Privacy Policy

Last updated: April 6, 2026

This Privacy Policy complies with UK GDPR and the Data Protection Act 2018.

1. Introduction

SitePolicy.co.uk ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services.

Data Controller: Nikita Usatov (trading as SitePolicy.co.uk)
Contact: support@sitepolicy.co.uk

2. Information We Collect

2.1 Company Information

When you use our legal document generation service, we collect:

Company name and registration details
Registered address and trading address
Director/owner information
Website URL and business description
Contact details (email, phone)
Data Protection Officer details (if applicable)

2.2 Technical Information

IP address and location data
Browser type and version
Device information
Pages visited and time spent
Referral source

2.3 Cookies and Analytics

We use essential cookies for website functionality. We also use Google Analytics to collect anonymised data about how visitors interact with our website. Google Analytics uses cookies (_ga, _gid, _gat) to gather information such as pages visited, time on site, and referral source. This data helps us improve our service. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

For more details, see Google's Privacy Policy.

3. How We Use Your Information

We use your personal data for:

Generating customised legal documents
Processing payments through Creem.io (our Merchant of Record)
Providing customer support
Improving our services
Complying with legal obligations
Fraud prevention and security

4. Legal Basis for Processing

We process your data based on:

Contract performance: To deliver the legal documents you've purchased
Legitimate interests: For business operations, fraud prevention, and service improvement
Legal obligation: To comply with tax, accounting, and regulatory requirements
Consent: For marketing communications (opt-in only)

5. Data Sharing and Third Parties

5.1 Creem.io (Payment Processor)

Payments are processed by Creem.io, who acts as our Merchant of Record. They handle all payment data securely and independently. See Creem.io's Privacy Policy.

5.2 Google Analytics

We use Google Analytics, a web analytics service provided by Google LLC. Google Analytics uses cookies to help us analyse website traffic. The information generated by these cookies is transmitted to and stored by Google on servers in the United States. Google may use this data in accordance with their own privacy policy. See Google's Privacy Policy.

5.3 Other Service Providers

Web hosting (Hetzner Online GmbH, Helsinki, Finland)
Email services (for customer communications)
Companies House API (for company data lookup)

We never sell your personal data to third parties.

6. Data Retention

We retain your data for:

Company data: 7 years (for accounting and legal compliance)
Website analytics: 2 years
Marketing data: Until you unsubscribe
Support communications: 3 years

7. Your Rights

Under UK GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data
Portability: Receive your data in a machine-readable format
Object: Object to processing based on legitimate interests
Restrict: Limit how we process your data
Withdraw consent: For consent-based processing

To exercise your rights, contact us at: support@sitepolicy.co.uk

8. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

SSL/TLS encryption for data transmission
Secure hosting infrastructure
Access controls and authentication
Regular security monitoring

9. International Transfers

Your data may be transferred to and processed in countries outside the UK, including Finland (hosting). We ensure appropriate safeguards are in place for such transfers.

10. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or website notice.

12. Contact and Complaints

Data Protection Contact: support@sitepolicy.co.uk

If you're not satisfied with our response, you can lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk