Legal

Privacy Policy

How Panamorphix collects, uses, stores, and protects personal data.

Last updated

4 February 2026

Introduction

Panamorphix Ltd ("we", "our", or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or use our services.

We are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws.

Data Controller

Panamorphix Ltd is the data controller responsible for your personal data.

If you have any questions about this Privacy Policy or how we handle your data, please contact us using the details provided at the end of this policy.

Information We Collect

Information You Provide Directly

We collect information that you voluntarily provide to us, including:

  • Enquiry Submissions: Name, email address, organisation name, and messages you choose to send
  • Communications: Any information you provide when you contact us directly

Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

  • Usage Data: Pages visited, time spent, navigation patterns, scroll depth
  • Technical Data: IP address, browser type, device information, operating system
  • Cookies: Small files stored on your device (see our Cookies Policy for details)

How We Use Your Information

We use your personal information for the following purposes:

  • Service Delivery: Responding to enquiries and maintaining business communications
  • Website Improvement: Analyzing usage patterns to enhance user experience
  • Legal Compliance: Meeting regulatory requirements and protecting our legal interests
  • Security: Detecting fraud, protecting against security threats, and maintaining system integrity

Legal Basis for Processing

Under UK GDPR, we process your personal data based on the following legal grounds:

  • Legitimate Interest: For website analytics, security, and business communications
  • Contract: When necessary to fulfill our services or respond to your requests
  • Consent: For marketing communications and non-essential cookies
  • Legal Obligation: When required by law to retain or process certain information

Data Sharing and Third Parties

We may share your information with trusted third-party service providers:

  • Hosting Services: Replit and related infrastructure providers for website hosting
  • Analytics Providers: Service providers used for aggregated website performance analysis where enabled
  • Professional Services: Legal, accounting, and other professional advisers where necessary

All third parties are contractually required to keep your information secure and confidential.

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy:

  • Enquiry Data: Up to 3 years for business follow-up and service delivery
  • Analytics Data: Up to 2 years for website optimization and business insights
  • Legal Requirements: As long as required by applicable laws and regulations

Your Rights

Under UK GDPR and data protection laws, you have the following rights:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Ask us to correct any inaccurate or incomplete information
  • Erasure: Request deletion of your personal data (right to be forgotten)
  • Portability: Receive your data in a structured, machine-readable format
  • Restriction: Request that we limit how we process your information
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdraw Consent: Revoke consent where processing is based on your consent

To exercise any of these rights, please contact us using the details at the end of this policy.

Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication measures
  • Employee training on data protection and privacy
  • Incident response procedures for data breaches

International Data Transfers

Some of our service providers may process your data outside the UK. Where this occurs, we ensure appropriate safeguards are in place:

  • Adequacy decisions by the UK authorities
  • Standard contractual clauses approved by the UK authorities
  • Other appropriate and suitable safeguards

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of any material changes by posting theupdated policy on our website with a revised "last updated" date.

Complaints

If you have concerns about how we handle your personal data, you have the right to lodge a complaint with the UK InformationCommissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire SK9 5AF
Tel: 0303 123 1113
Website: ico.org.uk

Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us:

All enquiries: hello@panamorphix.com