Privacy & Data Protection
Privacy Policy
This Privacy Policy explains how PIPSA SOFTWARE LTD collects, uses, discloses, and protects personal data when you visit or interact with our corporate website at https://pipsasoftware.site.
Privacy Policy Overview
PIPSA SOFTWARE LTD ("PIPSA", "we", "our", or "us") is a UK-based software development company that provides business and domestic software solutions, digital consulting, and related services. We are committed to protecting the privacy, confidentiality, and security of personal data entrusted to us by visitors to our website, prospective and existing clients, partners, and other stakeholders.
This Privacy Policy describes how we handle personal data collected through our corporate website at https://pipsasoftware.site, including pages such as About, Services, Solutions, Team, Consulting, Case Studies, Clients and Contact Us. It also explains your rights under applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We encourage you to read this Privacy Policy carefully. By using our website, you acknowledge that you have been informed of our data processing practices as described here. If you do not agree with this Policy, you should discontinue use of our website.
Information We Collect
We collect different types of information depending on how you interact with our website and services. This may include:
1. Information you provide directly
When you actively engage with us, you may provide personal data such as:
- Identification details (e.g. name, job title, company name).
- Contact details (e.g. business email address, telephone number, preferred contact method).
- Professional information (e.g. role, department, industry, areas of technical interest).
- Content of communications (e.g. messages submitted via the Contact Us page, enquiries about our Services, Solutions, Consulting, or responses to case studies.
- Application and recruitment information submitted in relation to career opportunities (e.g. CVs, cover letters, professional profiles) where such options are made available on the website.
2. Information collected automatically
When you visit our website, we may automatically collect certain technical and usage information using cookies and similar technologies. This may include:
- Device and browser information (e.g. IP address, browser type and version, operating system, device identifiers).
- Usage data (e.g. pages visited, time and date of visits, referring URLs, clickstream data, time spent on each page, scroll depth and navigation patterns).
- Approximate location data derived from your IP address, such as city and country.
Where required by law, we will seek your consent before placing or accessing non-essential cookies or analytics technologies. For more detailed information about how we use cookies, please refer to our Cookie Policy.
3. Optional information from other interactions
We may also process information you choose to share with us in other contexts, for example:
- Registration details for events, webinars, or briefings highlighted in our news or case study content.
- Preferences regarding the receipt of marketing communications, thought-leadership content, or investor-related updates.
- Feedback and survey responses that help us refine our services, user experience, and digital consulting offerings.
How We Use Your Information
We process personal data only for specified, explicit, and legitimate purposes. Depending on your relationship with us and how you use our website, we may use your information to:
- Respond to enquiries and provide services — to respond to requests submitted via the Contact Us page or other contact channels, to discuss potential projects, proposals, or consulting engagements, and to deliver our software development and digital consulting services.
- Manage client and partner relationships — to set up and manage client accounts, coordinate project activities, communicate about ongoing engagements, and maintain records of interactions and agreements.
- Improve our website and offerings — to monitor website performance, analyse how visitors engage with our Services, Solutions, Case Studies, and Clients content, and to refine user experience, navigation, and technical functionality.
- Support marketing and communications — to send you relevant information about our capabilities, industry insights, events, and updates if you have requested or consented to receive such communications, and to measure the effectiveness of these communications.
- Consider candidates for roles — to review applications and assess suitability for roles where our website is used to advertise or accept interest in career opportunities.
- Maintain security and prevent misuse — to protect our website, systems, and users against fraud, unauthorised access, and other security threats, and to investigate suspicious or harmful activity.
- Comply with legal and regulatory obligations — to maintain appropriate records, respond to lawful requests from regulators or authorities, and meet our regulatory, tax, and corporate governance requirements.
Legal Basis for Processing
Under the UK GDPR and other applicable data protection laws, we must have a valid legal basis to process personal data. Depending on the context, we rely on one or more of the following legal grounds:
- Contractual necessity — where processing is necessary to take steps at your request before entering into a contract with you or your organisation, or to perform a contract to which you or your organisation are a party (for example, responding to a service enquiry or delivering a software development engagement).
- Legitimate interests — where processing is necessary for our legitimate business interests or those of a third party, provided those interests are not overridden by your fundamental rights and freedoms. This may include improving our website, promoting our services to business contacts, managing client relationships, maintaining network and information security, and presenting case studies relevant to your industry.
- Consent — where you have given clear consent for us to process your personal data for specific purposes, such as receiving certain marketing communications or enabling non-essential cookies and analytics tools. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
- Legal obligations — where processing is necessary for us to comply with a legal or regulatory obligation, such as record-keeping, reporting to competent authorities, or responding to formal legal requests.
If we rely on legitimate interests as our legal basis, we will carefully consider the impact of our processing on your privacy and will implement safeguards to protect your personal data. Further details may be provided if required in the context of a specific engagement.
Data Sharing and Disclosure
We do not sell your personal data. However, we may share personal data with selected third parties in the following circumstances and only to the extent necessary for the relevant purpose:
- Service providers and professional advisers — with trusted third parties who provide services to us such as website hosting, analytics, IT support, email delivery, customer relationship management, or professional advisory services (for example, legal, accounting, or compliance support). These parties are engaged under contract and are obliged to process personal data only on our instructions and with appropriate security measures.
- Partners involved in project delivery — with carefully selected technology or consulting partners where collaboration is required to deliver a service, solution, or consulting engagement you have requested, and where such sharing is compatible with the purpose of collection.
- Corporate and transactional events — with potential buyers, investors, or other counterparties, and their professional advisers, in connection with any actual or proposed merger, acquisition, business transfer, or corporate restructuring involving PIPSA SOFTWARE LTD, subject to appropriate confidentiality protections.
- Legal and regulatory authorities — where required to do so by law, regulation, court order, or other legally binding request, or where we believe it is necessary to protect our rights, the rights of our clients, or the safety of any person.
Whenever we share personal data with third parties, we require them to maintain the confidentiality and security of the information and to comply with applicable data protection laws.
Data Security Measures
We take the security of personal data seriously and implement appropriate technical and organisational measures designed to protect it against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
Measures we may use include, where appropriate:
- Secure hosting environments and network protections, including firewalls and access controls.
- Encryption in transit for data transmitted via our website using industry-standard protocols (such as HTTPS).
- Role-based access controls and the principle of least privilege, ensuring only authorised personnel can access personal data as required for their role.
- Secure development practices for our software solutions, including regular updates and patching of underlying systems.
- Internal procedures for handling, storing, and disposing of personal data in a secure manner.
- Awareness and training for relevant personnel on data protection and information security responsibilities.
While we strive to protect personal data, no system or transmission over the internet can be guaranteed as completely secure. If you have reason to believe that your interaction with us is no longer secure, please contact us promptly using the details set out in the Contact and Complaints section or via the Contact Us page.
International Data Transfers
PIPSA SOFTWARE LTD is established in the United Kingdom. In the course of operating our website and delivering our services, personal data may be accessed from or transferred to countries outside the UK or European Economic Area (EEA), for example where:
- Our service providers or technology partners operate in, or store data within, other jurisdictions.
- Members of our team or trusted partners supporting your engagement are located outside the UK or EEA.
Where such transfers occur, we will ensure that an adequate level of protection is in place in accordance with applicable data protection laws. This may involve:
- Transferring data to countries that have been formally recognised as providing an adequate level of data protection.
- Putting in place appropriate safeguards, such as the UK International Data Transfer Agreement (IDTA) or Standard Contractual Clauses approved by the European Commission, together with supplementary measures where necessary.
You may contact us for further information about the safeguards we use for international data transfers using the details provided below.
Data Retention Policy
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, accounting, or reporting requirements.
In determining appropriate retention periods, we consider factors such as:
- The nature and sensitivity of the personal data.
- The purposes for which we process it and whether those purposes can be achieved by other means.
- The duration of our relationship with you or your organisation.
- Applicable legal, regulatory, or contractual retention requirements or guidance.
For example, enquiry correspondence may be retained for a period necessary to manage the enquiry and any follow-up communications, while client engagement records may be kept for longer periods to meet regulatory or contractual obligations. When personal data is no longer required, we will delete it or anonymise it in a secure manner.
Your Data Protection Rights
Under the UK GDPR and other applicable data protection laws, you may have the following rights in relation to your personal data, subject to certain conditions and exceptions:
- Right of access — to obtain confirmation as to whether we process your personal data and to request a copy of that data, together with information about how we use it.
- Right to rectification — to request correction of inaccurate personal data and completion of incomplete data.
- Right to erasure — to request deletion of your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected or where you have withdrawn your consent.
- Right to restriction of processing — to request that we limit the processing of your personal data in certain situations, such as while we are verifying its accuracy or considering an objection.
- Right to object — to object to our processing of your personal data where we rely on legitimate interests, including profiling based on those interests. You also have an absolute right to object at any time to processing of your personal data for direct marketing purposes.
- Right to data portability — in certain circumstances, to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format, and to request that we transmit it to another controller where technically feasible.
- Right to withdraw consent — where we rely on your consent to process personal data, you have the right to withdraw that consent at any time.
To exercise any of these rights, please contact us using the details in the Contact and Complaints section or reach out via the Contact Us page. We may need to verify your identity before responding to your request. We aim to respond within the timeframes required by law.
Children's Privacy
Our website and services are intended primarily for business professionals, clients, partners, and stakeholders. They are not directed at children, and we do not knowingly collect personal data from children under the age of 13 (or other age as defined by applicable law) via our website.
If you are a parent or guardian and believe that a child has provided personal data to us via this website without appropriate consent, please contact us promptly using the details below. We will take steps to delete such information where required by law.
Contact and Complaints
PIPSA SOFTWARE LTD is the controller responsible for personal data processed in connection with this website. If you have any questions about this Privacy Policy, our data protection practices, or if you wish to exercise your rights, you can contact us using the following details:
PIPSA SOFTWARE LTD
Website: https://pipsasoftware.site
You can also submit enquiries or requests through our Contact Us page, which will route your message to the appropriate team within PIPSA SOFTWARE LTD.
Complaints and supervisory authority
If you are not satisfied with our handling of your personal data or our response to a privacy-related query, you have the right to lodge a complaint with the data protection supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO). For more information, please visit https://www.ico.org.uk.
We would, however, appreciate the opportunity to address your concerns directly before you approach the ICO or another authority, and we encourage you to contact us in the first instance.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. The updated version will be posted on this page with an updated effective date. We recommend that you review this Policy periodically to stay informed about how we protect your information.