Privacy Policy

Who We Are

Three Lions Technology is a web development and digital services company based in Oxfordshire, United Kingdom. We are the data controller for the personal information we collect through this website and our services.

Contact: info@threelions.io
Location: Oxfordshire, United Kingdom

What Data We Collect

We collect different types of information depending on how you interact with our website:

Information You Provide

• Contact Forms: Name, email address, and message content when you contact us
• Email Newsletter: Email address if you subscribe to updates
• Project Enquiries: Business details, project requirements, and any information you provide during consultation

Information Collected Automatically

• Website Analytics: Pages visited, time on site, browser type, device type, referring website
• Cookies: Small files stored on your device to improve website functionality and track usage
• Log Data: IP address, access times, and pages requested (standard server logs)

How We Use Your Data

We use your personal data for the following purposes:

• Responding to enquiries: To answer questions and provide information about our services
• Service delivery: To provide web development and digital services you've commissioned
• Marketing communications: To send updates, insights, and offers (only if you've subscribed)
• Website improvement: To analyze how visitors use the site and improve user experience
• Legal compliance: To meet regulatory requirements and protect our legitimate interests

Legal Basis for Processing

Under UK GDPR, we process your data based on:

• Consent: When you submit a contact form, subscribe to emails, or accept cookies
• Contract: When we need your data to deliver services you've purchased
• Legitimate Interests: For website analytics, security, and business communications where we have a valid reason
• Legal Obligation: When required by law (e.g., financial record keeping)

Third-Party Services

We use the following third-party services that may process your data:

• Google Analytics: Website traffic analysis (anonymized IP addresses)
• Email Service Providers: For sending newsletters and project communications
• Web Hosting: AWS Amplify for secure website hosting
• Payment Processors: Stripe or PayPal for processing payments (client projects only)

These services have their own privacy policies. We only share data necessary for them to provide their service.

Cookies

We use cookies to improve your experience on our website. Cookies are small text files stored on your device. You can manage your cookie preferences using the banner that appears on your first visit.

Types of Cookies We Use

• Essential Cookies: Required for website functionality (cannot be disabled)
• Analytics Cookies: Help us understand how visitors use the site (Ahrefs Webmaster Tools)
• Preference Cookies: Remember your settings and cookie consent choices

Ahrefs Analytics

With your consent, we use Ahrefs Webmaster Tools to analyze website traffic and improve our content. Ahrefs collects:

• Pages visited and time spent on site
• Referral sources (how you found our site)
• Device type and browser information
• Geographic location (country/city level only)

Ahrefs does not: Track personally identifiable information, sell your data, or use it for advertising purposes. Data is used solely for webmaster analysis.

You can opt out of analytics tracking by declining the cookie consent banner or changing your preference through your browser settings.

You can control cookies through your browser settings or our cookie consent banner. Blocking essential cookies may affect website functionality.

Data Retention

We keep your data only as long as necessary:

• Contact enquiries: 2 years from last contact
• Email subscribers: Until you unsubscribe
• Client project data: 7 years (legal and tax requirements)
• Analytics data: 26 months (Google Analytics default)
• Server logs: 90 days

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

• Right to Access: Request a copy of the data we hold about you
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your data (subject to legal obligations)
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a portable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time (where consent is the legal basis)

To exercise any of these rights, email us at info@threelions.io. We'll respond within 30 days.

Data Security

We implement appropriate technical and organizational measures to protect your data from unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, access controls, and regular security reviews. However, no internet transmission is completely secure. We cannot guarantee absolute security.

International Transfers

Some third-party services we use (such as cloud hosting) may store data outside the UK. When this happens, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the UK ICO.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated "Last Updated" date. For significant changes, we'll notify active clients and subscribers by email.

Complaints

If you're not satisfied with how we handle your data, you have the right to complain to the UK Information Commissioner's Office (ICO):

ICO Website: ico.org.uk
Helpline: 0303 123 1113
Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF