Privacy Policy

php4u Limited (“we”, “us”, “our”) is a private limited company registered in England and Wales.

We are the data controller for personal data processed in connection with our website (php4u.co.uk) and the services we provide. This policy explains how we collect, use, and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We may collect and process the following personal data:

• Contact information — such as your name and email address when you contact us directly.
• Communication data — the content of emails, messages, or enquiries you send to us.
• Technical data — IP address, browser type, and basic usage information collected automatically when you visit our website.
• Business information — details you provide as part of a professional enquiry or project engagement.

We do not collect sensitive personal data (such as health information, financial data, or data relating to criminal convictions) unless explicitly required and agreed upon for a specific engagement.

We use your personal data for the following purposes:

• To respond to enquiries and provide information about our services.
• To manage and deliver contracted services.
• To fulfil legal obligations, including those under UK company law and tax law.
• To maintain records of business communications as required.
• To improve our website and services based on aggregated, anonymised usage data.

We process your personal data under the following lawful bases as defined by UK GDPR:

• Contract — processing is necessary for the performance of a contract with you, or to take steps at your request before entering into a contract.
• Legitimate interests — we have a legitimate interest in processing data to respond to business enquiries and operate our business effectively, provided this does not override your rights.
• Legal obligation — we may process data where necessary to comply with a legal obligation.
• Consent — where you have given explicit consent, such as subscribing to communications.

We retain personal data only for as long as is necessary for the purposes for which it was collected, and in accordance with applicable legal requirements:

• Business enquiry data is retained for up to 12 months if no contract is formed.
• Client and contract data is retained for a minimum of 6 years following the end of the engagement, in accordance with UK tax and company law.
• Technical/website data (logs) is retained for no longer than 90 days.

We do not sell, rent, or trade your personal data to third parties. We may share data in the following limited circumstances:

• Service providers — trusted third-party suppliers who assist in operating our business (e.g. email hosting, cloud infrastructure), under appropriate data processing agreements.
• Legal requirements — if required to do so by law, court order, or regulatory authority.
• Business transfers — in the unlikely event of a business sale or merger, data may be transferred to the relevant successor entity.

Where data is transferred outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

Under UK GDPR, you have the following rights regarding your personal data:

• Right of access — you may request a copy of the personal data we hold about you.
• Right to rectification — you may request correction of inaccurate or incomplete data.
• Right to erasure — you may request deletion of your personal data in certain circumstances.
• Right to restriction — you may request that we restrict processing of your data.
• Right to data portability — you may request your data in a structured, commonly used format.
• Right to object — you may object to processing based on legitimate interests.
• Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at …. We will respond within one month of receiving your request.

If you are unsatisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

Our website may use essential cookies necessary for the site to function. We do not currently use tracking cookies, advertising cookies, or third-party analytics services that profile individual visitors.

If this changes, we will update this policy and, where required by law, seek your consent before placing non-essential cookies.

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect data against unauthorised access, loss, or disclosure. However, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

We may update this privacy policy from time to time to reflect changes in our practices or legal obligations. The date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically.

If you have any questions about this privacy policy or how we handle your data: