Privacy Policy

 

1. Introduction

2iC Global (“we,” “us,” “our,” or “Company”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website www.2icglobal-com.stackstaging.com, use our mobile application, or engage with our services.

Our Commitment:

• We are transparent about our data practices
• We provide you with meaningful choices about your information
• We implement strong security measures to protect your data
• We comply with applicable privacy laws worldwide

Contact Information:

• Company: 2iC Global
• Registered Office: 128 City Road, London, United Kingdom, EC1V 2NX
• Email: hello@2icglobal.com
• Data Protection Officer: hello@2icglobal.com (EU/UK residents)

2. Scope and Applicability

This Privacy Policy applies to:

• Our website www.2icglobal-com.stackstaging.com and all associated subdomains
• Mobile applications
• Email communications
• Social media interactions
• Customer service interactions
• All services provided by our company

Jurisdictional Applicability:

• European Union/European Economic Area: EU General Data Protection Regulation (GDPR)
• United Kingdom: UK GDPR and Data Protection Act 2018
• United States: Various federal and state laws including:
  • California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA)
  • Virginia Consumer Data Protection Act (VCDPA)
  • Colorado Privacy Act (CPA)
  • Connecticut Data Privacy Act (CTDPA)
  • Utah Consumer Privacy Act (UCPA)

3. Definitions

Personal Information/Personal Data: Any information that identifies, relates to, describes, or is capable of being associated with a particular individual.

Processing: Any operation performed on personal data, including collection, use, storage, disclosure, and deletion.

Controller: The entity that determines the purposes and means of processing personal data.

Processor: An entity that processes personal data on behalf of the controller.

Data Subject: An individual whose personal data is being processed.

Sensitive Personal Information: Information that reveals racial/ethnic origin, religious beliefs, health information, biometric data, precise geolocation, etc.

Consumer: A natural person who is a resident of the applicable jurisdiction.

4. Information We Collect

4.1 Information You Provide Directly

Account Information:

• Full name, email address, phone number
• Username and password
• Profile information and preferences
• Communication preferences

Transaction Information:

• Billing and shipping addresses
• Payment method information (tokenized)
• Purchase history and preferences
• Customer service interactions

Communications:

• Messages you send to us
• Survey responses and feedback
• Social media interactions
• Newsletter subscriptions

Professional Information:

• Job title and company information
• Professional certifications
• Industry preferences
• Business contact details

4.2 Information Collected Automatically

Device and Technical Information:

• IP address and approximate location
• Browser type, version, and language
• Operating system and device type
• Screen resolution and device identifiers
• Network connection information

Usage Information:

• Pages visited and time spent
• Click-through rates and interactions
• Search terms and results
• Feature usage patterns
• Session recordings (where disclosed)

Location Information:

• Precise geolocation (with explicit consent)
• Approximate location from IP address
• Location preferences you set

4.3 Information from Third Parties

Business Partners:

• Joint marketing partners
• Service providers and vendors
• Payment processors
• Analytics providers

Public Sources:

• Publicly available databases
• Social media platforms
• Government records
• Professional networking sites

Data Brokers:

• Demographic and interest data
• Contact information verification
• Marketing and advertising data

5. How We Use Your Information

5.1 Service Provision

• Creating and managing your account
• Processing transactions and payments
• Providing customer support
• Delivering requested services
• Personalizing your experience

5.2 Communication

• Sending service-related notifications
• Responding to inquiries and requests
• Providing marketing communications (with consent)
• Sending security alerts and updates

5.3 Business Operations

• Analyzing usage patterns and trends
• Improving our services and website
• Conducting research and development
• Maintaining security and preventing fraud
• Complying with legal obligations

5.4 Marketing and Advertising

• Targeted advertising and marketing
• Measuring advertising effectiveness
• Cross-device tracking and linking
• Creating customer segments
• Retargeting and remarketing

6. Legal Bases for Processing

For EU/UK Residents, we process your data based on:

6.1 Contractual Necessity

• Account creation and management
• Service delivery and support
• Payment processing
• Communication about services

6.2 Legitimate Interests

• Fraud prevention and security
• Analytics and service improvement
• Direct marketing to existing customers
• Research and development

6.3 Legal Obligation

• Tax and accounting requirements
• Regulatory compliance
• Law enforcement requests
• Data breach notifications

6.4 Consent

• Marketing communications to prospects
• Non-essential cookies
• Precise location tracking
• Sensitive data processing

6.5 Vital Interests

• Emergency situations
• Health and safety protection

7. Information Sharing and Disclosure

7.1 Service Providers and Vendors

We share information with trusted third parties who provide services on our behalf:

• Payment Processors: Stripe, Wise
• Cloud Hosting: Amazon Web Services, Google Cloud, Microsoft Azure
• Analytics: Google Analytics, Adobe Analytics,  
• Email Services: Mailchimp,  Constant Contact
• Customer Support: Zendesk

7.2 Business Partners

• Joint marketing partners
• Integration partners
• Resellers and distributors
• Strategic alliance partners

7.3 Legal Requirements

We may disclose information when required by law:

• Court orders and subpoenas
• Regulatory investigations
• Law enforcement requests
• National security requirements
• Tax audits and compliance

7.4 Business Transfers

In connection with any merger, acquisition, or sale of assets:

• Due diligence processes
• Asset transfers
• Corporate restructuring
• Bankruptcy proceedings

7.5 Protection of Rights

• Enforcing our terms of service
• Protecting against fraud and abuse
• Defending legal claims
• Ensuring user safety

We do not sell personal information to third parties for monetary consideration.

8. International Data Transfers

8.1 Transfer Mechanisms

When transferring data internationally, we use appropriate safeguards:

• EU-US Data Privacy Framework (where applicable)
• UK-US Data Bridge (where applicable)
• Standard Contractual Clauses (SCCs)
• Binding Corporate Rules (BCRs)
• Adequacy Decisions

8.2 Countries We Transfer To

• United States (with appropriate safeguards)
• Canada (adequacy decision)
• Japan (adequacy decision)
• Other countries with adequate protection

8.3 Additional Protections

• Technical and organizational measures
• Encryption in transit and at rest
• Access controls and monitoring
• Regular security assessments

9. Data Retention

9.1 General Retention Principles

• We retain data only as long as necessary
• Retention periods vary by data type and purpose
• We regularly review and delete outdated information
• Legal obligations may require extended retention

9.2 Specific Retention Periods

Account Information:

• Active accounts: Duration of relationship
• Inactive accounts: 3 years after last activity
• Deleted accounts: 30 days (backup retention)

Transaction Records:

• Purchase history: 7 years (tax/accounting requirements)
• Payment information: As required by payment processors
• Refund records: 7 years

Marketing Data:

• Email marketing: Until unsubscribe + 2 years
• Analytics data: 26 months (anonymized)
• Advertising data: 13 months

Legal and Compliance:

• Legal proceedings: Duration of matter + 7 years
• Regulatory requirements: As specified by applicable law
• Security incidents: 7 years

10. Your Privacy Rights

10.1 Universal Rights (All Users)

Access: Request information about the personal data we hold about you.

Correction: Request correction of inaccurate or incomplete information.

Deletion: Request deletion of your personal information (subject to legal obligations).

Portability: Receive your data in a machine-readable format.

Opt-out: Unsubscribe from marketing communications.

10.2 EU/UK Residents (GDPR/UK GDPR)

Right to Object: Object to processing based on legitimate interests or for direct marketing.

Right to Restrict: Limit how we process your data in certain circumstances.

Right to Withdraw Consent: Withdraw consent for consent-based processing.

Right to Lodge a Complaint: File complaints with supervisory authorities:

• EU: Contact your local Data Protection Authority
• UK: Information Commissioner’s Office (ICO) – ico.org.uk

Right to Object to Automated Decision-Making: Object to solely automated processing that produces legal effects.

10.3 Exercise Your Rights

How to Submit Requests:

1. Email: hello@2icglobal.com
2. Online form: www.2icglobal-com.stackstaging.com/contact-us/
3. Mail: 2iC Global, 128 City Road, London, United Kingdom, EC1V 2NX

Verification Process:

• We may request identity verification
• Reasonable steps to confirm your identity
• Protection against fraudulent requests

Response Time:

• EU/UK: 30 days (extendable to 60 days)
• US States: Varies by state law
• We will acknowledge receipt within 48 hours

11. Cookies and Tracking Technologies

11.1 Types of Cookies We Use

Strictly Necessary Cookies:

• Essential for website functionality
• Cannot be disabled
• Session management and security

Performance Cookies:

• Website analytics and performance monitoring
• Usage statistics and error reporting
• A/B testing and optimization

Functional Cookies:

• User preferences and settings
• Language and region selection
• Personalization features

Targeting/Advertising Cookies:

• Personalized advertising
• Cross-site tracking
• Remarketing and retargeting

11.2 Third-Party Cookies and Trackers

• Google Analytics: Website analytics
• Facebook Pixel: Social media advertising
• Google Ads: Search and display advertising
• LinkedIn Insight Tag: Professional targeting
• Hotjar: User experience analytics

11.3 Cookie Management

Browser Controls:

• Disable cookies in browser settings
• Clear existing cookies
• Block third-party cookies

Opt-Out Tools:

• Digital Advertising Alliance: optout.aboutads.info
• Network Advertising Initiative: optout.networkadvertising.org

Cookie Banner: We provide a cookie consent banner for EU/UK visitors with granular controls.

12. Data Security

12.1 Technical Safeguards

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access Controls: Multi-factor authentication, role-based access
• Network Security: Firewalls, intrusion detection, VPNs
• Monitoring: 24/7 security monitoring and logging

12.2 Organizational Measures

• Staff Training: Regular privacy and security training
• Background Checks: Screening for personnel with data access
• Incident Response: Documented breach response procedures
• Vendor Management: Security assessments of third parties

12.3 Compliance Certifications

• Privacy Shield: (Where applicable)
• Industry Standards: Compliance with sector-specific requirements

12.4 Data Breach Response

Notification Timeline:

• EU/UK: 72 hours to supervisory authority, without undue delay to individuals
• US States: As required by applicable state law
• Affected Individuals: Prompt notification with mitigation steps

13. Children’s Privacy

13.1 Age Restrictions

• EU/UK: Not directed to children under 16
• US: Not directed to children under 13
• Other jurisdictions: Comply with local age requirements

13.2 Parental Consent

• We do not knowingly collect information from children
• Parents can request deletion of child’s information
• Age verification mechanisms where appropriate

13.3 Educational Context

If we provide services to schools:

• FERPA compliance (US)
• Student Data Privacy Consortium guidelines
• Parental notification and consent procedures

14. Third-Party Links

Our website may contain links to third-party websites:

• We are not responsible for third-party privacy practices
• We encourage reading third-party privacy policies
• Links do not constitute endorsement
• Third-party cookies may be set when visiting linked sites

15. Automated Decision-Making

15.1 When We Use Automated Processing

• Fraud Detection: Automated screening for suspicious activity
• Personalization: Content and product recommendations
• Marketing: Targeted advertising and campaign optimization
• Risk Assessment: Credit and payment risk evaluation

15.2 Your Rights Regarding Automated Decisions

• EU/UK Residents: Right to object to solely automated decision-making
• Human Review: Request human intervention in automated decisions
• Explanation: Understand the logic and significance of automated processing

16. California Privacy Rights

16.1 CCPA/CPRA Rights (California Residents)

Right to Know:

• Categories of personal information collected
• Sources of personal information
• Business purposes for collection
• Categories of third parties we share with

Right to Delete: Request deletion of personal information (subject to exceptions).

Right to Correct: Request correction of inaccurate personal information.

Right to Opt-Out:

• Sale of personal information (we do not sell)
• Targeted advertising

Right to Limit: Limit use of sensitive personal information.

Right to Non-Discrimination: We will not discriminate for exercising privacy rights.

16.2 Categories of Personal Information (CCPA)

Identifiers: Name, email, IP address, account name Commercial Information: Purchase history, preferences Internet Activity: Browsing history, search history Geolocation Data: Approximate and precise location Professional Information: Job title, employer Inferences: Preferences and characteristics

16.3 California “Shine the Light” Law

California residents can request information about disclosure of personal information to third parties for direct marketing purposes.

17. Virginia Privacy Rights

17.1 VCDPA Rights (Virginia Residents)

Right to Access: Confirm processing and access personal data.

Right to Correct: Correct inaccuracies in personal data.

Right to Delete: Delete personal data provided by or obtained about the consumer.

Right to Data Portability: Obtain personal data in a portable format.

Right to Opt-Out:

• Targeted advertising
• Sale of personal data
• Profiling for automated decisions

17.2 Appeals Process

If we decline your request, you may appeal by contacting hello@2icglobal.com.

18. Other US State Privacy Rights

18.1 Colorado Privacy Act (CPA)

Colorado residents have rights similar to VCDPA, including access, correction, deletion, and opt-out rights.

18.2 Connecticut Data Privacy Act (CTDPA)

Connecticut residents have rights to access, correct, delete, and opt-out of certain processing.

18.3 Utah Consumer Privacy Act (UCPA)

Utah residents have rights to access, delete, and opt-out of targeted advertising and sales.

18.4 Emerging State Laws

We monitor and comply with new state privacy laws as they become effective.

19. Service Delivery and Fulfilment Policy

19.1 Service Delivery Method

Online Service Delivery Only: All 2iC Global services are delivered exclusively through online platforms. We do not offer face-to-face meetings or physical office visits. Our consultations, meetings, and service delivery are conducted via:

• Video conferencing platforms
• Online collaboration tools
• Digital communication channels
• Remote consultation sessions

No Physical Meetings: We do not provide in-person consultations or office visits. All interactions with our team and service delivery occur through digital channels.

19.2 Customer Options and Accessibility

Consultation Accessibility:

• All services are accessible through standard internet connections
• Multiple online platform options available
• Flexible scheduling within business hours
• Technical support provided for online platform access

Service Delivery Confirmation: Customers will receive confirmation of service delivery through:

• Email confirmations
• Digital receipts and documentation
• Online portal access where applicable
• Electronic service completion notifications

19.3 Refund Policy

No Automatic Refunds: 2iC Global operates a strict no-refund policy for all services. Refunds are not automatically provided and are only considered at the sole discretion of management.

Management Discretion:

• All refund requests are evaluated on a case-by-case basis
• Refunds are subject to management approval only
• No guarantees of refund approval
• Management reserves the right to refuse refund requests

Refund Evaluation Criteria: When evaluating refund requests, management may consider:

• Circumstances surrounding the refund request
• Service delivery status and completion
• Timeline of the refund request
• Specific customer situation

Refund Request Process:

• Submit refund requests in writing to hello@2icglobal.com
• Include detailed reasoning for the refund request
• Provide relevant documentation or evidence
• Allow up to 14 business days for management review
• Management decision is final and not subject to appeal

Customer Acknowledgment: By engaging our services, customers acknowledge and agree to:

• The online-only service delivery method
• The no-refund policy with management discretion
• The evaluation process for any refund requests
• The final nature of management decisions regarding refunds

19.4 Service Completion and Documentation

Digital Records: All service delivery is documented through digital records, including:

• Session recordings (where consented)
• Digital correspondence
• Service completion confirmations
• Electronic documentation delivery

These records may be used for quality assurance, service improvement, and dispute resolution purposes.

20. Changes to This Policy

20.1 Notification of Changes

• Material Changes: Email notification to registered users
• Website Notice: Prominent notice on our website
• Effective Date: Changes effective as of the date specified

20.2 Review and Updates

• We review this policy annually
• Updates reflect changes in law, business practices, or services
• Version control with change history

20.3 Continued Use

Continued use of our services after changes constitutes acceptance of the updated policy.

21. Contact Information

21.1 General Privacy Inquiries

Email: hello@2icglobal.com
Mail: 2iC Global, 128 City Road, London, United Kingdom, EC1V 2NX

21.2 Data Protection Officer (EU/UK)

Email: hello@2icglobal.com

21.3 Regulatory Contacts

EU Supervisory Authorities 

UK Information Commissioner’s Office:

• Website: ico.org.uk

California Attorney General:

• Website: oag.ca.gov

21.4 Response Commitment

• We respond to privacy inquiries within 48 hours
• Rights requests processed within applicable legal timeframes
• Escalation procedures for complex matters

Last Updated: 27th May 2025
Effective Date: 27th May 2025
Policy Version: 1.0

 

Contact Julie McGrath – hello@2icGlobal.com – Data Protection Officer/Managing Director for any enquires

This Privacy Policy is designed to comply with applicable privacy laws. For jurisdiction-specific requirements, please contact our privacy team.