Privacy Policy

Systemised To Scale Limited – Privacy Notice under the Gibraltar Data Protection and the Gibraltar Data Protection Act 2004 (DPA004)

Definitions and Interpretation

“Systemised To Scale Limited” means Systemised To Scale Limited (registered in Gibraltar, company number 125686) together with any subsidiaries.

“We/Us/Our” means Systemised To Scale Limited.

“Our Site” means the website
www.systemisedtoscale.com

“Our Platform” means the Systemised To Scale Limited Customer Relationship Management (CRM) software system.

Background

We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of Our clients and customers and of everyone who visits Our website, www.systemisedtoscale.com (“Our Site”) and will only collect and use personal data in ways that are described here, and in a way that is consistent with Our obligations and your rights under the law.

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of Our Privacy Policy is deemed to occur upon your first use of Our Site and when you enter into an agreement with Us for the provision of services.

1. What Does This Notice Cover?

This Privacy Policy explains how We use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

This notice applies however you provide personal information to Us, including but not limited to:

online through our website

through an app

via social media

purchasing goods

entering competitions that we may run from time to time

participating in research activities

telephoning

emailing

writing

contacting us through WhatsApp or SMS

2. What is Personal Data?

Personal data is defined by the Gibraltar Data Protection Regulation and the Data Protection Act 2004 (DPA004) (together referred to as “the Data Protection Legislation”) as:

“any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier”.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

The personal data that We use is set out in Part 4, below.

3. What Are Your Rights?

Under the Data Protection Legislation, you have the following rights, which We will always work to uphold:

a. The right to be informed about Our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact Us to find out more or to ask any questions using the details in Part 10.

b. The right to access the personal data We hold about you. Part 8 will tell you how to do this.

c. The right to have your personal data rectified if any of your personal data held by Us is inaccurate or incomplete. Please contact Us using the details in Part 10 to find out more.

d. The right to be forgotten, i.e. the right to ask Us to delete or otherwise dispose of any of your personal data that We may hold. Please contact Us using the details in Part 10.

e. The right to restrict (i.e. prevent) the processing of your personal data.

f. The right to object to Us using your personal data for a particular purpose or purposes or to withdraw any consent you have given Us and to opt out of any marketing communications that We may send you.

g. The right to data portability.

h. Rights relating to automated decision-making and profiling.

For more information about Our use of your personal data or exercising your rights as outlined above, please contact Us using the details provided in Part 10.

If you have any cause for complaint about Our use of your personal data, you have the right to lodge a complaint with the Gibraltar Regulatory Authority.

4. What Personal Data Do We Collect?

We will collect personal data on clients, customers, contacts, prospective clients and customers, contractors and employees.

Personal data collected will vary according to your relationship with Us and may include (but is not limited to):

Personal data including name, date of birth, gender, physical activity readiness and other relevant demographic information

Marital status

Nationality and residency

Job title and / or profession including CV

Bank account details

Contact details including username, address, email address and phone numbers

Social media handles

Criminal convictions and offences details (where required for screening)

Services used by you

Purchases and orders made by you

Communication and marketing preferences

Technical information such as devices and browser settings

Behavioural and usage information

Your location

Correspondence and communications with Us

Financial and payment information

Public platform information (Instagram, YouTube, X, Facebook pages)

Special category information including health, fitness and/or medical data

Identity document information (passport / driving licence)

Statutory reference numbers (e.g. UTR / TIN equivalents)

Interests, preferences, feedback, competition and survey responses

5. How Do We Use Your Personal Data?

Under the Data Protection Legislation, We must always have a lawful basis for using personal data.

Your personal data may be used for:

Entering into contracts with you

Providing services

Personalising services

Operating Our CRM platform

Training and quality control

Security vetting

Credit scoring and checking

Promotional communication (with permission)

Research and insight

Competition administration

Customer service

Legal and regulatory compliance

Email, social media, SMS, telephone, WhatsApp and/or postal communications

You may unsubscribe at any time by emailing:

info@systemisedtoscale.com

We may also show online communications via platforms such as:

Facebook

Instagram

Google

TikTok

YouTube

You have the right to withdraw consent at any time.

Data Security

We have appropriate security measures to prevent your personal data from being:

lost

accessed without authorisation

altered

disclosed

Security recommendations for users:

Log out on shared/public devices

Keep usernames/passwords private

Use strong passwords

Change passwords regularly

Use different passwords across platforms

We use cloud-based systems including:

High Level

https://www.gohighlevel.com/privacypolicy
https://www.gohighlevel.com/privacy-and-security

Stripe

https://stripe.com/gb/privacy

6. How Long Will We Keep Your Personal Data?

We retain personal data only as long as necessary.

Examples:

Tax records → minimum 6 years

Legal compliance records → as required

Statistical / anonymised data → retained longer if anonymised

You may request deletion (see Part 3).

7. How and Where Do We Store, Share or Transfer Your Personal Data?

We may transfer personal data outside the EEA where required to deliver services.

Safeguards include:

Adequacy decisions by the European Commission

Approved contractual protections

Certification mechanisms

Explicit consent where necessary

We may share data with:

group companies

employees

consultants

subcontractors

advisers

regulators

Gibraltar Income Tax Office

legal authorities

All third parties must process data lawfully and securely.

8. How Can You Access Your Personal Data?

You may submit a subject access request by contacting:

info@systemisedtoscale.com

Typical response time:

within 1 month

up to 3 months if complex

Fees may apply only if requests are excessive or repetitive.

9. Third-Party Links and Cookies

Our Site and Platform may contain third-party links.

We are not responsible for external privacy policies.

Cookies help:

analyse traffic

improve usability

personalise experience

You may disable cookies in browser settings.

Doing so may limit functionality.

10. How Do You Contact Us?

For all data protection enquiries:

Email: info@systemisedtoscale.com

11. Changes To This Privacy Notice

We may update this Privacy Policy periodically.

Changes will be posted on Our Site and deemed accepted upon next use.

Last updated: November 2025