We would love to hear from you!

Privacy Policy

Xcite Digital – our Web Agency Privacy Policy


These terms and conditions govern your use of this website; by using this website, you accept these terms and conditions in full. If you disagree with these terms and conditions or any part of these terms and conditions, you must not use this website.

You must be at least 18 years of age to use this website. By using this website and by agreeing to these terms and conditions you warrant and represent that you are at least 18 years of age.

License to use website

Unless otherwise stated, Xcite Digital and/or its licensors own the intellectual property rights in the website and material on the website. Subject to the license below, all these intellectual property rights are reserved.

You may view, download for caching purposes only, and print pages or documents from the website for your own personal use, subject to the restrictions set out below and elsewhere in these terms and conditions.

You must not:

  • republish material from this website (including republication on another website);
  • sell, rent or sub-license material from the website;
  • show any material from the website in public;
  • reproduce, duplicate, copy or otherwise exploit material on this website for a commercial purpose
  • edit or otherwise modify any material on the website; or
  • redistribute material from this website (except for content specifically and expressly made available for redistribution)

Where content is specifically made available for redistribution, it may only be redistributed within your organisation.


In these terms and conditions, “your user information” means any information you supply through our website may be used in the following ways:

  • To alert you to updated information and new services
  • To disclose information if required by law.

We will also protect your data from misuse, unauthorised access, disclosure, or alteration.
by visiting our site, third parties may place cookies on users’ browsers for targeted advertising purposes.

A description of the types of data (for example, IP addresses, cookie identifiers, website activity) are collected for targeted advertising.

This data may be used by third parties to target advertising on other sites based on your online activity.

Instructions on how users can opt out of receiving targeted advertising:

We would like to explain how we use the information we have.

Personal Data

When visiting Xcite Digital when we may collect the following information from you:
Details that you provide by filling in forms on our website, (“our website”). This includes information provided at the time of subscribing to our service or newsletter, posting material, completing the contact form or requesting further services.

We may also ask you for information when you report a problem with our website. If you contact us, we may keep a record of that correspondence.

Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own purposes or otherwise and the resources that you access.

Information that you provide as part of any recruitment process where we use our site to advertise and/or receive information from applicants.

In relation to GDPR we’ll store your information for as long as we have to by law. If there’s no legal requirement, we’ll only store it for as long as we need it.


To help us to provide a quality service, Xcite Digital uses cookies to store and track information. A cookie is a small amount of data that is sent to your browser from a Web server and stored on your computer’s hard drive.

By modifying your browser preferences, you have the choice to accept all cookies, be notified when a cookie is set, or to reject all cookies. We will only access the cookies we have generated.

In addition to information provided by visitors to our website, Xcite Digital monitors incoming and outgoing Web traffic data for diagnosis of server problems for Web administration purposes. We use this data to collect general demographic information about all visitors to our site. This information allows us to provide the most desired information to our visitors.


Xcite Digital makes every effort to protect the confidentiality of all visitors and will not sell or release identifiable visitor information to any third party without your permission and will limit the disclosure of information where reasonably required to do so.

We have made a significant investment in our server, database, backup and firewall technologies to protect information assets. These technologies have been installed as part of a complex security architecture and protocol.

Opt-in provision

We offer an opt-in on all email transmissions and will follow this up with the timely removal of requested information from our database. This information may include name, title, company, address, phone number, fax number, email address or other information which has been offered.

Editing information

You may choose at any time to review, edit or terminate all information stored at Xcite Digital by contacting us at [email protected].

Policy changes

Xcite Digital reserves the right to change this policy at any time. Please check this page periodically for changes. Your acceptance of Xcite Digital services following the posting of changes to these terms will mean that you accept those changes. This statement and the policies outlined herein are not intended to and do not create any contractual or other legal rights in or on behalf of any party.

Your privacy rights

You can write to us at any time to get a copy of the personal information we hold about you. There’s a charge of £10 to cover the cost of providing this information.

If you believe we’re holding inaccurate information about you, please contact our support team [email protected] so we can correct it.

If you no longer want to receive marketing messages from us, please contact our marketing team and you’ll be ‘opted out’. (You can get in touch with marketing through the Contact Us page on our site.)

You can choose to opt out of all marketing communications or to opt out of marketing in one of several ways (such as email, text, phone or post).

Law and jurisdiction

These terms and conditions will be governed by and construed in accordance with English law, and any disputes relating to these terms and conditions will be subject to the exclusive jurisdiction of the courts of England.

Registrations and authorisations

Wirehive is registered with Companies House. You can find the online version of the register at Xcite Digital’s registration number is 6663472.

Xcite Digital’s details

The full name of Xcite Digital is Xcite Digital Limited

Xcite Digital is registered in England under registration number 6663472

Xcite Digital’s registered address is Norwood House, Elvetham Road, Fleet, GU51 4HL

If you have any questions about this privacy statement, or feel that your privacy has been compromised, please contact us at [email protected].

Xcite Digital – Data Protection policy – GDPR

What is GDPR?

GDPR is the EU General Data Protection Regulation. It comes into force on 25th May 2018. It will replace the 1995 EU Data Protection Directive and unify data protection laws across Europe.

The purpose of GDPR is to strengthen the rights of individuals regarding all personal data that relates to them.

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is someone who can be identified, either directly or indirectly, for example a name, email address or location data.

It will apply both to organisations established in the EU and to those anywhere in the world who are processing the personal data of EU data subjects. Processing includes the offering of goods or services to EU data subjects or the monitoring of behaviour that takes place within the EU. If personal data is to be transferred outside the EU then certain conditions must be met.

At Xcite Digital we are committed to ensuring GDPR compliance for ourselves and our clients.

The policy below outlines the detail of this commitment.

How how Xcite Digital prepared for the GDPR?

Under GDPR, Xcite Digital is both a data controller and data processor:

  • A data controller is a person or organisation that collects and stores data
  • A data processor processes personal data on behalf of a third party using its services

Our aim is to collect, store and process data in ways that are compliant with GDPR:

Security and Compliance

We employ a dedicated Security and Compliance Officer, who heads up a team with the responsibility of building and maintaining the security of Xcite Digital’s systems and ensuring that they are compliant with security and data protection standards, regulations and legislation.

The GDPR requires that data controllers and their processors implement security controls that are appropriate to the level of risk. At Xcite Digital we have implemented a range of security measures to help protect any personal data you may store when using our services.

We also make available a range of optional security controls such as encryption, logging and monitoring, identity and access management, security scanning, and firewalls. We may also make other security tools available from time to time. We are able to make a copy of our security measures available to give you confidence in the appropriateness of these measures.

Data Processing Agreement

Schedule 2 of our Terms and Conditions explains our security and privacy commitments to you. These terms will automatically take effect for new and existing customers when GDPR comes into effect on 25 May 2018. They will apply earlier if you are an existing customer and sign our Data Processing and Security Addendum.

Processing Instructions

Any data that you and your users put into our systems will be processed only in accordance with your instructions. As a data controller, you have the right to restrict processing of such data as appropriate to the services you are running. Further details are as described in Schedule 2 of our Terms and Conditions.

Non-disclosure agreements

All of our employees and contractors are required to sign a confidentiality agreement and undertake regular data protection training.

Data Export and Deletion

If required we will assist you in exporting or deleting customer data, to fulfil your obligations to data subjects. When we receive a deletion instruction from you we will delete all relevant customer data from all of our systems in line with our agreed service levels, and in any case within a period of no more than 180 days, unless we are obliged by law to retain such personal data for a longer period of time.

Incident Notification

We are committed to notifying you regarding data incidents and this is reflected in our Terms and Conditions.

International Data Notification

The GDPR requires that any personal data transferred outside of the EU is afforded the same protections as personal data within the EU. This can be achieved either by implementing appropriate international safeguards such as the EU-U.S. Privacy Shield framework, or by EU Standard Contract Clauses. It is your responsibility to choose the data processing locations of your services and to ensure that the necessary permissions have been obtained from the data subject.

Data Centre Information

We operate our Cloud Platform and Dedicated Platform Services from secure co-located data centres within the UK to keep our services running 24 hours a day, 7 days a week. Our Security Measures provide an overview of the controls that are in place.

Third-Party Sub-Processors

For some of our services we use a specified third-party provider or vendor. If this is the case it will be made clear in our agreement with you. We ensure each vendor is technically capable and is able to deliver the required levels of security and privacy.

Each of our third-party sub-processors is listed below along with a description of the function they provide.

Microsoft Azure – Provision of our Microsoft Azure services.
Amazon Web Services – Provision of our AWS services.
Google Cloud Platform – Provision of our GCP services.
Auth0 – Customer portal identity, authentication and authorisation services.

Your right to audit Xcite Digital
The GDPR requires data controllers to be granted audit rights of their data processors. Therefore, as from 25 May 2018, our customers will be able to audit Xcite Digital in accordance with our Terms and Conditions.

What are your responsibilities as a customer of Xcite Digital?
You are the data controller of any personal data you provide to us in relation to your use of our services. This means that you are responsible for determining:

  • the reason why data is being processed
  • how it is processed
  • when it is processed

Your other responsibilities include maintaining records of the processing activities that are carried out on the above personal data.

As a data processor when you are using our services, Xcite Digital will only process activities that you have authorised us to do. As a data processor we will not process any data you provide unless we have received an appropriate instruction from you.

As a data controller, the GDPR requires you to implement a range of appropriate technical and organisational measures to ensure that any processing of personal data is performed in a demonstrably compliant manner. This compliance includes lawfulness, fairness, transparency, purpose, data economy and accuracy.

The GDPR also gives data subjects various rights with respect to their data, which you are required to fulfil.

Further guidance related to your responsibilities under the GDPR is available from your national data protection authority: in the UK The Information Commissioner’s Office (ICO).

Nothing on this website should be considered as legal advice and you should seek independent legal advice regarding your obligations under the GDPR.

Please view our work here.