AWS implement appropriate safeguards to ensure your personal data remains protected and handled in compliance with UK data protection law. These safeguards include:

Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner’s Office (ICO), which provide legally binding commitments on data protection;
ISO 27001 and SOC 2 certifications, demonstrating compliance with international security standards; and
Encryption and access control measures applied to all stored and transmitted data.

Where data is hosted within the European Economic Area (EEA) (for example, AWS Germany), equivalent protections apply under the EU GDPR.

We continually review our suppliers’ data protection measures to ensure that your information remains secure, wherever it is processed.

HOW WE KEEP YOUR DATA SECURE

We are committed to ensuring your information is secure. To prevent unauthorised access or disclosure, we have implemented suitable physical, electronic, and organisational procedures, including:

Encrypted storage and secure transmission of personal data
Access controls and staff confidentiality agreements
Regular system monitoring and security audits
Data minimisation and limited retention practices

YOUR DATA PROTECTION RIGHTS

Under data protection law, you have rights including:

Access – ask for copies of your personal data
Rectification – correct inaccurate or incomplete data
Erasure – ask us to delete your personal data in certain circumstances
Restriction – request limited processing in certain circumstances
Objection – object to processing based on legitimate interests
Data portability – request transfer of your data to another organisation or to you

You are not required to pay any fee for exercising these rights. We have one month to respond to your request.

Please contact us at [email protected] if you wish to make a request.

HOW TO COMPLAIN

If you have concerns about our use of your personal information, please contact us first at [email protected].

If you remain dissatisfied, you may contact the Information Commissioner’s Office (ICO):

Address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Helpline: 0303 123 1113
Website: https://www.ico.org.uk

SUMMARY

Civic Net Zero is committed to protecting your privacy and ensuring transparency in how we collect, store, and use your data. We will never sell or share your personal information outside the purposes described in this policy.