Last updated: 2 April 2026
Noeticora ("we", "us", "our") is the data controller responsible for your personal data. We are a digital products studio registered in the United Kingdom.
If you have any questions about this privacy policy or how we handle your data, please contact us at privacy@noeticora.com.
We collect and process the following personal data:
Information you provide directly: When you use our contact form, we collect your name, email address, and the content of your message. We only collect what is necessary to respond to your enquiry.
Technical data collected automatically: When you visit our website, our hosting provider (Cloudflare) may collect standard technical information such as your IP address, browser type and version, time zone setting, operating system, and pages visited. This data is collected for security and performance purposes.
Cookie data: Our website uses Cloudflare Turnstile on the contact form, which sets a small number of cookies to verify that submissions come from real people rather than bots. See Section 6 below for full details on cookies.
We use your personal data for the following purposes:
To respond to your enquiry — when you submit our contact form, we use your name and email to reply to your message. The legal basis for this processing is our legitimate interest in responding to potential client enquiries (Article 6(1)(f) UK GDPR).
To protect our website — Cloudflare Turnstile processes limited data to prevent spam and abuse. The legal basis is our legitimate interest in maintaining the security of our website (Article 6(1)(f) UK GDPR).
To improve our website — we may use anonymised, aggregated technical data to understand how our site performs. This data cannot be used to identify you personally.
We do not sell your personal data to anyone. We may share data with the following categories of service providers who process data on our behalf:
Cloudflare, Inc. — our website hosting and security provider. Cloudflare processes data in accordance with their privacy policy and is certified under the EU-US Data Privacy Framework. Cloudflare Privacy Policy.
Google LLC — if you contact us via email, Google processes that data as part of Gmail/Google Workspace. Google is certified under the EU-US Data Privacy Framework. Google Privacy Policy.
Some of our service providers are based outside the UK. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, including the use of providers certified under the EU-US Data Privacy Framework or providers based in countries deemed adequate by the UK government.
Our website uses a limited number of cookies. We do not use advertising cookies, tracking cookies, or third-party analytics.
Strictly necessary cookies: Cloudflare Turnstile sets cookies (such as cf_clearance and __cf_bm) that are essential for the contact form to function securely. These cookies help verify that form submissions are genuine and protect against spam and abuse. Because they are strictly necessary for the functionality you have requested, they do not require consent under PECR.
If we introduce any non-essential cookies in the future (such as analytics), we will update this policy and request your consent before setting them.
We retain contact form submissions for up to 24 months from the date of your enquiry, after which they are securely deleted. If your enquiry leads to a business relationship, we retain relevant correspondence for the duration of that relationship plus 6 years for legal and accounting purposes.
Technical logs collected by Cloudflare are retained according to Cloudflare's own data retention policies and are typically deleted within 72 hours.
Under the UK GDPR, you have the following rights regarding your personal data:
Right of access — you can request a copy of the personal data we hold about you.
Right to rectification — you can ask us to correct any inaccurate or incomplete data.
Right to erasure — you can ask us to delete your personal data where there is no compelling reason for us to continue processing it.
Right to restrict processing — you can ask us to suspend the processing of your data in certain circumstances.
Right to data portability — you can request your data in a structured, commonly used, machine-readable format.
Right to object — you can object to processing based on legitimate interests at any time.
To exercise any of these rights, please contact us at privacy@noeticora.com. We will respond within one month.
If you are not satisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint.
Our website and services are not directed at children under 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this policy periodically.