VERGEIT LTD
About Services Work Contact
About Services Work Contact
Return to Homepage

Privacy Policy

VERGEIT LTD · Last updated: 1 June 2024 · Effective from: 1 June 2024

Privacy Policy Cookie Policy Terms of Service Terms & Conditions

This Privacy Policy describes how VERGEIT LTD ("VERGEIT", "we", "us" or "our") collects, uses, discloses and safeguards personal information when you visit our website at vergeit.work, contact us regarding our services, engage with us as a client, or otherwise interact with our business. We are committed to protecting your personal data and operating in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Please read this Privacy Policy carefully before using our website or providing us with any personal information. By using our website or engaging with our services, you confirm that you have read and understood this policy. If you do not agree with the terms of this Privacy Policy, please refrain from using our website or providing us with personal information.

1. Who We Are

VERGEIT LTD is a company registered in England and Wales, trading as a software development and engineering consultancy. Our registered office and principal place of business is at Flat 95, Samuel Jones Court, Blakes Road, London, SE15 6FJ, United Kingdom.

For the purposes of UK GDPR and the Data Protection Act 2018, VERGEIT LTD is the data controller in respect of personal data collected through our website and in the course of our business activities. This means we are responsible for determining the purposes and means of processing your personal data.

You can contact our data controller at: Pilpil2Fernando@vergeit.work or by post to the address above.

We are required to register with the Information Commissioner's Office (ICO) as a data controller. If you have concerns about our data handling practices that we are unable to resolve, you have the right to contact the ICO at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, or by visiting ico.org.uk.

2. Information We Collect

We collect personal data in various ways depending on how you interact with us. The following describes the categories of personal data we may collect:

2.1 Information You Provide Directly

When you complete the contact form on our website, enquire about our services, enter into a client agreement with us, or otherwise communicate with us, you may provide us with:

  • Your full name and any professional title or role
  • Your email address and telephone number
  • The name and address of the business or organisation you represent
  • The content of messages, enquiries, project descriptions or requests you send to us
  • Billing and payment information where applicable in the course of a commercial engagement
  • Any other information you choose to include in correspondence with us

2.2 Information Collected Automatically

When you visit our website, certain technical information is collected automatically by our web infrastructure and third-party analytics tools. This may include:

  • Your IP address and approximate geographic location derived from it
  • The type of device, operating system and browser you are using
  • The date, time and duration of your visit
  • The pages of our website you view and the links you click
  • The website or search query that referred you to our website
  • Technical performance data relating to your browsing session

2.3 Information From Third Parties

We may receive personal data about you from third parties in limited circumstances, including where you are referred to us by an existing client, where your employer or business representative engages us on your behalf, or where we conduct standard business due diligence through publicly available sources prior to entering into a commercial relationship.

2.4 Special Category Data

We do not intentionally collect special category personal data (such as health information, racial or ethnic origin, religious beliefs or political opinions) in the ordinary course of our business. If any such information is inadvertently included in communications with us, we will not process it for any purpose beyond responding to your communication and will delete it promptly.

3. Legal Basis for Processing

UK GDPR requires us to identify a lawful basis for each purpose for which we process personal data. We rely on the following legal bases:

3.1 Legitimate Interests

We process your personal data where it is necessary for the purposes of our legitimate interests as a business, provided those interests are not overridden by your rights and interests. Our legitimate interests include: responding to enquiries about our services, managing client relationships, developing and improving our services, and maintaining the security and functionality of our website. When we rely on legitimate interests, we carry out a balancing test to ensure our interests do not override your data protection rights.

3.2 Performance of a Contract

Where you engage us to provide software development or consultancy services, we process personal data to the extent necessary to perform the contract between us, including communication, project delivery, billing, and post-delivery support.

3.3 Compliance With a Legal Obligation

We may process your personal data where necessary to comply with legal obligations applicable to us, including obligations under tax law, employment law, and financial regulations.

3.4 Consent

Where we rely on consent as the lawful basis for processing (for example, in relation to certain marketing communications or the use of non-essential cookies), we will make the basis for doing so clear at the point of collection and provide you with the means to withdraw consent at any time.

4. How We Use Your Information

We use the personal data we collect for the following purposes:

  • Responding to your enquiries: When you contact us through our website or by other means, we use the information you provide to respond to your question or enquiry. This may include assessing the suitability of a project, providing information about our services, or routing your message to the appropriate member of our team.
  • Providing software development and consultancy services: Where you engage us as a client, we use your personal data and business information to deliver the services agreed in our contract, including project communication, technical delivery, testing, deployment and post-delivery support.
  • Contract management and administration: We use personal data for the administrative management of client engagements, including issuing proposals, contracts and invoices, processing payments, and managing project timelines and deliverables.
  • Business development: We may use information about previous or prospective engagements to understand our market, identify opportunities and develop our service offering. We do not share individual client information for marketing purposes without consent.
  • Service improvement: We use aggregated and anonymised data about how our website is used and how our projects are delivered to improve the quality and relevance of our services.
  • Legal compliance: We may use and retain personal data to the extent required to comply with applicable legal and regulatory obligations, including retention of financial records, responding to lawful information requests from public authorities, and resolving disputes.
  • Security: We use technical information about website visitors to monitor for and protect against malicious activity, unauthorised access and other security threats.

5. How We Share Your Information

We do not sell personal data. We do not share personal data with third parties for their own marketing purposes. We may share personal data in the following limited circumstances:

5.1 Service Providers

We use a limited number of carefully selected third-party service providers who process personal data on our behalf as data processors. These include email and communication infrastructure providers, cloud hosting providers, website analytics services, and accounting software. All such providers are required to process personal data only on our instructions, to maintain appropriate security measures, and to comply with applicable data protection law.

5.2 Professional Advisors

We may share personal data with our legal advisors, accountants and other professional advisors where necessary in connection with legal proceedings, regulatory matters or the management of our business.

5.3 Business Transfers

In the event that VERGEIT LTD is involved in a merger, acquisition, restructuring or sale of assets, personal data held by us may be transferred as part of that transaction. We will notify affected individuals and provide information about any changes to data processing in connection with such an event.

5.4 Legal Requirements

We may disclose personal data where required to do so by applicable law, court order, or governmental or regulatory authority, or where we have a good-faith belief that such disclosure is necessary to protect our legal rights, comply with judicial proceedings, or respond to a lawful government request.

5.5 With Your Consent

We may share personal data in additional circumstances where you have given your explicit consent to such sharing.

6. International Data Transfers

VERGEIT LTD is based in the United Kingdom. Where we use third-party service providers that process data outside the UK, we ensure that appropriate safeguards are in place in accordance with UK GDPR requirements. These safeguards may include the use of the International Data Transfer Agreement (IDTA) approved by the UK ICO, adequacy decisions, or other lawful transfer mechanisms. Where we transfer data to the European Economic Area (EEA), the UK has recognised EEA countries as providing adequate protection. For transfers to other countries, we assess the protections available and apply appropriate safeguards.

7. Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, and in accordance with our legal obligations. Our general retention principles are as follows:

  • Enquiry and contact data: Where an enquiry does not result in a client engagement, we retain contact information for a period of up to twelve months to allow for follow-up, after which it is deleted unless you have consented to longer retention for marketing purposes.
  • Client engagement data: Personal data related to client engagements is retained for a minimum of six years following the completion of the engagement in accordance with UK tax and commercial law requirements. Certain categories of data may be retained for longer where required by specific regulatory obligations.
  • Financial and accounting records: We retain financial records for a minimum of six years as required by HMRC and applicable accounting standards.
  • Website analytics data: Aggregated and anonymised analytics data is retained for up to twenty-four months. Identifiable analytics data is subject to shorter retention periods consistent with our cookie policy.

Where data is no longer required for any purpose for which it was collected, it will be securely deleted or anonymised in accordance with our internal data management procedures.

8. Data Security

We implement appropriate technical and organisational security measures designed to protect your personal data against accidental or unlawful loss, alteration, unauthorised disclosure or access. These measures include:

  • Encryption of data in transit using Transport Layer Security (TLS)
  • Access controls limiting access to personal data to authorised personnel on a need-to-know basis
  • Regular review of our security practices and procedures
  • Contractual obligations on third-party processors to maintain appropriate security standards
  • Internal policies governing the handling, transmission and storage of personal data

Notwithstanding these measures, no method of electronic transmission or storage is entirely secure. We cannot guarantee the absolute security of information transmitted over the internet. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office in accordance with the requirements of UK GDPR.

9. Cookies

Our website uses cookies and similar tracking technologies. Cookies are small text files placed on your device when you visit a website. We use cookies for purposes including website functionality, performance measurement and user experience improvement. For detailed information about the cookies we use, the purposes for which they are used, and how to manage your cookie preferences, please see our Cookie Policy.

10. Your Rights

Under UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data. These rights are not absolute and may be subject to limitations in certain circumstances:

10.1 Right of Access

You have the right to obtain confirmation as to whether we are processing your personal data and, if so, to receive a copy of that data and supplementary information about how it is used. This is known as a Subject Access Request (SAR). We will respond to valid requests within one calendar month of receipt, though we may extend this by a further two months where requests are complex or numerous.

10.2 Right to Rectification

You have the right to require us to correct any inaccurate personal data we hold about you, and to complete any incomplete personal data. If you are aware that information we hold about you is inaccurate, please contact us at Pilpil2Fernando@vergeit.work and we will correct it promptly.

10.3 Right to Erasure

You have the right to request the deletion of your personal data where: the data is no longer necessary for the purpose for which it was collected; you withdraw consent (where processing was based on consent); you object to processing and there are no overriding legitimate grounds; the data has been processed unlawfully; or deletion is required to comply with a legal obligation. This right is subject to exceptions where retention is required by law or to exercise or defend legal claims.

10.4 Right to Restrict Processing

You have the right to request that we restrict the processing of your personal data in certain circumstances, including where you contest the accuracy of the data, where processing is unlawful but you prefer restriction to erasure, or where you have objected to processing pending verification of our legitimate grounds.

10.5 Right to Data Portability

Where processing is based on your consent or on the performance of a contract, and is carried out by automated means, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and to transmit that data to another data controller where technically feasible.

10.6 Right to Object

You have the right to object to the processing of your personal data where we rely on legitimate interests as the lawful basis for processing, including where we use data for direct marketing purposes. Where you object to direct marketing, we will cease such processing immediately. For other legitimate interests, we will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms.

10.7 Rights in Relation to Automated Decision-Making

You have the right not to be subject to a decision based solely on automated processing, including profiling, where that decision produces legal effects or similarly significant effects concerning you. We do not currently make decisions about individuals using solely automated processes.

10.8 How to Exercise Your Rights

To exercise any of the rights described above, please contact us at Pilpil2Fernando@vergeit.work, providing sufficient information to identify yourself and clearly describing the right you wish to exercise. We will respond within the timeframes required by applicable law. We may request additional information to verify your identity before processing your request, in order to protect against unauthorised access to personal data. We will not charge a fee for exercising your rights unless a request is manifestly unfounded or excessive.

11. Marketing Communications

We may occasionally send marketing communications to existing clients or prospective clients where we have a legitimate interest in doing so or where we have obtained your consent. You have the right to opt out of marketing communications at any time by contacting us at Pilpil2Fernando@vergeit.work or by following the unsubscribe instructions in any marketing email we send. Once you opt out, we will cease sending marketing communications within a reasonable time, and will update our records to reflect your preference.

12. Children's Privacy

Our website and services are not directed at children under the age of 18. We do not knowingly collect personal data from persons under the age of 18. If we become aware that we have inadvertently collected personal data from a person under 18, we will delete that information promptly. If you believe we may have collected information from a child, please contact us at Pilpil2Fernando@vergeit.work.

13. Third-Party Websites and Links

Our website may contain links to third-party websites. When you follow a link to a third-party website, you leave our website and our Privacy Policy ceases to apply. We have no control over third-party websites, their content or their data practices, and we are not responsible for their privacy policies. We encourage you to read the privacy policy of any website you visit via a link from our site.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. Where changes are material, we will notify you by updating the "Last updated" date at the top of this page and, where appropriate, by a more prominent notice on our website or by direct communication to affected individuals. Your continued use of our website following the posting of changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically to stay informed about how we handle your personal data.

15. Contact and Complaints

If you have any questions, concerns or requests regarding this Privacy Policy or our data processing practices, please contact us:

VERGEIT LTD
Flat 95, Samuel Jones Court
Blakes Road, London, SE15 6FJ
United Kingdom

Email: Pilpil2Fernando@vergeit.work
Telephone: +44 7998 6737

We are committed to resolving complaints about our collection or use of personal information. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

We would, however, appreciate the opportunity to address your concerns before you contact the ICO and ask that you contact us in the first instance.

16. Definitions

For the purposes of this Privacy Policy:

  • Personal data means any information relating to an identified or identifiable natural person ("data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  • Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Data processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
  • UK GDPR means the UK General Data Protection Regulation, being Regulation (EU) 2016/679 of the European Parliament and of the Council as it forms part of domestic law by virtue of section 3 of the European Union (Withdrawal) Act 2018, as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019.

© 2024 VERGEIT LTD. All rights reserved. Company registered in England and Wales.

Privacy Policy Cookie Policy Terms of Service Terms & Conditions Return to Site