Back to Home

Privacy Policy

Last updated: 7 January 2026

1. Introduction

AugmentBLU Ltd ("we", "us", "our") is committed to protecting your privacy and handling your personal data responsibly. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, engage our web development services, or use the AugmentBLU Portal platform.

We are registered in Scotland, United Kingdom, and we process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

AugmentBLU Ltd is the data controller for the personal data we collect. We are based in Edinburgh, Scotland, United Kingdom. If you have any questions about this policy or how we handle your data, please contact us via our contact form.

3. Information We Collect

3.1 Information You Provide

  • Contact information: name, email address, phone number, company name
  • Account information: username, password (encrypted), and profile details for AugmentBLU Portal users
  • Project information: details you provide about your project requirements, content, and business needs
  • Communication records: emails, messages, and notes from our interactions
  • Payment information: billing address and payment details (processed securely through our payment provider)

3.2 Information Collected Automatically

  • Usage data: how you interact with our website and the AugmentBLU Portal
  • Device information: browser type, operating system, device type
  • Log data: IP address, access times, pages viewed
  • Analytics data: aggregated data about website usage (via privacy-focused analytics)

3.3 Information from Third Parties

We may receive information from third-party services you connect to the AugmentBLU Portal, such as version control systems or project management tools, only with your explicit authorisation.

4. How We Use Your Information

We use your personal data for the following purposes:

4.1 Service Delivery

  • To provide our web development services and deliver project work
  • To operate and maintain the AugmentBLU Portal platform
  • To communicate with you about projects, support requests, and account matters
  • To process payments and manage billing

4.2 Platform Improvement

  • To analyse usage patterns and improve our services
  • To identify and fix technical issues
  • To develop new features and functionality

4.3 Legal and Business Purposes

  • To comply with legal obligations
  • To protect our rights and prevent fraud
  • To respond to legal requests from authorities

5. Legal Basis for Processing

Under UK GDPR, we process your personal data on the following legal bases:

  • Contract: Processing necessary to perform our contract with you (e.g., delivering services you've engaged)
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our services, provided these don't override your rights
  • Consent: Where you have given explicit consent (e.g., subscribing to marketing communications)
  • Legal obligation: Processing necessary to comply with UK law

6. Data Sharing

We do not sell your personal data. We may share your information with:

  • Service providers: Trusted third parties who assist in operating our business (e.g., hosting providers, payment processors, email services). These providers are contractually bound to protect your data.
  • Professional advisors: Accountants, lawyers, and auditors as necessary for business operations
  • Legal authorities: When required by law or to protect our legal rights
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with appropriate safeguards

6.1 Third-Party Services We Use

  • Hosting: UK/EU-based cloud infrastructure providers
  • Analytics: Privacy-focused analytics (Umami Cloud - no personal data tracking)
  • Payment processing: Stripe (PCI-DSS compliant)
  • Email services: Resend (for transactional emails)
  • Security: Cloudflare Turnstile (bot protection)

7. International Data Transfers

We primarily store and process data within the United Kingdom and European Economic Area. Where we transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the UK Information Commissioner
  • Transfers to countries with adequate data protection (adequacy decisions)
  • Binding corporate rules where applicable

8. Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Active accounts: For the duration of your account/subscription plus 2 years
  • Project records: 6 years after project completion (for legal and tax purposes)
  • Contact enquiries: 2 years from last contact
  • Analytics data: Aggregated and anonymised, retained indefinitely
  • Legal holds: Longer if required for legal proceedings or regulatory requirements

9. Your Rights

Under UK GDPR, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your data (subject to legal obligations)
  • Right to restrict processing: Request limitation of how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Rights related to automated decision-making: We do not make automated decisions that significantly affect you

To exercise any of these rights, please contact us via our contact form. We will respond within one month, as required by law.

10. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication and access controls
  • Regular security assessments and updates
  • Employee training on data protection
  • Incident response procedures

While we take all reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security but will notify you and relevant authorities of any breach as required by law.

11. Cookies

Our website uses minimal, essential cookies for functionality. We use privacy-focused analytics that do not track personal data or require cookie consent. We do not use advertising cookies or third-party tracking.

The AugmentBLU Portal uses session cookies necessary for authentication and platform functionality. These are essential for the service to operate and do not require consent.

12. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and, for AugmentBLU Portal users, via email notification. The "Last updated" date at the top indicates when the policy was last revised.

14. Complaints

If you have concerns about how we handle your personal data, please contact us first so we can address your concerns. You also have the right to lodge a complaint with the UK supervisory authority:

  • Information Commissioner's Office (ICO)
  • Website: ico.org.uk
  • Helpline: 0303 123 1113

15. Contact Us

For any questions about this Privacy Policy or to exercise your data rights, please contact us via our contact form.

AugmentBLU Ltd is a company registered in Scotland, United Kingdom.