Effective Date: December 2025
Last Updated: December 2025

XONIK (“XONIK,” “we,” “our,” or “us”) is committed to protecting personal information and handling it responsibly, lawfully, and transparently.

This Privacy Policy explains how we collect, use, disclose, store, transfer, and protect personal information in connection with our website, communications, engagements, and business operations worldwide.

This Policy is intended to comply with applicable privacy and data protection laws, including but not limited to the General Data Protection Regulation (GDPR), and analogous laws in other jurisdictions, to the extent they apply.

Applicability and Scope

This Privacy Policy applies to personal information processed by XONIK in connection with:

• Visits to our website
• Submission of inquiries, forms, or communications
• Client, partner, and vendor interactions
• Advisory, commercial, partnership, or engagement-related activities
• Marketing, operational, and administrative communications

This Policy does not apply where personal information is governed by a separate written agreement (such as a Master Services Agreement, Statement of Work, Data Processing Addendum, or NDA), which shall prevail in the event of a conflict.

Definitions

For the purposes of this Policy:

• “Personal Information” means any information relating to an identified or identifiable individual.
• “Processing” means any operation performed on personal information, including collection, use, storage, disclosure, or deletion.
• “You” refers to any individual whose personal information is processed by XONIK.

Definitions are intended to be interpreted consistently with applicable data protection laws.

Categories of Information We Collect

Information Provided Voluntarily

We may collect personal information you choose to provide, including:

• Full name
• Professional title and role
• Company or organization name
• Business email address
• Telephone number
• Inquiry details, correspondence, or submitted content
• Information shared during meetings, calls, or engagements

You are not required to provide personal information; however, failure to do so may limit our ability to respond or engage.

Information Collected Automatically

When you access our website, we may automatically collect limited technical information, including:

• IP address
• Browser type, operating system, and device identifiers
• Referring URLs
• Pages viewed, interactions, and timestamps

This information is used strictly for security, analytics, operational integrity, and performance optimization.

Information from Third Parties

We may receive personal information from third parties, such as:

• Business partners or collaborators
• Professional advisors
• Publicly available sources
• Event or referral introductions

Such information is processed in accordance with this Policy and applicable law.

Purposes of Processing

XONIK processes personal information solely for legitimate and lawful purposes, including:

• Responding to inquiries and communications
• Evaluating engagement, partnership, or collaboration requests
• Managing client, partner, and vendor relationships
• Performing contractual obligations
• Maintaining business records and operational continuity
• Improving website functionality and security
• Preventing fraud, misuse, or unauthorized access
• Complying with legal, regulatory, or contractual obligations

XONIK does not engage in automated decision-making or profiling that produces legal or similarly significant effects.

Legal Bases for Processing (Where Applicable)

Where required by law, processing is conducted on one or more of the following bases:

• Contractual necessity
• Legitimate interests, including business operations, communications, and security
• Legal or regulatory compliance
• Consent, where explicitly obtained

Where applicable, legitimate interests are assessed in light of individual rights and applicable legal requirements.

Disclosure and Sharing of Information

XONIK does not sell, trade, or rent personal information.

We may disclose personal information only:

• To service providers acting on our behalf under confidentiality obligations
• To professional advisors (legal, accounting, compliance)
• To comply with lawful requests, court orders, or regulatory requirements
• In connection with corporate transactions (merger, acquisition, restructuring), subject to safeguards

Disclosures are limited to what is strictly necessary for the stated purpose.

International Transfers

As a globally operating organization, XONIK may process personal information in multiple jurisdictions.

Where cross-border transfers occur, XONIK implements appropriate safeguards, which may include contractual protections or other lawful transfer mechanisms recognized under applicable law.

Data Retention

Personal information is retained only for as long as reasonably necessary to:

• Fulfill the purposes described in this Policy
• Satisfy legal, regulatory, accounting, or reporting requirements
• Enforce agreements or resolve disputes

Retention periods vary depending on data type and applicable obligations.

XONIK implements reasonable and proportionate safeguards to protect personal information, including:

• Access controls and authentication measures
• Secure systems and infrastructure
• Confidentiality obligations for personnel
• Risk management and incident response practices

Despite these measures, no system can be guaranteed to be completely secure.

Individual Rights

Subject to applicable law, you may have the right to:

• Request access to your personal information
• Request correction or update of inaccurate data
• Request deletion or restriction of processing
• Object to certain processing activities
• Request data portability, where applicable

Requests may be subject to verification, legal exceptions, or retention requirements.

Cookies and Similar Technologies

XONIK uses limited cookies or similar technologies for:

• Essential website functionality
• Security and fraud prevention
• Performance and analytics

We do not use cookies for targeted advertising or behavioral profiling.

You may manage cookie preferences through your browser settings.

Children’s Information

XONIK does not knowingly collect or process personal information from individuals under the age of 16.
If such information is identified, it will be deleted where required by law.

Third-Party Websites

Our website may contain links to third-party sites.
XONIK is not responsible for the privacy practices, security, or content of external websites.

Limitation of Liability

To the extent permitted by applicable law, XONIK limits its liability in connection with the processing of personal information as set out in applicable agreements and legal requirements.

Nothing in this Privacy Policy limits or excludes liability where such limitation is not permitted by law.

Updates to This Policy

XONIK may revise this Privacy Policy periodically. Updates will be posted with a revised effective date.

Continued use of our website or engagement with our services indicates awareness of the updated Policy.

Contact and Complaints

For privacy, data protection, or compliance inquiries, contact:

Privacy & Data Protection
Email: legal@xonik.com

Where required by applicable law, certain individuals may have additional rights under local data protection frameworks.

XONIK encourages individuals to contact us directly regarding any privacy-related questions or concerns so we may address them promptly.

Interpretation

This Privacy Policy shall be interpreted in a manner consistent with applicable data protection laws.

Nothing in this Policy creates rights beyond those required by law or agreed in writing.

Jurisdictional Intent

XONIK does not intentionally target or direct its services to individuals in any specific jurisdiction except as required for legitimate business purposes.

The applicability of this Privacy Policy is determined by the nature of the interaction and applicable law, not by the user’s location alone.

© XONIK. All rights reserved.