1. Who We Are
lbreeze Limited (“we”, “us”, or “our”) is the data controller responsible for your personal data. We operate the website at www.lbreeze.com and the client portal at dash.lbreeze.com.
If you have any questions about how we handle your personal data, please contact us at hello@lbreeze.com or by phone on 020 4587 5787.
2. Information We Collect
We collect the following categories of personal information:
- Account information: name, email address, postal address, telephone number, and company name (where applicable)
- Billing information: payment method details (processed and stored securely by Stripe — we do not store full card numbers), billing address, and transaction history
- Usage data: server access logs, IP addresses, browser type, pages visited, and session duration collected automatically when you use our website or services
- Cookies and tracking data: as described in our Cookie Policy
- Support communications: messages, emails, and live chat conversations you send to our support team
- Hosted content: any files, databases, emails, or data you store on our hosting infrastructure as part of your service
3. Legal Basis for Processing
We process your personal data under the following legal bases as defined by the UK GDPR:
- Contract performance (Article 6(1)(b)): processing necessary to provide the services you have subscribed to, manage your account, and process payments
- Legitimate interests (Article 6(1)(f)): fraud prevention, network security, improving our services, and direct marketing to existing customers
- Consent (Article 6(1)(a)): optional analytics cookies, marketing emails to prospective customers, and live chat services
- Legal obligation (Article 6(1)(c)): retaining financial records for tax and accounting purposes, responding to lawful requests from authorities
4. How We Use Your Information
We use your personal data for the following purposes:
- Provisioning and managing your hosting, domain, SSL, and email services
- Processing payments and issuing invoices
- Responding to support requests and providing customer service
- Detecting and preventing fraudulent activity and maintaining platform security
- Sending transactional communications (e.g. invoices, renewal reminders, service notices)
- Sending marketing communications where you have opted in or are an existing customer
- Analysing website usage to improve our products and services (with your consent where required)
We will never sell your personal data to third parties.
5. Data Sharing
We share your data with the following trusted sub-processors, each operating under a Data Processing Agreement:
- Stripe: payment processing — your card details are handled directly by Stripe under their PCI-DSS compliance
- Google Analytics: website usage analytics — only activated with your cookie consent
- Chatwoot: customer support and live chat platform
- Enhance: next-generation hosting control panel and infrastructure management
We may also disclose your information where required to do so by law, court order, or in connection with any legal proceedings.
6. Data Retention
We retain your personal data only for as long as necessary for the purposes it was collected:
- Account data: retained for the duration of your active account plus 2 years after account closure
- Billing and financial records: retained for 7 years to comply with UK accounting and tax obligations
- Support communications: retained for 3 years from the date of the interaction
- Server access logs: retained for 90 days for security and diagnostic purposes
- Hosted content: deleted within 30 days of account termination (see our Data Processing Agreement)
7. Your Rights Under UK GDPR
As a data subject under the UK GDPR, you have the following rights:
- Right of access: request a copy of the personal data we hold about you
- Right to rectification: ask us to correct inaccurate or incomplete data
- Right to erasure: request deletion of your personal data (“right to be forgotten”), subject to legal retention obligations
- Right to restriction: ask us to pause processing of your data in certain circumstances
- Right to data portability: receive your data in a structured, machine-readable format
- Right to object: object to processing based on legitimate interests or for direct marketing purposes
- Right to withdraw consent: withdraw consent for any processing based on consent at any time
- Right to lodge a complaint: complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk
To exercise any of these rights, contact us at hello@lbreeze.com. We will respond within one calendar month.
8. Cookies
We use cookies and similar tracking technologies on our website. For full details of which cookies we use, what they do, and how to manage your preferences, please read our Cookie Policy.
9. International Transfers
Our primary infrastructure is based within the UK and the European Union. Where data is transferred outside the UK/EEA, we ensure appropriate safeguards are in place, including:
- Transfers to EU countries are covered by the EU–UK adequacy decision
- Transfers to other countries rely on Standard Contractual Clauses (SCCs) or equivalent mechanisms approved by the ICO
Sub-processors are contractually required to maintain equivalent data protection standards.
10. Security
We implement appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. These include encrypted storage, strict access controls, regular security reviews, and staff training.
Despite these measures, no internet transmission is completely secure. If you believe your account has been compromised, please contact us immediately at hello@lbreeze.com.
11. Contact & Complaints
For any privacy-related queries or to exercise your data rights, please contact us:
If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): ico.org.uk