Last updated: 22/12/25

This Privacy Policy explains how Mezze Software Ltd ("mezzeIQ", "we", "us", "our") collects, uses, stores and protects personal data, and explains your rights under the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR), where applicable.

1. Who We Are (Data Controller)
Mezze Software Ltd is the controller of personal data processed under this policy.

• Company name: Mezze Software Ltd

• Registered address: 12 Colston Yard, Bristol, BS1 5BD

• Email: hello@mezze.io

If you have any questions about this policy or wish to exercise your data protection rights, please contact us using the details above.

2. Personal Data We Collect
We may collect and process the following categories of personal data:
a) Information you provide to us

• Name

• Business email address

• Company name

• Any information you submit via contact forms, demo requests, or email correspondence

b) Information collected automatically

• IP address

• Device and browser information

• Pages visited and interactions with our website

• Referral source

This information is collected through cookies and similar technologies (see Section 9).

c) Customer and prospective customer data (B2B)
Where you represent a business customer or prospective customer, we may process:

• Your role and organisation

• Business contact details

• Communications and meeting notes

3. How We Use Your Personal Data and Legal Bases
Under GDPR, we must have a lawful basis to process your personal data. We rely on the following:

Purpose: Responding to enquiries and demo requests
Personal Data: Contact details, communications
Legal Basis: Legitimate interests (to operate and grow our business)

Purpose: Marketing communications
Personal Data: Name, email, company
Legal Basis: Consent

Purpose: Website analytics and performance
Personal Data: Usage data, IP address
Legal Basis: Consent (where required) or legitimate interests

Purpose: Managing business relationships
Personal Data: Business contact details
Legal Basis: Legitimate interests

Purpose: Legal and regulatory compliance
Personal Data: Contact and transactional data
Legal Basis: Legal obligation

You may withdraw your consent at any time by using the unsubscribe link in our emails or by contacting us.

4. Marketing Communications
We will only send marketing communications where:

• You have given your consent, or

• We are permitted to do so under applicable law (e.g. existing business relationships where permitted).

You can opt out of marketing at any time by:

• Clicking the unsubscribe link in our emails, or

• Contacting us at hello@mezze.io

5. Data Sharing and Processors
We do not sell personal data.
We may share personal data with trusted third-party service providers who act as data processors on our behalf, including:

• Website analytics providers (e.g. Google Analytics)

• CRM and marketing platforms (e.g. HubSpot)

• Hosting and infrastructure providers

• Professional advisers (legal, accounting)

All processors are contractually required to protect personal data and process it only in accordance with our instructions.

6. International Data Transfers
Some of our service providers may process personal data outside the UK or European Economic Area (EEA).
Where this occurs, we ensure appropriate safeguards are in place, such as:

• UK International Data Transfer Agreements (IDTAs)

• EU Standard Contractual Clauses (SCCs)

• Transfers to countries subject to adequacy decisions

7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, including:

• Marketing data: until you withdraw consent or unsubscribe

• Enquiry data: up to 24 months after last contact

• Analytics data: typically 14–26 months (aggregated where possible)

• Legal and compliance data: as required by law

Retention periods may vary depending on legal, contractual or operational requirements.

8. Your Data Protection Rights
You have the following rights under GDPR:

• Right of access

• Right to rectification

• Right to erasure

• Right to restrict processing

• Right to data portability

• Right to object to processing

• Right to withdraw consent at any time

To exercise your rights, please contact us at hello@mezze.io. We may need to verify your identity before responding.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) or your local supervisory authority.

9. Cookies and Similar Technologies
We use cookies and similar technologies to operate and analyse our website.
Non-essential cookies are only set with your consent via our cookie banner. You can manage or withdraw your cookie preferences at any time.
For more information, please see our Cookie Policy.

10. Data Security
We implement appropriate technical and organisational measures to protect personal data, including:

• Access controls

• Secure hosting environments

• Encryption where appropriate

• Regular security reviews

Despite these measures, no method of transmission over the internet is completely secure.

11. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website, with the effective date clearly stated.

12. Contact Us
If you have any questions about this policy or how we handle personal data, please contact:
Email: hello@mezze.io
Post: 12 Colston Yard, Bristol, BS1 5BD