Legal Documentation

Privacy
Policy

Effective Date 1 January 2025
Last Updated 1 July 2025
Jurisdiction Switzerland & UAE (DIFC)
Governing Law Swiss DSG / EU GDPR / UAE PDPL

This Privacy Policy explains how CHXK.MANAGEMENT collects, uses, stores, and protects your personal data when you visit chxk.management or engage our services. Please read it carefully. By using our website or services, you agree to the practices described below.

01

Who We Are

CHXK.MANAGEMENT ("we", "us", "our") is a boutique digital marketing and brand management agency. Our registered details are:

  • Company Name: CHXK.MANAGEMENT
  • Website: https://chxk.management
  • Email: hello@chxk.management
  • Data Controller: CHXK.MANAGEMENT (responsible for your personal data)

For any privacy-related queries, contact us at privacy@chxk.management.

02

Information We Collect

We collect information in the following ways:

Information You Provide Directly

  • Contact enquiries: name, email address, phone number, company name, and the content of your message when you submit our contact or project enquiry forms.
  • Appointment booking: name, email, company name, and selected appointment time when you book a consultation via Calendly.
  • Growth Analysis Tool: company name, industry, business description, website URL, social media URL, and ad budget information when you use our AI-powered growth analysis tool.
  • Client onboarding: billing details, business registration information, and project-relevant data provided during our engagement.
  • Email communications: any data you include in emails or messages sent to us.

Information Collected Automatically

  • Usage data: pages visited, time on page, click behaviour, scroll depth, and navigation paths.
  • Device & browser data: IP address, browser type and version, operating system, device type, screen resolution, and language settings.
  • Referral data: the URL or platform that referred you to our website.
  • Cookies and tracking technologies: see Section 5 for full details.

Information from Third Parties

  • Analytics data from Google Analytics and similar tools.
  • Advertising performance data from Meta (Facebook/Instagram) and Google Ads platforms when we manage campaigns on your behalf.
  • Data from social media platforms if you contact us or interact with our social media profiles.
03

How We Use Your Information

We use the information we collect for the following purposes:

Purpose Details
Responding to enquiriesTo respond to contact forms, project requests, and general questions.
Appointment schedulingTo confirm and manage consultation bookings made via Calendly.
Service deliveryTo provide digital marketing, content, and brand management services to clients.
AI Growth AnalysisTo generate personalised growth projections using the information entered into our AI tool. Data is processed in real-time and not stored beyond the session.
Website improvementTo analyse usage patterns, fix errors, and improve the performance and user experience of our website.
Marketing communicationsTo send newsletters, service updates, or promotional content where you have given consent.
Legal complianceTo meet our obligations under applicable laws and regulations.
SecurityTo detect, prevent, and address fraud, abuse, and security incidents.

We will never sell your personal data to third parties, nor use it for purposes not described in this policy without obtaining your explicit consent first.

04

Legal Basis for Processing

Under the Swiss Federal Act on Data Protection (revDSG), the EU General Data Protection Regulation (GDPR), and the UAE Personal Data Protection Law (PDPL), we process your personal data on the following legal grounds:

  • Contractual necessity: Processing required to fulfil a contract with you, or to take steps at your request before entering a contract (e.g. responding to a project enquiry, delivering client services).
  • Legitimate interests: Processing necessary for our legitimate business interests, including improving our website, preventing fraud, and sending relevant communications to business contacts — provided your interests and fundamental rights do not override those interests.
  • Consent: Where you have explicitly opted in, such as subscribing to marketing emails or enabling non-essential cookies. You may withdraw consent at any time.
  • Legal obligation: Where we are required to process data to comply with applicable laws, court orders, or regulatory requirements.
05

Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies. A cookie is a small text file placed on your device to help us remember your preferences and understand how you use our site.

Types of Cookies We Use

TypePurposeCan Be Disabled?
Strictly NecessaryEssential for the website to function. These cannot be switched off (e.g. session management, security).No
AnalyticsHelp us understand how visitors interact with our website (e.g. Google Analytics, page views, session duration).Yes
MarketingUsed to deliver relevant advertising and track campaign performance (e.g. Meta Pixel, Google Ads conversion tracking).Yes
FunctionalEnable enhanced features such as Calendly embedding and preference memory.Yes

Managing Cookies

You can manage or disable cookies at any time through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. For more information on managing cookies, visit allaboutcookies.org.

To opt out of Google Analytics tracking specifically, you may install the Google Analytics Opt-out Browser Add-on.

06

Third-Party Services

We use the following third-party services that may process your data on our behalf. Each operates under its own privacy policy:

ServicePurposePrivacy Policy
Google AnalyticsWebsite usage analyticspolicies.google.com/privacy
Google AdsAdvertising & conversion trackingpolicies.google.com/privacy
Meta (Facebook/Instagram)Social media advertising & pixel trackingfacebook.com/privacy/policy
CalendlyAppointment booking & schedulingcalendly.com/privacy
Anthropic (Claude AI)AI-powered growth analysis toolanthropic.com/privacy
WhatsApp BusinessClient communication & AI lead automationwhatsapp.com/legal/privacy-policy

These third parties act as data processors under our instruction and are contractually bound to handle your data only as directed by us and in accordance with applicable data protection law.

07

Data Sharing & Disclosure

We do not sell, rent, or trade your personal data. We may share your information only in the following limited circumstances:

  • Service providers: Trusted third-party vendors and tools that help us deliver our services (e.g. hosting, analytics, CRM, email). These parties are bound by data processing agreements.
  • Legal requirements: When required by law, court order, or governmental authority, or to protect the rights, property, or safety of CHXK.MANAGEMENT, our clients, or others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy protections.
  • With your consent: For any other purpose with your explicit prior consent.

We never sell your personal data. Your information is used solely to provide and improve our services and to communicate with you as described in this policy.

08

International Data Transfers

CHXK.MANAGEMENT operates across Switzerland, the UAE, and may use service providers located in the European Economic Area (EEA), the United States, and other jurisdictions. When we transfer personal data outside your country of residence, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Adequacy decisions recognising equivalent data protection standards.
  • Binding Corporate Rules (BCRs) or equivalent mechanisms where applicable.
  • Compliance with the UAE PDPL requirements for cross-border data transfers.

By using our website and services, you acknowledge that your data may be transferred to and processed in countries outside your own. We take all reasonable steps to ensure your data remains protected regardless of where it is processed.

09

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are:

Data CategoryRetention Period
Website enquiry / contact form data3 years from last contact, unless a client relationship develops
Client project & billing records10 years (for legal and tax compliance)
Email correspondence3 years from last communication
AI Growth Analysis Tool inputsNot stored — processed in real-time and discarded immediately after the session
Calendly booking dataManaged by Calendly; deleted from their systems per their policy
Website analytics data26 months (Google Analytics default)
Marketing email subscriptionsUntil you unsubscribe or withdraw consent

When data is no longer required, we securely delete or anonymise it in accordance with applicable data protection regulations.

10

Your Rights

Depending on your location, you have the following rights regarding your personal data. We will respond to all verified requests within 30 days (or sooner where required by law).

  • Right of Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You may ask us to correct inaccurate or incomplete personal data.
  • Right to Erasure ("Right to Be Forgotten"): You may request deletion of your personal data where it is no longer necessary, or where you withdraw consent.
  • Right to Restriction of Processing: You may request that we limit how we use your data in certain circumstances.
  • Right to Data Portability: You may request your data in a structured, commonly used, machine-readable format.
  • Right to Object: You may object to processing based on legitimate interests, or to direct marketing at any time.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
  • Right Not to Be Subject to Automated Decision-Making: You have the right not to be subject to decisions made solely through automated means (including AI profiling) that produce significant legal effects, except where permitted by law or with your explicit consent.

To exercise any of these rights, please contact us at privacy@chxk.management with your name, email address, and a clear description of your request. We may need to verify your identity before processing your request.

11

AI-Powered Features

Our website includes an AI-powered Growth Analysis Tool that uses the Anthropic Claude API to generate personalised business projections. Here is how we handle data within this tool:

  • Data entered into the tool (company name, industry, description, website URL, social media URL, ad budget) is transmitted directly to Anthropic's API solely to generate your growth report.
  • We do not store the data you enter into the Growth Analysis Tool on our servers. It is processed in real-time and discarded at the end of your session.
  • Anthropic's data handling: Data sent to the Claude API is subject to Anthropic's privacy policy and terms of service. Anthropic may temporarily process your input to generate a response. We recommend you do not enter sensitive personal data (e.g. financial records, customer PII) into this tool.
  • Results are indicative only: AI-generated growth projections are estimates based on industry benchmarks and are not guaranteed outcomes. They are provided for informational purposes only.
  • Our AI Lead Conversion, Content Automation, and CRM systems offered as client services use automation and AI tools. Data processed within those systems is governed by individual service agreements and applicable data processing addenda.

We do not use AI to make legally significant automated decisions about individuals without human oversight and the ability to request review.

12

Children's Privacy

Our website and services are directed exclusively at business professionals and are not intended for individuals under the age of 18 years. We do not knowingly collect personal data from children.

If we become aware that we have inadvertently collected personal data from a child under the age of 18, we will take immediate steps to delete such information from our records. If you believe we may have collected such data, please contact us at privacy@chxk.management.

13

Security

We take the security of your personal data seriously and implement industry-standard technical and organisational measures to protect it against unauthorised access, disclosure, alteration, or destruction. These measures include:

  • HTTPS/TLS encryption for all data transmitted between your browser and our website.
  • Access controls limiting who within our organisation can access personal data.
  • Regular security assessments and vulnerability checks.
  • Data minimisation practices — we collect only what we need.
  • Secure disposal of data when no longer required.

No method of transmission over the internet or method of electronic storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. In the event of a data breach that affects your rights and freedoms, we will notify you and the relevant supervisory authority as required by applicable law.

14

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Post a notice on our website homepage where appropriate.
  • Notify active clients by email if changes significantly affect how we process their data.

We encourage you to review this policy periodically. Your continued use of our website or services after changes are posted constitutes your acceptance of the revised policy.

15

Contact & Complaints

If you have any questions, concerns, or requests relating to this Privacy Policy or how we handle your personal data, please contact us:

Data Controller Contact

CHXK.MANAGEMENT

Email: privacy@chxk.management

Website: https://chxk.management

Right to Lodge a Complaint

If you are located in Switzerland, you have the right to lodge a complaint with the Federal Data Protection and Information Commissioner (FDPIC):

If you are located in the European Union or EEA, you have the right to lodge a complaint with your local supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.

If you are located in the UAE, you may contact the UAE Data Office:

We would, however, appreciate the opportunity to address your concerns directly before you approach a supervisory authority. Please contact us first and we will do our best to resolve the matter promptly.