Heptism
HomeServicesContactAboutBlogSign in
Back to home
Legal

Privacy Policy

Last updated: May 22, 2025

1. Who we are

Heptism ("we", "our", or "us") is a global consulting, marketing, and technology company. Our registered address and primary point of contact is hello@heptism.com.

This Privacy Policy explains how we collect, use, disclose, and protect information about you when you visit heptism.com (the "Site") or use any of our services.

2. Information we collect

Information you provide directly:

  • Name, email address, phone number, and company name when you fill out our contact or enquiry forms
  • Account credentials (email and hashed password) when you register
  • Billing and payment information processed securely through PayU or PayPal — we never store raw card numbers
  • Messages, requests, and files you share with us during an active engagement

Information collected automatically:

  • IP address, browser type, operating system, and referral URL
  • Pages visited, time on site, and click patterns (via analytics tools)
  • Cookies and similar tracking technologies (see Section 6)

3. How we use your information

  • To deliver and manage the services you've purchased or requested
  • To process payments and send transaction receipts
  • To respond to your enquiries and provide customer support
  • To send you service-related updates and, where you've opted in, marketing communications
  • To improve our website, services, and internal workflows
  • To comply with legal obligations

We will never sell your personal data to third parties. We do not use your data to train AI models without your explicit consent.

4. Legal basis for processing (GDPR)

Where GDPR applies, we process your data on the following legal bases:

  • Contract performance — to deliver services you've contracted us to perform
  • Legitimate interests — to improve our services, prevent fraud, and maintain site security
  • Consent — for marketing emails and non-essential cookies (which you can withdraw at any time)
  • Legal obligation — where required by applicable law

5. Data sharing and third parties

We share your information only with:

  • Payment processors — PayU and PayPal, each with their own privacy policies and PCI-DSS compliance
  • Infrastructure providers — Supabase (database, auth), Resend (transactional email), and Vercel/Cloudflare (hosting and CDN)
  • Analytics tools — anonymised or aggregated data only
  • Legal authorities — when required by law or to protect our rights

All sub-processors are bound by contractual data protection obligations and, where applicable, standard contractual clauses (SCCs) for international transfers.

6. Cookies

We use cookies and similar technologies to make the Site work properly and to understand how visitors use it. Essential cookies are always active. Analytics and preference cookies are only set with your consent.

You can manage cookie preferences through your browser settings or our cookie banner at any time. Disabling non-essential cookies won't affect the core functionality of the Site.

7. Data retention

We retain your personal data for as long as necessary to fulfil the purposes set out in this policy, or as required by law. When a client engagement ends, we retain project data for 3 years for audit and dispute purposes, then securely delete it unless you request earlier deletion.

8. Your rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your data ("right to be forgotten")
  • Restrict or object to processing
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time where processing is consent-based

To exercise any of these rights, email us at hello@heptism.com. We will respond within 30 days.

9. Security

We apply industry-standard security measures including TLS encryption in transit, encryption at rest for sensitive data, role-based access control, and regular security reviews. No system is 100% secure — if you suspect a breach, contact us immediately at hello@heptism.com.

10. Children's privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us and we will delete it promptly.

11. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we'll revise the "last updated" date at the top of this page. For material changes, we'll send a notification to active account holders. Continued use of the Site after changes constitutes acceptance of the updated policy.

12. Contact us

Questions, concerns, or requests about this policy? We're a real team and we respond to every message.

Email: hello@heptism.com
Subject line: "Privacy Request"

Free 30-min strategy call

Let's figure out what your business actually needs.

Book a free 30-minute call with a senior partner. We'll look at your goals, your current setup, and where the biggest opportunities are — then send you a written action plan. No pitch deck. No obligation. The plan is yours to keep either way.

View pricingBook your free call
NDA-friendlyNo sales pressureWritten plan yours to keep

We reply within 1 business day

You'll always hear from a senior partner — never a junior rep reading from a script.

Prefer email?

hello@heptism.com