Get in Touch

Privacy Policy

Last Updated: 14 July 2025

Table of Contents

  1. Introduction
  2. Information We Collect
  3. How We Use Your Information
  4. Legal Basis for Processing
  5. Data Retention
  6. Data Sharing and Third Parties
  7. Cookies and Similar Technologies
  8. Your Rights
  9. Data Security
  10. International Data Transfers
  11. Children’s Privacy
  12. Changes to This Privacy Policy
  13. Contact Us

1. Introduction

Lean Webs (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website leanwebs.com (the “Site”) or use our services.

We are a data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This means we determine the purposes and means of processing your personal data.

Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Site or use our services.

2. Information We Collect

2.1 Personal Data You Provide to Us

We may collect personal data that you voluntarily provide to us when you:

  • Contact us: When you complete our contact form, we collect your name, email address, and any other information you choose to provide in your message.
  • Subscribe to our newsletter: When you subscribe to our newsletter, we collect your email address.
  • Request a service: When you request our services, we may collect your name, email address, telephone number, company name, website URL, and details about your project requirements.
  • Create an account: If you create an account on our Site, we collect your name, email address, and password.
  • Make a purchase: When you make a purchase, we collect your name, email address, billing address, and payment information (though we do not store complete payment card details).

2.2 Information Automatically Collected

When you visit our Site, we may automatically collect certain information about your device and usage patterns, including:

  • Device information: IP address, browser type and version, operating system, device type, and screen resolution.
  • Usage data: Pages visited, time spent on pages, referring website addresses, and other browsing patterns.
  • Location data: General location based on IP address (country and city level only).

This information is collected using cookies and similar technologies. For more details, please see our Cookie Policy.

3. How We Use Your Information

We use the information we collect for various purposes, including:

  • Providing our services: To deliver the services you request, manage your account, process payments, and fulfill our contractual obligations.
  • Communication: To respond to your inquiries, send service updates, and provide customer support.
  • Marketing: With your consent, to send newsletters, promotional materials, and other information that may be of interest to you. You can opt out of these communications at any time.
  • Improving our Site and services: To analyse usage patterns, diagnose technical problems, and enhance the user experience.
  • Legal compliance: To comply with applicable laws, regulations, and legal processes.
  • Security: To protect our Site, services, and users from fraud, unauthorised access, and other security threats.

Under the UK GDPR, we process your personal data based on one or more of the following legal grounds:

  • Consent: When you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications).
  • Contract: When processing is necessary for the performance of a contract with you (e.g., providing our services) or to take steps at your request before entering into a contract.
  • Legitimate interests: When processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms (e.g., improving our services, preventing fraud).
  • Legal obligation: When processing is necessary to comply with a legal obligation to which we are subject.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. The specific retention periods vary depending on the type of data:

  • Account information: Retained until you request deletion of your account, after which it will be anonymised or deleted within 30 days.
  • Contact form submissions: Retained for up to 2 years from the date of submission.
  • Newsletter subscriptions: Retained until you unsubscribe.
  • Transaction data: Retained for 7 years for tax and accounting purposes.
  • Usage data: Retained for up to 26 months in an anonymised form for analytical purposes.

When personal data is no longer needed, we will securely delete or anonymise it.

6. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

6.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

  • Email service providers: For sending newsletters and transactional emails (e.g., Mailchimp).
  • Payment processors: For processing payments (e.g., Stripe, PayPal).
  • Analytics providers: For analysing website usage (e.g., Google Analytics).
  • Hosting providers: For website hosting and cloud storage.
  • Customer relationship management (CRM) systems: For managing client relationships.

These service providers are contractually obligated to use your personal data only as directed by us and in accordance with this Privacy Policy.

We may disclose your information if required to do so by law or in response to valid requests from public authorities (e.g., a court or government agency).

6.3 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Site of any change in ownership or uses of your personal data.

We may share your information with other third parties with your explicit consent.

7. Cookies and Similar Technologies

Our Site uses cookies and similar tracking technologies to collect information about your browsing activities. Cookies are small text files stored on your device that help us provide and improve our services.

7.1 Types of Cookies We Use

  • Essential cookies: Necessary for the Site to function properly. These cannot be disabled.
  • Analytical/performance cookies: Help us understand how visitors interact with our Site by collecting and reporting information anonymously.
  • Functionality cookies: Enable the Site to provide enhanced functionality and personalisation.
  • Targeting cookies: Record your visit to our Site, the pages you have visited, and the links you have followed to deliver more relevant content.

For detailed information about the specific cookies we use, their purposes, and how to manage them, please see our Cookie Policy.

8. Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

  • Right to be informed: You have the right to be informed about how we collect and use your personal data.
  • Right of access: You have the right to request copies of your personal data that we hold.
  • Right to rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
  • Right to erasure: You have the right to request that we delete your personal data in certain circumstances.
  • Right to restrict processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability: You have the right to request that we transfer your personal data to another organisation or directly to you.
  • Right to object: You have the right to object to our processing of your personal data in certain circumstances, including for direct marketing purposes.
  • Rights related to automated decision-making and profiling: You have rights related to how we use your personal data for automated decision-making and profiling.

To exercise any of these rights, please contact us using the details provided in the “Contact Us” section. We will respond to your request within one month.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

9. Data Security

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include:

  • Encryption of sensitive data
  • Regular security assessments
  • Access controls and authentication procedures
  • Secure data storage and transmission
  • Staff training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

10. International Data Transfers

We may transfer your personal data to countries outside the UK, including to countries that may not provide the same level of data protection as the UK. When we do so, we ensure appropriate safeguards are in place to protect your personal data, such as:

  • Transferring to countries that have been deemed to provide an adequate level of protection by the UK government
  • Using specific contracts approved by the UK government that give personal data the same protection it has in the UK (UK Standard Contractual Clauses)
  • Transferring to organisations that are part of approved certification schemes

For more information about these safeguards, please contact us using the details provided in the “Contact Us” section.

11. Children’s Privacy

Our Site and services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe that your child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The updated version will be indicated by an updated “Last Updated” date at the top of this Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If we make material changes to this Privacy Policy, we will notify you either through the email address you have provided or by placing a prominent notice on our Site.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Lean Webs
Email: hello@leanwebs.com
Website: leanwebs.com
Response Time: Within 24-48 hours