Privacy Policy

This Privacy Policy explains how Tutelis Security ("we", "us", "our") collects, uses and protects personal data relating to visitors to this website and persons who contact us.

Data controller

The data controller for information collected via this website is Tutelis Security. Contact: data@tutelis.co.uk.

Location of processing

Although we target users in the United Kingdom, this website is hosted in Finland. Where personal data is processed by third‑party processors (for example hosting, email or payments), those processors may transfer or store data outside the UK. We work with processors that provide appropriate safeguards for such transfers.

Personal data we collect

• Contact form: name and email address and any message text you provide.
• Payments: we do not store card details on our servers — payment processing is handled by Stripe. We may retain payment references and minimal transactional metadata required for bookkeeping.
• Technical: IP address, browser and device information, timestamps and server logs, used for security, diagnostics and improved service.

How we use your data

• To respond to contact enquiries and communicate with you about your request (lawful basis: legitimate interests and/or contract where applicable).
• To process payments and maintain transaction records (lawful basis: contract and legal obligations).
• To protect our services from abuse, spam and fraud (lawful basis: legitimate interests).

Sharing and third parties

We may share data with service providers who perform functions on our behalf, for example:

• Stripe for payment processing — consult Stripe's documentation for details about their processing and international transfers.
• Hosting and infrastructure providers that run the website.
• Email/SMTP providers used to send replies to enquiries.

Retention

Contact enquiries are retained for up to 2 years unless you request deletion sooner. Transactional/payment records are kept as required for accounting and legal compliance. Server logs are normally retained for a limited period (e.g., 30–90 days).

Security

We use reasonable technical and organisational measures to protect personal data (e.g., HTTPS), but no Internet service can be guaranteed 100% secure. Report concerns to data@tutelis.co.uk.

Cookies

We do not use cookies on this website. We do not set analytics or marketing cookies, and we do not use cookies for site functionality. Note: when you are redirected to or interact with third‑party services (for example Stripe for payments), those third parties may set cookies on their own domains. Please review the privacy and cookie policies of any third‑party service you interact with.

Your rights

You have rights to access, correct, erase, restrict or object to processing, and to data portability where applicable. To exercise these rights contact data@tutelis.co.uk. You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO): https://ico.org.uk.

Spam and abuse

If a submission is manifestly spam or abusive we will delete it. We may log IP addresses and other technical data to detect and block repeated abuse.

Children

This site is not intended for children and we do not knowingly collect personal data from children. If we become aware we have collected data from a child without parental consent we will delete it.

Changes to this policy

We may update this policy; the effective date will be updated on the site. Significant changes will be highlighted where appropriate.

Disclaimer

This template is provided for informational purposes and does not constitute legal advice. For a tailored, legally binding policy appropriate to your operations please consult a qualified data protection advisor.