Personal Data — any information relating to an identified or identifiable natural person. This includes but is not limited to name, email address, phone number and any other information that could directly or indirectly identify you.

Data Subject — the individual whose personal data is being processed. In most cases this means you, the visitor or client.

Data Controller — the party that determines the purposes and means of processing personal data. KTSolutionZ (Kinga Timea Szente) is the data controller for all personal data collected through this website and in connection with the services available.

Processing — any operation performed on personal data, including collection, storage, use, disclosure, or deletion.

Lawful Basis — the legal ground under which personal data may be processed under UK GDPR. See Section 4 for the bases we rely on.

2.1. When you use our contact form, book a consultation, or engage our services, we may collect information you provide directly:

• Your name and email address
• Phone number (if provided)
• Any information you include in your message or enquiry
• Payment-related information processed via PayPal or Revolut (we do not store card details directly)

2.2. When you visit our website, the following information may be collected automatically:

• Pages visited and time spent on each page
• Browser type and version
• Device type and operating system
• Country and approximate location (city level only)
• Referring website or link that brought you to our site
• Anonymous usage statistics via Umami Cloud analytics

This data is collected anonymously and is not linked to any identifiable individual. No cookies are used for analytics purposes. See Section 6 for more detail on cookies and local storage.

3.1. We use the information we collect for the following purposes:

• To respond to your enquiries and provide the services you have requested
• To process bookings and payments
• To send you relevant information about our services, events, or resources — only with your consent
• To improve our website and services based on anonymous usage data
• To comply with our legal and contractual obligations
• To maintain records of our business activities as required by law

3.2. We will never sell your personal data to third parties, use it for advertising purposes, or share it with any company outside of the third-party services listed in Section 5 without your explicit consent.

4.1. Under UK GDPR, we process your personal data on the following legal bases:

• Contract performance — where processing is necessary to deliver a service you have requested or paid for.
• Legitimate interests — where we have a legitimate business interest in processing your data, such as improving our website or maintaining business records, provided this does not override your rights.
• Legal obligation — where we are required by law to process or retain certain data.
• Consent — where you have actively opted in to receive marketing communications or other non-essential processing. Consent is freely given, specific, and may be withdrawn at any time without detriment.

5.1. We use the following third-party services which may process your data on our behalf. Each is subject to their own privacy policy:

• Web3Forms — used to process contact form submissions. Data is transmitted securely. Privacy policy: web3forms.com
• Cal.com — used for appointment scheduling. Booking data is processed by Cal.com. Privacy policy: cal.com/privacy
• PayPal — used for secure payment processing. We do not store card or payment details. Privacy policy: paypal.com/privacy
• Revolut — used as an alternative payment method. Privacy policy: revolut.com/privacy
• Vercel — used to host the KTSolutionZ website. Vercel may log technical data such as IP addresses and request metadata as part of standard hosting operations. Privacy policy: vercel.com/legal/privacy-policy
• GitHub — used to store and manage website code. No personal visitor data is stored in our repository. Privacy policy: docs.github.com/en/site-policy/privacy-policies
• Umami Cloud — used for privacy-first website analytics. Umami does not use cookies, does not collect personal data, and does not track individuals across sites. Data is anonymised and aggregated. Privacy policy: umami.is/privacy
• Brevo (formerly Sendinblue) — used for email marketing and newsletter subscription management. Subscriber data including name and email address is stored and processed by Brevo. Unsubscribe requests are handled automatically. Privacy policy: brevo.com/legal/privacypolicy
• WhatsApp (Meta Platforms) — may be used for general enquiries only. WhatsApp does not constitute an accepted form of formal communication for the purposes of booking, cancellation, amendments, or any other binding instruction. Messages may be stored on Meta's servers. Privacy policy: whatsapp.com/legal/privacy-policy

5.2. We require all third-party processors to handle your data in accordance with applicable data protection law. We do not permit them to use your data for their own purposes beyond what is necessary to deliver the service.

6.1. We use Umami Cloud for website analytics. Umami is cookieless and collects no personal data. No cookie consent banner is required for this tool. You will not be tracked across other websites.

6.2. Our website uses your browser's local storage (not cookies) to remember one purely functional preference:

• Your dark or light mode display preference

No personal data is stored in local storage. These preferences remain on your device and are never transmitted to us or any third party. You can clear them at any time by clearing your browser's local storage or site data.

7.1. We may send you information about our services, upcoming events, or resources if you have given your consent to receive such communications. We will never send unsolicited marketing emails.

7.2. Where you contact us directly by email or WhatsApp — whether or not you have used the contact form on our website — we may send you relevant service-related information as part of our response and ongoing communication. By initiating contact with us through these channels, you acknowledge that KTSolutionZ may follow up with relevant information about our services on the basis of legitimate interest. This does not constitute unsolicited marketing. You may opt out of any such communications at any time.

7.3. Where you subscribe to our newsletter via the subscription form on our website, your name and email address will be stored by Brevo on our behalf and used solely to send you KTSolutionZ marketing communications. You may unsubscribe at any time using the link included in every email.

7.4. You can opt out of marketing communications at any time by:

• Emailing hello@ktsolutionz.co.uk with your request to be removed
• Using the unsubscribe link included in any marketing email we send

8.1. We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected:

• Contact form submissions and enquiry data — retained for up to 3 years from the date of submission, unless you request earlier deletion.
• Client engagement records — retained for as long as necessary to fulfil our contractual and legal obligations, and for a period thereafter as required by applicable law.
• Anonymous analytics data — retained for a limited period in line with our analytics provider's standard retention policy.
• Payment records — retained as required by HMRC and UK tax law (typically 6 years).

8.2. If you would like your data deleted before the standard retention period, please contact hello@ktsolutionz.co.uk. We will action your request promptly unless we have a legal obligation to retain the data.

9.1. We take appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include:

• Use of reputable third-party processors with their own security certifications
• HTTPS encryption on our website
• Access to personal data limited to KTSolutionZ only
• No storage of payment card details — all payments processed via PayPal or Revolut

9.2. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours and inform you as appropriate.

9.3. As a sole trader processing limited categories of personal data, KTSolutionZ is not required to appoint a Data Protection Officer under UK GDPR. All data protection queries are handled directly by Kinga Timea Szente at hello@ktsolutionz.co.uk.

10.1. Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access — you may request a copy of the personal data we hold about you.
• Right to rectification — you may request correction of any inaccurate or incomplete data.
• Right to erasure — you may request deletion of your data where there is no legitimate reason for us to continue holding it.
• Right to restrict processing — you may request that we limit how we use your data in certain circumstances.
• Right to data portability — you may request your data in a structured, commonly used format.
• Right to object — you may object to our processing of your data where we rely on legitimate interests as our legal basis.
• Right to withdraw consent — where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

10.2. To exercise any of these rights, please contact hello@ktsolutionz.co.uk. We will respond within one month. We may need to verify your identity before processing your request.

11.1. If you have a concern about how we handle your personal data, please contact us first at hello@ktsolutionz.co.uk and we will do our best to resolve the matter promptly.

11.2. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection:

• Website: ico.org.uk
• Helpline: 0303 123 1113

Our website contains links to external websites, tools, and services including for example those listed in the Useful Tools and Featured Businesses (TBR) sections of our Insights page. Once you leave our site, we are not responsible for the privacy practices of those external sites. We encourage you to read the privacy policy of any external site you visit.

Some of our third-party service providers are based outside the UK or European Economic Area (EEA). Where personal data is transferred internationally, we ensure that appropriate safeguards are in place in accordance with UK GDPR, including reliance on adequacy decisions or standard contractual clauses where applicable.

Specifically: Vercel and GitHub are US-based. Umami Cloud servers are located in the US and EU and adhere to GDPR and CCPA regulations. PayPal operates globally. Please refer to each provider's privacy policy for details of their data transfer safeguards. Brevo (subscription managing platform) is headquartered in France and processes data within the EU in accordance with GDPR.

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. Continued use of our website or services following any update constitutes acceptance of the revised policy.

For any questions, requests, or concerns relating to this Privacy Policy or your personal data, please contact:

• Email: hello@ktsolutionz.co.uk
• Phone: +44 7564 499323
• Website: ktsolutionz.co.uk

This Privacy Policy has been prepared in compliance with the UK General Data Protection Regulation (UK GDPR) as retained in domestic law by the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR) where applicable. KTSolutionZ, operated by Kinga Timea Szente, is committed to protecting your privacy. By using the KTSolutionZ website or services, you agree to the practices described in this policy.

This policy applies to personal data relating to natural persons. Data relating solely to companies or other legal entities is not subject to UK GDPR, however where business contact details identify an individual, those details are treated as personal data under this policy.

For the purposes of UK data protection law, KTSolutionZ (Kinga Timea Szente) is the data controller. If you have any questions about this policy or how your data is handled, please contact hello@ktsolutionz.co.uk.