Privacy Policy
1. Who We Are
CriticalIQ is operated by Croi Digital & Design (sole trader), based in England & Wales. We provide an online comparison tool at criticaliq.co.uk for UK financial advisers to compare protection insurance policies.
Contact: hello@criticaliq.co.uk
2. Our Approach to Data
CriticalIQ is designed to minimise personal data processing. Policy comparisons, PDF reports, and any client references you enter are generated entirely within your browser and are never transmitted to or stored on our servers.
We do not require you to create an account to use the comparison tool, and we do not use analytics, advertising, or profiling cookies.
3. What We Do Not Collect
- Client names, ages, or personal details entered into comparison forms — these remain in your browser only
- Adviser names or firm names entered into PDF report forms — these are used only in the locally-generated PDF
- Usage analytics or behavioural tracking data
- Advertising or marketing profiles
4. Data That May Be Processed
While we do not actively collect personal data, the following limited processing occurs as a necessary part of delivering the website to your browser:
| Service | Purpose | Data Processed | Privacy Policy |
|---|---|---|---|
| Cloudflare | Website hosting, CDN & security | IP address, request headers | cloudflare.com |
| Google Fonts | Typography (Outfit typeface) | IP address | policies.google.com |
| Cloudflare CDN (cdnjs) | JavaScript libraries (jsPDF) | IP address | cloudflare.com |
5. Legal Basis for Processing
Where personal data is processed (for example, IP addresses by our hosting provider Cloudflare), the legal basis is legitimate interest under Article 6(1)(f) of UK GDPR — specifically, the legitimate interest of providing a secure, functional website to visitors.
6. Cookies
We do not use analytics, advertising, or tracking cookies. Our hosting provider Cloudflare may set strictly necessary cookies for security and bot protection purposes. These do not require consent under the Privacy and Electronic Communications Regulations 2003 (PECR). Full details are in our Cookie Policy.
7. International Transfers
Cloudflare and Google may process data outside the United Kingdom. Both organisations rely on UK International Data Transfer Agreements (IDTAs) and/or Standard Contractual Clauses (SCCs) as approved by the Information Commissioner's Office (ICO) to safeguard any transferred data.
8. Data Retention
We do not retain personal data on our own servers. Cloudflare may retain server access logs for a limited period (typically up to 72 hours) for security and operational purposes, in accordance with their own retention policy.
9. Data Sharing
We do not sell, rent, or share personal data with third parties for their own purposes. The only data sharing that occurs is the incidental processing described in Section 4 above, which is necessary to deliver the website to your browser.
10. Your Rights
Under UK GDPR you have the right to access, rectify, erase, restrict processing of, object to processing of, and port your personal data. Since we do not hold personal data on our servers, these rights are unlikely to apply in practice. However, you may contact us at hello@criticaliq.co.uk and we will respond within 30 days.
11. Children
CriticalIQ is a professional tool intended for use by authorised financial advisers. It is not directed at children and we do not knowingly process the personal data of anyone under 18.
12. Complaints
You have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.
13. Changes to This Policy
We will update this policy if our data practices change. The "last updated" date at the top of this page will always reflect the most recent revision.