Privacy Policy  

Effective Date: 8/22/2025  

  

Purpose  

The purpose of this Privacy Policy is to explain how ContextualY, Inc. (“ContextualY,” “we,” “our,” or “us”) collects, uses, stores, and protects personal data obtained in connection with our services and online platforms. This includes website visitors, clients, vendors, and participants. 

  

Scope  

This policy applies to:  

• All personal data collected from research participants, clients, vendors, and website visitors.  

• Data processed through digital platforms, websites, and tools used by ContextualY.  

• All ContextualY staff, contractors, and subcontractors with access to personal data.  

 

Policy Statement  

ContextualY is committed to protecting personal data by adhering to the following principles:  

• Lawful Processing: Personal data is collected and used only for legitimate purposes.  

• Transparency: Individuals are informed of how their data will be collected and used.  

• Data Minimization: Only data strictly necessary is collected.  

• Security: Technical and organizational safeguards are in place to prevent unauthorized access, loss, or disclosure.  

• Compliance: ContextualY complies with GDPR, CCPA, and all relevant privacy regulations.  

• Retention: Personal data is retained only as long as necessary for the stated purposes.  

 

Data Handling Process  

Before collecting or processing personal data, ContextualY will:  

• Notice & Consent: Provide privacy notices and obtain consent where required.  

• Information Collected: Includes identifiers such as name, phone number, postal address, email address, IP address, browser information, usage statistics, and cookie data.  

• Use of Information: Personal data is used to provide and improve services, manage research participation, and communicate with clients and participants.  

• Access Controls: Access to personal data is limited to authorized personnel.  

• Vendor Oversight: Third-party service providers must follow equivalent data protection obligations.  

 

Data Subjects’ Rights  

Individuals have the following rights regarding their personal data:  

• Right of Access: Request confirmation and a copy of personal data.  

• Right of Rectification: Correct inaccurate or incomplete data.  

• Right of Erasure: Request deletion of personal data under certain conditions.  

• Right to Restrict Processing: Request limits on data use under specific circumstances.  

• Right to Object: Object to processing, including direct marketing.  

• Right to Data Portability: Request transfer of data to another controller.  

• Right to Withdraw Consent: Withdraw consent for processing at any time.  

  
Requests may be submitted by contacting ContextualY at info@cxtly.com. Responses will be provided within the legally required timeframe (generally 30 days).  

 

Ongoing Monitoring  

Privacy practices are reviewed annually for compliance with evolving regulations.  

Any identified breaches or risks will be documented, remediated, and reported as required.  

 

Responsibilities  

• Business Operations Team: Ensure adherence to this policy and manage data subject rights requests.  

• Researchers & Project Managers: Follow data minimization and secure handling practices.  

• Vendors & Subcontractors: Comply with ContextualY’s Privacy Policy and contractual obligations.  

 

Records Retention  

All data collection records, consent forms, and compliance documentation will be retained for at least six (6) years after the conclusion of processing, unless otherwise required by law.  

 

Changes to This Privacy Policy  

We may update our Privacy Policy from time to time. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.  

 

Contact Us  

If you have questions about this Privacy Policy, please contact us:  
Email: info@cxtly.com