← Back to homepage

Privacy Policy

1. Introduction

SitePolicy.co.uk ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard your information when you use our website and services.

Data Controller: Nikita Usatov (trading as SitePolicy.co.uk)
Contact: support@sitepolicy.co.uk

2. Information We Collect

2.1 Company Information

When you use our legal document generation service, we collect:

• Company name and registration details
• Registered address and trading address
• Director/owner information
• Website URL and business description
• Contact details (email, phone)
• Data Protection Officer details (if applicable)

2.2 Technical Information

• IP address and location data
• Browser type and version
• Device information
• Pages visited and time spent
• Referral source

2.3 Cookies

We use essential cookies for website functionality. We do not use advertising or tracking cookies.

3. How We Use Your Information

We use your personal data for:

• Generating customised legal documents
• Processing payments through Creem.io (our Merchant of Record)
• Providing customer support
• Improving our services
• Complying with legal obligations
• Fraud prevention and security

4. Legal Basis for Processing

We process your data based on:

• Contract performance: To deliver the legal documents you've purchased
• Legitimate interests: For business operations, fraud prevention, and service improvement
• Legal obligation: To comply with tax, accounting, and regulatory requirements
• Consent: For marketing communications (opt-in only)

5. Data Sharing and Third Parties

5.1 Creem.io (Payment Processor)

Payments are processed by Creem.io, who acts as our Merchant of Record. They handle all payment data securely and independently. See Creem.io's Privacy Policy.

5.2 Other Service Providers

• Web hosting (FirstVDS/Servers.com)
• Email services (for customer communications)
• Companies House API (for company data lookup)

We never sell your personal data to third parties.

6. Data Retention

We retain your data for:

• Company data: 7 years (for accounting and legal compliance)
• Website analytics: 2 years
• Marketing data: Until you unsubscribe
• Support communications: 3 years

7. Your Rights

Under UK GDPR, you have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data
• Portability: Receive your data in a machine-readable format
• Object: Object to processing based on legitimate interests
• Restrict: Limit how we process your data
• Withdraw consent: For consent-based processing

To exercise your rights, contact us at: support@sitepolicy.co.uk

8. Data Security

We implement appropriate technical and organisational measures to protect your data, including:

• SSL/TLS encryption for data transmission
• Secure hosting infrastructure
• Access controls and authentication
• Regular security monitoring

9. International Transfers

Your data may be transferred to and processed in countries outside the UK/EEA, including the Netherlands (hosting). We ensure appropriate safeguards are in place for such transfers.

10. Children's Privacy

Our services are not directed at children under 16. We do not knowingly collect personal data from children.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or website notice.

12. Contact and Complaints

Data Protection Contact: support@sitepolicy.co.uk

If you're not satisfied with our response, you can lodge a complaint with the Information Commissioner's Office (ICO): ico.org.uk