Privacy Policy
Effective from:
1. Data controller
BlueDevLabs Ltd (company number 16700192) is the data controller responsible for the personal data collected through this website and in the course of providing its services.
Registered office: 82A James Carter Road, Mildenhall, United Kingdom, IP28 7DE.
Contact: contact@bluedevlabs.com
2. Personal data we collect
- Contact data. Name, email address, telephone number, and message content submitted through our contact form or direct correspondence.
- Technical data. IP address, browser type, operating system, and basic usage data collected automatically when you visit this website, used for security monitoring and service improvement.
- Client and project data. Where a client relationship is established: project requirements, deliverables, correspondence, access credentials provided to us, and billing information necessary for the performance of the contract.
3. Purposes of processing
We process personal data for the following purposes:
- To respond to enquiries and provide quotations.
- To deliver, maintain, secure, and improve our services.
- To manage billing, invoicing, and client relationships.
- To comply with applicable legal and regulatory obligations, including tax and audit requirements.
- To detect, prevent, and investigate security incidents and fraudulent activity.
4. Lawful bases for processing (UK GDPR)
- Performance of a contract. Processing necessary to provide services to you or to take steps at your request prior to entering into a contract (Article 6(1)(b)).
- Legitimate interests. Processing necessary for the purposes of our legitimate interests, including securing our systems, preventing abuse, and improving the quality of our services, provided such interests are not overridden by your rights and freedoms (Article 6(1)(f)).
- Consent. Where we rely on your consent (for example, in relation to any future marketing communications), you may withdraw that consent at any time (Article 6(1)(a)).
- Legal obligation. Processing necessary for compliance with a legal obligation to which we are subject, including record-keeping and fraud prevention (Article 6(1)(c)).
5. Data retention
Enquiry data is retained for a maximum of 24 months from the date of last correspondence. Client and project records are retained for as long as reasonably necessary to fulfil our contractual obligations and to comply with applicable legal and regulatory requirements. Server and access logs are retained for limited periods and used solely for security and diagnostic purposes.
6. Data sharing and disclosure
We may share personal data with trusted third-party service providers who assist in the operation of our business (for example, email infrastructure, hosting, and payment processing), and only to the extent necessary for those purposes. All such providers are bound by appropriate contractual safeguards.
We do not sell, rent, or otherwise make personal data available to third parties for their own marketing purposes.
7. International transfers
Where personal data is transferred to a country outside the United Kingdom or the European Economic Area, we shall ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses approved by the relevant supervisory authority or reliance on an adequacy decision where applicable.
8. Your rights
Under the UK General Data Protection Regulation, you have the right to:
- Access the personal data we hold about you and obtain a copy.
- Rectification of inaccurate or incomplete personal data.
- Erasure of your personal data in certain circumstances.
- Restriction of processing in certain circumstances.
- Object to processing based on legitimate interests.
- Data portability in respect of data you have provided to us, where processing is based on consent or contract and carried out by automated means.
- Withdraw consent at any time, where processing is based on consent, without affecting the lawfulness of processing carried out prior to withdrawal.
To exercise any of these rights, please contact us at contact@bluedevlabs.com. We will respond within one calendar month in accordance with the statutory timeframe.
You also have the right to lodge a complaint with the Information Commissioner's Office (ico.org.uk) if you believe your data protection rights have been infringed.
9. Cookies and analytics
This website currently uses minimal tracking. Should we introduce analytics or marketing cookies in the future, this policy will be updated accordingly and, where required by law, a consent mechanism will be presented to you prior to the placement of non-essential cookies.
10. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction. These measures include, where appropriate, encryption in transit, access controls, regular security audits, and the principle of least privilege. No method of electronic transmission or storage can be guaranteed to be fully secure; however, we are committed to maintaining a high standard of data protection.
11. Children
Our website and services are directed at businesses and organisations. We do not knowingly collect or process personal data relating to children under the age of 13. If we become aware that such data has been collected without appropriate parental consent, we will take prompt steps to delete it.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The revised policy will be published on this page and the effective date updated accordingly. We encourage you to review this page periodically.
13. Contact
BlueDevLabs Ltd
Company number: 16700192
Registered office: 82A James Carter Road, Mildenhall, United Kingdom, IP28 7DE
Email: contact@bluedevlabs.com
This Privacy Policy is provided for general informational purposes and does not constitute legal advice or create any contractual or other legal rights.