Privacy Policy.
Flitzen Technologies UK Limited ("Flitzen", "we", "us" or "our") is committed to protecting your privacy and personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy explains how we collect, use, store and disclose your personal information when you use our website, services, or interact with us. We are a UK-based IT consultancy providing bespoke software development, web development, mobile applications, AI implementation and related technology services. By using our services, you consent to the practices described here. If you do not agree with this policy, please do not use our services.
Information we collect
We collect information you provide directly to us, such as when you contact us, request a quote, subscribe to our newsletter, or use our services. This may include your name, email address, phone number, company name, job title, project details, budget information, and any other information you choose to share with us.
We also automatically collect certain technical information when you visit our website, including your IP address, browser type, device information, operating system, pages visited, time spent on pages, referral sources and click patterns. We use cookies and similar tracking technologies (such as web beacons and pixels) to enhance your experience, analyse site usage and improve our services.
If you are a client, we collect information necessary to deliver our services, including project briefs, business requirements, login credentials you provide for systems we develop or maintain, payment information, contract details, and all communications relating to your projects. We process this data under our legitimate business interests, contractual obligations and legal compliance requirements under UK GDPR Article 6(1)(b), (c) and (f).
How we use & retain your data
We use your information to respond to enquiries and provide quotations, deliver our IT consultancy and development services, process payments and manage contracts, send relevant business communications, improve our website and services through analytics, comply with legal and regulatory obligations, protect our legal rights and prevent fraud, and for marketing purposes where you have consented. We retain your data only for as long as necessary to fulfil these purposes or as required by UK law.
- Enquiry & quotation correspondenceUp to 3 years
- Client project dataProject duration + 7 years
- Marketing preferencesUntil you unsubscribe
- Website analyticsAnonymised, up to 26 months
- Financial records7 years (Companies Act & HMRC)
Your rights
Under UK GDPR and the Data Protection Act 2018 you have the right to be informed (this policy), the right of access to your personal data, the right to rectification of inaccurate data, the right to erasure ("right to be forgotten") where applicable, the right to restrict processing, the right to data portability, the right to object to processing, and rights related to automated decision-making.
To exercise any of these rights, contact us at hello@flitzen.co.uk and we will respond within one month. You may also lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113 if you believe we have not handled your data properly.
Data security & disclosure
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction, in accordance with UK GDPR Article 32. This includes SSL/TLS encryption in transit, encryption at rest for sensitive data, access controls and authentication, regular security audits and vulnerability assessments, secure hosting with UK/EU-based providers, staff training and incident response procedures. In the event of a data breach that poses a risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals without undue delay. We do not sell your personal information to third parties.
We may disclose your information to trusted third parties who assist us in operating our business, including cloud hosting providers (such as AWS, Google Cloud or Microsoft Azure), payment processors (such as Stripe or PayPal), email service providers, analytics services, CRM systems, and legal and accounting advisers. All third parties are bound by strict confidentiality obligations and data processing agreements compliant with UK GDPR. We may also disclose data where required by law, court order or regulatory authority, or to protect our legal rights, property or safety.
International transfers & updates
Data may be processed within the UK and the European Economic Area (EEA). Where we transfer data outside these regions (for example, to service providers in the United States), we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, or adequacy decisions. We do not transfer personal data to countries without adequate data protection laws unless appropriate safeguards are implemented.
This policy may be updated from time to time to reflect changes in our practices or legal requirements; the revised version will be posted on this page with an updated date. We encourage you to review it periodically.
Contact us
For any questions about this Privacy Policy, or to exercise your data protection rights, contact our Data Protection Officer:
12 Old Bond Street, Mayfair, London W1S 4PW, United Kingdom