Legal
Privacy Policy
How The Veil website collects, processes, and protects your personal data.
Last Updated: March 2026
Scope
This policy applies to The Veil marketing website and its subpages. It does not cover The Veil product platform, which is deployed on customer infrastructure and governed by separate data processing agreements.
Data Controller
The data controller for this website is The Veil. For all data protection enquiries, contact:
Email: [email protected]
Data We Collect
We collect the minimum data necessary to operate this website and respond to enquiries.
Web Analytics
We collect anonymised usage data to understand how visitors interact with the site. This includes page views, referral sources, browser type, device type, and approximate geographic region. IP addresses are truncated and not stored in identifiable form.
Contact Form Submissions
When you submit a contact or pilot request form, we collect the information you provide: name, email address, organisation, and message content. This data is used solely to respond to your enquiry and is not shared with third parties for marketing purposes.
Lawful Basis for Processing
We process personal data under the following GDPR lawful bases (Article 6(1)):
- 6(1)(a)Consent — for non-essential cookies and analytics, where applicable.
- 6(1)(b)Contract — to respond to your contact form submissions and pilot requests.
- 6(1)(f)Legitimate interest — for essential website operation, security monitoring, and anonymised analytics to improve site performance.
Data Retention
Contact form submissions are retained for 12 months from the date of your last interaction, then deleted. Anonymised analytics data is aggregated and retained for up to 26 months. You may request earlier deletion at any time.
Your Rights Under GDPR
Under GDPR Chapter III, you have the following rights regarding your personal data:
- Art. 15Right of access — obtain confirmation of whether your data is being processed and request a copy.
- Art. 16Right to rectification — correct inaccurate personal data or complete incomplete data.
- Art. 17Right to erasure — request deletion of your personal data where there is no compelling reason for continued processing.
- Art. 20Right to data portability — receive your data in a structured, commonly used, machine-readable format.
- Art. 21Right to object — object to processing based on legitimate interests, including profiling.
- Art. 77Right to lodge a complaint — file a complaint with your local supervisory authority if you believe your data is being processed unlawfully.
To exercise any of these rights, contact [email protected]. We will respond within 30 days as required by Article 12(3).
Cookies
This website uses cookies as follows:
| Type | Purpose | Lawful Basis |
|---|---|---|
| Essential | Session management, security tokens, cookie consent preferences | Legitimate interest |
| Analytics | Anonymised usage statistics to improve site experience | Consent |
We do not use advertising or tracking cookies. You can withdraw cookie consent at any time through your browser settings. Essential cookies cannot be disabled as they are necessary for the website to function.
Third-Party Processors
We may use third-party services for hosting, analytics, and email delivery. All processors are bound by data processing agreements ensuring GDPR compliance. Data is processed within the EU/EEA, or under appropriate safeguards (Standard Contractual Clauses) where transfers outside the EEA are necessary.
International Data Transfers
Where personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V, including Standard Contractual Clauses (Article 46(2)(c)) or adequacy decisions (Article 45).
Changes to This Policy
We may update this privacy policy to reflect changes in our practices or legal requirements. Material changes will be communicated via a notice on this website. We encourage you to review this page periodically.