Privacy Policy — Helix Privacy

Last updated: April 2026

1. Scope

This privacy policy applies to the website privacy.gs operated by Helix Privacy. It describes what data we collect, why, and your rights regarding that data.

2. Data we collect

Server logs: Our web server temporarily processes your IP address as part of serving web pages. These logs are not retained beyond the duration of the request.

Contact form: When you submit our contact form, we store your name (optional), email address, message content, and a hashed representation of your IP address. This data is retained for 30 days and used solely to respond to your enquiry.

No cookies, no tracking: We do not use cookies, analytics, or any tracking technology on this website.

3. Legal basis

Processing of contact form submissions is based on your consent (Article 6(1)(a) GDPR) and our legitimate interest in responding to enquiries (Article 6(1)(f) GDPR). Server request processing is necessary for the provision of the website.

4. Data retention

Contact form submissions are automatically deleted after 30 days. Server logs are not persistently stored.

5. Your rights

Under the GDPR and UK GDPR, you have the right to access, rectify, erase, restrict processing of, and port your personal data, as well as the right to object to processing and to lodge a complaint with a supervisory authority.

To exercise these rights, contact our Data Protection Officer at legal@privacy.gs.

6. Third parties

We do not share your data with third parties. This website hosts all assets from its own domain — no external scripts, fonts, or analytics services are loaded.

7. Security

We employ technical and organisational measures including TLS encryption, Content Security Policy, and strict HTTP security headers to protect data in transit. Contact form submissions are stored on infrastructure operated by us.

8. Changes

This policy may be updated from time to time. The latest version is always available at this URL.