Privacy Policy

Last updated: 7 March 2026

1. Who We Are

Unity Bridge Solutions Ltd (company number 17080819) is a software development agency registered in England and Wales. Our registered office is at 3rd Floor, 86-90 Paul Street, London, England, EC2A 4NE. We are the data controller responsible for your personal data.

If you have any questions about this policy or wish to exercise your data protection rights, you can contact our data protection lead at contact@unitybridgesolutions.com.

We have not appointed a Data Protection Officer as we do not meet the threshold requiring one under Article 37 of the UK GDPR. Our data protection lead handles all data protection queries and can be reached at the email address above.

2. Legislation

This policy is issued under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Data Use and Access Act 2025 (DUAA), which amended the UK GDPR and came substantially into force on 5 February 2026.

3. What Data We Collect

We collect personal data that you voluntarily provide through our website forms:

• Contact form: name, email address, company name, phone number, and your message.
• Quote request form: name, email, company, phone, project details, budget, timeline, and any files you upload for project scoping.
• Landing page forms: full name, clinic/business name, email address, and phone number.

Providing your name and email address is necessary for us to respond to your enquiry. If you do not provide this information, we will be unable to contact you. All other fields are optional and help us provide a more accurate response or quote.

We also collect standard web server logs (IP address, browser type, pages visited) and cookie data as described in our Cookie Policy.

4. Why We Collect It and Our Lawful Basis

We process your personal data on the following legal bases under Article 6(1) of the UK GDPR:

• Legitimate interest (Article 6(1)(f)): to respond to enquiries you have submitted, to manage project requests, and to improve our website and services. We have assessed that these processing activities are necessary for our business operations and do not override your rights and freedoms.
• Consent (Article 6(1)(a)): where we send any future marketing communications, we will only do so with your explicit consent. You can withdraw consent at any time by clicking the unsubscribe link in any marketing email or by emailing us at contact@unitybridgesolutions.com. Withdrawing consent is as easy as giving it and does not affect the lawfulness of processing carried out before withdrawal.

5. Your Right to Object

You have the right to object to processing based on legitimate interests at any time. If you object, we will stop processing your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or where the processing is necessary for the establishment, exercise, or defence of legal claims. To object, email us at contact@unitybridgesolutions.com.

6. Third-Party Processors

We use the following third-party services to operate our website and process your data:

• Resend, Inc. (United States): email delivery service. Receives your name, email address, and message content for the purpose of delivering your enquiry to our team.
• Vercel, Inc. (United States): website hosting and infrastructure. Processes server logs including IP addresses, browser type, and pages visited.
• Google LLC (United States): website analytics via Google Analytics 4 and Google Tag Manager. Collects anonymised usage data including pages visited, session duration, and traffic sources. Only activated with your consent via our cookie consent banner.
• CookieYes (CookieYes Limited, United Kingdom): cookie consent management. Stores your consent preferences.

We do not sell your personal data to any third parties.

7. International Data Transfers

Some of our third-party processors are based in the United States. When your personal data is transferred outside the United Kingdom, this constitutes a "restricted transfer" under Articles 44–49 of the UK GDPR.

We ensure these transfers are protected by appropriate safeguards:

• UK adequacy regulations: where the UK government has made an adequacy decision for the recipient country.
• Appropriate safeguards: where no adequacy decision exists, we rely on the UK International Data Transfer Agreement (IDTA) or UK Addendum to the EU Standard Contractual Clauses, together with a transfer risk assessment confirming that the standard of data protection is not materially lower than under UK law (as updated by the DUAA 2025).

You can request a copy of the safeguards in place by contacting us at contact@unitybridgesolutions.com.

8. Automated Decision-Making

We do not use solely automated decision-making (including profiling) that produces legal effects or similarly significantly affects you. Google Analytics may segment visitors into categories for reporting purposes, but this does not inform any individual decisions about you.

9. Cookies

Our website uses cookies. For full details on the cookies we use, why we use them, and how to manage your preferences, please see our Cookie Policy.

10. Data Retention

Enquiry data (form submissions) is retained for 12 months from the date of submission, after which it is securely deleted unless a project engagement proceeds. If a project proceeds, we retain data for the duration of the engagement and for 6 years afterwards in accordance with the Limitation Act 1980 for contractual records.

11. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/HTTPS), access controls limiting data access to authorised personnel, and secure hosting infrastructure provided by Vercel.

12. Children's Data

Our website and services are directed at businesses and professionals. We do not knowingly collect personal data from children under 18. If you believe a child has submitted personal data through our forms, please contact us and we will delete it promptly.

13. Your Rights

Under UK data protection law (Articles 15–22 of the UK GDPR), you have the right to:

• Access the personal data we hold about you (Article 15).
• Rectification of inaccurate or incomplete data (Article 16).
• Erasure of your personal data ("right to be forgotten") (Article 17).
• Restriction of processing in certain circumstances (Article 18).
• Data portability — receive your data in a structured, commonly used format (Article 20).
• Object to processing based on legitimate interests (Article 21).

To exercise any of these rights, please email us at contact@unitybridgesolutions.com. We will respond to your request within one month.

14. Complaints

If you have a complaint about how we process your personal data, please contact us first using our data protection complaints process. You can submit a complaint by emailing contact@unitybridgesolutions.com with the subject line "Data Protection Complaint". We will acknowledge your complaint within 30 days and respond without undue delay.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO). You can contact the ICO at ico.org.uk or by calling 0303 123 1113.