Privacy.

Last updated: 21 April 2026

[BRIEF DRAFT] This privacy policy is a first-draft GDPR-compliant text. A data-protection specialist should review it before external publication, given the regulated-finance audience.

Data controller

The data controller is Magentix, operating from Mauritius. For privacy matters, contact privacy@magentix.ai.

Data we collect

  • Newsletter signups: email address, optional first name, service-variant tag (default, IDSolid, ARBITR interest), source page, and signup timestamp.
  • ARBITR Pilot EOI submissions: organisation name, primary contact name, role, business email, country, organisation size, industry, regulated-environment status, free-text descriptions of current deployment and ARBITR interest, confidentiality acknowledgement, and optional marketing consent.
  • Direct contact: any information you include when you email us or book a Cal.com meeting.

Lawful basis

  • Newsletter subscriptions: your consent, captured at signup.
  • ARBITR Pilot EOI: legitimate interest in assessing pilot suitability, together with your explicit acknowledgement of the programme terms.
  • Direct contact replies: legitimate interest in responding to you.

Retention

  • Newsletter subscribers: retained until you unsubscribe, or after three years of inactivity.
  • EOI submissions: retained for two years from submission, unless you have opted in to broader contact.
  • Direct-contact correspondence: retained for the duration of the active conversation plus one year.

Your rights

You have the right to access, rectify, erase, port, and object to processing of your personal data, and to withdraw any consent at any time. To exercise any right, email privacy@magentix.ai.

Third-party processors

We use Cal.com for meeting bookings. We may use a transactional email provider for double opt-in and notification emails; if we do, the provider name will be listed here before processing begins. We do not use Google Analytics, Meta Pixel, or any marketing-analytics service at this phase.

International transfers

Site hosting is on a VPS located in the United Kingdom. Data may transit Mauritius where the data controller is based. Where third-party processors are used, transfers are governed by standard contractual clauses or equivalent safeguards.

Complaints

UK residents may complain to the Information Commissioner's Office. EU residents may complain to their national data-protection authority.