Privacy policy

Personal data and privacy are of utmost importance to us. We therefore maintain this Privacy Policy covering how we collect, use, transfer, and store personal data to afford a level of transparency so that you are informed and can manage your interaction with us.

By visiting our website or subscribing to receive communications from us, you are accepting the terms of this Privacy Policy. You are therefore encouraged to read this Policy before using or submitting information to us.

If anything is unclear, or if you have any questions relating to how we handle your personal data, please contact us by telephone or email using our contact page.

We reserve the right to make changes to our Privacy Policy, so the information below may change from time-to-time. Last updated: 9/4/2021.

Who we are

Eximia Limited is a UK based company (company number: 8289899). Our registered and trading address is: Malvern House, 200 Pentonville Road, London N1 9JP. Our primary activity is communication consultancy and design – creating campaigns to convey a message to employees of clients.


Eximia is committed to complying with relevant data protection laws.

This includes the EU General Data Protection Regulation 2016/679 of the European Parliament and of the Council (‘GDPR’) and the Data Protection Act 2018, together with the Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended) and any data protection laws substantially amending, replacing or superseding the foregoing.

Eximia is registered as a data controller with the Information Commissioner’s Office in the UK (reference: ZA209016) and process your data in accordance with the ICO’s guidance.

We have contracts with all employees and contractors that cover confidentiality and data protection, as well as educate them to ensure business activity is carried out in line with data protection principles.

The security of your information is important to us. All of your data is private and confidential and we take all reasonable steps to ensure that your information is handled securely and in accordance with this Privacy Policy. We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once it is received. However, please note that transmitting information over the Internet is never completely secure. Although we do our best to protect your personal information, we cannot guarantee that your information is absolutely secure in all situations. If you suspect there has been any unauthorised access or misuse of your personal information, please contact us.

We review data privacy governance regularly.

Information we collect and manage as a data controller

We collect, use, transfer, and store personal data for:

(1) Marketing purposes. Our marketing activities are business-to-business contacts and do not involve consumers, so the typical personal data we handle is: name, work email address, work telephone number, job title, employer name, LinkedIn profile URL (the information you might provide to us on a business card, at an industry event, or can be found online such as on LinkedIn). This information will be held:

In our CRM (Hubspot –
In our email client (Mailchimp –
Our activity is likely to consist of: Emails, direct mail, conferences and events, LinkedIn InMails and LinkedIn advertising.
Legal basis for processing: Legitimate business interests

We have considered the impact of using such information, and limit our use to only what is strictly proportionate, has a minimal privacy impact, and what a business contact would not be surprised or likely to object to.

We may also send email newsletters to those who subscribe to receive updates through our website. Legal basis for processing: Consent

If you complete our contact form, we will use this to respond to you. We will then store this information in our CRM, which allows us to keep track of when we have communicated to ensure we are proportionate, relevant and not excessive in any future communications.

If you happen to receive any of our marketing communications, you may unsubscribe by clicking on the ‘unsubscribe’ link located on the bottom of our marketing emails, or by contacting us.

(2) To service client contracts. To communicate with clients and satisfy contractual commitments and services, we typically handle personal data such as: name, work email address, work telephone number, job title, employer name. This information will be held:

In emails (hosted by Google –
In our project management tool (Harvest –
In our CRM (Hubspot –
Accounting software (Xero –
Our accountant and HMRC – Information in our accounting records will be shared with HMRC, the courts and our accountants as necessary to meet our legal obligations.
Where the above providers transfer personal data outside of the EEA, they only transfers to countries that have been identified as providing adequate protection or by entering into agreements using the EU Model Clauses.
Legal basis for processing: Legitimate business interests

Information we are given and process on behalf of clients

On rare occasions we are supplied personal data of a client’s employees to fulfill our services. This typically includes name, home address, work or personal email. We restrict access on a need-to-know basis and use the personal data to fulfil the service requested. Once complete, the data is securely deleted.

Our website

Our website is an advertisement for our services. To improve our user experience, we collect some data derived from information about your activities on our website provided to us by Google Analytics. The insights provided by Google Analytics help us to better understand who our users are, where they come from, and their behaviours. We also use Lead Forensics – this provides static IPs which relate to businesses only ( This gives us insight, but given our marketing is targeted to large businesses, we’re not able to identify people on an individual basis. We do collect cookies as a result of the above – details of which can be found in our Cookie Policy.

How long we store your data

The amount of time we hold your data varies according to the purpose we have for using it. However, we will not hold data for any longer than is necessary for the purposes we collected it. You can contact us for more details about specific retention periods.

Third-party use of information

Except as described above, Eximia will not disclose, sell or rent your personal data to any third party. However, if a third party acquires all (or substantially all) of Eximia’s business and/or assets, Eximia may disclose your personal information to that third party in connection with the acquisition. Eximia may also disclose your personal data where required to do so by applicable law, to a governmental body or law enforcement agency.

Finally, Eximia may also collect anonymised details (no single individual will be identified) about visitors to our website for the purposes of aggregate statistics or reporting purposes.

Third-party websites

Our website may contain links to other websites operated by third parties. Please note that this Privacy Policy only applies to the personal data that Eximia collect through our website and we are not responsible for personal data that third parties may collect, store and use through their websites. You should always read the privacy policy of each website you visit.

Your rights

You have the right to ask for a copy of the personal data we hold that relates to you. If you think that information about you which we hold is incorrect or misleading you have the right to have the information corrected provided you can demonstrate that it is incorrect. You can also request the erasure of personal data relating to you in certain circumstances, where we do not require it to meet a legal obligation. You can also request or restriction of processing so that your records are maintained beyond our usual retention period. You have the right to object to processing on the grounds that it causes you damage or distress and the right to take away a copy of your personal data in electronic format in certain circumstances.

If you are unhappy about the way we use your personal data or the way in which we respond to any request you make to exercise your data protection rights, you can contact us. Failing a reasonable resolution, you also have the right to lodge a complaint with the Information Commissioner (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Terms of use

Please see our Terms of use.

Use of cookies

Please see our Cookie policy.

phone Call us on 020 7420 1984 or send us a message

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


    Get unmissable insights


    Everything you need to know about communicating share plans and rewards, delivered straight to your inbox! Sign up to never miss out on the latest industry news and insights. Delivered monthly, unsubscribe at any time.