Privacy Policy
This Privacy Policy outlines how Fosite.co.uk collects, uses, stores, and protects personal data in compliance with:
- GDPR (EU Regulation 2016/679)
- UK GDPR (post-Brexit adaptation)
- UK Data Protection Act 2018
- ePrivacy Directive (2002/58/EC)
- Electronic Communications Regulations (SI 2003/2426)
- Fosite
- Address:
- Email: contact
- Website: fosite.co.uk
- Full name
- Company name (optional)
- Email address
- IP address
- Upload/download timestamps
- Metadata and hash identifiers
- 2FA authentication data
- Billing and transaction records
| Purpose | Legal Basis | Article |
|---|---|---|
| Service provision | Contractual necessity | Art. 6(1)(b) GDPR |
| Account management & security | Legitimate interest | Art. 6(1)(f) GDPR |
| Invoicing & compliance | Legal obligation | Art. 6(1)(c) GDPR |
| Marketing (with consent) | Consent | Art. 6(1)(a) GDPR |
- Account data: 6 months after deletion
- Transactions: 8 years (UK VAT rules)
- Metadata: up to 12 months
- Legal disputes: up to 6 years (UK Limitation Act 1980)
Processors:
- AWS (UK/EU)
- Stripe UK Ltd.
- Google Workspace UK
International Transfers:
- SCC (Standard Contractual Clauses)
- UK IDTA (International Data Transfer Agreement)
- EU-US Data Privacy Framework (where applicable)
Under GDPR and UK GDPR, you have the right to:
- Access (Art. 15)
- Rectification (Art. 16)
- Erasure (Art. 17)
- Restriction (Art. 18)
- Portability (Art. 20)
- Object (Art. 21)
- File a complaint with:
- EU: your national Data Protection Authority
- UK: Information Commissioner's Office (ICO)
Requests: contact
- TLS encryption
- AES-256 data security
- Mandatory 2FA
- Activity logging and monitoring
- Automated daily backups
- Essential cookies (legitimate interest)
- Analytics cookies (consent-based)
- See separate Cookie Policy for full list
Fosite reserves the right to amend this policy with prior notice to users.