Privacy Policy

Last updated: 09.03.2026

Studixio.com (“we”, “our”, or “the Platform”) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Studixio.com is operated by RONDATA LTD.

By using Studixio.com, you agree to the practices described in this Policy. If you do not agree, please stop using the Platform.

Controller Identification & Jurisdiction

Data Controller: RONDATA LTD (Company number: 17069162).

Registered office: International House, 10 Churchill Way, Cardiff, United Kingdom, CF10 2HE.

Contact: [email protected], +44 20 4537 2903.

RONDATA LTD is the Data Controller responsible for processing personal data collected via Studixio.com. As the operator of the Platform, RONDATA LTD determines the purposes and means of processing for all users, whether they are Clients or Experts, and is therefore legally the Controller under UK GDPR and the Data Protection Act 2018.

For users located in the EU/EEA, the EU GDPR may also apply when processing their personal data. This means that RONDATA LTD acts as the controller for EU users and is subject to both UK GDPR and EU GDPR obligations where applicable.

1. Key Definitions

  • "User" – any individual using the Platform.
  • "Personal Data" – any information that can identify a User, such as name, email address, or contact details.
  • "Processing" – any operation performed on Personal Data (collection, storage, use, disclosure, deletion, etc.).

2. General Principles

  • We process Personal Data lawfully, fairly, and transparently.
  • We collect data for specified, explicit, and legitimate purposes only.
  • We limit processing to what is necessary (data minimisation).
  • We take appropriate security measures to protect your data.
  • We update this Policy from time to time; material changes will be communicated appropriately.

3. What Data We Collect

You may provide the following data when using the Platform:

  • Identification and contact data: first and last name, email address, (optional) phone number.
  • Verification data (if required for payouts/KYC/AML): identity document details, proof of address (deleted after verification or retained only as required by law).
  • Profile data: skills, services offered, biography, portfolio, and feedback.
  • Transaction data: payment status, amount, currency (processed via our payment partners; we do not store full card details).
  • Technical data collected automatically: IP address, device and browser type, operating system, referral URLs, pages viewed, time stamps, and cookies/SDK events necessary to provide and secure the Platform.

Some data is necessary to create an account or to process payments. If you choose not to provide required information, we may be unable to offer certain features.

4. How We Use Your Data and Legal Bases

  • Provide and operate the Platform and your account — contract necessity (UK GDPR Art. 6(1)(b)).
  • Communicate with you about your account, projects, service updates, and security — contract necessity/legitimate interests (Art. 6(1)(b)/(f)).
  • Process payments, accounting, fraud prevention, and compliance (including KYC/AML where applicable) — legal obligation/contract (Art. 6(1)(c)/(b)).
  • Improve and secure the Platform, run analytics and troubleshooting — legitimate interests (Art. 6(1)(f)).
  • Marketing communications (where opted-in) — consent (Art. 6(1)(a)); you may withdraw consent at any time.

5. Data Processing Principles (How We Handle Your Data)

  • We collect only what we need for the purposes stated.
  • We do not process your data for purposes incompatible with those stated.
  • We keep your data accurate and up to date where reasonably possible.
  • We apply appropriate technical and organisational security measures.

6. Storage, Security, and Retention

We take the security and protection of your Personal Data seriously. Your data is stored on secure servers with restricted access, and all transmissions are protected using encryption technologies (e.g., TLS/SSL). Access to Personal Data is limited to authorised personnel and service providers under appropriate data processing agreements, who process data only on our instructions.

Retention periods are based on legal obligations, business needs, and operational requirements:

  • Account data: retained while your account is active and for up to 24 months after closure to allow for account reactivation, dispute resolution, or regulatory compliance.
  • Payment and accounting records: retained for 6 years in accordance with UK tax and accounting laws.
  • Logs and analytics: retained for 12–24 months to support platform security, performance monitoring, and service improvements.
  • Verification/KYC data: retained for up to 5 years after the end of the business relationship where required by anti-money laundering (AML) and compliance regulations.

We review our retention periods regularly and delete or anonymise data when it is no longer needed for the purposes outlined above.

7. Cookies

We use cookies and similar technologies to operate, secure, personalise, and improve the Platform. Some cookies are essential for the Platform to function, while others are used for analytics, performance, and marketing purposes.

You will be asked to consent to non-essential cookies when you first visit the Platform (for EU/EEA users).

You can change or withdraw your consent at any time via the cookie banner or your browser settings.

For more information, including categories, retention periods, and third-party cookies, see our Cookie Policy on the website.

8. Your Rights

Subject to certain conditions and exemptions under UK GDPR, you have the right to:

  • Access your Personal Data and obtain a copy.
  • Rectify inaccurate or incomplete data.
  • Erase data (“right to be forgotten”).
  • Restrict processing in certain circumstances.
  • Data portability for information you provided to us.
  • Object to processing based on our legitimate interests or to direct marketing.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority (in the UK, the Information Commissioner’s Office).

To exercise your rights, contact us at [email protected]. We may need to verify your identity before fulfilling your request.

9. Withdrawing Consent

You can withdraw consent to processing at any time by emailing [email protected] with the subject line “Withdrawal of Consent”. Withdrawal does not affect the lawfulness of processing based on consent before its withdrawal.

10. Children’s Data

Studixio is intended for users aged 18 or older. We do not knowingly collect data from minors. If you believe a minor has provided Personal Data, please contact us and we will take appropriate steps.

11. Sharing with Third Parties and International Transfers

We may share your Personal Data with trusted service providers acting as data processors to help us operate the Platform, including: hosting, payment processing, email delivery, customer support, analytics, KYC/AML verification (where applicable), and security. These processors are contractually bound to process your data only on our instructions and not for their own purposes.

Some service providers may be located outside the UK/EEA. Where Personal Data is transferred internationally, we implement appropriate safeguards:

  • UK users: transfers are covered by the UK International Data Transfer Agreement (IDTA).
  • EU/EEA users: transfers are covered by the EU Standard Contractual Clauses (SCCs).
  • Additional technical and organizational measures are applied as necessary.

You have the right to request information about which recipients, countries, and safeguards apply to any international transfers of your Personal Data.

12. Liability

Nothing in this Policy limits your statutory rights. We are not responsible for disclosures that occur because you made information public, you directed us to share it, or you failed to keep your account credentials secure.

13. Contact and Disputes

If you have questions, complaints, or requests regarding your personal data, contact us at:

Company: RONDATA LTD (Company number: 17069162)
Address: International House, 10 Churchill Way, Cardiff, United Kingdom, CF10 2HE
Email: [email protected]
Phone: +44 20 4537 2903

Before going to court, you agree to contact us first to attempt to resolve the issue amicably. We aim to respond within 10 business days.

14. Policy Updates

We may update this Policy to reflect legal or operational changes. If we make significant changes, we will notify you by reasonable means. Continued use of the Platform after changes means you accept the updated Policy.