top of page
Logibox-Limited-logo

Privacy Policy

A legal disclaimer

Privacy Policy for Logibox Limited

Last Updated: 24th May 2026

1. Introduction

Welcome to the privacy policy of [Insert Company Name] ("we", "us", or "our"). We are a software consultancy registered in England and Wales under company number [Insert Company Number], with our registered office at [Insert Registered Address].

We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website (regardless of where you visit it from) and when we provide our software consultancy services, and tell you about your privacy rights and how the law protects you.

2. The Data Controller

The data controller responsible for your personal data is:

  • Company Name: Logibox Ltd

  • Address: 4 The Glades, Huntingdon, PE29 6JR

  • Email:  privacy@logibox.co.uk

  • Phone: 

3. The Data We Collect About You

We may collect, use, store, and transfer different kinds of personal data about you which we have grouped together follows:

  • Identity Data: Includes first name, last name, username or similar identifier, title, and job title.

  • Contact Data: Includes billing address, delivery address, email address, and telephone numbers.

  • Technical Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.

  • Usage Data: Includes information about how you use our website, products, and services.

  • Professional Data: In the course of our consultancy work, we may process data related to your business operations, software architecture, or project requirements. Note: We do not typically process "Special Category Data" (e.g., health, race, religion) unless explicitly required for a specific project and with your consent.

4. How Your Personal Data Is Used

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  1. Performance of Contract: Where we need to perform the contract we are about to enter into or have entered into with you (e.g., delivering software development services, invoicing, project management).

  2. Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., network security, fraud prevention, improving our services, sending business updates to existing clients).

  3. Legal Obligation: Where we need to comply with a legal or regulatory obligation (e.g., tax laws, HMRC requirements).

  4. Consent: In limited circumstances where we have asked for your explicit consent to use your data for a specific purpose (e.g., subscribing to a newsletter).

Specific Activities:

  • Client Projects: We process client contact details and project data to deliver software solutions.

  • Website Visitors: We use cookies to analyze traffic and improve user experience.

  • Marketing: We may send you news about our services, industry insights, or events if you have opted in. You can opt out at any time.

5. Disclosures of Your Personal Data

We may have to share your personal data with the parties set out below for the purposes set out in this policy:

  • Internal Third Parties: Employees, contractors, and consultants working for Logibox Ltd who need access to data to perform their duties.

  • External Third Parties:

    • Service providers acting as processors based in the UK or EU who provide IT, system administration, and cloud hosting services (e.g., AWS, Azure, GitLab, Slack, Proton, Jira).

    • Professional advisers including lawyers, bankers, auditors, and insurers based in the UK.

    • HMRC and other regulators.

  • Third Parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. International Transfers

As a UK company, we primarily process data within the UK. However, if we use cloud services or collaborate with partners outside the UK/EEA (e.g., developers in other countries), we ensure that appropriate safeguards are in place, such as:

  • The European Commission's adequacy decisions.

  • Standard Contractual Clauses (SCCs).

  • Binding Corporate Rules.

7. Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Client Data: Retained for the duration of the contract plus [e.g., 6 years] for legal and tax record keeping.

  • Website Data: Retained for [e.g., 2 years] for analytics purposes.

  • Marketing Data: Retained until you unsubscribe.

8. Your Legal Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

  1. Request Access: Receive a copy of the personal data we hold about you.

  2. Request Correction: Have any incomplete or inaccurate data we hold about you corrected.

  3. Request Erasure: Ask us to delete or remove personal data where there is no good reason for us continuing to process it.

  4. Object to Processing: Object to our processing of your personal data where we are relying on a legitimate interest.

  5. Request Restriction: Ask us to suspend the processing of your personal data in certain scenarios.

  6. Request Transfer: Request the transfer of your personal data to you or to a third party.

  7. Withdraw Consent: Withdraw consent at any time where we are relying on consent to process your personal data.

If you wish to exercise any of these rights, please contact us at [Insert Privacy Email].

9. Complaints

If you have any concerns about our use of your personal data, you can make a complaint to us at [Insert Privacy Email].

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

10. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them, see our Cookie Policy [Link to Cookie Policy if separate].

11. Changes to This Privacy Policy

We may update our privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this website and updating the "Last Updated" date. You are advised to review this privacy policy periodically for any changes.

Cookie Policy

This document explains how you use cookies on your website. It is required by the UK GDPR and PECR (Privacy and Electronic Communications Regulations).

Cookie Policy for Logibox Ltd

Last Updated: 25 May 2026

1. What Are Cookies?

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They help the website remember your actions and preferences (such as login, language, font size, and other display preferences) over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.

2. How We Use Cookies

We use cookies for the following purposes:

  • Essential Cookies: These are strictly necessary to enable you to move around the website and use its features (e.g., accessing secure areas). Without these, our services cannot be provided.

  • Analytics Cookies: These help us understand how visitors interact with our website by collecting and reporting information anonymously (e.g., Google Analytics). This helps us improve our website's performance and content.

  • Functionality Cookies: These allow our website to remember choices you make (such as your user name, language, or region) and provide enhanced, more personal features.

  • Marketing/Advertising Cookies: These are used to track visitors across websites. The intention is to display ads that are relevant and engaging to the individual user. [Remove this section if you do not use marketing cookies].

3. Types of Cookies We Use

Cookie NamePurposeDurationType

_gaDistinguishes unique users for analytics.2 yearsAnalytics

_gidDistinguishes unique users for analytics.24 hoursAnalytics

session_idMaintains user session state.SessionEssential

cookie_consentRemembers your cookie preference choice.1 yearEssential

4. Managing Your Cookie Preferences

You have the right to decide whether to accept or reject cookies.

  • Browser Settings: You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website though your access to some functionality and areas may be restricted.

  • Cookie Banner: Upon your first visit to our website, you will be presented with a cookie banner allowing you to accept or decline non-essential cookies. You can change your mind at any time by clicking the "Cookie Settings" link in the footer of our website.

5. Third-Party Cookies

We may also use cookies provided by trusted third parties, such as:

  • Google Analytics: To analyze website traffic.

  • LinkedIn Insight Tag: To measure ad effectiveness (if applicable).

  • Cloudflare: For security and performance.

Please refer to the privacy policies of these third parties for more information on how they use cookies.

6. Contact Us

If you have any questions about our use of cookies, please contact us at:

  • Email: privacy@logibox.ltd

  • Address: 4 The Glades, Huntingdon, PE29 6JR

Part 2: Data Processing Agreement (DPA) Summary

As a software consultancy, your clients (the "Data Controllers") will likely require you (the "Data Processor") to sign a DPA. This is a legal requirement under UK GDPR Article 28. Below is a summary of the clauses you should include in your formal DPA or have ready for your legal counsel to finalize.

Data Processing Agreement (Summary for [Insert Company Name])

1. Subject Matter and Duration

  • Subject Matter: The processing of personal data performed by [Company Name] in the course of providing software development, consultancy, and maintenance services to the Client.

  • Duration: The duration of the processing shall correspond to the term of the Master Services Agreement (MSA) between the parties, plus any retention period required by law.

2. Nature and Purpose of Processing

  • Nature: Development, testing, deployment, and maintenance of software platforms; access to client servers/cloud environments; project management communication.

  • Purpose: To deliver the agreed-upon software solutions and support services to the Client.

3. Types of Personal Data and Categories of Data Subjects

  • Types of Data: Identity data (names, emails), contact data, technical data (IP addresses, logs), and potentially business operational data.

  • Categories of Subjects: Client employees, end-users of the software, contractors, and stakeholders.

4. Obligations of the Data Processor ([Company Name]) We agree to:

  • Process only on Instructions: Process personal data only on documented instructions from the Client, unless required by UK law.

  • Confidentiality: Ensure that persons authorized to process the data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.

  • Security Measures: Implement appropriate technical and organizational measures (TOMs) to ensure a level of security appropriate to the risk. This includes:

    • Encryption of data in transit and at rest.

    • Access control and authentication (MFA).

    • Regular vulnerability scanning and patching.

    • Secure development lifecycle (SDLC) practices.

  • Sub-processors: We will not engage another processor (sub-processor) without prior specific or general written authorization from the Client. If general authorization is given, we will inform the Client of any intended changes and give the Client the opportunity to object.

    • Current Sub-processors: AWS, GitLab, Slack, Proton.

  • Assisting the Client: Assist the Client in fulfilling their obligations to respond to data subject rights requests (access, deletion, etc.) and in ensuring compliance with security, breach notification, and impact assessment obligations.

  • Data Breach Notification: Notify the Client without undue delay (within 24-48 hours) after becoming aware of a personal data breach.

  • Deletion/Return: At the choice of the Client, delete or return all personal data to the Client after the end of the provision of services, and delete existing copies unless required by law to store the data.

  • Audits: Make available to the Client all information necessary to demonstrate compliance with this DPA and allow for and contribute to audits, including inspections, conducted by the Client or another auditor mandated by the Client.

5. International Transfers

  • If data is transferred outside the UK, Logibox Ltd guarantees that appropriate safeguards (e.g., UK International Data Transfer Agreement or Standard Contractual Clauses) are in place.

6. Liability

  • Liability for breaches of this DPA shall be governed by the liability clauses of the Master Services Agreement, subject to UK GDPR provisions.

bottom of page