This Privacy Policy explains how Spectra Analytics Ltd (“Spectra Analytics”, “we”, “our”, or “us”) collects, uses, discloses, and safeguards personal data when you access or use our website at spectra-analytics.com and our cloud-based process intelligence platform (together, the “Services”). Please read this policy carefully. If you do not agree with its terms, please discontinue use of our Services.
We operate under and comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the UK GDPR as retained in UK law, and all other applicable data protection laws and regulations.
Spectra Analytics Ltd
Registered in England and Wales
Contact: info@spectra-analytics.com
For all data protection matters, including exercising your rights, please contact us at the email address above.
“Personal Data” means any information relating to an identified or identifiable natural person (“data subject”).
“Processing” means any operation or set of operations performed on Personal Data.
“Controller” means Spectra Analytics Ltd, which determines the purposes and means of processing your Personal Data.
“Processor” means a third party that processes Personal Data on our behalf.
This policy applies to:
It does not apply to Personal Data embedded within data files uploaded to the platform by Customers — such data is governed by the applicable Data Processing Agreement between Spectra Analytics and the relevant Customer.
| Category | Examples | Legal Basis |
|---|---|---|
| Identity data | Full name, job title | Performance of a contract; Legitimate interests |
| Contact data | Email address, organisation name | Performance of a contract; Legitimate interests |
| Account credentials | Username, hashed password | Performance of a contract |
| Communication data | Contents of emails, support requests | Legitimate interests |
| Demo request data | Company size, industry, current tooling | Legitimate interests; Consent |
| Category | Examples | Legal Basis |
|---|---|---|
| Usage data | Pages visited, features used, session duration | Legitimate interests |
| Technical data | IP address, browser type, operating system | Legitimate interests |
| Log data | Access logs, error logs, API call logs | Legitimate interests; Legal obligation |
We do not use advertising cookies or sell your data to third parties.
We may receive limited data from identity providers if you authenticate via single sign-on (SSO), or from payment processors in relation to subscription billing.
We use your Personal Data for the following purposes:
We do not sell, rent, or trade your Personal Data. We may share it with:
We engage trusted third-party processors — including cloud infrastructure providers, email delivery services, analytics tools, and payment processors — that assist us in operating the Services. All processors are bound by data processing agreements and are required to implement appropriate security measures.
In the event of a merger, acquisition, asset sale, or insolvency proceedings, your Personal Data may be transferred to a successor entity, subject to equivalent confidentiality obligations.
We may disclose Personal Data if required to do so by law, court order, regulatory authority, or to protect the vital interests of a data subject or third party.
In all other cases, we will only share your Personal Data with your explicit prior consent.
Our primary infrastructure is hosted within the European Economic Area (EEA). Where we transfer Personal Data outside the EEA or the UK, we ensure appropriate safeguards are in place, including:
A copy of the applicable transfer mechanism can be requested by contacting us at info@spectra-analytics.com.
We retain Personal Data only for as long as necessary for the purposes set out in this policy, or as required by applicable law:
| Data type | Retention period |
|---|---|
| Account data | Duration of account plus 3 years after closure |
| Usage and log data | 12 months on a rolling basis |
| Support communications | 3 years from last interaction |
| Billing records | 7 years (statutory accounting requirement) |
| Marketing preferences | Until withdrawal of consent or 3 years of inactivity |
Upon expiry of the applicable retention period, Personal Data is securely deleted or anonymised.
We implement industry-standard technical and organisational security measures to protect your Personal Data against unauthorised access, alteration, disclosure, or destruction. These include, but are not limited to:
No method of transmission or storage is 100% secure. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.
Subject to applicable law, you have the following rights in relation to your Personal Data:
| Right | Description |
|---|---|
| Access | Obtain a copy of the Personal Data we hold about you |
| Rectification | Correct inaccurate or incomplete data |
| Erasure | Request deletion of your data (“right to be forgotten”) where no legal basis for retention applies |
| Restriction | Ask us to restrict processing in certain circumstances |
| Portability | Receive your data in a structured, machine-readable format |
| Objection | Object to processing based on legitimate interests or for direct marketing |
| Withdraw consent | Withdraw consent at any time where processing is consent-based |
To exercise any of these rights, contact us at info@spectra-analytics.com. We will respond within 30 days. We may require identity verification before processing your request.
You also have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO) at ico.org.uk. In the EU, you may contact the supervisory authority in your member state of residence.
We use strictly necessary cookies to operate our Services (e.g. session management). We do not use tracking, advertising, or third-party analytics cookies without your consent. A detailed cookie notice is available on our website.
Our Services are not directed to individuals under the age of 18. We do not knowingly collect Personal Data from minors. If we become aware that a minor has provided us with Personal Data, we will take steps to delete it promptly.
We may update this Privacy Policy from time to time. We will notify you of material changes by email (where we hold your email address) or by a prominent notice on our website prior to the change becoming effective. The “Last updated” date at the top of this page will be revised accordingly. Continued use of the Services after the effective date constitutes acceptance of the revised policy.
For any questions, concerns, or requests relating to this Privacy Policy or your Personal Data, please contact:
Spectra Analytics Ltd
info@spectra-analytics.com
spectra-analytics.com