Privacy and Cookies Policy

Privacy and Cookies Policy

The Jadu group of companies is committed to protect and respect your privacy and ensuring compliance with the way we collect, process and use information including personal data. 

If you are resident in the UK you will have data protection rights pursuant to the Data Protection Act 2018 (DPA) as amended including the DPPEC (Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit)) Regulations 2019 
The DPA provides a definition of what constitutes ‘Personal data’ and each person to which the personal data refers is known as a ‘Data Subject’.

This Privacy Notice explains when and why we collect personal information, how we use it, the conditions under which we may disclose it to others and how we keep it secure. This Privacy Notice applies to the use of our products and to our sales, marketing and customer contract fulfilment activities. For individuals seeking a job with the UK organisation you can read the Privacy Notice for Job Applicants.

Who are we?

The organisation in the UK is Jadu Limited including its wholly owned subsidiary, Jadu Creative Limited. Both companies have their registered address at 1 Smith Way, Enderby, Leicester, England, LE19 1SX. The organisation is a leading global provider of web experience management software, specialising in web CMS, forms and customer case management for the enterprise. As well as operating in the UK, the Jadu group of companies also includes Jadu Inc. incorporated and registered in the United States of America with company EIN number 27-2611871 whose principal place of business is at 70 West Madison Street, Chicago, IL 60602, United States and Jadu Software Pty Limited  incorporated and registered with company number AU37165644511 whose principal place of business is at ANZ House, Level 4 & 5,15 Moore Street, Canberra, ACT 2601, Australia. We comply with the relevant jurisdictional data protection laws and respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

The organisation and its partners, empower enterprises to create a direct digital connection to customers with Jadu’s continuously updated web experience management platform. The organisation also provides support, hosting and platform management and a range of professional services including world class web build and design.

The organisation operates both as a data controller and a data processor. For all data and privacy related matters, queries or enquiries please contact us by email at:

When do we collect personal data about you?

  • When you are using our products and services.
  • When you interact with us in person, through correspondence, by phone, by social media, via our support system or through our corporate websites.
  • When we collect personal information from other legitimate sources, such as third-party data aggregators, organisation marketing partners, public sources or social networks. We only use this data if you have given your consent to them to share your personal data with others.
  • We may collect personal data if it is considered to be of legitimate interest, and if this interest is not overridden by your privacy interests. Before data is collected we make sure an assessment is made, ensuring that there is an established mutual interest between you and the organisation.

Why do we collect and use personal data?

We collect and use personal data mainly to perform direct sales, direct marketing and customer service. We also collect data about suppliers and partners.

We may use your information for the following purposes:

  • Send you marketing communications which you have requested. These may include information about our products and services, events, activities, customer success stories, case studies, and promotions of our associated partners’ products and services. This communication is subscription based and requires your consent.
  • Send you information about the products and services that you have purchased from us.
  • Perform direct sales activities in cases where legitimate and mutual interest is established.
  • Provide you content and venue details on Jadu Academy, webinars or any event you signed up for.
  • Reply to a ‘Request info’ or other web forms you have completed on one of our organisation websites (e.g.
  • Follow up on incoming requests (customer support, emails, chats, or phone calls).
  • Provide you with access and services related to Jadu products.
  • Provide access to our Customer Support portal.
  • Perform contractual obligations such as order confirmation, license details, invoice, reminders, and similar. The contract may be with the organisation directly or with a Jadu partner.
  • Notify you about any disruptions to our services (system messages).
  • Contact you to conduct surveys about your opinion on our products and services and in relation to our use of customer experience management and relationship tools.

Our legal basis for collecting personal data

Collecting personal data based on consents

The collection of personal data based on consent from the Data Subject will be done by using “Consent Forms” that will store documentation related to the consent given by the individual. Individual consents will always be stored and documented in our systems.

Collecting personal data based on contracts

We use personal information for fulfilling our obligations related to contracts and agreements with customers, partners and suppliers.

Collecting personal data based on legitimate interest

We may use personal data if it is considered to be of legitimate interest, and if the privacy interests of the Data Subjects do not override this interest. Normally, to establish the legal basis for data collection, an assessment has been made during which a mutual interest between the organisation and the individual person has been identified. This legal basis is primarily related to our sales and marketing purposes. We will always inform individuals about their privacy rights and the purpose for collecting personal data.

What type of personal data is collected?

The organisation is committed to only collecting data from a person that is actually needed.
We collect name, phone number, title, email address and social media contact details, in addition to your company’s name and contact information. We may also collect feedback, comments and questions received from you in service-related communication and activities, such as meetings, phone calls, documents, and emails. From our websites we may collect IP-address and actions taken on the site.

If you upload photos or videos, add posts or comments, etc. on organisation websites, wikis, forums, blogs or or any other collaborative or sharing place operated by the organisation, the information can be read by anyone with access to the same and used for purposes over which the organisation or you have no control. Therefore, the organisation is not responsible for any information you submit as outlined above.

The organisation does not collect or process any sensitive personal data including any special categories of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, and data concerning health or sex life or genetic data, and biometric data where processed to uniquely identify an individual.

How long do we keep your personal data?

We store personal data for as long as we find it necessary to fulfill the purpose for which the personal data was collected, while also considering our need to answer your queries or resolve possible problems, to comply with legal requirements under applicable laws, to attend to any legal claims/complaints, and for safeguarding purposes.

This means that we may retain your personal data for a reasonable period of time after your last interaction with us. When the personal data that we have collected is no longer required, we will delete it in a secure manner. We may process data for statistical purposes, but in such cases, data will be anonymised.

Your rights to your personal data

You have the following rights with respect to your personal data:

  • The right to request a copy of your personal data that the organisation holds about you.
  • The right to request that the organisation corrects your personal data if inaccurate or out of date.
  • The right to request that your personal data is deleted when it is no longer necessary for the organisation to retain such data.
  • The right to withdraw any consent to personal data processing at any time. For example, your consent to receive e-marketing communications:
    • The organisation manages its email opt-ins on the basis that customers, potential customers and any third parties (individuals or other organisations) who request to receive promotional material from the organisation have provided express consent in a freely given, specific, informed, and unambiguous way, which is reinforced by a clear affirmative action. If you want to withdraw your consent to e-marketing, please make use of the link to manage your subscriptions included in our communication, this allows users to manage their email preferences (whether for example, in relation to product information, invitations, promotions, press releases and urgent messages) and includes an ‘unsubscribe link’. 
    • The organisation, therefore, asks all visitors to organisation websites to specifically opt-in to newsletters, promotions or other communications by ticking a sign-up box and confirming agreement to any terms that may be applicable as well as the content of this Privacy Notice.
    • Please note that you may still receive system messages and administrative communications from the organisation, such as order confirmations, system messages and notifications about your account activities. 
  • The right to request that the organisation provides you with your personal data and, if possible, to pass on this information directly (in a portable format) to another data controller when the processing is based on consent or contract.
  • The right to request a restriction on further data processing, in case there is a dispute in relation to the accuracy or processing of your personal data.
  • The right to object to the processing of personal data, in case data processing has been based on legitimate interest and/or direct marketing.

Any request or query about your privacy rights should be sent to:

The use of cookies and beacons

We want to provide you with the highest level of service and collect limited personal information to enable a better, more relevant experience from our websites;,,, and You can access these website's homepages and browse our sites without disclosing your personal data. You are invited to register / sign-in on those sites that support this, so that you may benefit from added value content which may help you do business, browse content and view information relevant to our products and services.

Cookies and similar technologies help us tailor our website to your personal needs, as well as to detect and prevent security threats and abuse. If used alone, cookies do not personally identify you. Cookies tell us which parts of our websites people have visited, help us measure the effectiveness of navigation and search, and give us insights into user behaviour so we can improve our communications and information. We do not share any information gained from cookies with any other parties.

We use Cookies for the following purposes:

  • Technical administration of the website - handling session information to allow the site to function correctly.
  • Customer administration - to enable member's privileges and to make the browsing experience personalised and convenient.
  • We use cookies to collect information as you navigate our websites to measure site usage and build a better user experience in the future (via Google Analytics)
  • Choosing to ‘Accept’ cookies on any of our sites previously listed will be giving your consent to store all of the below types of cookies. Choosing to ‘Decline’ or making no choice will limit the cookies to only those that are essential for the website to function.

All of the cookies listed below do not contain any personal data, but are required for Jadu sites to operate. Jadu, therefore, considers these cookies strictly necessary in order to provide a service as requested by using the respective web site.  The following essential cookies are set on Jadu's websites:

  • TestCookie - to determine whether a user's browser accepts cookies and can, therefore, log in. This cookie is set to expire as soon as a user quits their browser.
  • Session (PHPSESSID or a random set of 16 letters) - used to store the session id of a user, set to expire as soon as a user quits their browser. This is required to determine whether a user is logged in to the web site. Session data is also stored when a user is filling in a form however the data is stored on the respective server and not within the cookie.
  • Cloudflare (__cfduid) Used to anonymously identify a user to block malicious requests. See Understanding CloudFlare Cookies for more detailed information.

The following are used to measure site usage (analytics)

Google Analytics

Details about the different cookies set by Google Analytics can be found at

Note: You can use a browser Add-on to opt-out of Google Analytics cookies (external link) should you so choose.


Hubspot allows us to build marketing web pages on our sites where you can learn more about us, download content, and provide your contact information and other demographic information via online forms. This information, which is stored and managed on our service providers' servers, is then used so that you can be contacted about your interest in our services and interact with us.

Email Marketing Post-Click Tracking Cookies are used to report on the pages of our sites that have been viewed by you where you have followed links from our email marketing campaigns. This analysis helps us to understand additional content that is viewed by contacts and therefore allows us to improve and tailor future campaigns to those contact’s specific areas of interest.

Details about HubSpot’s own privacy policy can be found at details about Hubspot cookie usage (including usage by the cookie consent banner itself) can be found at

Targeting and Advertising

We use advertisements (ads) through social networks; Facebook, Google, Twitter and LinkedIn which may be connected to pages on our sites through the inclusion of tags or pixels in order to track a user’s journey. The information gained from these cookies is used to measure our advertising success and inform future campaigns.

Details about the different cookies used by these products can be found in their respective policies:

Do we share your data with anyone?

We do not share, sell, rent, or trade your information with any third parties without your consent, except from what is described below:

Third-party Service Providers working on our behalf:

We may pass your information on to our partners, distributors, agents, sub-contractors and other associated organisations with the purpose of them providing services to you on our behalf.

If required by law:

We will disclose your personal information if required by law or if we, as an organisation, reasonably believe that disclosure is necessary to protect our organisation’s rights and/or to comply with a judicial proceeding, court order or legal process. However, we will do what we can to ensure that your privacy rights continue to be protected.

Use of sub-contractors (processors and sub-processors)

We may use sub-contractors to process personal data on your behalf, ( e.g for platform management and hosting services we provide) we are responsible for making sure they commit themselves to adhere to applicable data protection legislation by entering into Data Processing Agreements with them.

If the sub-contractor processes Personal Data outside the European Economic Area (EEA), such processing must be in accordance with Standard Contractual Clauses for transfer to third countries, or another specifically stated lawful basis for the transfer of personal data to a third country.
If a new sub-contractor is engaged or there is a change of sub-contractor in relation to our products or services, we will notify you in line with the requirements of our data processing obligations.

Changes to this Privacy Notice

The organisation reserves the right to amend this Privacy Notice at any time. The applicable version will always be found on our websites. We encourage you to check this Privacy Notice occasionally to ensure that you are happy with any changes.
If we make changes that significantly alter our privacy practices, we will notify you by email or post a notice on our websites prior to the change taking effect.

Your right to complain

If you are unhappy with the way in which your personal data has been processed, you may, in the first instance, contact:                                

If you remain dissatisfied, then you have the right to apply directly to the supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO). Contact details for the ICO can be found at