Last updated: June 2026
SIVDA LTD ("Sivda", "We", "Us") is the data controller for personal data processed in connection with your use of our Services. SIVDA LTD is a private limited company incorporated in England and Wales (Company No. 14935932), with its registered office at 124 City Road, London, EC1V 2NX, United Kingdom.
Sivda processes personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
We collect and process the following categories of personal data:
| Purpose | Lawful Basis (UK GDPR) |
|---|---|
| Provision and management of Services | Performance of contract — Art. 6(1)(b) |
| Billing, invoicing, and payment processing | Performance of contract — Art. 6(1)(b) |
| Account security and fraud prevention | Legitimate interests — Art. 6(1)(f) |
| Responding to support and technical requests | Performance of contract — Art. 6(1)(b) |
| Transactional communications (invoices, service alerts, renewal notices) | Performance of contract — Art. 6(1)(b) |
| Compliance with legal and regulatory obligations | Legal obligation — Art. 6(1)(c) |
| Marketing communications (where separately opted in) | Consent — Art. 6(1)(a) |
Transactional communications — including invoices, renewal reminders, service notifications, and security alerts — are sent as an essential part of the service contract and do not require separate consent. Where You have separately and expressly opted in to marketing communications, we may use your name and email address to send promotional content, product updates, and company news.
You may withdraw marketing consent at any time by emailing [email protected] from your registered address, or by using the unsubscribe link in any marketing email. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal, nor does it affect transactional communications essential to the delivery of your services.
Sivda operates a globally distributed infrastructure. Personal data may be stored and processed on server infrastructure located in the United Kingdom or in other jurisdictions, including countries outside the UK. Sivda continuously reviews and updates its infrastructure to maintain security and performance standards.
Where personal data is transferred to or processed in countries that do not benefit from an adequacy decision under UK GDPR, Sivda ensures that appropriate safeguards are in place in accordance with Article 46 UK GDPR. Such safeguards include, as applicable: International Data Transfer Agreements (IDTAs) or standard contractual clauses approved for use under UK law; binding corporate rules; or other transfer mechanisms recognised under applicable UK data protection legislation.
We engage trusted third-party subprocessors — including cloud infrastructure providers, network carriers, and payment processors — to deliver the Services. All subprocessors are required to implement data protection standards consistent with UK GDPR obligations and at least equivalent to those set out in this policy.
| Account Status | Retention Period |
|---|---|
| Active | For the duration of active service contracts |
| Inactive (no active services) | 12 months from the expiry or termination of the last active service |
| Closed (12 months of inactivity) | All personal data, account records, and associated backups are permanently and irreversibly deleted |
Financial and billing records may be retained for longer periods where required by applicable law, including record-keeping obligations imposed by HMRC.
You have the following rights in respect of the personal data we hold about you:
To exercise any of the above rights, submit a written request to [email protected] from your registered email address. We will acknowledge and respond within one calendar month of receipt. Where a request is complex or numerous, we may extend this period by a further two months, in which case we will inform you within the initial one-month period.
We use strictly necessary session cookies to maintain login authentication and facilitate core platform functionality, including session management and shopping cart state. No third-party tracking, analytics, or advertising cookies are deployed on our platform. Session cookies expire automatically when you close your browser.
Sivda reserves the right to update this Privacy Policy at any time. Material changes will be notified to registered clients by email at least 14 calendar days before they take effect. The current version of this policy is always available at sivda.com/legal/privacy.
For all data protection and privacy enquiries, or to exercise your rights: [email protected]
If you are not satisfied with our response to your enquiry or complaint, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.