Privacy Policy

1. Introduction

Welcome to AppWebVision. We are APP Web Vision LTD, a Limited Company registered in the United Kingdom (16327327), specializing in creating websites from scratch. Our registered office is at 20 Wenlock Road, London, N1 7GU ,England. Our website is appwebvision.com.

This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (appwebvision.com), contact us, or engage our web development services. We are committed to protecting your privacy in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and other relevant UK privacy laws.

Please read this privacy policy carefully. By using our website or services, you acknowledge that you have read, understood, and agree to the practices described in this policy.

2. Data Controller

For the purposes of UK data protection law, the data controller responsible for processing your personal data is:

APP Web Vision LTD

20 Wenlock Road, London, N1 7GU ,England
UK Company Registration Number: 16327327
Email for Privacy Inquiries: [privacy@appwebvision.com]
Website: appwebvision.com

3. What Personal Data We Collect

“Personal Data” means any information relating to an identified or identifiable living individual. We may collect the following types of personal data:

• Information You Provide Directly:
  • Contact Information: Your name, email address, phone number, company name, and job title when you fill out contact forms, request quotes, subscribe to communications, or interact with us.
  • Project Information: Details and specific requirements related to potential or ongoing web development projects you discuss with us.
  • Client Information: Business address, billing details, VAT number (if applicable), and other relevant information required to establish and manage our client relationship and fulfill contractual obligations.
  • Payment Information: Necessary information to process payments for our services, such as bank details for transfers or information required by our payment processor (see Section 7). We do not directly store full credit/debit card numbers on our servers if processed via a third party like Stripe.
• Information Collected Automatically:
  • Usage Data: When you visit appwebvision.com, we may automatically collect technical information about your equipment, browsing actions, and patterns. This includes your IP address, browser type and version, time zone setting and location, operating system and platform, pages viewed, time spent, and referring URLs. This is often collected using cookies and similar technologies (see Section 12).
  • Device Information: Data about the device used to access our website.

We do not actively seek to collect “special category data” (as defined by UK GDPR, e.g., data revealing racial or ethnic origin, political opinions, religious beliefs, health data, trade union membership, genetic/biometric data, sex life/sexual orientation) unless necessary for a specific service requested by you (e.g., accessibility features in a website build) and only with your explicit consent or as permitted by law.

4. How We Use Your Personal Data

We use the personal data we collect only for specific, explicit, and legitimate purposes, and only where we have a lawful basis to do so under UK GDPR:

• To Operate and Maintain Our Website: Ensuring appwebvision.com functions correctly, securely, and efficiently. (Lawful basis: Legitimate Interests)
• To Respond to Your Inquiries: Providing information about our services, sending quotes, and answering your questions. (Lawful basis: Legitimate Interests to respond; taking steps at your request prior to entering a contract)
• To Provide Web Development Services: Fulfilling our contractual obligations to clients, including project planning, execution, communication, and support. (Lawful basis: Performance of a Contract)
• Client Relationship Management: Managing our interactions with clients, including administrative communications and project updates. (Lawful basis: Performance of a Contract; Legitimate Interests)
• Billing and Payment Processing: Issuing invoices, processing payments for services rendered, and managing accounts. (Lawful basis: Performance of a Contract; Legal Obligation for financial records)
• Marketing and Communications (with Consent): Sending newsletters, service updates, or promotional content via email or other channels, only if you have explicitly consented (opted-in) to receive such communications. (Lawful basis: Consent). You may withdraw your consent (opt-out) at any time.
• Website Improvement: Analyzing usage data to understand how visitors interact with our website, allowing us to improve user experience, content, and service offerings. (Lawful basis: Legitimate Interests)
• Legal and Regulatory Compliance: Complying with applicable UK laws, regulations, and legal processes, including tax obligations (HMRC), company law, and responding to lawful requests from authorities. (Lawful basis: Legal Obligation)
• Security and Fraud Prevention: Protecting our website, systems, clients, and users from security threats, fraud, or other malicious activities. (Lawful basis: Legitimate Interests)

5. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR to process your personal data:

• Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing emails, non-essential cookies).
• Contract: Where processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
• Legal Obligation: Where processing is necessary for us to comply with the law (not including contractual obligations).
• Legitimate Interests: Where processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests. We conduct balancing tests for processing based on legitimate interests.

6. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements under UK law.

• Website Analytics Data: Generally retained in an anonymised or aggregated form for 1 Year.
• Contact/Inquiry Data: Retained for 1 Year after the last interaction if no contract results, unless needed for legal reasons.
• Client Project and Billing Data: Retained for the duration of the client relationship and thereafter for the period required by UK law (e.g., financial records typically need to be kept for 6 years after the end of the relevant financial year).

When data is no longer needed, we will securely destroy, delete, or anonymise it.

7. Data Sharing and Third Parties

We do not sell your personal data. We may share your personal data with the following categories of trusted third parties where necessary for the purposes outlined in Section 4 (How We Use Your Personal Data), ensuring appropriate data protection agreements (DPAs) or terms are in place where they act as our data processors:

• Service Providers: Companies assisting us with our business operations:
  • Website Hosting and Email Services:
    • Hostinger International Ltd. (Provides website hosting And Domain Names and potentially email services for appwebvision.co).
    • O2switch (o2switch.fr) (Provides website hosting and email services). 
  • Professional Advisors: Our lawyers, accountants, bankers, and insurers based in the UK, providing consultancy, banking, legal, insurance, and accounting services as necessary for our business operations.
• Payment Processors: To facilitate payments for our services:
  • Stripe Payments UK, Ltd. (Planned for future implementation): For processing credit/debit card payments, often via online invoices. When implemented, their privacy policy will apply, available at: https://stripe.com/gb/privacy
  • PayPal (Europe) S.à r.l. et Cie, S.C.A. (Based in Luxembourg): For processing payments made via PayPal accounts. Their privacy policy is available at: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full
  • Wise Payments Limited (Based in the UK): For processing or receiving direct bank transfers internationally. Their privacy policy is available at: https://wise.com/gb/legal/privacy-policy
  • (We may also receive direct bank transfers via standard UK banking systems, involving our bank as a necessary processor).
• Subcontractors: Specialist subcontractors (e.g., freelance developers or designers) we may engage for specific project tasks, under strict contractual obligations regarding data confidentiality and security.
• HM Revenue & Customs (HMRC), Regulators, and other Authorities: Acting as processors or independent controllers based in the United Kingdom who require reporting of processing activities in certain circumstances or compliance with other legal obligations.
• Business Transfers: Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

8. International Data Transfers

Some of our external third-party service providers may be based outside the UK (including the EU/EEA or the USA). This means that processing your personal data may involve transferring it outside the UK.

Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

• We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Secretary of State (this currently includes the EU/EEA countries).
• Where we use certain service providers, we may use specific contracts approved by the UK for use in the UK which give personal data the same protection it has in the UK (e.g., the UK’s International Data Transfer Agreement or Addendum to the EU SCCs).
• For transfers to the US, we may rely on providers certified under the UK Extension to the EU-US Data Privacy Framework (where applicable) or use the UK-approved contracts mentioned above.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.

9. Data Security

We have implemented appropriate technical and organisational security measures designed to prevent your personal data from being accidentally lost, used, accessed in an unauthorised way, altered, or disclosed. These measures include access controls, data encryption, staff training, and incident response plans. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.

We have procedures to deal with any suspected personal data breach and will notify you and the ICO of a breach where we are legally required to do so.

10. Your Rights Under UK Law

Under UK data protection law, you have rights regarding your personal data:

• Right of Access: To request copies of your personal data.
• Right to Rectification: To request correction of inaccurate personal data and completion of incomplete data.
• Right to Erasure (‘Right to be Forgotten’): To request deletion or removal of your personal data where there is no compelling reason for its continued processing.
• Right to Restrict Processing: To request the suspension of processing your personal data in certain circumstances.
• Right to Data Portability: To request the transfer of your personal data to you or a third party in a structured, commonly used, machine-readable format (applies to data processed by automated means based on consent or contract).
• Right to Object: To object to the processing of your personal data where we are relying on legitimate interests (or those of a third party). You have an absolute right to object to processing for direct marketing purposes.
• Rights related to Automated Decision Making and Profiling: To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you (we do not currently conduct such processing).

11. How to Exercise Your Rights

To exercise any of these rights, please contact us using the details in Section 2 (Data Controller). You will not usually have to pay a fee to access your personal data or exercise other rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We may need to request specific information from you to help us confirm your identity. We try to respond to all legitimate requests within one month.

You also have the right to lodge a complaint at any time with the UK supervisory authority for data protection issues, the Information Commissioner’s Office (ICO) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

12. Cookies and Tracking Technologies

Our website, appwebvision.com, uses cookies. Cookies are small text files placed on your device when you visit. We use essential cookies that are necessary for the website to function correctly, such as managing user sessions and ensuring security.

We comply with the UK’s Privacy and Electronic Communications Regulations (PECR). As essential cookies are necessary for the site to operate, they do not require your prior consent under PECR.

You can control and block cookies more generally through your internet browser’s settings. Please refer to your browser’s help documentation for instructions. However, please be aware that blocking the essential cookies we use may prevent parts of our website from working correctly.

13. Children’s Privacy

Our services and website are not intended for children under the age of 13, and we do not knowingly collect personal data relating to children under 13. If you believe we have inadvertently collected data from a child under 13, please contact us immediately so we can take appropriate steps to delete it.

14. Links to Other Websites

Our website may contain links to external sites not operated by us. If you click on a third-party link, you will be directed to that site. We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

15. Changes to This Privacy Policy

We keep our privacy policy under regular review. Any changes we make will be posted on this page and, where appropriate, notified to you (e.g., by email if you are a client or subscriber). The date this policy was last updated is shown at the top. We encourage you to review this policy periodically.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us:By Email: [privacy@appwebvision.com]
By Post:
APP Web Vision
20 Wenlock Road, London, N1 7GU ,England