Privacy Policy

Last updated: 14 November 2025

This Privacy Policy explains how KW CARDIAC LTD (\"KW Cardiac\", \"we\", \"us\" or \"our\") collects, uses, discloses, and safeguards personal data when you interact with our website, mobile app development services, prototypes, or related communication channels.

This Privacy Policy explains how KW CARDIAC LTD ("KW Cardiac", "we", "us" or "our") collects, uses, discloses, and safeguards personal data when you interact with our website, mobile app development services, prototypes, or related communication channels.

Interpretation & Definitions

Capitalised terms have the meanings outlined below. Words in the singular include the plural and vice versa.

• Account means a unique access profile granted to a client or partner.
• Company refers to KW CARDIAC LTD, registered at 23 Castlebar Road, Ealing, London W5 2DL, United Kingdom.
• Cookies are small files placed on your device that store browsing preferences.
• Device means any hardware capable of connecting to the Service (e.g., computer, smartphone, wearable).
• Personal Data encompasses any information relating to an identified or identifiable individual.
• Service covers our website, mobile product strategy engagements, design deliverables, prototypes, and support channels.
• Usage Data means diagnostic and analytics information collected automatically through the Service.

Data we collect

Information you provide

• Identity data such as name, company, role, and geographic focus.
• Contact data such as email addresses, phone numbers, or messaging handles.
• Project briefs, product roadmaps, UX assets, or feedback shared during collaboration.

Usage data

We collect technical data including IP address, browser type, device identifiers, session length, referring URLs, crash diagnostics, and feature usage patterns for the purpose of UX/UI optimisation.

Cookie data

We use session and persistent cookies to remember preferences, authenticate secure areas, and measure engagement. See the Cookie Policy for detailed categories and controls.

How we use personal data

• To provide, maintain, and improve our mobile app development, UX research, and product design services.
• To manage client relationships, respond to enquiries, and provide project notifications.
• To develop new features, conduct App Testing and QA, and optimise security protocols.
• To send updates about releases, events, or offers aligned with your expressed interests (you can opt out anytime).
• To comply with legal obligations, enforce agreements, and defend our rights.

Lawful bases for processing

We rely on legitimate interests, performance of a contract, compliance with legal obligations, or consent (where required) to process personal data in accordance with the UK GDPR.

Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined here, comply with legal requirements, or resolve disputes. Project artefacts may be anonymised for benchmarking and subsequently archived.

International transfers

Data may be processed in the United Kingdom or other jurisdictions where our vetted partners operate. When data leaves the UK or EEA, we implement Standard Contractual Clauses or equivalent safeguards.

Disclosure to third parties

• Service providers: analytics, hosting, communication, and security vendors engaged under confidentiality agreements.
• Professional advisers: auditors, insurers, or legal counsel when necessary.
• Authorities: if required by applicable law or court order.
• Business transfers: in a merger, acquisition, or asset sale scenario, provided equivalent protections remain in place.

Security

We implement encryption, access controls, secure development practices, and routine security reviews. While no online transmission is completely risk-free, we maintain commercially reasonable protections aligned with our Mobile App Security audits.

Your rights

You may request access, correction, deletion, restriction, objection to processing, or data portability. Where processing is based on consent, you may withdraw consent at any time without affecting the lawfulness of processing before withdrawal.

Children

Our services target business customers and are not directed to children under 18. We do not knowingly collect data from minors.

Contact

Questions about this policy can be directed to devops@kwcardiacltd.digital or KW CARDIAC LTD, 23 Castlebar Road, Ealing, London W5 2DL, United Kingdom.