Privacy Policy

Last updated: September 2025

1. Introduction

legionellaassessment.co.uk (“we”, “our”, “us”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and safeguard information when you use our website and services.

2. Who We Are

This website is operated by legionellaassessment.co.uk. We provide online tools for generating professional Legionella risk assessment certificates for landlords, agents, and businesses.

3. Information We Collect

  • Personal details (name, email, phone number) provided during registration or purchase.
  • Payment information (processed securely via Stripe or PayPal; we never store card details).
  • Property and water system details you enter to generate your assessment.
  • Technical data (cookies, IP address, browser type, usage data).

4. How We Use Your Data

  • To provide and deliver your assessment reports and invoices.
  • To process secure payments.
  • To manage your account and provide customer support.
  • To improve our services and ensure compliance.
  • For legal, regulatory, and fraud prevention purposes.

5. Cookies & Tracking

We use cookies and Google Tag Manager/Google Analytics to measure site performance, marketing, and usage. You can manage or block cookies via your browser settings. For more detail, see our Cookie Policy.

6. Legal Basis

We process your data under the following lawful bases (UK GDPR):

  • Contract – to deliver your assessment and handle payments.
  • Legal obligation – to comply with tax and regulatory requirements.
  • Consent – for optional marketing communications.
  • Legitimate interest – to improve our services and prevent fraud.

7. Sharing Your Data

We do not sell your data. We share information only with trusted third parties (e.g. payment providers, hosting providers, analytics providers) necessary to deliver the service.

8. Data Storage & Security

Data is stored securely on servers located in the UK/EU. We use encryption (HTTPS, secure storage, access controls) to protect your information.

9. Data Retention

We retain your assessment and invoice records for as long as required for compliance (typically 6 years for financial records). You may request deletion of your account at any time.

10. Your Rights

You have rights under UK GDPR, including:

  • Access to your data.
  • Correction of inaccurate data.
  • Deletion of your data (where applicable).
  • Restriction or objection to processing.
  • Data portability.

To exercise your rights, please email [email protected].

11. Children

Our services are not directed at children under 16. We do not knowingly collect data from minors.

12. Changes

We may update this Privacy Policy from time to time. The “last updated” date will be amended accordingly.

13. Contact

If you have any questions or complaints, please contact us at [email protected].