Privacy Policy

Last updated: 24 May 2026    ·    Effective date: 24 May 2026

Aevisa Holdings Ltd. (“Aevisa”, “we”, “our”, “us”) is committed to protecting your privacy and handling your personal data transparently and lawfully. This Privacy Policy explains what personal data we collect when you visit aevisaglobal.com or interact with us, why we collect it, how we use it, and your rights under UK data protection law.

This policy applies to:

·        Visitors to aevisaglobal.com and any subdomains

·        People who join our waitlist or newsletter

·        People who contact us via our contact form or email

·        People who follow our Aevisa-operated social media channels

This policy does not yet cover the Aevisa app or any product that processes health data. A separate, more detailed privacy notice will apply when the app launches.

1. Who we are

Aevisa Holdings Ltd. is a private limited company registered in England and Wales.

·        Company number: 17049989

·        Registered office: Unit 19, Maidstone Innovation Centre, Weavering, Maidstone, ME14 5FY, United Kingdom

·        Contact: hello@aevisaglobal.com

For data protection purposes, Aevisa Holdings Ltd. is the data controller of personal data collected through this website.

2. What personal data we collect

We only collect the data we need.

When you join the waitlist or newsletter

·        Your name (if provided)

·        Your email address

·        The date you signed up

When you contact us via the contact form or email

·        Your name

·        Your email address

·        The content of your enquiry

·        The category of enquiry (general, partnership, early access, press)

When you visit the website (automatically)

Our hosting provider records limited technical information in server logs, such as IP address (truncated where possible), browser and device type, pages visited, and the date and time of your visit. We use this only for security, diagnostics, and reliability. We do not currently use website analytics, advertising, or tracking cookies.

We do not currently collect

·        Health data of any kind

·        Special-category data (Article 9 UK GDPR)

·        Location beyond country level inferred from IP

·        Payment information

3. Why we collect it (lawful basis)

We process your data under one of the following UK GDPR lawful bases:

What we do

Lawful basis

Send you the newsletter / waitlist emails you signed up for

Consent (Article 6(1)(a))

Respond to your enquiry

Legitimate interests (Article 6(1)(f)) — responding to people who contact us

Operate, maintain and secure the website (server logs, error logging)

Legitimate interests — keeping the site reliable and preventing abuse

Comply with legal obligations (e.g. lawful requests)

Legal obligation (Article 6(1)(c))

Where we rely on consent, you can withdraw it at any time — see “Your rights” below.

4. How long we keep your data

·        Newsletter / waitlist subscribers: until you unsubscribe, then deleted within 30 days.

·        Contact form / email enquiries: up to 24 months after the enquiry is closed, then deleted.

·        Server log data: retained for a short period (typically up to 30 days) for security and diagnostics.

·        Records we are legally required to keep: for the period required by law.

5. Who we share your data with

We share personal data only with the service providers we need to run the business. Each is bound by a written data processing agreement. Our current processors are:

·        Framer Sites B.V. — website hosting and content delivery (data may be processed in the EU and US under Standard Contractual Clauses).

·        Framer — receiving and storing submissions from our contact and signup forms.

·        Microsoft (Microsoft 365, operated by Microsoft Ireland Operations Ltd) — operating our hello@aevisaglobal.com email account.

·        Mailchimp (Intuit Inc. / The Rocket Science Group LLC) — sending our newsletter and managing subscriber lists.

We do not sell, rent, or trade your personal data, and we do not share it for advertising purposes. We may disclose personal data if required by law, by a regulator, or to protect Aevisa’s rights and the safety of users.

6. International transfers

Some of our processors are based outside the United Kingdom or process data in the United States. When this happens, we rely on the UK’s adequacy regulations, or on Standard Contractual Clauses approved by the UK Information Commissioner’s Office (ICO), with additional safeguards where required. A list of current processor locations is available on request.

7. Cookies and similar technologies

We currently use only strictly-necessary cookies required to deliver the site securely. We do not use analytics, advertising, or tracking cookies. Our separate Cookies Notice (aevisaglobal.com/cookies) explains this in full. If we introduce any non-essential cookies in future, we will request your consent before they are set, as required by PECR and UK GDPR.

8. Your rights

Under UK GDPR you have the right to:

·        Be informed — through this policy

·        Access — request a copy of the personal data we hold about you

·        Rectification — correct inaccurate personal data

·        Erasure — request deletion of your personal data (subject to legal exceptions)

·        Restriction — restrict our processing of your data

·        Data portability — receive your data in a structured, machine-readable format

·        Object — to processing based on legitimate interests or for direct marketing

·        Withdraw consent — at any time, where consent is our lawful basis

To exercise any of these rights, email hello@aevisaglobal.com. We will respond within one calendar month. You can also unsubscribe from any marketing email using the link at the bottom of the email.

If you are unhappy with how we handle your data, you have the right to complain to the UK Information Commissioner’s Office (ICO): https://ico.org.uk · Helpline 0303 123 1113.

9. Security

We use industry-standard technical and organisational measures to protect your personal data, including encryption in transit (HTTPS), access controls, and processor due diligence. No system is perfectly secure; if we become aware of a breach affecting your rights, we will notify you and the ICO as required by law.

10. Children’s data

Aevisa is not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please email hello@aevisaglobal.com and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. The “Last updated” date at the top will reflect the most recent change. Material changes will be notified to subscribers by email. We recommend reviewing this page periodically.

12. Contact

For any questions about this Privacy Policy or your personal data:

Aevisa Holdings Ltd.

Unit 19, Maidstone Innovation Centre

Weavering, Maidstone, ME14 5FY

United Kingdom

Email: hello@aevisaglobal.com