PRIVACY POLICY

Effective Date: 1st April, 2025

Last Updated: 10th April, 2026

Privacy Policy

Introduction

Welcome to Nue Web Ltd. We are committed to protecting your personal data and ensuring full transparency in how we collect, use, store, and safeguard your information. This Privacy Policy explains our data practices in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. Nue Web Ltd acts as the data controller for personal data collected through nueweb.co.uk and its associated services. Our platform and CRM infrastructure is provided by GoHighLevel (GHL), who act as a data processor on our behalf.

1. Information We Collect

1.1 Personal Information

Nue Web may collect personal details when users interact with our platform or enquire about our services. This includes: full name, email address, phone number, and mailing address; login credentials and user preferences; billing information for services or subscriptions, processed securely via Stripe; and business details such as company name, website, and industry where applicable.

1.2 Technical & Device Information

To optimise website performance and security, we may collect: IP address for location context and security monitoring; device type, operating system, and browser version; and cookie and session data as described in our Cookies Policy.

1.3 Website & Platform Usage Data

We may gather interaction data to improve usability and assess how our services are used, including: pages visited and navigation paths; form submissions including enquiries or service requests; and error logs to improve system reliability.

1.4 Communication & Engagement Data

Nue Web may store interactions between our platform and users, including: email and message history related to customer support or service enquiries; user feedback such as reviews or surveys; and data related to automated interactions via GHL's CRM and automation tools.

1.5 Compliance & Legal Information

To comply with regulations and ensure security, we may store: consent records for privacy policies, cookies, and terms of service; security logs and fraud prevention data; and data legally required for audits or governmental enquiries.

2. How We Use Your Information

2.1 Service Improvement & Personalization

We use collected data to deliver and improve our services, including building and maintaining client websites, managing CRM and automation features via GHL, and tailoring our service offering to your business needs.

2.2 User Communication & Support

Collected information helps us provide effective client communication, including account notifications, subscription updates, customer support responses, and marketing or promotional messages where you have given explicit consent.

2.3 Security & Fraud Prevention

Data is processed to maintain a secure environment, including verifying user identity, monitoring for suspicious activity, and complying with data protection regulations under UK GDPR.

2.4 Analytics & Performance Tracking

Anonymised website usage data collected via Google Analytics helps us understand how visitors interact with nueweb.co.uk, enabling us to improve site structure, content, and performance. Analytics cookies are only activated with your consent.

2.5 Legal Compliance & Policy Enforcement

We may use personal data to comply with UK legal obligations, manage consent records, process data access or deletion requests, and respond to regulatory enquiries.

3. Sharing & Disclosure

Nue Web does not sell, rent, or trade personal data. We share user information only where necessary to deliver our services or comply with legal obligations.

3.1 Third-Party Service Providers

We share limited user data with the following third-party providers who are contractually bound to protect your data and may only use it for the agreed purpose: GoHighLevel (GHL) — our CRM, automation, and website platform provider, acting as a data processor on our behalf. GHL is SOC 2 Type II certified and ISO 27001 certified. Their infrastructure runs on AWS, which is independently validated under SOC 2 Type II and ISO 27001. Stripe — our payment processor. Billing details are shared with Stripe solely to process subscription and setup fee transactions. Google Analytics / Google Tag Manager — anonymised website usage data is shared with Google for performance analytics. This only occurs following your cookie consent.

3.3 Legal & Regulatory Compliance

We may disclose user information where required by law, legal proceedings, or governmental regulation, including providing relevant data to law enforcement upon valid request, ensuring compliance with UK GDPR, and sharing information with fraud prevention or cybersecurity agencies to mitigate risk. We only disclose data to the minimum extent necessary to meet legal obligations.

3.4 Protection of Nue Web & Users

We may share data to prevent fraudulent activity, defend against security threats, or enforce our Terms of Service. Wherever possible, users will be notified of such disclosures unless legally restricted from doing so.

4. Cookies & Tracking Technologies

We use cookies and analytics tools to improve user experience and measure website performance. Full details of the cookies we use, their duration, and how to manage your preferences are set out in our Cookies Policy, available at nueweb.co.uk/cookies.

5. Data Security

The security of your personal data is important to us. As a platform built on GoHighLevel, the majority of data security is managed at the infrastructure level by GHL and their underlying providers. Key security measures in place include:

Platform Security via GoHighLevel

GHL holds SOC 2 Type II certification (Security, Confidentiality, and Availability) and ISO 27001 certification. All data is encrypted in transit using TLS 1.2 or 1.3. Their infrastructure is hosted on AWS, which is independently SOC 2 Type II and ISO 27001 certified. GHL implements logical data separation, role-based access controls, firewall protection, and continuous security monitoring.

Payment Security via Stripe

All payment transactions are processed by Stripe, a PCI DSS compliant payment processor. Nue Web does not store card details directly.

Our Responsibilities

Nue Web takes reasonable steps to ensure secure access to our own systems, including maintaining strong account credentials, limiting access to client data to authorised personnel only, and following GHL's recommended security practices. In the event of a data breach that is likely to affect your rights or freedoms, we will notify affected users and the ICO in accordance with our obligations under UK GDPR.

Limitations

While we and our platform providers implement industry-standard security measures, no system is entirely immune from risk. Data transmission over the internet carries inherent risks, and we cannot guarantee absolute security.

6. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data. To exercise any of these rights, please contact us at [email protected]. We will respond within one calendar month as required by law.

6.1 Right to Access

You may request a copy of the personal data we hold about you, including what data we have, how it is used, and who it is shared with. We will provide this in a structured, commonly used format upon request.

6.2 Right to Rectification

If any personal data we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it. We will action rectification requests promptly and without undue delay.

6.3 Right to Erasure ("Right to Be Forgotten")

You may request the permanent deletion of your personal data where: the data is no longer needed for its original purpose; you withdraw consent and no other lawful basis applies; or the data was processed unlawfully. We will comply with all valid erasure requests except where retention is required by a legal obligation such as HMRC financial record-keeping.

6.4 Right to Restrict Processing

You have the right to request that we limit how we use your data in certain circumstances, such as while a rectification request is being assessed.

6.5 Right to Data Portability

Where processing is based on consent or contract, you may request a copy of your data in a structured, machine-readable format to transfer to another provider.

6.6 Right to Object

You have the right to object to processing carried out on the basis of legitimate interests, including any direct marketing. We will cease processing upon receipt of a valid objection unless we have compelling legitimate grounds to continue.

6.7 Right to Lodge a Complaint

If you believe your privacy rights have been violated, you may file a complaint with Nue Web's privacy team at [email protected]. You also have the right to lodge a complaint directly with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our data practices, technology, or applicable legislation. Any updates will be posted on this page with a revised effective date. Continued use of our services following any update constitutes acceptance of the revised policy. We encourage you to review this policy periodically.

8. Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us: Email: [email protected] Phone: +44 (0) 75777 26888 Our support team operates Monday to Friday, 9 AM to 6 PM (UK time). We aim to respond to all enquiries within 24 to 48 hours.