1. Introduction

AureyaTech Ltd ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose and safeguard your information when you visit our website https://aureyatech.com (the "Service").

We are a limited company registered in England and Wales under company number 16885618 (Registered in England and Wales). Our registered office is at 71-75 Shelton Street, London, Greater London,WC2H 9JQ, United Kingdom.

This Privacy Policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our Service.

2.1 Information You Provide to Us

When you contact us through our website, we may collect the following personal information:

• Name: Your full name as provided in contact forms
• Email Address: Your email address for communication purposes
• Message Content: Any messages, inquiries, or information you choose to share with us

2.2 Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and how you interact with our Service:

• Device Information: Browser type, device type, operating system
• Usage Data: Pages visited, time spent on pages, click patterns and navigation paths
• IP Address: Your Internet Protocol address (anonymised where possible)
• Cookies and Similar Technologies: Information stored through cookies and local storage (see Section 6 for details)

3. How We Use Your Information

We use the information we collect for the following purposes, based on our legitimate interests and your consent where required:

3.1 Service Provision

• To respond to your inquiries and provide customer support
• To process and manage your requests for our services
• To communicate with you about our services, including responding to your messages
• To send you important updates about our services or changes to this Privacy Policy

3.2 Website Improvement

• To analyse how our website is used and improve user experience
• To understand user preferences and optimise our content and services
• To monitor and analyse trends, usage and activities on our website
• To detect, prevent and address technical issues and security threats

3.3 Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

• Consent: When you provide explicit consent, such as accepting analytics cookies
• Legitimate Interests: To improve our services, ensure website security and communicate with you
• Contract Performance: To fulfil our obligations when you engage our services
• Legal Obligations: To comply with applicable laws and regulations

4. Sharing Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our website and conducting our business, including:

• Email Service Providers: We use Resend to send emails. Your name and email address may be processed by Resend in accordance with their privacy policy
• Analytics Providers: We use Plausible Analytics (when you consent) to understand website usage. Plausible is privacy-focused and does not use cookies or collect personal data
• Hosting Providers: Our website is hosted on Vercel, which may process technical data necessary for website operation

All service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred to the acquiring entity, subject to the same privacy protections.

5. Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

• Contact Form Data: We retain contact form submissions for up to 3 years after your last interaction with us, unless you request earlier deletion
• Cookie Consent: Your cookie preferences are stored in your browser's local storage for up to 12 months
• Analytics Data: Analytics data is aggregated and anonymised, retained according to our analytics provider's policies

When we no longer need your personal information, we will securely delete or anonymise it.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. You can control cookie preferences through our cookie consent banner.

6.1 Types of Cookies We Use

6.2 Managing Cookies

You can control and manage cookies in several ways:

• Use our cookie consent banner to choose between "Essential only" or "Accept all"
• Modify your browser settings to refuse cookies or alert you when cookies are being sent
• Clear your browser's cookies and local storage at any time

Please note that disabling essential cookies may affect the functionality of our website.

7. Your Rights Under UK GDPR

Under the UK GDPR and Data Protection Act 2018, you have the following rights regarding your personal data:

To exercise any of these rights, please contact us using the details provided in Section 9. We will respond to your request within one month, though this may be extended in complex cases.

8. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit using SSL/TLS protocols
• Secure hosting infrastructure with industry-standard security practices
• Regular security assessments and updates
• Limited access to personal data on a need-to-know basis
• Secure data storage and backup procedures

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security.

9. International Data Transfers

Some of our service providers may be located outside the UK and European Economic Area (EEA). When we transfer your personal data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the UK Information Commissioner's Office (ICO)
• Adequacy decisions recognising the recipient country's data protection standards
• Other appropriate safeguards as required by UK GDPR

By using our Service, you consent to the transfer of your information to these service providers as described in this Privacy Policy.

10. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately and we will delete such information from our records.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by:

• Posting the updated Privacy Policy on this page with a new "Last updated" date
• Notifying you via email if the changes significantly affect your rights

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority, if you believe we have not addressed your concerns adequately. You can contact the ICO at: