Privacy Policy

1. Who We Are

This Privacy Policy explains how Elevyn Systems LTD (“Elevyn”, “we”, “us”, or “our”) collects, uses, shares, and protects your personal data when you:

• Visit our websites (the “Site”)
  
  
• Use our CRM and lead generation platform (the “Services”)
  
  
• Communicate with us by email, phone, or other channels
  
  

Company name: Elevyn Systems LTD
Registered address: 71–75 Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ
Contact email: support@elevynsystems.com

For the purposes of the UK GDPR and EU GDPR, Elevyn Systems LTD is the data controller of your personal data when we determine why and how it is processed.

2. Scope of This Policy

This Privacy Policy applies to:

• Website visitors
  
  
• Prospective customers and leads
  
  
• Users of our CRM and lead generation platform
  
  
• End-users whose data is uploaded or managed within our platform by our customers
  
  

If you are an end-customer of one of our clients, we process your data as a data processor, and our client is the data controller. In that case, you should also refer to their privacy notice.

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information You Provide to Us Directly

• Contact details: name, job title, business name, email address, phone number
  
  
• Account information: username, password, profile details
  
  
• Billing details: invoicing address, VAT number, payment-related details (note: card details are handled securely by Stripe/PayPal/GoHighLevel)
  
  
• CRM data: leads, contacts, prospects, deal information, notes, tags
  
  
• Messages and communications: emails, in-app messages, support requests, call notes, chat transcripts
  
  
• Marketing preferences: opt-in/opt-out preferences, subscription status
  
  
• Any other information you choose to provide: feedback, survey responses, uploaded documents, custom fields within the CRM
  
  

3.2 Information Collected Automatically

When you use our Site or Services, we may automatically collect:

• Device and technical data: IP address, browser type and version, device identifiers, operating system, time zone setting
  
  
• Usage data: pages visited, clicks, features used, login timestamps, session duration, referring URLs
  
  
• Log data: access logs, error logs, security logs
  
  

3.3 Cookies and Similar Technologies

We use cookies and similar technologies to:

• Keep you logged in
  
  
• Remember your preferences
  
  
• Analyse Site and Service usage (e.g. via Google Analytics)
  
  

You can control cookies through your browser settings and, where required, via our cookie banner or preferences tool.

3.4 AI-Related Data

When you use features that involve AI-generated insights, we may process:

• Input data you provide (e.g. text, notes, lead information)
  
  
• Output generated by AI models (e.g. suggested messages, lead scores, summaries, classifications)
  
  

We use this data only to provide and improve the AI functionality and do not use it to build general profiles unrelated to your use of the Services.

3.5 Data from Third Parties

We may receive data from:

• Payment providers: Stripe, PayPal, GoHighLevel billing (e.g. transaction status, payment confirmations)
  
  
• Marketing and advertising partners
  
  
• Business partners and resellers
  
  
• Public sources: company websites, LinkedIn, other publicly available databases
  
  

4. Legal Bases for Processing (UK/EU)

Where the UK GDPR or EU GDPR applies, we process your personal data on one or more of the following legal bases:

• Contract: to perform a contract with you or take steps at your request before entering into a contract
  
  
• Legitimate interests: to operate, improve, and secure our Services, and to grow our business in a way that does not override your rights
  
  
• Consent: where required (e.g. non-essential cookies, certain marketing communications)
  
  
• Legal obligation: to comply with applicable laws or regulatory requirements
  
  

5. How We Use Your Personal Data

We use your personal data for the following purposes:

1. To provide and operate our Services
   
   
   
   • Creating and managing user accounts
     
     
   • Providing CRM and lead generation tools
     
     
   • Processing leads, contacts, and related data
     
     
   • Providing AI-based features such as scoring, summaries, recommendations
     
     
2. To process payments and manage billing
   
   
   
   • Handling subscription payments via Stripe, PayPal, or GoHighLevel billing
     
     
   • Sending invoices, receipts, and payment notifications
     
     
3. To communicate with you
   
   
   
   • Responding to enquiries and support requests
     
     
   • Sending operational communications (service updates, security alerts, account notices)
     
     
4. To provide marketing and promotional content
   
   
   
   • Sending newsletters, product updates, and offers, where permitted
     
     
   • Personalising marketing content based on your interests and interactions
     You can opt out of marketing at any time by clicking “unsubscribe” in emails or contacting us.
     
     
5. To improve and develop our Site and Services
   
   
   
   • Analysing usage patterns (e.g. via Google Analytics)
     
     
   • Testing features, generating statistics, and optimising performance
     
     
6. To maintain security and prevent abuse
   
   
   
   • Detecting and preventing fraud, unauthorised access, or misuse
     
     
   • Monitoring system integrity and investigating incidents
     
     
7. To comply with legal and regulatory obligations
   
   
   
   • Tax, accounting, and record-keeping requirements
     
     
   • Responding to lawful requests from authorities
     
     

6. How We Share Your Personal Data

We may share your personal data with:

6.1 Service Providers (Processors)

Trusted third parties who help us run our business, including:

• Cloud hosting providers (e.g. servers located in the UK/EU/US)
  
  
• Payment processors (Stripe, PayPal, GoHighLevel billing)
  
  
• Analytics providers (e.g. Google Analytics)
  
  
• Email and communication tools
  
  
• Customer support tools
  
  
• Backup and security providers
  
  

These providers only process your data on our instructions and are bound by confidentiality and data protection obligations.

6.2 Business Partners

Where necessary, we may share data with integration partners or resellers, strictly for the purposes of providing and improving the Services.

6.3 Legal and Compliance

We may disclose data:

• To comply with laws, regulations, legal processes, or governmental requests
  
  
• To enforce our terms and conditions
  
  
• To protect our rights, property, or safety, or that of our users and the public
  
  

6.4 Business Transfers

In connection with any merger, acquisition, restructuring, or sale of assets, your data may be transferred as part of the business. We will notify you if your data becomes subject to a different privacy policy.

6.5 No Sale of Personal Data

We do not sell your personal data.

7. International Data Transfers

We operate using infrastructure and service providers located in the United Kingdom, the European Economic Area (EEA), and other countries including the United States.

Where personal data is transferred outside the UK or EEA to countries that do not provide an equivalent level of data protection, we use appropriate safeguards, such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission and/or the UK ICO
  
  
• Other legally recognised transfer mechanisms
  
  

You can contact us for more information about these safeguards.

8. Data Retention

We retain personal data only for as long as necessary to:

• Provide the Services
  
  
• Fulfil the purposes described in this Policy
  
  
• Comply with legal, accounting, or reporting obligations
  
  
• Resolve disputes and enforce agreements
  
  

In general:

• Account and CRM data: retained for the duration of your contract and for a reasonable period afterwards, unless you request deletion or we anonymise it
  
  
• Marketing data: retained until you opt out or until it is no longer needed
  
  
• Log and security data: retained for a limited period required for security and auditing
  
  

We may anonymise data so that it can no longer be associated with you, in which case we may use such data indefinitely without further notice.

9. Your Rights (UK & EU Residents)

If you are located in the UK or EEA, you have the following rights under the UK/EU GDPR, subject to conditions and exceptions:

• Right of access: request a copy of the personal data we hold about you
  
  
• Right to rectification: request correction of inaccurate or incomplete data
  
  
• Right to erasure (“right to be forgotten”): request deletion of your data in certain circumstances
  
  
• Right to restriction of processing: ask us to limit how we use your data
  
  
• Right to data portability: receive your data in a structured, commonly used, machine-readable format and transmit it to another controller where technically feasible
  
  
• Right to object: object to our processing based on legitimate interests or for direct marketing
  
  
• Right to withdraw consent: where processing is based on consent, you can withdraw it at any time
  
  

To exercise any of these rights, please contact us at: support@elevynsystems.com.

You also have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO).

10. Cookies and Tracking Technologies

We use cookies and similar technologies on our Site and within our Services. These may be:

• Strictly necessary cookies: required for the Site/Service to function (e.g. login, security)
  
  
• Functional cookies: remember preferences and settings
  
  
• Analytics cookies: help us understand how visitors use our Site (e.g. Google Analytics)
  
  

Where required by law, we will seek your consent before using non-essential cookies. You can:

• Change your cookie preferences via our cookie banner or settings (if implemented)
  
  
• Adjust your browser settings to block or delete cookies
  
  

Blocking some cookies may affect your ability to use certain features.

11. Security of Your Personal Data

We take appropriate technical and organisational measures to protect your personal data, including:

• Use of secure servers and encryption where appropriate
  
  
• Access controls and authentication
  
  
• Regular monitoring and logging
  
  
• Limiting access to personal data to authorised personnel only
  
  

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your data, we cannot guarantee absolute security.

12. Children’s Privacy

Our Site and Services are not intended for children under 16 and we do not knowingly collect personal data from children. If we become aware that we have collected data from a child without appropriate consent, we will take steps to delete it.

13. Acting as a Data Processor for Our Clients

When our clients upload or manage personal data (e.g. their leads, customers, or contacts) within our CRM, we act as a data processor on their behalf.

• We process such data strictly in accordance with our clients’ instructions and our contractual agreements.
  
  
• Our clients are responsible for ensuring that they have a lawful basis for processing the personal data they input into our Services and for providing appropriate notices to their own customers.
  
  

If you believe your data has been uploaded to our platform by one of our clients and you wish to exercise your data protection rights, you should contact that client directly. We will support our clients in responding to such requests where required.

14. Third-Party Links

Our Site or Services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read the privacy policies of every website you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements.

• The “Last updated” date at the top of this Policy indicates when it was most recently revised.
  
  
• In the case of material changes, we may provide a more prominent notice (e.g. by email or within the Services).
  
  

Your continued use of our Site or Services after any changes take effect will constitute your acceptance of the updated Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us at:

Elevyn Systems LTD
71–75 Shelton Street
Covent Garden
London
United Kingdom
WC2H 9JQ

📩 Email: support@elevynsystems.com

‍

‍