Privacy Policy

Last updated: April 2026

SiteLynx ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data when you use our platform at site-lynx.co.uk.

1. Who We Are

SiteLynx is a construction compliance software platform operated in the United Kingdom. For GDPR purposes, we are the data controller. Contact: info@site-lynx.co.uk

2. What Data We Collect

Account data: name, email address, company name, job title, password (hashed).

Usage data: pages visited, features used, timestamps, IP address, browser type.

Business data: projects, documents, reports, invoices, employee records, and any content you create within the platform. This data belongs to you.

Location data: GPS coordinates when you use clock-in/out or geofencing features (only with your permission).

Payment data: processed securely by Stripe. We do not store card numbers.

3. How We Use Your Data

We use your data to: provide and improve the platform, authenticate your identity, send transactional emails (welcome, invitations, billing), process payments, respond to support requests, and ensure security. We do not sell your data. Ever.

4. Legal Basis (GDPR)

Contract: processing necessary to deliver the service you signed up for. Legitimate interest: analytics to improve the platform, security monitoring. Consent: optional analytics cookies, marketing emails (if any).

5. Data Sharing

We share data only with: Supabase (database hosting, EU region), Vercel (application hosting), Stripe (payment processing), Resend (transactional email), Anthropic (AI features — text only, no personal data sent), Mapbox (map tiles). No data is sold to third parties.

6. Data Retention

We retain your data for as long as your account is active. If you cancel, we retain data for 30 days then delete it. You can request immediate deletion by emailing info@site-lynx.co.uk.

7. Your Rights

Under GDPR, you have the right to: access your data, correct inaccuracies, request deletion, restrict processing, data portability, and object to processing. To exercise these rights, email info@site-lynx.co.uk.

8. Security

All data is encrypted in transit (TLS) and at rest. Authentication uses industry-standard practices via Supabase Auth. Passwords are hashed and never stored in plain text. Access to production systems is restricted.

9. Cookies

See our Cookie Policy for details on what cookies we use and why.

10. Changes

We may update this policy. Significant changes will be notified via email or in-app notification. Continued use constitutes acceptance.

11. Contact

Email: info@site-lynx.co.uk