Invoclouds
Privacy Policy

Privacy Policy

This policy explains what personal information Invoclouds collects through invoclouds.com, why we collect it, who we share it with, and the rights you have over it.

Effective date:
18 June 2026
Last updated:
18 June 2026

1. Introduction

This Privacy Policy applies to invoclouds.com (the "Website"), operated by Invoclouds ("Invoclouds", "we", "us", or "our"), a software agency registered and operating in the United Kingdom at 85 Dunstall Hill, Wolverhampton WV6 0SR, UK. It describes how we collect, use, store, and share personal information when you visit the Website, submit a form, or request a demo, project, or other service from us.

We process personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable to visitors located in the European Economic Area, the EU General Data Protection Regulation (GDPR). Where applicable to residents of California, this policy also addresses disclosures required under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA).

2. Information you provide to us

We collect personal information directly from you when you voluntarily submit one of the forms on the Website. We do not require you to create an account to use the public Website.

Contact form (/contact): full name, email address, company name (optional), and your message.

Request a Demo form (/request-demo): full name, email address, phone or WhatsApp number, company name, company website (optional), job role (optional), country (optional), the product you selected, company type, team size, what you want to see in the demo, your current process or software (optional), preferred demo method, preferred demo date/time (optional), and any additional message.

Start a Project form (/start-project): full name, company name (optional), email address, phone or WhatsApp number, country (optional), website (optional), preferred contact method, project timeline, budget range, the service you are enquiring about, and your answers to service-specific project requirement questions (for example, the type of platform, integrations, or features you need).

All three forms validate required fields before submission. We do not knowingly collect payment card details, government identification numbers, or other special category data through these forms, and you should not include such information in free-text fields.

3. Information collected automatically

The Website does not currently use third-party web analytics, advertising pixels, or behavioural tracking scripts. We have not integrated tools such as Google Analytics, Meta Pixel, or similar services as of the last updated date above.

Like most websites, our hosting and content-delivery infrastructure may automatically generate standard technical logs as a normal part of serving web pages and processing requests - for example, IP address, browser type, device information, the page requested, and timestamps. This information is generated and retained by our hosting infrastructure for security, abuse prevention, and operational troubleshooting, and is not used by Invoclouds to build advertising profiles or to track you across other websites.

The Website embeds interactive 3D visuals served by a third-party content provider. Loading these visuals causes your browser to request resources directly from that provider's content delivery network. We do not control what, if anything, that provider collects when serving this content; see our Cookie Policy for further detail.

See our Cookie Policy for the specific cookies and browser storage used on the Website.

4. How we use your information and our lawful basis

We use the personal information described above for the following purposes:

  • To respond to enquiries submitted through the Contact, Request a Demo, and Start a Project forms (performance of a contract or steps taken at your request prior to entering into a contract, under Article 6(1)(b) GDPR).
  • To schedule and prepare for product demonstrations and to scope proposed projects (legitimate interests in operating our business, Article 6(1)(f) GDPR, balanced against your rights).
  • To maintain the security, integrity, and proper functioning of the Website and our admin systems (legitimate interests, Article 6(1)(f) GDPR).
  • To comply with legal obligations, such as responding to lawful requests from regulators or maintaining business records (Article 6(1)(c) GDPR).

We do not use the personal information collected through these forms for direct marketing, and we do not sell or rent personal information to third parties.

5. Start Project, Request Demo, Contact, and admin-related processing

When you submit the Contact, Request a Demo, or Start a Project form, the data you enter is validated on our server and sent as an email via our email delivery service to an internal Invoclouds mailbox. Your email address is set as the "reply-to" address on that message so our team can respond to you directly. These form submissions are not written to our production database; they exist as the email sent through that delivery service and as the message received in our internal inbox.

Separately, Invoclouds maintains an administrative back office (accessible only to authorised Invoclouds staff at a restricted admin subdomain) used to manage the product catalogue and partner listings displayed on the Website. Administrator accounts store a name (optional), email address, and a securely hashed password in our database; we never store admin passwords in plain text. Signing in to the admin area sets a session cookie described in our Cookie Policy. This admin system is operational infrastructure for Invoclouds staff and is not used to process visitor or customer personal data beyond what is described in this policy.

6. Service providers and third parties we use

We rely on the following categories of service provider to operate the Website. Each provider processes personal information only as necessary to deliver its service to us and is bound by its own data processing terms.

  • Email delivery service - used to send Contact, Request a Demo, and Start a Project form submissions to our internal mailbox.
  • Database hosting provider - stores our product catalogue, partner listings, and administrator account records.
  • Cloud file storage provider - used to host images (product logos, hero images, dashboard screenshots, and partner logos) uploaded by our administrators. This storage is not used to hold personal information submitted by website visitors.
  • Website hosting / content delivery infrastructure - serves the Website and may generate standard technical logs as described in Section 3.

We do not currently use third-party advertising networks, social media tracking widgets, or data brokers in connection with the Website.

7. International data transfers

Invoclouds is based in the United Kingdom. Some of our service providers may process or store data on servers located outside the UK or European Economic Area, including in the United States. Where personal information is transferred outside the UK or EEA, we rely on appropriate safeguards recognised under UK GDPR and, where applicable, EU GDPR - such as the UK International Data Transfer Addendum or the EU Standard Contractual Clauses incorporated into our providers' standard terms of service - to ensure your information continues to receive an equivalent level of protection.

8. Data retention

We do not apply arbitrary fixed retention periods. Instead, we retain personal information only for as long as is necessary for the purpose it was collected, assessed against the following criteria:

  • Contact, Request a Demo, and Start a Project enquiries: retained in our internal email inbox and in our email delivery service's delivery records for as long as reasonably necessary to respond to your enquiry, progress any resulting engagement, and meet our business record-keeping obligations, after which they are deleted or archived in the ordinary course of mailbox management.
  • Administrator accounts: retained in our database for as long as the individual remains an authorised Invoclouds administrator, and removed when access is revoked.
  • Product, partner, and catalogue content: business content we control directly and retain for as long as it remains relevant to the Website.
  • Technical/security logs: retained by our hosting infrastructure for a limited operational window sufficient for security monitoring and troubleshooting.

If you would like us to delete personal information you have submitted, contact us using the details in Section 16 and we will action your request in line with applicable law.

9. Information security

We apply reasonable technical and organisational measures designed to protect personal information, informed by recognised information security practices (including the principles underlying ISO/IEC 27001 and ISO/IEC 27701). These include encrypting administrator passwords using industry-standard password hashing, issuing admin session tokens as signed, time-limited, HTTP-only cookies, restricting the admin back office to an authenticated subdomain, and using presigned, time-limited upload URLs for file storage rather than exposing storage credentials to the browser.

No method of transmission or storage is completely secure, and we cannot guarantee absolute security. We are not currently certified to ISO/IEC 27001, ISO/IEC 27701, or any other formal information security standard, and we do not claim such certification.

10. Your rights under GDPR / UK GDPR

If you are located in the UK or EEA, you have the following rights in relation to your personal information, subject to applicable exceptions:

  • The right to be informed about how we use your data (this policy).
  • The right to access the personal information we hold about you.
  • The right to have inaccurate personal information corrected, or incomplete information completed.
  • The right to request erasure of your personal information in certain circumstances.
  • The right to request that we restrict our processing of your personal information in certain circumstances.
  • The right to data portability, where applicable.
  • The right to object to processing based on our legitimate interests.
  • The right to withdraw consent at any time where processing is based on consent.

To exercise any of these rights, contact us using the details in Section 16. We may need to verify your identity before actioning a request.

11. California privacy rights

If you are a California resident, the CCPA/CPRA gives you the right to know what personal information we collect about you, to request deletion of that information, to correct inaccurate information, and to non-discrimination for exercising these rights. Invoclouds does not sell or share personal information for cross-context behavioural advertising, as those terms are defined under the CCPA/CPRA. To make a request, contact us using the details in Section 16.

12. Children's privacy

The Website is intended for business audiences and is not directed at children. We do not knowingly collect personal information from anyone under the age of 16. If you believe a child has provided us with personal information, please contact us and we will take steps to delete it.

13. Automated decision-making

We do not use the personal information collected through the Website to make any decision about you based solely on automated processing, including profiling, that produces legal effects or similarly significantly affects you. Enquiries submitted through our forms are reviewed by a member of the Invoclouds team.

14. Cookies and tracking

The Website's use of cookies and similar storage technologies is described in full in our Cookie Policy. In summary, the Website currently relies only on strictly necessary cookies and local storage required to operate the admin back office and to remember your cookie notice preference; we do not use analytics or marketing cookies.

15. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to the Website, our service providers, or applicable law. We will revise the "Last updated" date at the top of this page when we do. We encourage you to review this page periodically.

16. Contact us and complaints

If you have questions about this Privacy Policy or wish to exercise any of your rights, contact us at support@invoclouds.com or by post at Invoclouds, 85 Dunstall Hill, Wolverhampton WV6 0SR, United Kingdom.

If you are not satisfied with our response, UK residents have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk. Residents of the EEA may lodge a complaint with their local data protection supervisory authority.