top of page

Privacy Policy

Effective Date: June 10, 2026

Contents

  1. Who We Are

  2. About This Privacy Notice

  3. What Personal Information We Collect and How We Collect It

  4. How We Use Your Personal Information

  5. Legal Basis for Processing (UK and EU)

  6. How We Share Your Personal Information

  7. Your Marketing Choices

  8. Retention and Deletion

  9. International Transfers

  10. Your Data Protection Rights

  11. Cookies

  12. Children's Privacy

  13. Links to Other Websites

  14. Changes to This Privacy Notice

  15. Contact Us

1. Who We Are

This Privacy Notice is issued by Business Thinking Ltd and its US subsidiary, Datavault Technologies Inc. (collectively referred to as "Business Thinking", "we", "us", or "our").

Business Thinking Ltd is a private limited company registered in England and Wales (Company No. 4980808). Datavault Technologies Inc. is separately registered in the United States.

Registered offices:

  • Business Thinking Ltd: Frederick House, 58 Station Road, Hayling Island, Hampshire, PO11 0EL, United Kingdom

  • Datavault Technologies Inc.: Walter Shuffain, 3rd Floor, 101 Station Drive, Suite #250, Westwood, MA 02090, USA

For the purposes of UK and EU data protection law, Business Thinking Ltd acts as a Data Controller. For the purposes of applicable US privacy laws, including the California Consumer Privacy Act (CCPA), both Business Thinking Ltd and Datavault Technologies Inc. act as a Business.

2. About This Privacy Notice

Protecting and respecting your privacy is our priority. This Privacy Notice explains how we collect, use, share, and protect your personal information when you:

  • Use our website(s), mobile applications, and other online or offline products, services, and experiences (collectively, the "Services")

  • Interact with us as a customer, partner, or supplier

  • Apply for a role with us

We are committed to handling your personal information in accordance with applicable data protection and privacy laws, including:

  • UK GDPR and the UK Data Protection Act 2018

  • EU GDPR (General Data Protection Regulation)

  • US federal and state privacy laws, including the California Consumer Privacy Act (CCPA) and other similar legislation where applicable

Please read this notice carefully. If you have any questions or concerns, please contact us at info@data-vault.com.

By using our Services, you agree to be bound by this Privacy Notice.

3. What Personal Information We Collect and How We Collect It

We collect personal information that you provide directly to us, as well as information gathered through your use of our Services and our ongoing relationship with you or your organisation.

3.1 Information You Provide Directly

  • Identity Data: Name, username, title, date of birth, location, job title, organisation name, and pronouns

  • Contact Data: Business address, country, email address, phone numbers, and social media handles

  • Payment Information: Bank account or credit card details, which are collected and stored by a third-party payment processing company. Use and storage of this information is governed by that processor's applicable privacy policy.

  • Survey and Form Data: Information provided when completing forms, responding to surveys or questionnaires, participating in promotions, competitions, or sweepstakes

  • Communications Data: Information shared when contacting our customer service team, sending emails, or engaging with us by phone or text message — including your marketing preferences and any other information you choose to share

  • Employment Data: CVs, cover letters, references, right-to-work documentation, and other recruitment information provided when applying for a role with us

3.2 Information Collected Automatically

  • Usage Data: Details of how you interact with our website, Services, and electronic communications

  • Technical Data: IP address, login data, browser type and version, time zone setting, and device information

  • Marketing Preferences: Records of your communication and promotional preferences

3.3 Information from Third Parties

We may receive personal information about you from third-party tools and platforms we use, including Google, LinkedIn, Mailchimp, Meetup, YouTube, and Eventbrite. Data provided to us by these platforms will be handled in accordance with this Privacy Notice. We encourage you to review the privacy policies of those platforms directly.

4. How We Use Your Personal Information

We use your personal information for the following purposes:

  • To provide, operate, and improve our Services

  • To send you our newsletter, or other marketing and promotional information about our Services, where you have consented or where we have a legitimate interest in doing so

  • To respond to your questions, enquiries, or customer service requests, and to send you notices, updates, security alerts, or administrative messages

  • To manage our business relationships with customers, partners, and suppliers

  • To process job applications and manage recruitment activities

  • To monitor and analyse trends, usage, and activities in connection with our Services

  • To facilitate contests, sweepstakes, and promotions, and to process entries and provide prizes or rewards

  • To detect, investigate, and prevent fraudulent transactions and other illegal activities, and to protect the rights and property of Business Thinking and its customers

  • To carry out our obligations arising from any contracts entered into between you and us, including billing and collection

  • To comply with applicable legal and regulatory requirements

We will only use your personal information in ways that are compatible with the purposes for which it was collected, or as otherwise described to you at the time of collection.

5. Legal Basis for Processing (UK and EU)

Under UK and EU data protection law, we are required to have a legal basis for collecting and using your personal information. Our legal basis will depend on the specific personal information concerned and the context in which we collect it. We typically rely on the following:

  • Consent: Where you have given us clear consent to process your personal information for a specific purpose, such as receiving marketing communications

  • Contract: Where processing is necessary to perform a contract with you, or to take steps at your request before entering into a contract

  • Legal Obligation: Where processing is necessary to comply with a legal or regulatory requirement

  • Legitimate Interests: Where processing is necessary for our legitimate interests (or those of a third party) and is not overridden by your data protection rights — for example, improving our Services, preventing fraud, or managing our business relationships

If you have questions about the legal basis applicable to a particular processing activity, please contact us using the details in Section 15.

6. How We Share Your Personal Information

We do not sell or rent your personal data. We may share your personal information in the following circumstances:

  • Service Providers: With vendors, consultants, and other service providers who process personal information on our behalf under confidentiality obligations — for example, providers of data analytics, marketing, financial, or IT services

  • Business Partners: With partners involved in joint projects or sales activities, where necessary and appropriate

  • Corporate Transactions: In connection with, or during negotiations of, any merger, acquisition, sale of company assets, or financing of all or part of our business

  • Legal Requirements: Where we are legally required to disclose personal information — for example, in response to a court order or lawful request from a regulatory authority. In such cases, we will only disclose information where we have a good-faith belief that disclosure is required under applicable legal obligations.

7. Your Marketing Choices

We will send marketing communications to you if you have asked us to, purchased goods or services from us, or provided your details when entering a competition or registering for a promotion.

We will always obtain your consent before sending marketing emails or text messages where required by law, and before sharing your personal information with any third party for their own direct marketing purposes.

You may unsubscribe from marketing messages at any time by:

  • Clicking the unsubscribe link included in any marketing email we send you

  • Contacting us directly at info@data-vault.com

If you opt out of marketing messages, we may still send you non-promotional communications related to your account or your use of our Services.

8. Retention and Deletion

We will not keep your personal information longer than is necessary for the purposes for which it was collected. When determining how long to retain your information, we consider:

  • The amount, nature, and sensitivity of the personal information

  • The potential risk of harm from unauthorised use or disclosure

  • The purposes for which we process the data and whether we can achieve those purposes through other means

  • Applicable legal requirements, including legal retention and destruction periods

As a general guide:

  • Marketing data is retained until you opt out

  • Data relating to contracts or legal matters is retained for as long as required by applicable law and regulation

These timeframes will not prevent us from retaining personal information where necessary to comply with legal obligations, to file or defend legal claims, or for evidential purposes. Full details of our retention periods are available on request by contacting us at info@data-vault.com.

9. International Transfers

Business Thinking operates in both the United Kingdom and the United States. Your personal information may be transferred to, stored in, or processed in countries outside the UK or European Economic Area (EEA).

Where such transfers occur, we ensure that appropriate safeguards are in place to protect your personal information in accordance with applicable law. These safeguards may include Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO) or the European Commission, or other legally recognised transfer mechanisms.

10. Your Data Protection Rights

Your rights depend on your location and the applicable law, but may include:

UK and EU residents (under GDPR):

  • The right to access your personal information

  • The right to rectify inaccurate or incomplete personal information

  • The right to erasure ("right to be forgotten")

  • The right to restrict or object to processing

  • The right to data portability — receiving your data in a readable, standardised format

  • The right to withdraw consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal

California residents (under CCPA):

  • The right to know what personal information we collect, use, share, or sell

  • The right to request deletion of your personal information

  • The right to opt out of the sale or sharing of personal information

  • The right not to be discriminated against for exercising your privacy rights

All users:

  • The right to withdraw consent at any time

  • The right to lodge a complaint with a relevant supervisory authority — in the UK, this is the Information Commissioner's Office (ICO); in the EU, your national data protection authority; in the US, your relevant state authority

To exercise any of these rights, please contact us at info@data-vault.com. We may require proof of identity before fulfilling your request. We will respond to all requests in accordance with applicable data protection laws.

11. Cookies

We use cookies and similar tracking technologies on our website to improve your experience and to understand how our Services are used. We obtain your consent before placing non-essential cookies on your device.

Our website uses Usercentrics as our consent management platform, which allows you to review and manage your cookie preferences at any time. You can also adjust your browser settings to refuse cookies; however, please note that some parts of our website may not function correctly if you do so.

For more information about the cookies we use and how to manage your preferences, please use the Usercentrics consent panel available on our website.

12. Children's Privacy

Our Services are not directed to children under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child without verified parental consent, we will delete it promptly. If you believe we may have collected information from a child, please contact us at info@data-vault.com.

13. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites, and this Privacy Notice does not apply to them. We encourage you to review the privacy policies of any third-party sites you visit.

14. Changes to This Privacy Notice

We review this Privacy Notice regularly and may update it from time to time. When we make significant changes, we will take appropriate steps to inform you, consistent with the significance of the changes made. The effective date at the top of this page will always reflect when the notice was last updated.

We encourage you to check this page periodically for the most up-to-date information about our privacy practices. Continued use of our Services after any changes are posted constitutes your acceptance of the updated Privacy Notice.

15. Contact Us

The data controller of your personal information is Business Thinking Ltd.

If you have any questions, concerns, or complaints regarding this Privacy Notice or how we handle your personal information, please contact us:

Business Thinking Ltd Frederick House, 58 Station Road Hayling Island, Hampshire, PO11 0EL United Kingdom

Email: info@data-vault.com

For US-related enquiries, you may also contact our subsidiary:

Datavault Technologies Inc. 3rd Floor, 101 Station Drive, Suite #250 Westwood, MA 02090, USA

Email: info@data-vault.com

bottom of page