LeanIT
Legal

Privacy Policy

Last updated: 14 March 2025

1. Introduction

LeanIT ("we", "us", or "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website www.leanit.je or use our IT services.

We are based in Jersey, Channel Islands, and are subject to the Data Protection (Jersey) Law 2018, which aligns with the EU General Data Protection Regulation (GDPR). Our data protection supervisory authority is the Jersey Office of the Information Commissioner (JOIC).

2. Data We Collect

We may collect and process the following personal data:

  • Contact information: Name, email address, phone number, and business name when you fill in our contact form, email us, or call us.
  • Technical data: IP address, browser type and version, time zone setting, operating system, and platform via server logs.
  • Usage data: Pages visited, time spent on pages, and navigation paths through our website.
  • Service data: Information provided during the course of delivering IT support services, including system configuration details and support ticket content.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To respond to your enquiries and provide requested services
  • To deliver, maintain, and improve our IT support and managed services
  • To send service-related communications (e.g. maintenance schedules, incident updates)
  • To comply with legal obligations under Jersey law
  • To protect the security and integrity of our systems

We do not use your data for automated decision-making or profiling. We do not sell your data to third parties.

4. Lawful Basis for Processing

Under the Data Protection (Jersey) Law 2018, we rely on the following lawful bases:

  • Contractual necessity: To fulfil our obligations under service agreements with you.
  • Legitimate interests: To operate, improve, and secure our business and website, where this does not override your rights.
  • Consent: Where you have given clear consent for us to process your data for a specific purpose (e.g. contacting you via our website form).
  • Legal obligation: Where processing is required by Jersey law.

5. Data Sharing

We may share your personal data with trusted third parties only where necessary:

  • Service providers: Such as hosting providers, email platforms (Microsoft 365), and security monitoring tools that help us deliver our services.
  • Legal and regulatory bodies: Where required by Jersey law or to protect our legal rights.

All third-party processors are contractually bound to protect your data and only process it on our instructions.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected:

  • Contact form submissions: Retained for up to 12 months after your last interaction with us.
  • Client service data: Retained for the duration of the service agreement plus 6 years to meet legal and regulatory obligations.
  • Website analytics data: Retained for up to 26 months.

7. Your Rights

Under the Data Protection (Jersey) Law 2018, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your data ("right to be forgotten") where there is no compelling reason to continue processing
  • Restrict processing of your data in certain circumstances
  • Object to processing based on legitimate interests
  • Data portability: Receive your data in a structured, machine-readable format
  • Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at info@leanit.je.

8. Cookies

Our website uses cookies to ensure essential functionality. For full details on the cookies we use and how to manage them, please see our Cookie Policy.

9. Data Security

We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit (TLS/SSL), access controls, and regular security reviews. However, no method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

11. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your data protection rights, please contact us:

You also have the right to lodge a complaint with the Jersey Office of the Information Commissioner (JOIC) if you believe your data has been handled unlawfully.