Privacy Policy

This Privacy Policy explains how BEQODIA Ltd (United Kingdom) (“we”, “us”, “our”) collects, uses, and protects personal data when you use EvalVista (the “Service”) and our website (together, the “Platform”).

Company / Data Controller: BEQODIA Ltd (United Kingdom)
Registered office: 71-75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Contact email: contact@evalvista.com
Company number: 15908740

If you have questions about this policy or your data, contact us at [email protected].

1) What personal data we collect

A. Data you provide to us

• Contact details: name, email address, company/organization (e.g., via forms or account creation)

• Support messages: content you send us (e.g., contact forms, support emails)

• Account data (if you create an account): login identifiers and preferences

• Content you upload/input into the Service (depending on your usage): e.g., assistant configuration, prompts, test cases, evaluation inputs/outputs, and related metadata

B. Data collected automatically

• Usage data: pages viewed, features used, clicks, approximate location (country/city), device and browser details

• Log and security data: IP address, timestamps, error logs, and events used to keep the Platform secure and reliable

• Cookies / similar technologies: see “Cookies” section

C. Payment data (if you buy a paid plan)

We do not store full payment card details on our servers. Payments are handled by third-party payment processors. We may receive limited billing information (e.g., billing email, plan type, transaction IDs, last 4 digits, country).

2) How we use your data (purposes)

We use personal data to:

• Provide and operate the Platform and its features

• Respond to messages and provide customer support

• Improve performance, usability, and reliability

• Monitor, prevent, and investigate fraud, abuse, and security incidents

• Send service emails (e.g., confirmations, security notices)

• If you opted in: send product updates / marketing communications

3) Legal bases (UK GDPR / GDPR)

We process your data under one or more legal bases:

• Contract: to provide the Service you request

• Legitimate interests: to secure, improve, and operate the Platform (balanced against your rights)

• Consent: for optional cookies and certain marketing messages (where required)

• Legal obligation: where we must comply with laws/regulations

4) Who we share data with

We may share personal data with:

• Service providers / processors (hosting, analytics, email delivery, error monitoring, customer support tools), acting under our instructions

• Payment processors (if you purchase)

• Authorities if required by law, or to protect rights/safety/security

• Business transfers (if we undergo a merger, acquisition, or asset sale)

We do not sell your personal data.

5) International transfers

Your data may be processed in the UK, the EEA, and potentially other countries depending on where our vendors/hosting operate. When data is transferred internationally, we use appropriate safeguards (such as UK International Data Transfer Agreement what’s applicable, Standard Contractual Clauses, or other lawful mechanisms).

6) Data retention

We keep personal data only as long as necessary:

• Account data: while your account is active and for a reasonable period after deletion (for security/audit)

• Support messages: for as long as needed to handle your request and maintain records

• Logs/security: typically retained for a limited period (e.g., days to months) unless needed longer for investigation or compliance

You can request deletion (see “Your rights”).

7) Security

We use reasonable technical and organizational measures to protect data (access controls, least-privilege access, monitoring, backups, and encryption where appropriate). No method of transmission or storage is 100% secure.

8) Your rights (UK GDPR / GDPR)

Depending on your location, you may have rights to:

• Access your personal data

• Correct inaccurate data

• Delete your data

• Restrict or object to processing

• Data portability

• Withdraw consent (where processing is based on consent)

To exercise rights, email [email protected].

Complaints

If you are in the UK, you can complain to the Information Commissioner’s Office (ICO) if you believe we mishandle your data.

9) Cookies

We use cookies and similar technologies for:

• Essential website functionality

• Security

• Analytics and performance (where enabled)

If your site uses optional analytics/marketing cookies, you should show a cookie banner and allow users to manage preferences (where required by law).
Cookie controls: [Add link to cookie settings page/banner, if you have it]

10) Contact forms (important)

When you submit a message through our contact forms, the data is sent to us (typically by email). By default, many WordPress form plugins send messages by email and may not store them in WordPress unless you enable storage or use an add-on. We use these messages only to respond and provide support.

11) Children

The Platform is not intended for children under 16. We do not knowingly collect personal data from children.

12) Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the “Last updated” date.