Privacy Policy
Introduction
Praxiis Limited("Praxiis", "we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and theData Protection Act 2018.
This policy applies to:
· Visitors to our website at www.praxiis.co.uk
· Prospective and existing clients
· Suppliers and business contacts
· Personal data we process on behalf of our clients in the course of providing consultancy services
Who we are
Praxiis Limited is a UK consultancy specialising in Microsoft Dynamics 365, Power Platform, and Azure services.
· Registered company: Praxiis Limited, Alpha Works, Floor 21, Suffolk Street, Queensway, Birmingham, B1 1TT.Company number 13163098.
· ICO registration number:ZB250493.
· Contact: hello@praxiis.co.uk
Praxiis acts as a data controller for personal data we collect directly (such as website enquiries, and client and supplier contact information). When delivering consultancy services that involve handling personal data held within a client's own systems, Praxiis acts as a data processor on behalf of that client and processes such data only on the client's documented instructions.
Information we collect
Website visitors
When you visit our website, we may collect:
· Information you provide via contact forms or by emailing us (such as name, email address, company, phone number, and the content of your message).
· Technical information automatically logged by our web infrastructure: IP address, browser type, operating system, pages visited, and timestamps.
· Cookie data (see Cookies section below).
Clients, prospects, and suppliers
We hold contact details and business communications relating to:
· Named contacts at client and supplier organisations.
· Engagement scope, contracts, invoices, and project correspondence.
· Information necessary to deliver consultancy services and manage business relationships.
Client data processed under our services
In the course of delivering services, Praxiis personnel access client systems (such as Dynamics 365, Power Platform, and Azure environments) which may contain personal data belonging to the client's customers, staff, or partners. Praxiis processes such personal data only on behalf of the client and on documented instructions, as set out in the relevant services agreement or data processing agreement.
How we use your information and our lawful basis
We process personal data for the following purposes, relying on the lawful bases set out in Article 6 of the UK GDPR:
Purpose
Lawful basis
Responding to enquiries and providing information about our services - Legitimate interests / pre-contractual steps
Delivering consultancy services under a contract - Performance of a contract
Managing client and supplier relationships- Legitimate interests / contract
Issuing invoices and meeting accounting and tax obligations- Legal obligation
Sending business-to-business marketing communications about our services - Legitimate interests (with opt-out)
Website analytics and improvement - Legitimate interests
Complying with regulatory and legal requirements -Legal obligation
We do not sell personal data and we do not use personal data for purposes incompatible with those stated above.
Third parties and sub-processors
Praxiis uses a small number of trusted third-party service providers to support our business operations. We share personal data only with the following categories of recipient:
· Cloud productivity and collaboration providers (email, document storage, videoconferencing).
· Cloud infrastructure and platform providers supporting our consultancy services.
· Credential and secrets management providers.
· Website hosting and analytics providers.
· Professional services providers (accounting, legal, insurance) where required for our business operations.
· Regulatory or law enforcement bodies where required by law.
Each provider is bound by appropriate contractual data protection terms. A current list of named sub-processors is available on request.
When delivering services to clients, Praxiis does not introduce additional sub-processors of client data without the client's prior agreement.
International transfers
Some of our service providers may process limited data outside the United Kingdom. Where this occurs:
· We rely on UK adequacy regulations where the destination country is recognised as providing an adequate level of protection.
· Otherwise, we rely on appropriate safeguards such as the UK International Data Transfer Agreement(IDTA) or the EU Standard Contractual Clauses together with the UK Addendum.
For our primary cloud services (Microsoft365 and Azure), customer data at rest is held within Microsoft's UK data centre regions.
Data retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required bylaw:
· Website enquiry data: up to two years from last contact, unless a business relationship begins.
· Client and supplier records:for the duration of the relationship and for six years afterwards, to meet legal, tax, and professional indemnity obligations.
· Financial records (invoices, contracts): six years, in line with HMRC requirements.
· Marketing contact data: until you opt out, or two years from last engagement, whichever is sooner.
· Client data processed on our clients' behalf: retained only for the duration of the engagement and deleted from any Praxiis-side working copies on completion, in line with the relevant agreement.
Security
We take appropriate technical and organisational measures to protect personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include access controls, multi-factor authentication, encryption of data at rest and in transit, secure credential handling, and the use of supported, regularly updated software and devices.
Further detail on our security controls is available to clients and prospective clients on request.
Your rights
Under the UKGDPR you have the following rights in relation to personal data we hold about you:
· The right to access your personal data.
· The right to rectification of inaccurate or incomplete data.
· The right to erasure ("right to be forgotten") in certain circumstances.
· The right to restrict processing in certain circumstances.
· The right to object to processing based on legitimate interests, including for direct marketing.
· The right to data portability for data you have provided.
· The right to withdraw consent where processing is based on consent.
· The right to lodge a complaint with the Information Commissioner's Office (ICO).
To exercise any of these rights, please contact hello@praxiis.co.uk. We will respond without undue delay and within one month at the latest. We do not charge a fee unless a request is manifestly unfounded or excessive.
Cookies
Our website uses cookies to provide functionality, improve your experience, and help us understand site usage. You can manage cookies through your browser settings.For more information about cookies and your rights, see the ICO's guidance at https://ico.org.uk/for-the-public/online/cookies/.
Special category data
Praxiis does not actively collect special category data (such as data revealing racial or ethnic origin, religious beliefs, health data, or biometric data) about visitors, clients, or contacts. In the unlikely event we receive such data inadvertently, we will contact you to agree appropriate handling, including secure deletion where appropriate.
Children
Our services are directed at businesses and we do not knowingly collect personal data from children under 16.
Changes to this policy
We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last Updated" date at the top of this page. We encourage you to review this policy periodically.
Contact
Questions, requests, or complaints relating to this Privacy Policy or your personal data should be directed to:
Praxiis Limited
Email: hello@praxiis.co.uk
Postal address: Alpha Works, Floor 21, Suffolk Street, Queensway, Birmingham,B1 1TT
If you are not satisfied with our response, you have the right to lodge a complaint with theInformation Commissioner's Office (ICO):
· Website: https://ico.org.uk
· Helpline: 0303 123 1113


