privacy policy

Last Updated: December 4, 2025

Effective Date: December 4, 2025

1. INTRODUCTION

Oxiom Ltd ("Oxiom", "we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you visit our website at oxiom.ai (the "Website") and interact with our services.

Company Details:
Company Name: Oxiom Ltd
Company Number: 16571272
Registered Address: 3rd Floor, 86-90 Paul Street, London, England, United Kingdom, EC2A 4NE
Contact Email: contact@oxiom.ai

This Privacy Policy applies to information collected through our Website during the pre-launch phase. When the Oxiom platform launches, a separate privacy policy will govern the use of that platform.

By using our Website, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Privacy Policy, please do not use our Website.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly
Waitlist Registration:

When you join our waitlist, we may collect:
  • Email address (required)
  • Name
  • Company/organization name
  • Job title or role
  • Areas of interest or use cases
  • Preferred early access tier or package
  • Information about custom AI agent requirements
  • Any additional information you choose to provide in optional fields
Payment and Tier Information: If you pledge for early access tiers, perks, or request custom development services, we may additionally collect:
  • Payment information (processed securely through third-party payment processors)
  • Billing address
  • Transaction history
  • Tier or package selections
  • Custom requirements and specifications for AI agents
  • Communication preferences related to your tier or services
Contact Forms: When you contact us through the Website, we collect:
  • Name
  • Email address
  • Subject matter
  • Message content
  • Any other information you choose to include
Survey and Feedback: If you participate in surveys or provide feedback, we collect:
  • Your responses to survey questions
  • Feedback and comments
  • Contact information if you choose to provide it
  • Message content
  • Any other information you choose to include
2.2 Information Collected Automatically
Website Usage Data: We automatically collect certain information when you visit our Website:
  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent on pages
  • Referring website
Cookies and Similar Technologies:
We use cookies and similar tracking technologies to enhance your experience. See Section 7 for detailed information about our cookie practices.
2.3 Information from Third Parties
We may receive information about you from third parties, including:
  • Analytics providers (e.g., Google Analytics)
  • Marketing platformsSocial media platforms
  • (if you interact with our social media presence)
  • Public databases and data enrichment services

3. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

3.1 Waitlist and Access Management
  • To add you to our early access waitlist
  • To send you notifications about the Oxiom platform launch
  • To invite you to beta testing or early access programs
  • To prioritize and manage access invitations
  • To process pledges for early access tiers and associated perks
  • To manage custom AI agent development service requests
  • To fulfil tier benefits and service commitments
3.2 Communication
  • To send you product updates and announcements
  • To respond to your inquiries and support requests
  • To send you marketing communications (with your consent where required)
  • To conduct surveys and gather feedback
  • To send administrative information (e.g., updates to our terms or policies)
3.3 Product Development
  • To understand user needs and preferences
  • To improve our Website and future platform
  • To develop new features and services
  • To conduct market research
3.4 Analytics and Improvement
  • To analyse Website usage patterns
  • To improve Website performance and user experience
  • To troubleshoot technical issues
  • To understand demographic information about our audience
3.5 Marketing and Business Development
  • To promote our products and services
  • To measure the effectiveness of our marketing campaigns
  • To identify potential partnership opportunities
  • To build our community
3.6 Legal and Compliance
  • To comply with legal obligations
  • To enforce our Terms and Conditions
  • To protect our rights, privacy, safety, or property
  • To detect, prevent, and address fraud or security issues

4. LEGAL BASIS FOR PROCESSING (UK GDPR/GDPR)

Under UK GDPR and GDPR, we process your personal data based on the following legal grounds:
Consent: When you join our waitlist or sign up for communications, you provide explicit consent for us to process your data for those purposes. You can withdraw consent at any time.
Legitimate Interests: We have legitimate business interests in:
  • Operating and improving our Website
  • Developing our product and business
  • Marketing our services to interested parties
  • Analysing usage patterns
  • Protecting our business and users
Legal Obligation: We may process your data to comply with legal and regulatory requirements.
Contract: When you agree to our Terms and Conditions, we process your data as necessary to fulfil that agreement.

5. DATA SHARING AND DISCLOSURE

5.1 We Do NOT Sell Your Data
We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Service Providers
We may share your information with trusted third-party service providers who assist us in operating our Website and business, including:

Email Service Providers:
To send waitlist notifications and marketing emailsExamples: Mailchimp, SendGrid, Customer.io

Payment Processors: To process payments for early access tiers and custom development services
  • Examples: Stripe, PayPal
  • Note: We do not store your full payment card details. Payment processors handle this securely and are PCI DSS compliant.
Analytics Providers: To analyze Website usage
  • Examples: Google Analytics, Mixpanel, Amplitude
Hosting and Infrastructure: To host our Website and store data
  • Examples: AWS, Vercel, Cloudflare
Customer Support: To provide support services
  • Examples: Intercom, Zendesk
Marketing and Advertising: To conduct marketing campaigns
  • Examples: Google Ads, LinkedIn Ads, Meta Business

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.3 Business Transfers
If Oxiom is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

5.4 Legal Requirements
We may disclose your information if required to do so by law or in response to:
  • Valid legal processes (e.g., subpoenas, court orders)
  • Government or regulatory requests
  • Protecting our rights, property, or safety
  • Preventing fraud or illegal activity
  • Enforcing our Terms and Conditions
5.5 Aggregated or Anonymized Data
We may share aggregated or anonymized data that cannot reasonably be used to identify you, such as:
  • General statistics about waitlist signups
  • Website traffic trends
  • Demographic information in aggregate

6. DATA RETENTION

6.1 Retention Periods
We retain your personal data for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Waitlist Data: We will retain your waitlist information until:
  • The Oxiom platform launches and you transition to a full user account, or
  • You request removal from the waitlist, or
  • We determine the waitlist program is no longer active (we will notify you)
Communication Records: We retain records of our communications with you for up to 3 years after the last interaction.
Website Analytics: We retain analytics data for up to 26 months.
Legal and Compliance: We may retain certain data longer if required by law or for legitimate business purposes (e.g., dispute resolution, fraud prevention).
6.2 Data Deletion
When we no longer need your personal data, we will securely delete or anonymize it. Deletion requests are processed within 30 days (see Section 9 for your rights).

7. COOKIES AND TRACKING TECHNOLOGIES

7.1 What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They help websites remember your preferences and understand how you use the site.

7.2 Types of Cookies We Use
Strictly Necessary Cookies: Essential for the Website to function properly. These cannot be disabled.
  • Session management
  • Security features
  • Load balancing
Analytics Cookies: Help us understand how visitors use our Website.
  • Google Analytics
  • Usage statistics
  • Performance monitoring
Marketing Cookies: Used to track visitors across websites to display relevant advertisements.
  • Google Ads
  • LinkedIn Insight Tag
  • Meta Pixel
Preference Cookies: Remember your choices and preferences.
  • Language preferences
  • Display settings
7.3 Managing Cookies
you can control cookies through your browser settings. Most browsers allow you to:
  • View what cookies are stored
  • Delete cookies
  • Block cookies from specific sites
  • Block all cookies
Note: Disabling cookies may affect Website functionality.
Browser-Specific Instructions:
Chrome: Settings > Privacy and Security > Cookies
Firefox: Settings > Privacy & Security > Cookies
Safari: Preferences > Privacy > Cookies
Edge: Settings > Privacy > Cookies
7.4 Third-Party Cookies
Third-party services we use (like Google Analytics) may set their own cookies. We do not control these cookies. Please review their privacy policies:
Google Analytics: https://policies.google.com/privacy
Google Ads: https://policies.google.com/technologies/ads
7.5 Do Not Track Signals
Currently, our Website does not respond to "Do Not Track" browser signals. We may implement this feature in the future.

8. DATA SECURITY

8.1 Security Measures
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:
  • Encryption of data in transit (SSL/TLS)
  • Encryption of data at rest
  • Access controls and authentication
  • Regular security assessments
  • Employee training on data protection
  • Secure data backup procedures
8.2 Limitations
No method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security. You provide information at your own risk.
8.3 Data Breach Notification
In the event of a data breach that poses a risk to your rights and freedoms, we will:
  • Notify affected users within 72 hours of becoming aware
  • Notify relevant supervisory authorities as required by law
  • Provide information about the breach and steps we're taking
  • Advise you on protective measures you can take

9. YOUR RIGHTS AND CHOICES

Under UK GDPR and GDPR, you have the following rights regarding your personal data:
9.1 Right of Access
You have the right to request a copy of the personal data we hold about you.
9.2 Right to Rectification
You have the right to request correction of inaccurate or incomplete personal data.
9.3 Right to Erasure ("Right to be Forgotten")
You have the right to request deletion of your personal data in certain circumstances, such as:
  • The data is no longer necessary for the purposes it was collected
  • You withdraw consent and there's no other legal basis for processing
  • You object to processing and there are no overriding legitimate grounds
  • The data has been unlawfully processed
9.4 Right to Restrict Processing
You have the right to request restriction of processing your personal data in certain circumstances.
9.5 Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transmit it to another controller.
9.6 Right to Object
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
9.7 Right to Withdraw Consent
Where processing is based on consent, you have the right to withdraw consent at any time. This does not affect the lawfulness of processing before withdrawal.
9.8 Right to Complain
You have the right to lodge a complaint with a supervisory authority:
UK: Information Commissioner's Office (ICO) - https://ico.org.uk
EU: Your local data protection authority
9.9 How to Exercise Your Rights
To exercise any of these rights, please contact us at:
We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.
9.10 Unsubscribe from Communications
You can unsubscribe from marketing communications at any time by:
  • Clicking the "unsubscribe" link in any email we send
  • Contacting us at contact@oxiom.ai
  • Updating your preferences in your account settings (when available)
Note: You may still receive administrative emails (e.g., regarding changes to our policies) even after unsubscribing from marketing communications.

10. INTERNATIONAL DATA TRANSFERS

10.1 Data Location
Your personal data may be transferred to and processed in countries other than the United Kingdom, including:
  • United States (for hosting and analytics services)
  • European Economic Area countries
  • Other countries where our service providers operate
10.2 Transfer Safeguards
When we transfer data internationally, we ensure appropriate safeguards are in place, such as:
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions by the UK or EU
  • Binding Corporate Rules
  • Other legally approved transfer mechanisms
10.3 US Data Transfers
Some of our service providers are based in the United States. We ensure these transfers comply with UK GDPR through appropriate safeguards.

11. CHILDREN'S PRIVACY

11.1 Age Restriction
Our Website is not intended for children under the age of 18. We do not knowingly collect personal data from children under 18.
11.2 Parental Notice
If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at contact@oxiom.ai. We will take steps to delete such information.

12. CHANGES TO THIS PRIVACY POLICY

12.1 Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.
12.2 Notification
We will notify you of material changes by:
  • Posting the updated Privacy Policy on our Website
  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification (if we have your email address)
  • Displaying a prominent notice on our Website
12.3 Continued Use
Your continued use of the Website after changes are posted constitutes your acceptance of the updated Privacy Policy.
12.4 Review
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. SPECIFIC PROVISIONS FOR CALIFORNIA RESIDENTS

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
13.1 CCPA Rights
Right to Know:You can request information about the categories and specific pieces of personal data we've collected about you.
Right to Delete: You can request deletion of your personal data, subject to certain exceptions.
Right to Opt-Out: You have the right to opt out of the "sale" of your personal data. Note: We do not sell personal data.
13.2 Categories of Information
We collect the following categories of personal information:
  • Identifiers (name, email, IP address)
  • Commercial information (interactions with our services)
  • Internet/network activity (browsing behavior)
  • Geolocation data (general location from IP)
  • Professional information (job title, company)
  • Inferences (preferences and characteristics)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
13.3 Business Purpose
We use this information for the purposes described in Section 3 of this Privacy Policy.
13.4 Exercise CCPA Rights
To exercise your CCPA rights, contact us at contact@oxiom.ai with "CCPA Request" in the subject line.

14. THIRD-PARTY WEBSITES

Our Website may contain links to third-party websites, plugins, or applications. This Privacy Policy does not apply to those third-party services. We are not responsible for the privacy practices of third parties. We encourage you to review their privacy policies before providing any information.

15. BUSINESS CONTACT INFORMATION

If you provide us with business contact information (e.g., as part of a B2B relationship), we may process that information differently than consumer personal data, consistent with applicable business-to-business privacy frameworks.

16. AUTOMATED DECISION MAKING

Currently, we do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects. If this changes in the future, we will update this Privacy Policy and provide appropriate information and safeguards.

17. DATA PROTECTION OFFICER

Given our current stage and size, we have not appointed a formal Data Protection Officer (DPO). For all privacy-related inquiries, please contact us at contact@oxiom.ai.

18. CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Postal Address:
Oxiom Ltd
3rd Floor, 86-90 Paul Street
London, England
United Kingdom, EC2A 4NE
Response Time: We aim to respond to all privacy inquiries within 30 days.

19. ADDITIONAL INFORMATION FOR EU/EEA RESIDENTS

Purpose
Consent
Payment Processing
Custom development services
Product development
Communications
Analytics
Legal compliance
Purpose
Consent
Contract / Legitimate interests
Contract
Legitimate interests
Consent / Legitimate interests
Legitimate interests
Legal obligation
19.2 Supervisory Authority
You have the right to lodge a complaint with your local supervisory authority. Find your authority at: https://edpb.europa.eu/about-edpb/board/members_en
20. CONSENT
By using our Website and providing your information, you consent to the collection, use, and sharing of your information as described in this Privacy Policy. If you do not agree, please do not use our Website or provide us with your personal information.
Last Updated: December 4, 2024
Version: 1.0 (Pre-Launch Privacy Policy)
© 2025 Oxiom Ltd. All rights reserved.
About Us
Oxiom - the AI-native command centre that unifies apps, wallets, and automations through one trusted execution layer.
Useful Links
AboutProductTechnology
SolutionsPartner With UsFAQsStrikeBot
Help
Terms & ConditionsPrivacy PolicyCookie Policy
Connect With Us
3rd Floor, 86-90 Paul Street, London, England, United Kingdom, EC2A 4NEContact Us
© 2025 Oxiom. All rights reserved. - Oxiom is a technology platform and does not provide investment, trading, or financial advisory services.

Oxiom is committed to operating in full compliance with UK and international financial regulations, including anti-money laundering and sanctions requirements. Detailed compliance policies will be available when the platform launches.