Privacy Policy

Last updated: 6 October 2025

1. Who we are

powermapped.com (the "Site") is owned and operated by Africa Strategy ("we", "us", "our").

Address: Network Hub, 300 Kensal Road, London W10 5BE, United Kingdom.

Email: privacy@powermapped.com

We are the data controller for personal data collected through the Site and for personal data we curate in the PowerMapped database. When our business customers upload or provide personal data for their own projects, we act as a data processor and process that data under their instructions.

This notice explains how we collect, use, disclose, and protect personal data in line with the UK GDPR and the Data Protection Act 2018. If you are in the EEA, we apply equivalent protections.

2. What this policy covers

  • Visitors to the Site
  • Registered users and customers of our services
  • People whose information appears in the PowerMapped database (for example, public figures and professionals)

3. Personal data we collect

3.1 Data you give us

  • Account details (name, email, password)
  • Contact details (job title, organisation, phone, billing address)
  • Messages and support requests
  • Marketing preferences

3.2 Data we collect automatically

  • Usage data (pages viewed, actions taken, session duration)
  • Device and log data (IP address, browser type and version, operating system, time zone)
  • Cookie and similar technology data (see Cookies below)

3.3 Data we obtain from other sources

  • Public sources (official registers, company websites, press releases, public social media profiles, government publications, NGO reports, academic papers, event programmes)
  • Commercial data providers and partners
  • Customers who supply contact lists or files for processing (we act as processor)

4. Special note on our database (profiling and scoring)

We build and maintain profiles of influential people and organisations using information from public and licensed sources. Profiles may include role, sector, affiliations, public activities, and scores based on clear criteria (for example, formal role, public profile, networks). This is profiling. We use it to power search, ranking, and insights for users of the Site.

Your choices: You can object to profiling, ask for human review, request access, correction, or deletion where applicable. See Your rights below.

5. Why we use personal data (lawful bases)

We use personal data for:

  • Providing the Site and services (create and manage accounts, deliver features, provide support) — contract and legitimate interests
  • PowerMapped database (compile, update, and present profiles and rankings from public sources) — legitimate interests
  • Improving and securing the service (analytics, performance, fraud prevention, spam control) — legitimate interests
  • Marketing (newsletters, product updates) — consent where required; you can opt out at any time
  • Legal and compliance (record‑keeping, handling requests, enforcing terms) — legal obligation and legitimate interests

Where we rely on legitimate interests, we balance our interests with your rights and expectations and take steps to reduce impact, such as using data from public sources, offering opt‑outs, and giving clear routes to exercise your rights.

6. Cookies and similar technologies

We use essential cookies to make the Site work and non‑essential cookies (such as analytics) to understand use. Non‑essential cookies are set only with your consent.

You can change your cookie choices at any time via the cookie banner or your browser settings. For more detail, see our Cookie Policy (or request a copy from us).

Typical cookies we use

  • Essential: security, login sessions
  • Analytics: page views, feature use
  • Preference: language, layout

7. Who we share data with

  • Service providers acting as processors (hosting, analytics, customer support, email delivery, security). They must keep data safe and follow our instructions.
  • Customers (only where you are part of a customer's project and they have a lawful basis; we act as processor).
  • Professional advisers (legal, accounting) and authorities where required by law.
  • Business changes: if we restructure, merge, or sell parts of the business, data may transfer with the business, subject to this policy.

We do not sell personal data.

8. International transfers

Your data may be processed outside the UK/EEA. When this happens, we use approved safeguards such as the UK International Data Transfer Agreement (IDTA) or the EU Standard Contractual Clauses with the UK Addendum, plus technical and organisational measures.

9. How long we keep data

We keep data only for as long as needed:

  • Account and contract records: up to 6 years after the end of the relationship
  • Support tickets and communications: up to 3 years
  • Technical logs: up to 12 months
  • Marketing preferences: until you opt out (we keep a suppression record so we don't contact you again)
  • Database entries: kept under rolling review; we update and remove information that is stale, inaccurate, or no longer relevant to our service

10. Your rights

Under the UK GDPR you can:

  • Access your personal data
  • Correct inaccurate or incomplete data
  • Erase your data in certain cases
  • Restrict how we use it
  • Object to processing based on legitimate interests, including profiling, and to direct marketing
  • Data portability for data you provided to us
  • Withdraw consent at any time (this does not affect past processing)

To exercise these rights, email privacy@powermapped.com. We may need to verify your identity. If your data was provided by a customer, we may refer you to them.

11. Children

Our Site is aimed at professionals and is not for children. We do not knowingly collect data about children.

12. Security

We use appropriate technical and organisational measures to protect personal data, including access controls, encryption in transit, and staff training. No system is perfectly secure, but we work to reduce risk and respond quickly to issues.

13. Links to other sites

The Site may link to other websites we do not control. Their privacy practices apply there.

14. Changes to this policy

We may update this policy from time to time. We will post changes on this page and, if the changes are significant, we will let you know by email or an in‑product notice.

15. Contact and complaints

Questions or requests: privacy@powermapped.com

Postal: Africa Strategy, Network Hub, 300 Kensal Road, London W10 5BE, United Kingdom.

If you are unhappy with how we handle your data, you can contact the Information Commissioner's Office (ICO): Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; ico.org.uk; 0303 123 1113.

Appendix — Acting as a processor

When a customer asks us to process personal data on their behalf, we:

  • Process only on their documented instructions
  • Keep data confidential and secure
  • Assist with security, breach notices, and rights requests where relevant
  • Use sub‑processors under written terms and remain responsible for them
  • Delete or return personal data at the end of the contract, unless law requires storage

If you are a customer and need a Data Processing Agreement (DPA), contact privacy@powermapped.com.