Privacy & Cookie Policy

1. Introduction

Welcome to Galyos Ltd (“we”, “our”, “us”). We are committed to protecting your personal information and respecting your right to privacy.

This Policy explains how we collect, use, share, and protect personal data when you visit https://galyos.io/ or contact us via email or through linked social media platforms.

For the purposes of the UK GDPR and the Data Protection Act 2018, the data controller is:

Galyos Ltd
71–75 Shelton Street, Covent Garden
London WC2H 9JQ, United Kingdom
Email: contact@galyos.io

2. Information We Collect

A. Information You Provide Directly

We collect only the personal information you voluntarily provide when you contact us. This may include:

• • Identity Data: Your name
• • Contact Data: Your email address
• • Communication Data: The content of your message and any information included in your email signature

This information is provided when you use the “Contact” button, email us directly, or interact with us via linked social media platforms (such as LinkedIn).

If you choose to download a resource from the Site, we collect your email address via an embedded form. We use this information only to send you the requested material and any directly related follow‑up communications.

B. Technical Information Collected Automatically

When you visit the Site, our server may automatically collect limited technical information such as your browser type, operating system, and pages viewed. This information is used solely to ensure the security, stability, and proper functioning of the Site and does not identify you personally.

3. Cookies

Cookies Used on This Site: The Site uses only strictly necessary cookies required for the core technical operation of the website. These cookies are set by WordPress and are first-party cookies used for purposes such as session management, security, or administrative functionality.

These cookies do not track your activity across other websites and do not collect personal data for analytics, marketing, or advertising purposes. Under UK data protection law, your consent is not required for strictly necessary cookies.

Third-Party Links: The Site includes buttons linking to external platforms, specifically LinkedIn. When you click these links, you leave our Site. These third parties may collect data about you in accordance with their own privacy and cookie policies.

Managing Cookies: Most web browsers allow you to control cookies through their settings, including blocking or deleting cookies. Please note that disabling strictly necessary cookies may affect the functionality of the Site.

4. How We Use Your Information

We use your personal data only for legitimate business purposes, including:

• • Responding to your enquiries and correspondence
• • Discussing potential engagements, audits, or operational services
• • Operating, maintaining, and securing the Site
• • Sending you requested resources and any directly related follow‑up communications.

Our lawful bases include Legitimate Interests, Contract, and Legal Obligation. Where you submit your email address via a download form, our lawful basis is your consent, which you provide when you submit the form. You can withdraw your consent at any time by using any unsubscribe option provided or by contacting us at contact@galyos.io.

5. Data Sharing

We do not sell your personal data. We may share personal data only where necessary with:

• • Service providers supporting our IT, email, and hosting infrastructure
• • Professional advisers, including legal, accounting, and banking advisers
• • Public authorities, where required by law or to protect our legal rights
• • Email collection and delivery platform (Beehiiv), which we use to collect email addresses for resource downloads and to send the requested material.

All such parties are required to process data in accordance with applicable data protection laws.

6. International Transfers

Your personal data is primarily processed in the United Kingdom. Where personal data is processed outside the UK (for example, by cloud-based service providers), we ensure appropriate safeguards are in place, such as UK adequacy regulations or the UK International Data Transfer Agreement (IDTA).

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes collected, including legal, tax, and accounting requirements.

For email addresses provided solely to access a resource or lead magnet, we retain your details while we are sending you the requested material and for a limited period afterwards to manage any follow‑up or suppression requests, unless you ask us to delete them sooner.

8. Your Legal Rights

Under the UK GDPR, you have several rights in relation to your personal data:

• • Right of access: To request a copy of the data we hold about you
• • Right to rectification: To request correction of inaccurate data
• • Right to erasure: To request deletion of your personal data
• • Right to object: To object to processing of your personal data

To exercise any of these rights, please contact us at contact@galyos.io.

9. Contact

If you have any questions about this Policy or our data practices:

Galyos Ltd

Email: contact@galyos.io