Privacy Policy
Detailed documentation of our data protection framework.
1. Professional Commitment & Integrity
Fixenix ('Company', 'We', 'Our') places the highest value on the integrity of your personal and device data. We are committed to protecting your information in compliance with global data protection regulations (GDPR, CCPA). All our operations are built on transparency, security, and the preservation of your trust.
2. Data Architecture & Collection Framework
We adhere to the principle of data minimization—collecting only essential information:
Identity Metadata
Name, email address, mobile number, and (when applicable) postal address. Used for customer service and identity verification.
Device Telemetry
Serial number, IMEI, battery health status, storage capacity, and firmware version. Used for diagnostics and warranty validation.
Service Interaction Logs
Repair history, diagnostic reports, service timestamps, appointment details, and support chat transcripts.
Transactional Data
Payment method, invoice details, and billing history. Used for secure transactions and financial record compliance.
3. Data Usage Purposes & Processing
- Service Delivery: Processing repair requests, conducting diagnostics, and providing service updates.
- Customer Support: Responding to inquiries, troubleshooting issues, and managing warranty claims.
- Security & Fraud Prevention: Detecting and preventing fraudulent activities, unauthorized access, and security incidents.
- Legal Compliance: Fulfilling legal obligations, regulatory reporting, and responding to lawful requests from public authorities.
- Marketing (Opt-In Only): Sending promotional offers, newsletters, and service reminders (only with explicit consent).
4. Data Retention Policy
| Data Type | Retention Period |
|---|---|
| Identity & Device Data | 3 years after last service interaction |
| Transactional & Billing Data | 7 years (financial compliance) |
| Service Interaction Logs | 2 years |
| Marketing Data | Until consent withdrawn, or after 2 years of inactivity |
5. Advanced Security Protocols
Encryption
AES-256 | TLS 1.3
Access Control
Biometric + RBAC
Physical Security
24/7 CCTV + Biometric Entry
Employee Training
Quarterly Security Awareness
6. Third-Party Data Sharing
We do not sell your personal information. We may share data in the following limited circumstances:
- Service Partners: With logistics, payment processors, and diagnostic tool providers (under strict data protection agreements).
- Legal Obligations: When required by law, court order, or regulatory authority.
- Business Transfers: In the event of a merger, acquisition, or asset sale (with prior notice).
7. Your Rights & Control
| Right | Description |
|---|---|
| Right to Access | Request a copy of the personal data we hold about you. |
| Right to Rectification | Correct any inaccurate or incomplete information. |
| Right to Erasure | Request deletion of your personal data ('Right to be Forgotten'). |
| Right to Data Portability | Receive your data in a structured, commonly used format. |
| Right to Withdraw Consent | Withdraw previously granted consent at any time. |
8. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately, and we will take steps to delete it.
9. International Data Transfers
As a global service provider, your data may be transferred to countries outside your jurisdiction. In such cases, we ensure that:
- Adequate safeguards are implemented, such as Standard Contractual Clauses (SCCs) approved by the European Commission.
- Transfers comply with applicable data protection laws, ensuring your data receives the same level of protection as in your home country.
10. Incident Response & Breach Notification
In the unlikely event of a data breach, we have a comprehensive Incident Response Plan:
- Immediate containment and investigation by our security team.
- Notification to affected individuals and relevant regulatory authorities within 72 hours where legally required.
- Implementation of corrective measures to prevent recurrence.
11. Contact Information
We strive to respond to all legitimate requests within 30 days.
12. Policy Updates
We continuously evolve our practices to meet the latest security and regulatory standards. Any material changes to this Privacy Policy will be communicated via a prominent notice on our website. The updated policy will be posted on this page with a revised effective date. We encourage you to review this policy periodically.
Effective Date: March 24, 2026