The small print, in plain sight
Privacy Policy
1. Who we are
1.1 Maktura Ltd ('Maktura', 'we') provides a social intelligence and content platform for professional services firms. We are registered in England and Wales, company number 17202626, registered office 66 Paul Street, London, England, EC2A 4NA. For personal data covered by this policy we are the controller. Contact: Hello@maktura.com with "Privacy" in the subject line.
2. When this policy applies, and when it does not
2.1 This policy covers personal data we process as a controller: visitors to our website, people who contact us or attend demos, marketing contacts, applicants, and account holders' registration and billing data.
2.2 It does not cover content our customers bring into the platform (posts, drafts, monitoring data, engagement data and similar). For that data our customer is the controller and we are their processor, and our Data Processing Agreement applies instead. If your data appears in a customer's content, contact that customer first; we will pass on any request we receive.
3. What we collect and why
3.1 Account and registration data (name, work email, organisation, role): to create and administer accounts and provide the Service. Lawful basis: performance of a contract.
3.2 Billing data (billing contact, address, VAT details, payment method held by our payment provider): to charge for the Service and keep statutory records. Lawful bases: contract and legal obligation.
3.3 Website and product usage data (device, browser, pages visited, feature usage): to secure and improve the website and Service. Lawful basis: legitimate interests in running and improving what we offer. Cookie-based collection is governed by our Cookie Policy.
3.4 Enquiry, demo and marketing data (contact details, correspondence, preferences): to respond, follow up and send relevant communications. Lawful bases: legitimate interests for business-to-business contacts, with an opt-out in every message; consent where we ask for it.
3.5 We do not use personal data covered by this policy to train machine learning models made available to others, and we do not sell personal data.
4. Who we share it with
4.1 Service providers who host and support our systems, listed with their roles at our subprocessor list, available from Hello@maktura.com on request. Our AI features are built on models provided by Anthropic; provider terms prevent use of our data to train their models.
4.2 Professional advisers, insurers and authorities where law requires. A buyer or investor in a corporate transaction, under confidentiality.
4.3 We do not share personal data with advertisers.
5. International transfers
5.1 We are UK-based. Where a provider processes personal data outside the UK, we rely on an adequacy decision (including the UK-US data bridge where the provider holds an active certification), or the ICO's International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses, supported by a transfer risk assessment. Details per provider are on the subprocessor page.
6. How long we keep it
6.1 Account data: the life of the account plus 12 months. Billing records: 6 years plus the current year, for tax law. Marketing contacts: until opt-out or 24 months of inactivity. Enquiries that go nowhere: 12 months. Where periods differ we will say so at collection.
7. Your rights
7.1 You may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests, including direct marketing (which we will always stop on request). Where processing rests on consent you may withdraw it at any time. Write to Hello@maktura.com with "Privacy" in the subject line; we respond within one month.
7.2 If you are unhappy with how we handle your data, you can complain to us at Hello@maktura.com with "Privacy" in the subject line or via email with "Privacy complaint" in the subject line. We acknowledge complaints within 30 days and investigate appropriately. You may also complain to the Information Commissioner's Office (ico.org.uk) at any time.
8. Security and changes
8.1 We apply technical and organisational measures appropriate to the risk, summarised at our security overview, available from Hello@maktura.com on request. This policy may change; material changes will be flagged on the site and, for account holders, by email. Effective date: 1 August 2026.
Cookie Policy
1. What this covers
1.1 This policy explains how maktura.com and the Maktura application use cookies and similar technologies (including pixels and local storage). It should be read with our Privacy Policy.
2. The categories we use
2.1 Strictly necessary: sign-in, session security, load balancing, consent records. These do not require consent and cannot be switched off.
2.2 Analytics and functionality: first-party cookies measuring how the site and app are used and remembering your preferences. Under UK law these do not require prior consent, but you can opt out at any time via the cookie settings link in the site footer and we tell you about them here.
2.3 Marketing: cookies supporting our advertising and measurement, set only with your consent. If you do nothing, these are not set.
2.4 The current list of cookies, their provider, purpose and duration is maintained at the cookie settings link in the site footer, kept live through our consent tool.
3. Your choices
3.1 The banner shown on first visit offers Accept all and Reject all with equal prominence. You can change your choices at any time via the the cookie settings link in the site footer link in the footer. We honour Global Privacy Control signals as an opt-out of marketing cookies. Blocking strictly necessary cookies via your browser may break sign-in.
3.2 Effective date: 1 August 2026. Changes to the cookies we use appear in the live list; material changes to this policy will be flagged on the site.
Website Terms of Use
These govern the public website only. Use of the Maktura platform is governed by the Terms of Service.
1. About these terms
1.1 These terms apply to your use of maktura.com (the 'Site'), operated by Maktura Ltd (company number 17202626, registered office 66 Paul Street, London, England, EC2A 4NA, contact Hello@maktura.com). By using the Site you accept them. The Maktura platform itself is governed by our Terms of Service, which prevail over these terms for platform use.
2. Use of the Site
2.1 You may view and download Site content for your own business evaluation and internal purposes. You must not misuse the Site, including by introducing malicious code, attempting unauthorised access, scraping content at scale, or using Site content to build a competing product or train a machine learning model.
2.2 The Site and its content (text, graphics, logos, the Maktura marks) are owned by us or our licensors. No rights are granted beyond viewing and evaluation use.
3. Content and links
3.1 Site content is general information, not advice, and may be out of date. We may change or withdraw the Site or any content without notice. Links to third-party sites are provided for convenience; we are not responsible for their content.
3.2 If you submit ideas or feedback through the Site, we may use them without obligation, provided doing so does not identify you.
4. Liability and law
4.1 Nothing in these terms limits liability for death or personal injury caused by negligence, or fraud. Otherwise, in respect of the Site (as distinct from the platform), we exclude liability for any loss of profits, business or data and our total liability to you is limited to GBP 100. The Site is provided as-is without warranties.
4.2 These terms are governed by the law of England and Wales and the courts of England and Wales have exclusive jurisdiction.
Acceptable Use Policy
Incorporated into the Terms of Service; applies to the platform and the Site.
1. The principle
1.1 Maktura exists to help professional firms publish well-governed content. Use it lawfully, honestly, and in ways that do not harm others, the Service, or the social platforms it connects to.
2. Prohibited content
2.1 Content that is unlawful, defamatory, or infringes intellectual property, privacy or confidentiality rights. Content that is hateful, harassing or threatening. Content that sexualises or endangers minors (zero tolerance; reported to authorities). Deliberately false or deceptive content, including impersonation and undisclosed AI-generated content where disclosure is required by law or platform rules.
3. Prohibited conduct
3.1 Spam or bulk unsolicited messaging. Circumventing Service security, rate limits or usage boundaries. Scraping or harvesting data other than through features we provide. Reselling access or sharing seats beyond your plan. Reverse engineering, or using the Service to build or benchmark a competing product or to develop machine learning models.
3.2 Surveillance uses: the Service must not be used for intelligence gathering on individuals, monitoring of protests, rallies or community organising, or profiling individuals based on protected characteristics. The social networks require this of us and we enforce it.
3.3 Submitting special category or otherwise sensitive personal data (health, criminal, financial account, government identifiers) to AI features, except as expressly agreed in the DPA.
4. Third-party platforms
4.1 You must comply with the terms of each social platform you connect (including Meta, X, LinkedIn, TikTok and YouTube). Publishing through Maktura does not exempt you from a platform's rules, and a platform's enforcement against your accounts is not our breach.
5. Enforcement
5.1 Where we reasonably believe this policy has been breached we may remove content, warn, suspend or (for material breach, in accordance with the Terms of Service) terminate accounts, and where appropriate notify platforms or authorities. We act proportionately, tell you what we have done and why unless law or safety prevents it, and restore access promptly where a suspension proves unfounded. Report suspected violations to Hello@maktura.com with "Acceptable use" in the subject line.
Data Processing Agreement
Incorporated automatically into the Terms of Service; no signature required. This is the document legal-sector buyers will scrutinise hardest.
1. Scope and roles
1.1 This DPA forms part of the Terms of Service between Maktura Ltd ('Processor') and the Customer ('Controller') and governs processing of personal data in Customer Content ('Customer Personal Data'). The subject matter, duration, nature and purposes of processing, data types and categories of data subjects are set out in Schedule 1.
1.2 Each party will comply with applicable data protection law, including the UK GDPR and the Data Protection Act 2018 and, where applicable, the EU GDPR.
2. Processor obligations
2.1 Maktura will process Customer Personal Data only on the Customer's documented instructions (including as to international transfers), the Terms of Service and this DPA constituting the initial instructions, unless required otherwise by law, in which case Maktura will inform the Customer unless prohibited.
2.2 Maktura will inform the Customer if, in its opinion, an instruction infringes data protection law.
2.3 Persons authorised to process Customer Personal Data are committed to confidentiality.
2.4 Maktura will implement the technical and organisational measures in Schedule 2 and measures appropriate to the risk under Article 32.
2.5 Maktura will not use Customer Personal Data to train machine learning models made available to any other customer or the public, and will not permit subprocessors, including AI model providers, to use it to train their models.
3. Subprocessors
3.1 The Customer gives general authorisation to the subprocessors listed at our subprocessor list, available from Hello@maktura.com on request, which states each subprocessor's role, location and whether Customer Personal Data is transferred to it. Maktura will give at least 30 days' notice of additions or replacements (subscription mechanism at the same page).
3.2 The Customer may object on reasonable data protection grounds within 10 business days of notice. The parties will seek a resolution in good faith; failing that, the Customer may terminate the affected subscription and receive a pro-rata refund of prepaid unused fees.
3.3 Maktura will impose data protection terms on each subprocessor materially equivalent to this DPA and remains liable for their performance.
4. Assistance, breach and records
4.1 Taking into account the nature of processing, Maktura will assist the Customer with data subject requests (forwarding any request it receives directly without responding, unless required by law), and with security, breach notification, DPIAs and consultations under Articles 32 to 36.
4.2 Maktura will notify the Customer without undue delay after becoming aware of a personal data breach affecting Customer Personal Data, providing the information reasonably required for the Customer's own notification obligations as it becomes available. Notification is not an admission of fault.
4.3 Maktura will maintain records of processing and make available information reasonably necessary to demonstrate compliance with this DPA.
5. Audit
5.1 Audit rights are tiered: first, Maktura will provide its current security documentation and available third-party attestations; second, written responses to reasonable information requests; third, if these do not reasonably satisfy the Customer's legal obligations, an audit by the Customer or an independent auditor (not a competitor), once in any 12-month period, on 30 days' notice, during business hours, under confidentiality, at the Customer's cost, minimising disruption.
6. International transfers
6.1 Maktura processes Customer Personal Data in the UK and the regions listed in our subprocessor list. Where processing involves a transfer from the UK to a country without adequacy regulations, the parties rely on, in order: an adequacy decision including the UK-US data bridge where the recipient holds an active certification; otherwise the UK Addendum to the EU Standard Contractual Clauses or the ICO's IDTA, which are incorporated as needed with the details in Schedule 1. For EU GDPR transfers the EU SCCs (Module 2) apply as set out in Schedule 3.
7. Deletion, return and term
7.1 On termination or expiry, Maktura will make Customer Personal Data available for export for 30 days, then delete it within a further 30 days, except where law requires retention (in which case it remains protected under this DPA and is isolated from further processing). Deletion from backups follows the backup cycle, not exceeding 90 days.
7.2 This DPA lasts as long as Maktura processes Customer Personal Data. If there is a conflict between this DPA and the Terms of Service regarding processing of personal data, this DPA prevails.
7.3 Liability under this DPA is subject to the exclusions and cap in the Terms of Service, except where data protection law does not permit that.
Schedule 1: Processing details
• Subject matter: provision of the Maktura platform, including compose, scheduling, governance, monitoring and AI features.
• Duration: the Subscription Term plus the export and deletion windows.
• Nature and purposes: hosting, display, analysis, content generation assistance, governance rule enforcement, audit record keeping.
• Data subjects: Customer's personnel and users; individuals appearing in social content, engagement data and monitoring results, including Customer's clients and prospects.
• Data categories: identifiers, public social profiles and posts, engagement and interest data, business contact data. Special category data is not intended to be processed and must not be submitted except as expressly agreed.
Schedule 2: Security measures
• Encryption in transit (TLS 1.2+) and at rest (AES-256); access on least privilege with MFA and SSO; logging and monitoring; environment segregation; vulnerability management and penetration testing cadence; personnel vetting and training; incident response process; business continuity and backup arrangements; certifications as obtained.
Schedule 3: Transfer mechanism details
• Table of subprocessors with role, location, transfer mechanism per provider (data bridge certification or UK Addendum/IDTA), mirroring the live subprocessor page. Anthropic (AI model provider) to be listed with its current certification status.