Privacy Policy | JNY Software Ltd

Introduction

This privacy policy explains how JNY Software Ltd collects, uses, stores and protects personal information when you visit our website, contact us, or work with us as a client.

We aim to handle personal information fairly, transparently and in line with UK data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Who we are

The data controller responsible for personal information described in this policy is:

JNY Software Ltd
Company Number: 17099074

Registered Office:
82A James Carter Road
Mildenhall
Suffolk
IP28 7DE
United Kingdom

Privacy Contact:
[email protected]

You can also contact us through our contact page.

Information we collect

Depending on how you interact with us, we may collect:

your name;
company name;
email address;
telephone number;
project details you submit through forms (for example project type, budget range, description and preferred contact method);
technical information about how you use our website;
IP address and browser or device information;
cookie and analytics information, including data collected through Google Analytics if you accept analytics cookies.

Google Analytics is optional. We only load it after you accept analytics cookies. If you accept, it helps us understand aggregated and pseudonymous website usage, such as page visits, device and browser information, traffic sources and aggregated reporting. Google Analytics does not show us your name or direct contact details, but it may process online identifiers such as cookies, device information and IP-related data.

We do not intentionally collect special category personal data (such as health information or details about protected characteristics) through this website. Please do not send that type of information unless we have agreed it is needed for a specific service.

How we collect information

We collect personal information when:

you submit our website contact form;
you email us directly;
you become a client or enter into discussions about working with us;
you use our website, including through cookies, Google Analytics (if you accept analytics cookies), server logs and security tools operated by Cloudflare.

How we use information

We use personal information to:

respond to enquiries;
assess project requirements;
prepare proposals and quotes;
provide software development, hosting and related services;
manage client relationships;
send service-related communications;
maintain website security and prevent abuse;
improve our website and understand how it is used, including through Google Analytics when you have accepted analytics cookies;
comply with legal and regulatory obligations.

We use personal information only where we have a lawful reason to do so. We do not use enquiry or client information for unrelated marketing unless you have agreed to that separately.

Legal bases for processing

Under UK GDPR, we must identify a lawful basis for processing personal information. The bases we rely on include:

Consent: Where you have given clear permission, for example if you agree to non-essential cookies where required.
Contract: Where processing is needed to take steps at your request before entering a contract, or to perform a contract with you as a client.
Legitimate interests: Where we have a genuine business need that is balanced against your rights, such as responding to enquiries, securing our website, or improving our services. We assess these interests carefully and you can object in certain cases.
Legal obligation: Where we must process information to comply with law, for example certain accounting, tax or regulatory requirements.

Contact forms and email

When you submit our website contact form, your enquiry is sent to JNY Software Ltd by email. We use Resend to deliver contact form submissions and related transactional emails, such as confirmation that we received your message.

Contact form data is used only to respond to your enquiry and manage follow-up communication if you might become a client.

The contact form uses Cloudflare Turnstile for spam and abuse prevention. Turnstile may process technical data (such as browser signals and interaction data) to distinguish genuine submissions from automated traffic.

Cookies, analytics and security tools

Our website uses cookies and similar technologies. Some are essential for security and operation; others help us understand website usage.

Services we use include:

Cloudflare: Provides security, performance, content delivery (CDN) and DDoS protection. Cloudflare may set cookies or process technical connection data to protect and deliver the site.
Cloudflare Turnstile: Used on our contact form for spam and abuse prevention.
Google Analytics: Optional analytics service. We load Google Analytics only after you accept analytics cookies. When enabled, it collects aggregated and pseudonymous website usage data, including page visits, device and browser information, traffic sources and aggregated performance reporting. Google Analytics does not show us your name or direct contact details, but it may process online identifiers such as cookies, device information and IP-related data.

For more detail on cookies and how to manage preferences, see our Cookie policy.

Sharing information with third parties

We share personal information only where necessary. We do not sell personal data.

We use the following categories of service providers (data processors) to operate our website and business:

Cloudflare: Security, performance, CDN and DDoS protection for the website.
Cloudflare Turnstile: Spam and abuse prevention on forms.
Resend: Delivery of contact form and transactional emails.
Google Analytics: Aggregated and pseudonymous website usage analytics and performance insights, only when you have accepted analytics cookies.
Website hosting providers: Hosting and operation of the website and related infrastructure.

We may also share information with:

professional advisers (for example accountants or lawyers) where needed;
regulators, courts or law enforcement where required by law.

These organisations process data on our instructions where they act as processors, or as independent controllers where the law requires them to handle information in a particular way.

International transfers

Some providers (including Cloudflare, Resend and Google) may process personal information outside the United Kingdom, for example where their infrastructure is hosted abroad.

Where personal information is transferred internationally, we aim to ensure appropriate safeguards are in place. These may include UK adequacy regulations, standard contractual clauses approved for UK use, or the provider’s data protection terms where they offer suitable protection.

How long we keep information

We keep personal information only for as long as needed for the purposes described in this policy, unless a longer period is required by law.

Website enquiries: Up to 24 months after the last meaningful contact, unless a business relationship is established.
Client records: For the duration of the client relationship and up to 7 years afterwards where required for legal, accounting or business record purposes.
Analytics data: According to Google Analytics retention settings configured in our account.
Security logs: Only as long as reasonably required for security and operational purposes (including logs processed through Cloudflare and our hosting environment).

How we protect information

We take reasonable technical and organisational measures to protect personal information, including:

access controls so only those who need data can access it;
secure hosting and HTTPS for our website;
Cloudflare security tooling for DDoS protection and edge security;
Cloudflare Turnstile on forms to reduce spam and abuse;
limiting access to personal data within our business;
using reputable service providers with their own security practices.

No method of transmission or storage is completely secure. While we work to protect personal information, we cannot guarantee absolute security.

Your rights

Under UK data protection law, you may have the following rights in relation to your personal information (depending on the circumstances):

right of access to a copy of your personal information;
right to rectification of inaccurate information;
right to erasure in certain circumstances;
right to restrict processing in certain circumstances;
right to object to processing in certain circumstances;
right to data portability where applicable;
right to withdraw consent where we rely on consent.

To exercise these rights, contact us at [email protected] or through our contact page. We may need to verify your identity before responding. We aim to respond within one month, although complex requests can take longer where permitted by law.

If you believe your data protection rights have been infringed, you may contact the Information Commissioner's Office (ICO). We encourage you to contact us first so we can try to resolve your concern.

Complaints

If you are concerned about how we handle personal information, please contact us first at [email protected] or through our contact page so we can try to resolve the issue.

You may also raise a concern with the UK supervisory authority, the Information Commissioner's Office (ICO), if you believe your data protection rights have been infringed. The ICO can be contacted via ico.org.uk.

Changes to this policy

We may update this privacy policy from time to time, for example if our services, technology or legal requirements change. When we do, we will change the “last updated” date at the top of this page.

Related policies: Cookie policy, Terms of use.