Privacy Policy

Last updated: 22 October 2025

1) Who we are

DeafMetrix (“we”, “us”, “our”) is a Deaf-led consultancy based in the United Kingdom. We help organisations redesign systems for accessibility, inclusion and resilience. We act as data controller for the personal data we collect via our website, email, and when delivering our services.

How to contact us

• Email: deafmetrix@outlook.com

• Website: https://www.deafmetrix.com

• Postal address: [on request]

• ICO registration number: [pending]

2) The data we collect

We only collect what we need for clear purposes.

• Identity & contact data: name, role, organisation, email, phone, postal address (if provided).

• Communications: emails, messages, meeting notes, feedback forms.

• Service data: project briefs, research notes, deliverables, accessibility requirements you choose to share.

• Technical data: IP address, device/browser type, pages viewed, timestamps, referral source, cookie IDs.

• Marketing preferences: your choices about hearing from us.

• Special category data (only if you provide it): information about access needs, health/disability context, language (e.g., BSL). We only process this with your explicit consent or where needed for legal claims or to protect vital interests.

3) How we collect it

• Directly from you: emails, meetings, calls, forms, contracts, events/webinars.

• Automatically: cookies and similar technologies on our website (see Cookies, below).

• From professional public sources: corporate sites, press releases, LinkedIn, conference programmes — used solely for relevant B2B engagement.

4) Why we use your data (and our lawful bases)

We will only use your data when the law allows. Typical uses include:

• Responding to enquiries – such as replying to emails or arranging calls.
  Lawful basis: legitimate interests (B2B correspondence).

• Delivering services – including scoping, research, interviews, analysis, and reporting.
  Lawful basis: contract (or steps taken before entering a contract).

• Managing our relationship – for invoicing, record-keeping, and client care.
  Lawful basis: contract / legitimate interests.

• Business development (B2B) – contacting relevant decision-makers in their professional role about our services.
  Lawful basis: legitimate interests (targeted, role-relevant outreach with simple opt-out).

• Marketing updates – sending newsletters, event invitations, or insights where you have opted in.
  Lawful basis: consent (you may withdraw at any time).

• Improving our site and services – using analytics, monitoring performance, and maintaining security logs.
  Lawful basis: legitimate interests.

• Legal and regulatory compliance – such as tax records, legal claims, or responding to regulators.
  Lawful basis: legal obligation / legitimate interests.

• Processing special category data – for example, where you share access requirements so we can make reasonable adjustments.
  Lawful basis: explicit consent, or where necessary for legal claims or vital interests (Art. 9 UK GDPR).

5) Email outreach & your choices

If we contact you by email in your professional capacity, it is because your role appears relevant to accessibility, inclusion, or service design. We only use publicly available business contact details for this purpose.

You are always in control: if you do not wish to receive further emails, simply reply with “unsubscribe” (as indicated in the email) and we will immediately stop and remove your details from our marketing list.

6) Who we share data with

We do not sell personal data. We share only when necessary:

• Processors/Service providers under contract (e.g., website hosting, email, cloud storage, CRM, analytics, video meeting tools).

• Professional advisers (legal, accounting).

• Authorities/regulators where required by law or to establish, exercise or defend legal claims.

All processors are bound by confidentiality and must follow our instructions.

7) International transfers

If we transfer data outside the UK/EEA (e.g., to a cloud provider), we use legally recognised safeguards: UK adequacy regulations or Standard Contractual Clauses (and, where needed, Transfer Risk Assessments). Details available on request.

8) How long we keep data

We keep data only as long as needed and then delete or anonymise it.

• Client/project records: up to 6 years after project end (legal/accounting).

• General enquiries: up to 2 years from last contact.

• Marketing records: until you withdraw consent / opt out.

• Analytics/technical logs: typically up to 26 months (or provider default).

9) Security

We take appropriate technical and organisational measures, including encrypted transport (TLS), secure hosting, role-based access, strong authentication, least-privilege permissions, regular updates, and staff awareness. No method is 100% secure, but we work to industry good practice and review controls regularly.

10) Your rights

You have the right to:

• Access your data;

• Rectify inaccurate data;

• Erase data (where applicable);

• Restrict or object to processing (including B2B outreach);

• Data portability (for data you provided to us);

• Withdraw consent (where processing relies on consent).

To exercise rights, email helen@deafmetrix.com. We will respond within one month (extendable by two months for complex requests; we’ll tell you if so). You also have the right to complain to the ICO: www.ico.org.uk.

11) Cookies & similar technologies

We use cookies and similar technologies to operate our site, understand usage and improve performance.

• Strictly necessary (essential for security/basic functions) – always on.

• Analytics/Performance (e.g., page views, session metrics) – used only after you consent via our banner (where applicable).

• Marketing – only if we use them and you consent.

You can change or withdraw consent at any time via your browser or our cookie controls. See our Cookie Policy for details of tools used, categories, and retention. If you disable cookies, some site features may not work.

12) Children

Our site and services are aimed at adults in a professional context. We do not knowingly collect data from children under 16.

13) Automated decision-making

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

14) Accessibility of this policy

We can provide this policy in alternative formats, including a British Sign Language (BSL) video, on request. Email helen@deafmetrix.com.

15) Third-party links

Our site may link to other websites. Those sites have their own privacy policies; we are not responsible for their content or practices.

16) Changes to this policy

We may update this policy from time to time. We will post the new version here and change the “Last updated” date. Material changes will be signposted clearly..