Privacy Policy

This Privacy Policy explains how Global Automation Services Ltd (“we”, “us”, “our”), the company behind the Fionetix Solutions brand, collects, uses, and protects your personal data when you visit our website or use our services. We are registered in England & Wales, United Kingdom (Company No. [UK Company No. — confirm]), with a registered office at [UK registered office address — confirm].

Our services are delivered by our operations team at Fionetix Solutions in Bangladesh, which acts as a processor on our behalf (see “International transfers” below).

We act as the data controller for personal data described in this policy and comply with the UK GDPR, the EU General Data Protection Regulation (Regulation (EU) 2016/679), and applicable data protection laws. This policy should be read alongside our Cookie & Tracking Policy.

1. Data we collect

We collect and process the following categories of data:

• Contact & enquiry data — name, email, phone/WhatsApp number, and company details you provide when you book a call, request our pricing guide, complete onboarding, or contact us.
• Project data — information you share with us to scope and deliver work (e.g. requirements, repositories, access credentials, content).
• Billing data — handled by our payment processor, Stripe. We receive confirmation of payment, plan, and amount; we do not store your full card details on our servers.
• Technical & usage data — IP address, browser and device information, referring URL, and pages visited, collected through our servers and analytics tools.
• Marketing & measurement identifiers — online identifiers (such as advertising cookie IDs) and, for server-side conversion measurement, a hashed (SHA-256) version of your email and/or phone number. Hashing is a one-way process designed so the underlying details cannot be read by the advertising platform.

2. How we use your data

• To respond to enquiries and schedule discovery calls.
• To provide, maintain, and improve our services.
• To process payments and manage subscriptions via Stripe.
• To send service-related communications, confirmations, and the resources you request.
• To measure website usage and the performance of our advertising, and to show relevant ads (see section 5).
• To comply with legal, tax, and accounting obligations.

3. Legal bases for processing

We rely on the following legal bases under the GDPR:

• Contract — to deliver the services you request.
• Legitimate interests — to run, secure, and improve our business, including privacy-friendly, first-party website analytics and measuring the effectiveness of our own marketing, where not overridden by your rights.
• Consent — for advertising/marketing cookies and pixels, which you can give or refuse via our consent banner and withdraw at any time.
• Legal obligation — for tax, accounting, and compliance.

4. Cookies & similar technologies

We use a small number of cookies and browser-storage entries to operate the site, remember your privacy choice, and measure usage. By default we run only privacy-friendly analytics; advertising technologies load only after you accept. A full breakdown — including names, purposes, and how to manage them — is in our Cookie & Tracking Policy.

5. Analytics & advertising

We use Google Consent Mode v2 to control how tracking technologies behave based on your choice:

• Analytics (on for all visitors). We use Google Analytics 4with IP anonymization to understand, in aggregate, how the site is used. This runs on the basis of our legitimate interests and is not used to target you with ads. See Google’s Privacy Policy and how Google Analytics uses data. You can opt out using the Google Analytics Opt-out Browser Add-on.
• Advertising (only with your consent). If you accept, we enable advertising and remarketing tools that may set cookies and share online identifiers with the platforms below, so we can measure conversions and show you relevant ads: the Meta (Facebook/Instagram) Pixel, Google Ads, TikTok, and Reddit.
• Server-side conversion measurement. To measure key actions accurately (for example, submitting an enquiry, booking a call, or completing a purchase) we may send events directly from our server to Meta via the Conversions API. These events include a hashedversion of your email and/or phone number plus technical data (such as IP address and browser agent) and are deduplicated with any browser pixel event. We use Meta’s tools under its Business Tools Terms. Where this processing relies on consent, it is enabled only after you accept; otherwise we rely on legitimate interests to measure our own marketing.

6. Sharing your data & sub-processors

We share data only with trusted providers who help us operate, each acting under contract and applicable data-protection law. We never sell your personal data. Our key providers are:

• Stripe — payment processing (privacy policy).
• Google — analytics, advertising, and our business email/workspace (privacy policy).
• Meta Platforms — advertising pixel and Conversions API (privacy policy).
• TikTok and Reddit — advertising measurement, where consented.
• Hosting & infrastructure providers — to run the website and store submissions securely.

7. International transfers

Service delivery is performed by Fionetix Solutions in Bangladesh, and some of our providers are located outside the UK/EEA, so your data may be transferred internationally. Where this happens, we put appropriate safeguards in place — such as Standard Contractual Clauses (with the UK International Data Transfer Addendum) or an adequacy decision — to protect your data to UK/EU GDPR standards.

8. Data retention

We keep personal data only for as long as necessary for the purposes set out above, including to satisfy legal, accounting, or reporting requirements. Enquiry and marketing data is kept until you unsubscribe or ask us to delete it; contract and billing records are kept for the period required by law.

9. Your rights

Subject to applicable law, you have the right to access, rectify, erase, restrict, or object to our processing of your data, and the right to data portability and to withdraw consent. To exercise any of these rights, email privacy@fionetix.com. You also have the right to lodge a complaint with your local supervisory authority (in the UK, the Information Commissioner’s Office).

10. Security

We implement appropriate technical and organisational measures — including encryption in transit, access controls, and the use of reputable, security-certified providers — to protect your data against unauthorised access, loss, or misuse.

11. Children’s privacy

Our services are intended for businesses and are not directed at children. We do not knowingly collect personal data from anyone under 16.

12. Changes to this policy

We may update this policy from time to time. The latest version will always be available on this page with its effective date.

13. Contact

For any privacy questions or requests, contact us at privacy@fionetix.com.