Privacy Policy

Privacy Policy YUPL Digital

Last updated: November 2024

At YUPL, we are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you visit our website or engage our services.

1. Who We Are

YUPL Digital is the data controller responsible for your personal data. We are a UK-based digital agency providing software development, consulting, and digital transformation services.

• Company: YUPL Digital
• Address: 24 Holborn Viaduct, London EC1A 2BN
• Email: privacy@yupl.com
• Phone: 0330 229 4580

2. Information We Collect

We collect information in the following ways:

Information You Provide Directly

• Contact Information: Name, email address, phone number, company name when you contact us or request a quote
• Project Information: Details about your project requirements, business needs, and technical specifications
• Communication Records: Emails, messages, and notes from our interactions
• Payment Information: Billing details for invoicing (processed securely via our payment providers)

Information Collected Automatically

• Device Information: Browser type, operating system, device type
• Usage Data: Pages visited, time spent on pages, click patterns
• Technical Data: IP address, referring URLs, access times
• Cookie Data: Information collected through cookies (see Cookies section)

3. How We Use Your Information

We use your personal data to:

• Respond to your enquiries and provide requested information
• Deliver our services and manage project engagements
• Process payments and maintain financial records
• Send relevant updates about your projects or our services
• Improve our website and services based on usage patterns
• Comply with legal obligations and protect our legitimate interests
• Send marketing communications (only with your consent)

4. Legal Basis for Processing

Under UK GDPR, we process your data based on the following legal grounds:

• Contract: Processing necessary to fulfil our contractual obligations to you
• Consent: Where you have given explicit consent (e.g., marketing communications)
• Legitimate Interests: Processing necessary for our legitimate business interests, provided these don't override your rights
• Legal Obligation: Processing required to comply with UK law

5. Data Sharing

We do not sell your personal data. We may share your information with:

• Service Providers: Trusted third parties who assist in delivering our services (hosting, payment processing, analytics)
• Professional Advisors: Lawyers, accountants, and auditors as necessary
• Legal Authorities: When required by law or to protect our legal rights
• Business Transfers: In connection with any merger, sale, or acquisition

All third parties are contractually obligated to protect your data and use it only for specified purposes.

6. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

• Client Records: 7 years after project completion (for legal and accounting purposes)
• Marketing Data: Until you withdraw consent or unsubscribe
• Website Analytics: 26 months
• Enquiry Records: 2 years if no engagement follows

After the retention period, data is securely deleted or anonymised.

7. Your Rights

Under UK GDPR, you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal obligations)
• Right to Restrict Processing: Request limitation of how we use your data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at privacy@yupl.com. We will respond within one month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

8. Cookies

Our website uses cookies to enhance your browsing experience. Cookies are small text files stored on your device.

Types of Cookies We Use

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors interact with our website
• Functionality Cookies: Remember your preferences and settings

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

9. Data Security

We implement robust security measures to protect your personal data:

• SSL/TLS encryption for all data transmission
• Secure, encrypted storage systems
• Regular security audits and penetration testing
• Access controls limiting data access to authorised personnel
• Staff training on data protection best practices
• Incident response procedures for potential data breaches

While we take all reasonable precautions, no data transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the highest standards.

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

Changes to This Policy

We may update this Privacy Policy periodically. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy regularly. Continued use of our website or services after changes constitutes acceptance of the updated policy.