Privacy Policy

Effective Date: June 2025

Last Updated: April 2026

Welcome to Lightecom Consulting. We provide e-commerce consulting services and are committed to protecting your personal data. This policy explains how we handle your information when you visit https://lightecom.co.uk/ or engage our services.

1. Information We Collect

We collect and process the following types of personal data:

  • a. Information You Provide: Name, email address, phone number, and company details provided via contact forms or during consultations.

  • b. Identity Verification Data: To comply with professional standards and contract onboarding, we may collect images of government-issued identification (e.g., passports, ID documents), personal and business bank statements, company-related documentation, etc.

  • c. Automatically Collected Data: IP address, browser type, and usage data collected via cookies and analytics to improve our website experience.

  • d. Billing Data: Payment details and billing addresses for transaction processing.

2. How We Use Your Data

We process your data based on Contractual Necessity and Legitimate Interests:

  • To provide and manage our consulting services.

  • To verify your identity for secure onboarding and fraud prevention.

  • To communicate regarding projects, updates, and inquiries.

  • To process payments and maintain financial records.

  • To comply with UK legal and regulatory obligations.

3. How We Store and Protect Your Data

  • a. Storage & Third Parties: We use secure, industry-leading tools like Pipedrive CRM to manage client data. All third-party providers are vetted for GDPR compliance and operate under Data Processing Addendums (DPAs).

  • b. Security Measures: We employ high-level security including Multi-Factor Authentication (MFA), encryption for data at rest and in transit, and strictly controlled access.

  • c. Data Location: Data is stored within the UK and EEA. If data is transferred outside these zones, we ensure Standard Contractual Clauses (SCCs) are in place.

4. Data Retention (How long we keep it)

We do not keep data “just in case.” Our retention rules are:

  • Identity Documents (Passports): Once identity is verified for onboarding, and we do not have the legitimate need to store the image file for the purpose of completing your case, it is deleted from our CRM within 30 days, unless a specific legal or insurance requirement dictates otherwise.

  • General Client Files: Retained for the duration of our contract plus 6 years to comply with UK tax and limitation laws.

  • Marketing Data: Retained until you unsubscribe or request erasure.

5. Your Rights

Under UK and EU GDPR, you have the following rights:

  • Access & Portability: Request a copy of your data.

  • Rectification: Correct inaccurate data.

  • Erasure: Request we delete your data (subject to legal record-keeping requirements).

  • Object/Restrict: Stop or limit certain types of processing.

To exercise these rights, please contact us using the form at the bottom of our website.

6. Cookies

We use cookies to enhance your experience. Necessary cookies are enabled by default; analytics and preference cookies can be managed via our on-site cookie banner.

7. Contact Us

For any privacy-related questions, please contact the Data Controller at Lightecom Consulting via the contact form on our website or at our registered business address.

    Name