Privacy Notice

Updated 08.12.25
Welcome to Gardenia Technologies. This Privacy Notice describes Our policies and procedures on the collection, use and disclosure of Your information when You use Our Website or the Services, or enter into a contractual relationship with Us, and outlines Your privacy rights and their protection under the UK GDPR and other applicable legislation.

Introduction

Gardenia Technologies provides services exclusively to corporate entities and We assume that You will be accessing Our Website or interacting with Us on behalf of a corporate entity. We use Your Personal Data to improve Your experience when using the Website, to provide and improve the Services, and to meet legal and business requirements in the course of our corporate activity. By accessing the Website and/or using the Services, You agree to the collection and use of information in accordance with this Privacy Notice. Such Personal Data will be gathered in connection with your relationship with one or more corporate entities that are or may enter into a contract with Us and will not be used to offer services to you as a consumer.

The additional provisions applying to relationships with employees, consultants, and contractors are set out in the relevant addendum hereto.

Principles

This notice describes:

  • what information we collect about you;
  • how we source Your Personal Data;
  • how we use Your Personal Data;
  • who we share Your Personal Data with;
  • how long we keep Your Personal Data;
  • provisions relating to transfer and disclosure of Your Personal Data;
  • how we protect the security of Your Personal Data;
  • your rights regarding our use of your information;
  • how to contact us.

Interpretation and Definitions

Interpretation

The words whose initial letter is capitalised have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions

For the purposes of this Privacy Notice:

  • “Account” means a unique account created for You to access our Services or parts of our Service or to receive certain information from us.
  • “Company” (referred to as either "the Company", "We", “Gardenia”, "Us" or "Our" in this Agreement) refers to Gardenia Technologies, a company incorporated in England and Wales under number 10047691, whose registered office is at 10 Orange Street, London, WC2H 7DQ and whose place of business is at Fivefields, 8-10 Grosvenor Gardens, London, SW1W 0DH.
  • “Cookies” are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
  • “Country” refers to the United Kingdom.
  • “Data Protection Laws” means the UK GDPR and the Privacy and Electronic CommunicationsRegulations 2003 (PECR), alongside any relevant and applicable data protection legislation in force in the jurisdictions in which Gardenia operates, including the EU GDPR.
  • “Device” means any device that can access the Website and/or the Services such as a computer, a mobile phone or a digital tablet.
  • “Personal Data” is any information that relates to an identified or identifiable individual, as defined in the UK GDPR.
  • “Service” refers to any of the services provided by Gardenia Technologies Limited.
  • “Third-Party Service Provider” means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analysing how the Service is used.
  • “UK GDPR” means all applicable data protection and privacy legislation in force from time to time in the UK including the Data Protection Act 2018 as amended, and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.
  • “Usage Data” refers to data collected automatically, either generated by the use of the Services or from the Service infrastructure itself, or by the use of Our Website (for example, the duration of a page visit).
  • “Website” refers to the Company’s main website, accessible at https://gardeniatech.com/, that is owned and operated by or on behalf of Gardenia Technologies Limited.
  • “You” means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected
Personal Data

While using Our Services, or accessing Our Website, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:

  • Email address
  • First name and last name
  • Address, Postal code, City, Country
  • Usage Data
  • Approximate geolocation (from third party analytics services)
Usage Data

Usage Data is collected automatically when accessing the Websites or may be collected automatically when using the Services.

Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of Our Website or of the Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When You access the Website or the Services by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.

We may also collect information

  • that Your browser sends whenever You visit our Website or Services or when You access the Website or Services by or through a mobile device
  • that originates from Your interaction with Us on social media platforms using Your social media account, under the limitations set out in the privacy settings of such social media account.

Source of Information

We will gather information about You from the following sources:

  • From You directly;
  • From cookies or other such analysis on Our website
  • From the social media platforms You use to interact with Us, within the limits set out in the relevant privacy settings;
  • From third-party analytics services.
Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on Our Website and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyse Our Website. The technologies We use may include:

  • Cookies or Browser Cookies. A cookie is a small file placed on Your Device. You can instruct Your browser to refuse all Cookies or to indicate when a Cookie is being sent. However, if You do not accept Cookies, You may not be able to use some parts of our Website. Non-Essential Cookies (such as Functionality and Analytics Cookies) will only be deployed afterYou have provided Your specific, informed, and affirmative consent via our dedicated cookie preference tool.
  • Web Beacons. Certain sections of our Website and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit the Company, for example, to count users who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity)
  • Analytics services (e.g. Google Analytics) provided by third parties, reporting website traffic and usage, in order to create reports that provide insights into the interaction of users with our website.

Cookies can be "Persistent" or "Session" Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. You can learn more about cookies here: https://ico.org.uk/for-organisations/guide-to-pecr/cookies-and-similar-technologies/. We use both Session and Persistent Cookies for the purposes set out below:

Table listing three cookie categories: Necessary/Essential session cookies for authentication and service provision, Cookies Policy persistent cookies for acceptance tracking, and Functionality persistent cookies for remembering user preferences.

Blocking or restricting Cookies

You can stop Cookies being used on your device by activating the setting on your browser that allows you to block the deployment of all or some Cookies.

Please visit All About Cookies | Online Privacy and Digital Security to find out how. Please note, if you use your browser settings to block Cookies you may not be able to access all or parts of our site.

Use of Your Personal Data

Gardenia may use Personal Data for the following purposes:

  • To work with you on proposals and transactions addressed to the corporate entity on behalf of which You are acting, including:
    • Sharing corporate data and drafting documents;
    • For analytics and algorithm development and calibration;
    • To comply with Our legal obligations and establish, exercise, or defend our legal rights;
  • To provide and maintain our Services, including to monitor the usage of Our Website and of the Services.
  • To manage Your Account: to manage Your registration as a user of the Services. The Personal Data You provide can give You access to different functionalities of the Services that are available to You as a registered user.
  • For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Services or otherwise
  • To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application's push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation.
  • To provide You with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless You have opted not to receive such information.
  • To manage Your requests: To attend and manage Your requests to Us.
  • For business transfers: We may use Your information to evaluate or conduct a merger, divestiture, restructuring, reorganisation, dissolution, or other sale or transfer of some or all of Our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Us about our Service users is among the assets transferred.
  • For other purposes: We may use Your information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our Service, products, services, marketing and your experience, and for those other purposes that you may have agreed with Us.

Who we share information with

We may share Your personal information in the following situations:

  • With Service Providers: We may share Your personal information with Service Providers to monitor and analyse the use of our Service, or to contact You.
  • With Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honour this Privacy Notice. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us.
  • With business partners: We may share Your information with Our business partners to offer You certain products, services, or promotions.
  • With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside.
  • With Your consent: We may disclose Your personal information for any other purpose with Your consent.

Some of the above third parties could be based outside the UK.

If we transfer Your Personal Data outside the United Kingdom (UK) or the European Economic Area (EEA), We take all reasonable steps to ensure that your data is treated securely and that a similar degree of protection is afforded to it. We rely on the following mechanisms to ensure all transfers are lawful and protected under the UK GDPR:

  • Adequacy Regulations: We transfer data to countries that the UK Government (for UK data)or the European Commission (for EEA data) has officially determined provide an adequate level of data protection.
  • Appropriate Safeguards: We use legally approved contractual safeguards, which include the International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses (SCCs) for UK transfers, or the Standard Contractual Clauses (SCCs) forEU/EEA transfers.
  • Specific Derogations: We rely on an exception (derogation) set out in the UK GDPR only where appropriate and strictly necessary, such as where we have Your explicit consent or where the transfer is essential for the performance of a contract with You.

In all cases where safeguards are used, We conduct necessary transfer risk assessments and, where required, implement supplementary technical and organisational measures to ensure your data remains protected. Further details on the specific safeguards used are available upon request.

Retention of Your Personal Data

For data gathered during your access to Our Website

We retain records that are subject to statutory or regulatory retention requirements (e.g., financial, tax, or legal liability records) for the specific period mandated by the relevant law. Where no specific period is defined, the retention period will be determined based on the statute of limitations for potential legal claims. Data that is no longer necessary, such as contact details, can be deleted upon request and with the Company's agreement.

The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of Our Service, or We are legally obligated to retain this data for longer time periods.

For data gathered in the course of our provision of Services to our customers

Gardenia will retain Your Personal Data:

  • for at least five years after Your employer has ended its relationship with Gardenia; or
  • for the specific period mandated by the relevant law for required records (e.g., financial, tax, or legal liability records).

Where no specific period is defined by law, the retention period will be determined based on the statute of limitations for potential legal claims. Data that is not needed, such as contact details, can be deleted with the agreement of the Company on request.

Transfer of Your Personal Data

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your country or other governmental jurisdiction where the data protection laws may differ from those in Your jurisdiction.

Your consent to this Privacy Notice followed by Your submission of such information represents Your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that Your data is treated securely and in accordance with this Privacy Notice and no transfer of Your Personal Data will take place to an organisation or a country unless there are adequate controls in place including the security of Your data and other personal information.

Disclosure of Your Personal Data

Business Transactions

If the Company is involved in a merger, acquisition or asset sale, Your Personal Data may be transferred. We will provide notice before Your Personal Data is transferred and becomes subject to a different Privacy Notice.

Law enforcement

Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of the Company
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of Users of the Service or the public
  • Protect against legal liability

Security of Your Personal Data

The security of Your Personal Data is important to Us but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Your rights regarding your information

You have rights under data protection law in relation to our use of Your information, including to:

  • Request access to Your information, of which You can do by contacting Gardenia Technologies;
  • Update or amend Your information if it is inaccurate or incomplete;
  • Object to certain uses of Your information (which includes processing for direct marketing purposes, processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling) and processing for purposes of scientific or historical research and statistics) on grounds relating to Your particular situation;
  • Request the deletion of Your information, or restrict its use, in certain circumstances (for example You can request that we erase Your information where the information is no longer necessary for the purpose for which it was collected (unless certain exceptions apply));
  • Withdraw any consents You have provided in respect of Our use of Your information;
  • Request the return of information You have provided to Us, to use for Your own purposes (often called your right to data portability) where the processing is based on Your consent or for the performance of a contract; and the processing is carried out by automated means; and
  • To lodge a complaint with the Information Commissioner’s Office (ICO).

More information about these rights can be found at https://ico.org.uk/for-the-public/. If You have any questions about these rights, or You would like to exercise any of them, please contact Gardenia – additional details of how to get in touch are set out in section 'How to contact us' below.

Children's Privacy

Given the corporate focus of our Services, the collection of data from children is not expected. Should We discover We require consent for an individual under 13 whose data We unintentionally collected, We will require parental consent before using that information.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Notice of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.

Changes to this Privacy Notice

We may update Our Privacy Notice from time to time. We will notify You of any changes by posting the new Privacy Notice on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Privacy Notice.

You are advised to review this Privacy Notice periodically for any changes. Changes to this Privacy Notice are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Notice, You can contact Us:

  • By email: contact@gardeniatech.com
  • By phone: +44 (0) 20 3384 4866
  • By mail: Fivefields, 8-10 Grosvenor Gardens, London, SW1W 0DH

Giving power to your data
AWS Software Partner
ISO 27001 Certified
“Gardenia is the only solution on the market that provides a fully digitalised and integrated experience.”
Ondine Sauvet
Co-Founder, mylight150
Book a demo
Book a demo
Platform
HomeIntegrationsCustomers
Solutions
SustainabilityWorking CapitalFinanceFaktorlab
Resources
Fact SheetsDemo LibraryBlogPress
Support
(+44) 020 338 44866contact@gardeniatech.comPrivacy Notice
Main logo link that leads to home page
© Gardenia Technologies 2025