Política de privacidad

Privacy Policy

Last updated: 16th February 2026

This Privacy Policy describes how HeadX Ltd ("HeadX", "we", "us", or "our") collects, uses, and discloses your personal information. This policy applies to your use of:

  • Our website and e-commerce store (the "Site");
  • The HeadX Duo mobile application (the "App");
  • The HeadX Duo wearable device (the "Device");
  • Any other communications or services provided by HeadX (collectively, the "Services").

1. Important Information and Who We Are

HeadX Ltd is the data controller responsible for your personal data. If you have any questions, please contact us at contact@headx.co.uk.

Changes to this Policy

We may update this policy to reflect changes in our practices or for legal/regulatory reasons. We will notify you of significant changes by posting the new policy on the Site and updating the "Last updated" date.

2. What Personal Information We Collect

The types of information we collect depend on how you interact with our Services.

A. Information Collected via the Site (E-commerce)

  • Identity & Contact Data: Name, billing address, shipping address, email, and phone number.
  • Financial Data: Payment card details (processed securely via Shopify/third-party processors).
  • Transaction Data: Details about products you have purchased from us.

B. Information Collected via the App & Device (HeadX Duo)

  • Movement & Sensor Data: When using the App with the Device, sensors generate data including acceleration, rotational movement, and orientation.
    • On-Device Processing: By default, this data is processed locally on your smartphone. HeadX does not collect or store this data on our servers unless you explicitly choose to export or share a session report.
  • Device Permissions: The App requires specific permissions to function:
    • Bluetooth: To connect the App to the Device.
    • Location Services (Android only): Required by the OS to scan for Bluetooth devices. We do not track or store your physical GPS location.
    • Local Storage: To save your session history and preferences on your device.

C. Technical & Usage Data

  • Usage Data: IP address, browser type, device type, and how you use our Site/App.
  • Cookies: We use cookies on our Site to power our Shopify store and analyse web traffic.

3. How We Use Your Personal Information

We only use your data when the law allows us to. Most commonly:

  • To Fulfil a Contract: To process and deliver your order.
  • Consent: To process movement data or send marketing communications. You can withdraw consent at any time.
  • Legitimate Interests: To improve our App and Site, and to ensure the security of our Services.
  • Legal Obligation: Where we must comply with UK law.

4. Data Sharing and Disclosure

We do not sell your personal data. We share information only with:

  • Service Providers: Such as Shopify (e-commerce), payment processors, and delivery couriers.
  • User-Initiated Sharing: If you choose to export your movement data to a clinician, researcher, or third party, this is done only at your explicit request.
  • Professional Advisers: Including lawyers or insurers where necessary.
  • Legal Requirements: To comply with valid legal requests or to protect our rights.

5. Data Security and Retention

  • Security: We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way.
  • Retention: We keep your e-commerce data (e.g., order history) as long as necessary to fulfil our legal and tax obligations. App data stored locally on your device remains there until you delete the App or clear its cache.

6. International Transfers

As we use Shopify, your data may be transferred to and stored in Canada or the USA. We ensure all such transfers comply with UK GDPR through Standard Contractual Clauses (SCCs) or other approved mechanisms.

7. Your Legal Rights

Under UK data protection laws, you have the right to:

  • Access your data.
  • Rectify inaccurate data.
  • Erasure (the "right to be forgotten").
  • Object to or Restrict processing.
  • Data Portability.

To exercise these rights, please contact us at contact@headx.co.uk. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (www.ico.org.uk).

8. Children’s Privacy

Our Services are not intended for children under 16 without adult supervision. If the App is used as part of a paediatric rehabilitation programme, consent must be provided by a parent or legal guardian.

9. Contact Details

Email: contact@headx.co.uk

Post: HeadX Ltd, The Business Centre, Spring Mill Business Park, Avening Road, Nailsworth, GL6 0BS, United Kingdom.