Privacy Policy
Effective Date: 11 February 2026 Last Updated: 11 February 2026
1. Introduction
SiteLynx Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you visit SiteLynx.com or use our services.
We process your data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data (Use and Access) Act 2025.
2. Who We Are (The Controller)
SiteLynx Ltd is the Data Controller responsible for your personal information.
• Legal Entity: SiteLynx Ltd
• Registered Address: 372 Old Street, Office 104, London, England, EC1V 9LT
• Privacy Email: privacy@sitelynx.com
• Data Protection Officer (DPO): Graham Hansell
If you have questions about how we handle your data, please contact our DPO or email us directly at the address above.
3. The Data We Collect
We collect personal data to provide our services, process payments, and improve your experience.
A. Data You Give Us (Direct Collection) When you register, purchase services, or contact us, you provide:
• Identity Data: Names.
• Contact Data: Email addresses.
• Financial Data: Billing addresses.
• Security Data: Passwords.
B. Data We Collect Automatically When you use our website, our tech stack automatically collects:
• Technical Data: IP addresses, device type, and browser type.
• Usage Data: Browsing history and location data.
C. Data We Infer (Profiling) We generate new data about you based on your interactions with us.
• Inferred Data: We analyse your browsing behaviour and form data within our CRM to infer your interest in specific SEO services. This allows us to tailor our communications to you.
We do not collect “Special Category Data” (such as health, race, or biometric data).
4. How and Why We Use Your Data
We will only use your personal data when the law allows us to. Most commonly, we use your data in the following circumstances:
| Purpose | Type of Data | Lawful Basis for Processing |
|---|---|---|
| To register you as a customer | Identity, Contact, Security | Performance of a Contract |
| To process your orders | Identity, Contact, Financial | Performance of a Contract |
| To improve our website (Analytics) | Technical, Usage | Legitimate Interests (to keep our website updated and relevant) |
| To manage payments | Financial, Identity | Performance of a Contract |
| Marketing & Advertising | Contact, Usage, Inferred | Consent (where required) or Legitimate Interests (for B2B marketing) |
Automated Decision Making & Profiling: We use automated systems (CRM) to profile your interests in SEO services. Under the Data (Use and Access) Act 2025, you have the right to request human intervention, express your point of view, and contest decisions based solely on automated processing.
5. Sharing Your Data
We share your personal data with trusted third-party service providers who support our operations. We require all third parties to respect the security of your data and to treat it in accordance with the law.
Service Providers:
• Payment Processing: Stripe
• Analytics & Advertising: Google (Analytics & Ads), Microsoft (Analytics & Ads), LinkedIn (Analytics & Ads), Reddit (Analytics & Ads).
Cookies & Tracking:
We use cookies to facilitate advertising on the platforms listed above. While the 2026 regulations allow some analytics cookies to be set without consent for purely statistical purposes, we use advertising cookies (Google, LinkedIn, Reddit), which require your explicit consent. You can manage your cookie preferences via our cookie banner.
6. International Data Transfers
We use service providers (such as Google and Stripe) that may store and process your data on servers located outside the United Kingdom, specifically in the United States and Europe.
To protect your data when it leaves the UK, we use the UK International Data Transfer Agreement (IDTA). This ensures that your data is afforded a standard of protection not materially lower than that required by UK law.
7. How Long We Keep Your Data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
• Account Data: Retained for as long as you have an active account, plus 6 years for tax purposes.
• Marketing Data: Retained for 14 months or until you opt out or withdraw consent.
8. Your Rights
Under the UK GDPR, you have the right to:
• Request access to your personal data (Subject Access Request).
• Request correction of your data.
• Request erasure of your data (“Right to be forgotten”).
• Object to processing (specifically for direct marketing).
• Request restriction of processing.
• Request the transfer of your data (Data Portability).
• Withdraw consent at any time.
To exercise any of these rights, please contact us at privacy@sitelynx.com. We will respond to valid requests within one month.
9. Complaints
We are committed to resolving any privacy concerns you may have.
Step 1: Contact Us Directly Under the Data (Use and Access) Act 2025, you have a statutory right to make a complaint directly to us.
• Please email your complaint to privacy@sitelynx.com.
• We will acknowledge your complaint within 30 days of receipt.
• We will investigate and inform you of the outcome without undue delay.
Step 2: Contact the Regulator If you are not satisfied with our response, you have the right to make a complaint to the Information Commissioner’s Office (ICO).
• Website: www.ico.org.uk
• Helpline: 0303 123 1113