Privacy Policy

Last Updated: 15th January 2025

At LightA-PortalX, we understand that trusting someone with your personal information isn't something you do lightly. This privacy policy explains how we collect, use, and protect your data when you work with us or visit our website. We've written this in plain language because legal jargon doesn't help anyone make informed decisions.

Who We Are

We're LightA-PortalX, a custom mobile solution development company based in the United Kingdom. Our registered address is 21 Lawrance Square, Northfleet, Gravesend DA11 7HW. When we talk about "we," "us," or "our" in this policy, we mean LightA-PortalX Limited.

Data Controller: LightA-PortalX Limited

Email: contact@lighta-portalx.com

Phone: +447904528772

Address: 21 Lawrance Square, Northfleet, Gravesend DA11 7HW, United Kingdom

What Information We Collect

The information we collect depends on how you interact with us. We only gather what we genuinely need to provide our services and communicate with you effectively.

Information You Give Us Directly

  • Contact details including your name, email address, phone number, and company name when you reach out through our website or contact forms
  • Business information such as your project requirements, technical specifications, and budget considerations when discussing potential work
  • Communication records from emails, phone calls, and meetings we have with you
  • Feedback and testimonials if you choose to share your experience working with us
  • Payment information and invoicing details for completed projects

Information We Collect Automatically

When you visit our website, certain technical information gets collected automatically. This helps us understand how people use our site and where we can improve things.

  • Browser type and version, operating system, and device information
  • IP address and general location data (country or city level, not your exact address)
  • Pages you visit on our website, how long you spend on each page, and what links you click
  • Referring website or search terms that brought you to our site
  • Date and time of your visits

Information From Third Parties

Occasionally, we might receive information about you from other sources, such as business partners who refer you to us or professional networking platforms where you've engaged with our content. We only use this information if you've given appropriate consent to those third parties.

How We Use Your Information

We're straightforward about why we collect your data. Here's what we actually do with it:

Service Delivery: We use your contact and business information to discuss your project needs, provide quotes, develop solutions, and deliver the mobile applications you've commissioned from us.

Communication: We'll contact you about ongoing projects, respond to your enquiries, and occasionally share updates about our services that might be relevant to your business.

Business Operations: We process payment information for invoicing, maintain records for accounting purposes, and use data to improve our internal processes and service quality.

Legal Obligations: Sometimes we're required to retain certain information for tax purposes, dispute resolution, or to comply with UK legal requirements.

Our Legal Basis for Processing

Under UK GDPR, we need a lawful basis to process your personal data. Here's what applies to different situations:

  • Contract Performance: When you engage us for a project, we process your data to fulfill our contractual obligations
  • Legitimate Interest: We have a legitimate business interest in marketing our services, improving our website, and maintaining business relationships
  • Legal Obligation: We're required to keep certain records for tax, accounting, and regulatory compliance
  • Consent: For marketing communications, we'll ask for your explicit consent, which you can withdraw at any time

Your Rights Under UK GDPR

UK data protection law gives you substantial control over your personal information. These aren't just theoretical rights - we're set up to help you exercise them.

Right to Access

You can request a copy of the personal data we hold about you. We'll provide this free of charge within one month of your request.

Right to Rectification

If information we hold about you is inaccurate or incomplete, you can ask us to correct or complete it.

Right to Erasure

You can request that we delete your personal data in certain circumstances, though legal obligations may require us to retain some information.

Right to Restriction

You can ask us to limit how we use your data while we investigate a concern or dispute about the information we hold.

Right to Data Portability

You can request your data in a structured, commonly used format that you can transfer to another service provider.

Right to Object

You can object to processing based on legitimate interests or for direct marketing purposes, and we'll stop unless we have compelling grounds to continue.

How to Exercise Your Rights: Send an email to contact@lighta-portalx.com with your request, or write to us at our registered address. We'll respond within one month and won't charge a fee unless your request is clearly unfounded or excessive. We might need to verify your identity before proceeding - that's just to protect your data from unauthorized access.

How We Protect Your Data

Security isn't something we bolt on at the end. It's built into how we work. While no system can ever be 100% secure (anyone who promises that isn't being honest), we take multiple precautions to protect your information.

Technical Measures

  • Encrypted data transmission using SSL/TLS protocols on our website and email communications
  • Secure server infrastructure with regular security updates and patches
  • Password-protected systems with strong authentication requirements
  • Regular backups stored in secure, encrypted locations
  • Firewall protection and intrusion detection systems

Organizational Measures

  • Limited access to personal data on a need-to-know basis only
  • Confidentiality agreements with all team members and contractors
  • Regular security training for everyone who handles data
  • Clear data handling procedures and incident response protocols
  • Regular reviews of our security practices and data processing activities

If we ever experience a data breach that poses a risk to your rights and freedoms, we'll notify you and the Information Commissioner's Office within 72 hours of becoming aware of it.

Who We Share Your Data With

We're selective about who gets access to your information. We don't sell your data to third parties - that's not our business model and never will be.

Service Providers

We work with carefully selected third-party service providers who help us run our business. These might include:

  • Web hosting and cloud storage providers who maintain our technical infrastructure
  • Email service providers for business communications
  • Accounting and bookkeeping software for financial records
  • Project management tools for collaboration on your projects
  • Payment processors for handling transactions

All these providers are bound by data processing agreements that require them to protect your data and use it only for the specific purposes we've authorized.

Legal Requirements

Sometimes we're legally required to share information with authorities, such as HMRC for tax purposes or law enforcement if served with a valid legal request. We'll only share what's legally required and will challenge any requests that seem excessive.

Business Transfers

If LightA-PortalX is involved in a merger, acquisition, or sale of assets, your data might be transferred as part of that transaction. We'd notify you before your information becomes subject to a different privacy policy.

International Data Transfers

We're based in the UK, and we try to keep your data within the UK or European Economic Area whenever possible. However, some of our service providers operate from other countries, which means your data might occasionally be processed outside the UK.

When this happens, we make sure your data is protected through:

  • Standard Contractual Clauses approved by the UK Information Commissioner's Office
  • Adequacy decisions that confirm a country provides adequate data protection
  • Binding Corporate Rules for large multinational service providers
  • Additional security measures appropriate to the sensitivity of the data

We regularly review where data is being processed and ensure appropriate safeguards remain in place.

How Long We Keep Your Data

We don't keep your information forever. Our retention periods depend on why we collected the data and what legal obligations we have.

Data Type Retention Period Reason
Project files and communications 6 years after project completion Contract disputes, warranty obligations, tax records
Financial records and invoices 6 years from end of financial year UK tax law requirements
General enquiry data 2 years from last contact Business development and follow-up
Marketing consent records Until consent is withdrawn, plus 1 year Proof of consent for regulatory compliance
Website analytics 26 months Understanding long-term trends in site usage

After these periods expire, we securely delete or anonymize the data. If you request deletion earlier, we'll comply unless we have a legal obligation to retain the information.

Cookies and Tracking Technologies

Our website uses cookies - small text files stored on your device that help the site work properly and give us insights into how people use it.

Essential Cookies

These are necessary for the website to function. They enable basic features like page navigation and access to secure areas. The website can't work properly without them, so they're set automatically.

Analytics Cookies

We use analytics tools to understand how visitors interact with our site - which pages get viewed most, where people spend time, and what content resonates. This information is aggregated and anonymized. You can opt out of analytics tracking if you prefer.

Managing Cookie Preferences

Most web browsers allow you to control cookies through their settings. You can set your browser to refuse cookies or alert you when cookies are being sent. Keep in mind that disabling certain cookies might affect how the website functions.

Children's Privacy

Our services are designed for businesses and professionals. We don't knowingly collect information from anyone under 16 years of age. If we discover we've inadvertently collected data from a child, we'll delete it immediately. If you're a parent or guardian and believe your child has provided us with personal information, please contact us straight away.

Changes to This Policy

Privacy law and our business practices both change over time. We'll update this policy when needed to reflect those changes. When we make significant updates, we'll notify you by email if we have your contact details, or by posting a prominent notice on our website.

The "Last Updated" date at the top of this policy shows when it was most recently revised. We encourage you to review this policy periodically, especially if you're concerned about how your information is being used.

Third-Party Websites

Our website might contain links to other sites that we think you'll find useful. Once you click through to another site, this privacy policy no longer applies. We don't control those sites and aren't responsible for their privacy practices. We recommend reading their privacy policies before sharing any personal information.

Questions or Concerns?

If something in this policy isn't clear, if you want to exercise any of your data rights, or if you have concerns about how we're handling your information, we want to hear from you.

Email: contact@lighta-portalx.com
Phone: +447904528772

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you're unhappy with how we've handled your data. Visit ico.org.uk for more information about your rights and how to raise concerns.