MigrateX

Privacy Policy

Last updated: 27th March 2026

MigrateX Inc., a Delaware corporation (“MigrateX,” “we,” “our,” or “us”) operates the website at migratex.com (the “Website”) and provides data migration services (the “Services”). This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit the Website or use our Services.

This Privacy Policy applies to information we collect as a data controller (i.e., when we decide the purposes and means of processing). When we process personal data on behalf of our customers as a data processor (for example, during a migration project), that processing is governed by our Data Processing Addendum (DPA), not this Privacy Policy.

1. Information We Collect

Information You Provide

We collect information you voluntarily provide, including:

  • Contact and account information: name, email address, company name, job title, and phone number when you fill out forms, request a quote, book a call, or contact us.
  • Migration consultation details: source platform, target platform, estimated record counts, and timeline preferences submitted through our consultation request form.
  • Communications: the content of emails, messages, or other communications you send us.
  • Order and billing information: company legal name, billing address, billing email, and technical contact details provided through Order Forms.

Information Collected Automatically

When you visit the Website, we may automatically collect:

  • Usage data: pages visited, time spent on pages, referral URLs, click patterns, and other interaction data.
  • Device and browser information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
  • Cookie and tracking data: information collected through cookies, pixels, and similar technologies as described in our Cookie Policy.

Information from Third Parties

We may receive information from:

  • Analytics providers: such as Google Analytics and PostHog, which provide aggregated usage data about Website visitors.
  • Advertising platforms: such as Meta and LinkedIn, which may provide conversion data for users who interact with our advertisements.
  • Business partners and referral sources: such as integration partners who may refer prospective customers to us.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and improving our Services: to respond to your inquiries, process consultation requests, deliver migration services, and improve the Website and Services.
  • Communications: to send you information you have requested, respond to your messages, and provide customer support.
  • Marketing: to send you marketing communications about our products and services, where permitted by law. You may opt out at any time.
  • Analytics and optimization: to understand how visitors use the Website, analyze trends, and optimize our content and user experience.
  • Security and fraud prevention: to detect, prevent, and respond to security incidents, fraud, and abuse.
  • Legal compliance: to comply with applicable laws, regulations, legal processes, and law enforcement requests.
  • Aggregated insights: to generate aggregated and de-identified data for analytics, benchmarking, and service improvement, as described in our Service Agreement.

If you are located in the European Economic Area or the United Kingdom, our legal bases for processing your personal data include:

  • Performance of a contract: when processing is necessary to perform our agreement with you or to take pre-contractual steps at your request.
  • Legitimate interests: when processing is necessary for our legitimate business interests (such as marketing, analytics, and security), provided those interests are not overridden by your rights.
  • Consent: when you have given consent to specific processing activities, such as receiving marketing emails. You may withdraw consent at any time.
  • Legal obligation: when processing is required to comply with a legal obligation.

4. How We Share Your Information

We do not sell or share your personal information for third-party advertising purposes. We may disclose your information to:

  • Service providers: third-party vendors who assist us in operating the Website and providing the Services, including cloud infrastructure providers, email delivery providers, error monitoring tools, and customer support tools. These providers are contractually obligated to protect your data and may only process it on our behalf.
  • Sub-processors: as identified in Annex III of our Data Processing Addendum.
  • Professional advisors: lawyers, accountants, and auditors where necessary for professional advice or compliance.
  • Law enforcement and regulators: where required by applicable law, regulation, legal process, or governmental request.
  • Corporate transactions: in connection with a merger, acquisition, reorganization, or sale of assets, in which case your information may be transferred as part of the transaction.
  • With your consent: where you have given us specific permission to share your information.

5. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Website visitor data:retained in accordance with our analytics providers’ standard retention periods.
  • Contact and inquiry data: retained for as long as necessary to maintain our business relationship and for a reasonable period thereafter.
  • Customer data processed during migration projects: deleted within 30 days after project completion or termination, unless otherwise agreed or required by law, as described in our Data Processing Addendum.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Rights Under GDPR (EEA/UK)

  • Access: request a copy of the personal data we hold about you.
  • Rectification: request correction of inaccurate or incomplete data.
  • Erasure: request deletion of your personal data in certain circumstances.
  • Restriction: request that we restrict processing in certain circumstances.
  • Portability: receive your data in a structured, machine-readable format.
  • Objection: object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent: where processing is based on consent.

You may also lodge a complaint with your local supervisory authority.

Rights Under CCPA/CPRA (California)

  • Right to know: what personal information we collect, use, disclose, and sell.
  • Right to delete: request deletion of your personal information.
  • Right to correct: request correction of inaccurate personal information.
  • Right to opt out: of the sale or sharing of personal information. We do not sell or share personal information as defined by the CCPA/CPRA.
  • Right to non-discrimination: for exercising your privacy rights.

Exercising Your Rights

To exercise any of these rights, email us at privacy@migratex.comwith the subject line “Data Subject Request.” Please include your full name, the email address associated with your account (if applicable), your country of residence, and a description of the right you wish to exercise. We will respond within 30 days (or sooner where required by law). We may ask you to verify your identity before processing your request.

7. International Data Transfers

MigrateX is based in the United States. If you are located outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

For transfers of personal data from the EEA, UK, or Switzerland, we rely on appropriate transfer mechanisms, including the European Commission’s Standard Contractual Clauses (SCCs), as described in our Data Processing Addendum. For UK transfers, we incorporate the UK International Data Transfer Addendum (IDTA) or UK addendum to the EU SCCs.

8. Security

We implement reasonable and appropriate technical and organizational measures designed to protect personal information from unauthorized access, use, alteration, and destruction. These measures include encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access controls, multi-factor authentication for administrative access, network security controls, and regular security assessments.

For a detailed description of our security measures, please refer to Annex II of our Data Processing Addendum.

No method of transmission or storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Children’s Privacy

The Website and Services are intended for business use and are not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13, we will take steps to delete it promptly. If you believe a child has provided us with personal information, please contact us at privacy@migratex.com.

The Website may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party sites you visit.

11. Questions, Complaints, and Dispute Resolution

If you have a concern about how we handle your personal data, we ask that you contact us first at privacy@migratex.com so we can try to resolve it directly. We will respond within 30 days.

If you are located in the EEA or UK and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority. If you are located in California, you may contact the California Attorney General’s office regarding your CCPA/CPRA rights. For more details on California-specific rights, see our CCPA Compliance page.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated Effective Date. Your continued use of the Website after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us at:

MigrateX Inc.
8 The Green, STE R, Dover, DE 19901, USA
Email: privacy@migratex.com

For data protection inquiries related to EU/UK GDPR, you may also contact us at the address above.