This policy was last reviewed and updated on June 30, 2025. Please read it carefully before using our services.
Section 01
Information We Collect
We collect information to provide better services to our clients and improve our digital solutions. The types of information we collect include:
- Personal Identification: Name, email address, phone number, company name, and job title when you contact us or request our services.
- Usage Data: IP address, browser type, pages visited, time spent on pages, and referring URLs through standard server logs and analytics tools.
- Communication Data: Messages, project briefs, and correspondence you send through our contact forms or email.
- Technical Data: Device information, operating system, and network provider to ensure compatibility of our services.
- Cookie Data: Session identifiers and preferences stored via cookies and similar tracking technologies.
Section 02
How We Use Your Information
LammastideIT uses the collected information for the following purposes:
- To provide, operate, and maintain our IT services and solutions.
- To respond to inquiries, support requests, and project proposals.
- To send service-related communications including project updates, invoices, and technical notifications.
- To improve our website, services, and user experience through analytics and feedback.
- To send newsletters and marketing communications only where you have given explicit consent.
- To comply with legal obligations and resolve disputes.
- To detect and prevent fraudulent activity, security incidents, or technical errors.
We will never sell, rent, or trade your personal information to third parties for their marketing purposes.
Section 04
Data Sharing & Third Parties
We may share your personal information in limited circumstances with trusted partners to operate our business:
- Service Providers: Cloud hosting (e.g. AWS, Vercel), analytics tools (e.g. Google Analytics), and email services that process data on our behalf under strict data processing agreements.
- Business Partners: Where a project is delivered in collaboration with vetted partners, only the minimum necessary information will be shared.
- Legal Requirements: If required to comply with applicable law, court orders, or government requests.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
Section 05
Data Security
We implement industry-standard security measures to protect your personal information against unauthorised access, alteration, or disclosure:
- TLS/SSL encryption for all data transmitted via our website.
- Access controls ensuring only authorised team members can access client data.
- Regular security audits, vulnerability assessments, and software updates.
- Secure cloud infrastructure with industry-leading providers including automated backups.
- Employee training on data handling best practices and security awareness.
While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We encourage you to use strong passwords and to notify us immediately if you believe your account has been compromised.
Section 06
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law:
- Client project data is retained for 5 years following project completion for legal and accounting purposes.
- Contact inquiries are retained for up to 2 years unless you request earlier deletion.
- Newsletter subscribers data is held until unsubscription.
- Analytics data is anonymised after 26 months per our analytics provider settings.
You may request deletion of your personal data at any time by contacting us. We will fulfil such requests within 30 days except where retention is required by law.
Section 07
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data ("right to be forgotten").
- Restriction: Request that we limit the processing of your data in certain circumstances.
- Portability: Receive your data in a structured, machine-readable format.
- Objection: Object to processing based on legitimate interests or direct marketing.
- Withdraw Consent: Withdraw consent at any time where processing is based on consent.
To exercise any of these rights, please contact us using the details in the section below. We will respond within 30 calendar days.
Section 08
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page.
- Notify active clients via email where the changes materially affect how we use their data.
- Display a notice on our website for significant changes.
We encourage you to review this policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.
Questions About Our Privacy Policy?
If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please do not hesitate to reach out to us. We aim to respond within 2 business days.
