Privacy Policy
Your privacy matters to us. This policy explains how NextLogica collects, uses, stores, and protects your personal data.
Effective date: 1 January 2026 · Last updated: 8 February 2026
1. Who We Are
NextLogica Ltd ("NextLogica", "we", "us", "our") is a technology consultancy providing AI solutions, intelligent automation, and custom software development.
We are the data controller for the personal data we collect through our website (nextlogica.co.uk), our services, and our business communications.
If you have questions about this policy or your personal data, you can contact us at privacy@nextlogica.co.uk.
2. Information We Collect
We collect information that you provide directly to us, and information that is collected automatically when you use our website.
Information you provide
- Contact details — name, email address, phone number, and company name when you fill out our contact form or book a consultation.
- Project information — details about your business challenges, requirements, and goals shared during consultations and project scoping.
- Communication records — emails, messages, and other correspondence exchanged during the course of our engagement.
- Payment information — billing details and financial information necessary to process payments for our services.
Information collected automatically
- Device and browser information — browser type, operating system, device type, and screen resolution.
- Usage data — pages visited, time spent on pages, click patterns, and referring URLs.
- IP address and approximate geographic location.
- Cookies and similar tracking technologies — see our Cookie Policy for full details.
3. How We Use Your Information
We use personal data for the following purposes:
- To respond to enquiries and provide consultations.
- To deliver our services — including project planning, development, and ongoing support.
- To communicate project updates, deliverables, and invoices.
- To improve our website, services, and user experience through analytics.
- To comply with legal obligations, including tax and accounting requirements.
- To send occasional updates about our services (only with your consent).
4. Legal Basis for Processing
We process personal data under the following legal bases as defined by UK GDPR:
- Contractual necessity — processing required to deliver services you have engaged us for.
- Legitimate interests — improving our services, marketing (with appropriate safeguards), and business administration.
- Consent — where you have explicitly opted in, such as for marketing communications.
- Legal obligation — where processing is required to comply with applicable laws.
6. International Transfers
As we operate across the United Kingdom and Bulgaria (an EU member state), personal data may be transferred between these jurisdictions.
Both the UK and EU maintain high standards of data protection. Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions.
7. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:
- Client project data — retained for 6 years after the end of the engagement (in line with UK tax and accounting requirements).
- Contact form submissions — retained for 12 months if no engagement follows.
- Marketing consent records — retained for as long as the consent is valid, plus 12 months.
- Analytics data — aggregated and anonymised after 26 months.
8. Your Rights
Under UK GDPR, you have the following rights:
- Right of access — request a copy of the personal data we hold about you.
- Right to rectification — request correction of inaccurate or incomplete data.
- Right to erasure — request deletion of your personal data (subject to legal obligations).
- Right to restrict processing — request that we limit how we use your data.
- Right to data portability — receive your data in a structured, machine-readable format.
- Right to object — object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent — where processing is based on consent, you can withdraw it at any time.
To exercise any of these rights, please contact us at privacy@nextlogica.co.uk. We will respond within 30 days.
9. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction.
These measures include encrypted data transmission (TLS/SSL), access controls, regular security audits, and secure development practices.
While we take every reasonable precaution, no method of transmission over the internet is 100% secure. We encourage you to contact us immediately if you suspect any unauthorised use of your data.
10. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review their privacy policies before providing any personal data.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements.
The latest version will always be available on this page with the effective date clearly stated. Material changes will be communicated to affected individuals where appropriate.
12. Contact & Complaints
If you have questions, concerns, or wish to exercise your rights, please contact us:
- Email: privacy@nextlogica.co.uk
- Address: NextLogica Ltd, United Kingdom
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
Related policies