This Privacy Policy explains how JSP Tech Ltd (“we,” “us,” or “our”) collects, uses, stores, shares, and protects your personal information when you visit our website jsptech.co.uk (the “Website”), use our services, or interact with us in other ways related to our business. We are committed to protecting your privacy and handling your data transparently and securely in accordance with UK data protection laws, including the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the recent Data (Use and Access) Act 2025.
This policy applies to all personal data we process about our website visitors, customers, prospective clients, and business contacts. It outlines your rights regarding your personal data and how you can exercise them.
Key Definitions:
“Personal Data”: Any information relating to an identifiable individual, such as name, email, IP address, or browsing data.
“Processing”: Any operation performed on personal data, including collection, storage, use, and deletion.
“Data Subject”: The individual to whom the personal data relates (you).
2. Information We Collect
We collect personal data that you provide directly and data collected automatically during your use of our Website.
2.1 Information You Provide Directly
You may provide us with personal data when you:
Submit an inquiry via our contact form, including your name, email address, phone number, company name, and the content of your message.
Sign up for our newsletter or marketing communications, providing your email address and optionally your name.
Engage our services, where we may collect business contact details, payment information, and project-related communications.
Apply for a job with us, submitting your CV, cover letter, and other application details.
2.2 Information Collected Automatically
When you browse our Website, we and our service providers may automatically collect certain technical information:
Device and Usage Information: Your IP address, browser type, operating system, referring URLs, pages viewed, links clicked, and the dates/times of your visits.
Location Data: General geographic location derived from your IP address.
Cookies and Similar Technologies: Data collected via cookies, web beacons, and other tracking technologies. For detailed information, please see our Cookie Policy (or the Cookies section below).
2.3 Information from Third Parties
We may receive limited information about you from publicly available sources or from trusted third-party service providers (like analytics providers) to help us supplement our records, improve the personalization of our service, and detect fraud.
3. Legal Basis and How We Use Your Information
We will only process your personal data when we have a valid legal basis to do so. The table below outlines our primary purposes for processing, the categories of data involved, and the corresponding legal bases under UK data protection law.
Purpose of Processing
Categories of Personal Data Used
Legal Basis for Processing
To respond to your inquiries and provide customer support.
Contact details, inquiry content.
Necessary for the performance of a contract or to take steps at your request prior to entering a contract.
To deliver our services, manage your account, and process payments.
Contact details, payment information, service communications.
Performance of a contract.
To send you marketing communications about our services, offers, and news (where you have consented).
Email address, name.
Your consent. You may withdraw consent at any time.
To analyze Website use, improve our content, and optimize user experience (via analytics cookies).
Device and usage information, cookie data.
Recognized legitimate interests (for low-risk analytics under the Data (Use and Access) Act 2025) or your consent where required.
To ensure network and information security, including fraud prevention.
IP address, device information, log data.
Recognized legitimate interests (e.g., cybersecurity) and compliance with legal obligations.
To comply with applicable laws, regulations, and legal requests.
Any relevant personal data we hold.
Compliance with a legal obligation.
The Data (Use and Access) Act 2025 introduces “recognized legitimate interests,” which provide a clear legal basis for specific, low-risk processing activities like certain security and fraud prevention measures without requiring a full balancing test. We rely on this basis where applicable.
4. How We Share Your Information
We do not sell, trade, or rent your personal data to third parties for their marketing purposes. We may share your data in the following limited circumstances:
With Service Providers: We engage trusted third-party companies to perform functions on our behalf, such as website hosting, data analysis, payment processing, and email delivery. These providers access personal data only to perform their tasks and are contractually obligated to protect it.
For Legal Reasons: We may disclose your information if required by law, to protect our rights or the safety of others, to investigate fraud, or to respond to a government request.
Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as a business asset.
With Your Consent: We may share information for other purposes with your explicit consent.
5. International Data Transfers
Your personal data is primarily processed within the United Kingdom (UK) and the European Economic Area (EEA). If we transfer your data to service providers in countries not deemed to have adequate data protection laws by UK standards, we will implement appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA), to ensure your data remains protected.
6. Data Security and Retention
6.1 How We Protect Your Data
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption (SSL), firewalls, access controls, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.
6.2 How Long We Keep Your Data
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. Our retention periods are based on:
The nature of the data and the purpose for processing.
Legal and contractual obligations that require us to keep data for a minimum period.
Your ongoing relationship with us (e.g., an active account).
The existence of a legitimate business need.
Once the retention period expires, we will securely delete or anonymize your personal data.
7. Your Rights and Choices
Under UK data protection law, you have several rights regarding your personal data. You can exercise these rights by contacting us using the details in Section 10.
Your Right
What It Means
Right of Access
You can request a copy of the personal data we hold about you (a “Subject Access Request”).
Right to Rectification
You can request correction of inaccurate or incomplete data.
Right to Erasure
You can request deletion of your data in specific circumstances (e.g., if it is no longer necessary for our purposes).
Right to Restrict Processing
You can request we temporarily stop processing your data under certain conditions.
Right to Data Portability
You can request a machine-readable copy of your data to transfer to another service provider (where applicable).
Right to Object
You can object to processing based on our legitimate interests or for direct marketing.
Rights related to Automated Decision-Making
You have the right not to be subject to a decision based solely on automated processing that produces significant effects, with certain exceptions.
Responding to Your Requests: We will respond to all legitimate requests within one month. The Data (Use and Access) Act 2025 allows us to “stop the clock” if we need clarification from you to fulfil a request. We may need to verify your identity before proceeding.
8. Cookies and Similar Tracking Technologies
Our Website uses cookies (small text files stored on your device) to distinguish you from other users. This helps us provide a better experience and improve our site.
Types of Cookies Used:
Essential Cookies: Necessary for the Website to function (e.g., security). These do not require consent.
Analytics/Performance Cookies: Help us understand how visitors interact with the site (e.g., Google Analytics). Under the new Data (Use and Access) Act 2025, explicit consent is no longer required for certain low-risk analytics cookies.
Functionality Cookies: Remember your preferences (e.g., language).
Targeting/Advertising Cookies: Used to deliver relevant ads (we only use these if you explicitly consent).
Managing Cookies: You can manage your cookie preferences at any time via our cookie consent banner or your browser settings. Note that disabling certain cookies may affect website functionality.
9. Policy Updates
We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other reasons. The “Last Updated” date at the top of this page will be revised accordingly. We encourage you to review this page periodically for the latest information on our privacy practices. Where changes are significant, we may notify you by email or through a prominent notice on our Website.
10. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:
