Erika
Sign in Start sourcing
Home Legal

Privacy Policy

Last updated: 4 June 2026 Version 1.0

This Privacy Policy explains how Erika Work Inc (“Erika”, “we”, “us”, “our”) collects, uses, shares and protects personal data when you visit our marketing website at erikawork.com (the “Site”), and the rights you have under the EU General Data Protection Regulation (“GDPR”) and the UK GDPR.

This policy covers the public Site only. Our product application at app.erikawork.com and any services delivered through it are governed by a separate privacy notice and the agreement entered into with each customer.

1. Who we are (data controller)

The controller responsible for your personal data is:

  • Erika Work Inc, a corporation incorporated in the State of Delaware, United States.
  • Registered office: 614 North Dupont Highway, Suite 210, Dover, DE 19901, United States
  • Email: martin@erikawork.com

2. EU / UK representative

As a company established outside the EU and the UK that offers services to individuals in those regions, Erika is in the process of designating a representative in the EU and the UK as required under Article 27 GDPR. Until that representative is appointed, you can raise any data-protection matter with us directly, as the controller, at martin@erikawork.com.

3. The personal data we collect

We keep data collection on the Site to a minimum. We collect:

  • Information you give us. If you book a demo or contact us, we receive the details you provide — typically your name, email address, company, and the content of your message or the time slot you select. Demo bookings are handled through Google’s appointment-scheduling service (Google Calendar).
  • Usage and analytics data. If you consent to analytics cookies, we collect aggregated, pseudonymous information about how the Site is used (pages viewed, approximate region, device and browser type, referring source) via Google Analytics 4. Google Analytics is configured to anonymise IP addresses and does not store your full IP address.
  • Technical and security data. Our hosting provider automatically logs limited technical information (such as IP address, timestamp and requested URL) for the short time needed to deliver the Site securely and prevent abuse.
  • Preferences. Your chosen language and your cookie-consent choices are stored locally in your browser so the Site behaves as you expect on your next visit.

We do not knowingly collect special categories of data through the Site, and we do not sell personal data.

4. How we use your data and our legal bases

Under the GDPR we rely on the following legal bases (Article 6):

  • Consent (Art. 6(1)(a)). Analytics and any marketing cookies are set only after you opt in. You may withdraw consent at any time (see “Cookies”, below).
  • Steps prior to a contract / our legitimate interests (Art. 6(1)(b) and (f)). To respond to your enquiries, arrange and conduct demos, and follow up about our services.
  • Legitimate interests (Art. 6(1)(f)). To operate, secure and improve the Site, prevent fraud and abuse, and understand aggregate interest in our services. We balance these interests against your rights and freedoms.
  • Legal obligation (Art. 6(1)(c)). Where we must retain or disclose data to comply with applicable law.

5. Cookies and similar technologies

On your first visit we show a consent banner. Strictly-necessary storage (such as your language and consent choices) is always active because the Site cannot function without it; it does not require consent. All other categories — Analytics and Marketing — are switched off by default and load only if you opt in. No analytics or marketing tags are loaded before you give consent.

You can review or change your choices at any time using the “Cookie settings” link in the footer of any page, or withdraw consent there as easily as you gave it. Analytics on the Site is provided by Google Analytics 4 (measurement ID active only with consent); cookies it sets typically expire within 24 months.

6. Sharing your data and service providers

We share personal data only with service providers (processors) that help us run the Site, under contracts that require them to protect it. These currently include:

  • Google LLC / Google Ireland Ltd — website hosting (Firebase Hosting), web fonts, analytics (Google Analytics 4), and demo scheduling (Google Calendar appointments).
  • Fontshare (Indian Type Foundry) — delivery of web fonts used on the Site.

We may also disclose data where required by law, to enforce our terms, or in connection with a corporate transaction (such as a merger or acquisition), subject to this policy.

7. International data transfers

Erika is based in the United States, and some of our providers process data in the U.S. and other countries outside the EU/EEA and the UK. Where personal data is transferred outside the EEA/UK, we rely on appropriate safeguards — principally the European Commission’s Standard Contractual Clauses and, where the recipient is certified, the EU–U.S. Data Privacy Framework (and its UK extension). You may request a copy of the relevant safeguard by emailing us.

8. How long we keep your data

We keep personal data only as long as necessary for the purpose it was collected: enquiry and demo correspondence for up to 24 months after our last interaction (unless you ask us to delete it sooner or a longer period is legally required); analytics data for up to 14 months; and security logs for a short period. We then delete or anonymise it.

9. Your rights

Subject to the conditions in the GDPR, you have the right to:

  • access the personal data we hold about you;
  • have inaccurate data corrected;
  • have your data erased (“right to be forgotten”);
  • restrict or object to our processing, including profiling and direct marketing;
  • data portability;
  • withdraw consent at any time, without affecting processing carried out before withdrawal; and
  • lodge a complaint with a supervisory authority.

To exercise any of these rights, email martin@erikawork.com. We will respond within one month. You also have the right to complain to your local data-protection authority — for example, in the Czech Republic the Office for Personal Data Protection (Úřad pro ochranu osobních údajů), or any other EU/EEA supervisory authority in the country where you live or work.

10. Data security

The Site is served exclusively over encrypted HTTPS. We apply appropriate technical and organisational measures to protect personal data against unauthorised access, loss or misuse, and we limit access to those who need it. No method of transmission over the internet is completely secure, but we work to protect your data and to address any incident promptly.

11. Children

The Site is intended for businesses and professionals and is not directed to children. We do not knowingly collect personal data from anyone under the age of 16. If you believe a child has provided us data, please contact us and we will delete it.

12. Changes to this policy

We may update this policy from time to time. When we make material changes we will revise the “Last updated” date above and, where appropriate, ask for your consent again. Please review this page periodically.

13. Contact us

For any question about this policy or your personal data, contact us at martin@erikawork.com or by post at the registered office address listed in section 1.

← Home Start sourcing