Privacy Policy

Last updated: 26 March 2026

Who we are

Undapp Technologies Ltd (company number 15112268) is registered in England and Wales. We trade as Undapp Tech and provide business automation, AI integration, and custom software services.

This policy explains how we handle personal data when you use our website at undapp.tech and when you contact us or work with us. For questions about this policy or your personal data, email hello@undapp.tech.

What this policy covers

This policy describes what personal data we collect, why we use it, how long we keep it, and the rights you have under UK data protection law. If you enter into a separate contract with us for professional services, additional or more specific terms may apply and will be made clear in that agreement.

What data we collect

Website visitors

When you visit undapp.tech, we process data that is technically necessary to deliver the site, such as your IP address and information about your browser and device. This may appear in server or hosting logs operated by our infrastructure provider.

Contact and enquiries

If you email us or use a contact or booking flow, we typically collect your name, email address, and the content of your message or booking details. We use this information only to respond to you, schedule meetings, and follow up on legitimate business discussions.

Calendar booking

When you book a call through our scheduling provider (for example Calendly), that provider processes personal data on our behalf according to their own privacy notice and our instructions. We only use booking data to arrange and conduct calls with you.

Client and project work

If we provide services to you or your organisation, we may process business contact details, account information, and project-related content you share with us. The scope depends on the engagement and will be agreed with you as part of onboarding or contract.

How we use your data and lawful bases

We process personal data under the UK GDPR on bases that may include:

  • Contract — to deliver services you have asked us to provide or to take steps before entering a contract.
  • Legitimate interests — to respond to enquiries, improve our website and services, keep records, and maintain security, where our interests are not overridden by your rights.
  • Consent — where we rely on consent (for example for certain marketing communications), we will ask clearly and you may withdraw consent at any time.
  • Legal obligation — where we must process data to comply with the law.

Cookies

We aim to use only cookies and similar technologies that are necessary for the site to function, unless we introduce optional analytics or similar tools and ask for your consent where required. If we add non-essential cookies, we will update this policy and, where applicable, obtain consent before setting them.

Third-party services

We use trusted third parties to host our site, run scheduling, and operate our business. They process data only as needed to provide those services. Examples may include:

  • Hosting and infrastructure providers (which may process IP addresses and technical logs as part of delivering the website).
  • Calendar and meeting scheduling tools (for booking strategy or discovery calls).

We do not sell your personal data. We do not share your data with third parties for their own marketing unless you have agreed otherwise.

International transfers

Where personal data is processed outside the UK, we ensure appropriate safeguards are in place in line with UK GDPR requirements (such as adequacy decisions or standard contractual clauses), unless a specific exception applies.

Data retention

We keep personal data only for as long as needed for the purposes described in this policy, including legal, accounting, or reporting requirements. Enquiry and marketing-related data is typically retained for a limited period after our last meaningful contact unless a longer period is justified. Project and client records may be kept longer in line with our contracts and legitimate business needs.

Your rights

Under UK data protection law, you may have the right to:

  • Access your personal data and receive certain information about processing.
  • Rectify inaccurate or incomplete data.
  • Erase your data in certain circumstances.
  • Restrict or object to certain processing.
  • Data portability, where applicable.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a supervisory authority.

To exercise these rights, contact us at hello@undapp.tech. We will respond within one month in most cases (extensions may apply for complex requests).

If you are unhappy with how we handle your data, you may complain to the Information Commissioner's Office (ICO) in the UK: ico.org.uk.

Security

We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, or misuse. No method of transmission over the internet is completely secure; we work to keep our practices proportionate to the risk.

Changes to this policy

We may update this policy from time to time. The "Last updated" date at the top will change when we do. Material changes may be highlighted on our website. Continued use of the site after changes means you accept the updated policy where required by law.

Contact

Undapp Technologies Ltd
England and Wales (company no. 15112268)
hello@undapp.tech