Book a call

Privacy & Cookies Policy

Last updated · 1 May 2026

This policy explains how Upasak Limited ("Upasak", "we", "us", "our") collects, uses, and protects personal information when you use our website at upasak.co.uk or get in touch with us. We are the data controller for the personal information we collect through this website.

1. Who we are

Upasak Limited
Company number: 14517648
Registered in England and Wales
[Registered office address]

Email: anil@upasak.co.uk

If you have any questions about this policy or how we handle your information, you can email us at the address above.

2. What information we collect

We collect personal information in the following ways.

Information you give us directly. When you fill out the contact form on our website, you provide us with:

Your name

Your email address

Your contact number

Your company name

Your preferred days and times for a call

Any additional information you choose to share with us about what you are trying to fix or build

Information collected automatically when you visit our website. This includes:

Your IP address

Browser type and version

Device type and operating system

Pages you visit on our site, the order you visit them, and how long you spend on each

The website that referred you to us, if any

This information is collected through cookies and similar technologies. See the cookie section below for more detail.

We do not knowingly collect any sensitive personal information (such as health information, racial or ethnic origin, religious beliefs, or biometric data) through this website.

3. How we use your information

We use the information we collect to:

Respond to enquiries you submit through our contact form

Schedule and conduct discovery calls and follow-up communications

Provide the services you ask us about or engage us for

Improve our website and understand how visitors use it

Comply with our legal obligations, for example accounting and record-keeping requirements

We will not sell your personal information. We will not use it for marketing purposes without your consent.

4. Legal basis for processing

Under UK GDPR, we need a lawful basis to process your personal information. The bases we rely on are:

Consent. When you submit a contact form, you are giving us your consent to use that information to respond to you. You can withdraw your consent at any time by emailing anil@upasak.co.uk.

Legitimate interests. We have a legitimate interest in operating our business, responding to enquiries, providing our services, and improving our website. We will only rely on this basis where doing so does not override your rights and interests.

Legal obligation. We may need to process information to meet our legal obligations, such as keeping financial records.

Contract. Where we are providing services to you under an agreement, we process your information to perform that contract.

5. Who we share your information with

We share personal information only with trusted third parties that help us run our business. These include:

Web hosting providers (currently Hostinger) who host our website and store form submissions on our behalf

Email and productivity providers who handle email correspondence and document storage

Professional advisers including accountants and legal advisers when needed

Government and regulatory bodies where required by law

We require all third-party service providers to keep your information secure and to use it only for the purposes we have specified. We do not transfer your personal information outside the UK or European Economic Area unless adequate protections are in place, such as Standard Contractual Clauses or an adequacy decision.

We will never sell your personal information to anyone.

6. How long we keep your information

We keep personal information only as long as we need it for the purposes set out in this policy, or as required by law.

Enquiries that do not lead to engagement: kept for up to 12 months, then deleted

Active client information: kept for the duration of the engagement and for 6 years after, in line with HMRC and accounting requirements

Website analytics data: kept for up to 26 months in aggregated form

You can ask us to delete your information at any time. See section 8.

7. How we protect your information

We take appropriate technical and organisational measures to protect your personal information against accidental loss, unauthorised access, alteration, or disclosure. These include secure hosting, encrypted connections (HTTPS), access controls, and limiting who in the business can see what.

No system is perfectly secure, however. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours, as required by law.

8. Your rights

Under UK GDPR, you have the following rights in relation to your personal information:

Right of access. You can ask us for a copy of the personal information we hold about you.

Right to rectification. You can ask us to correct information that is inaccurate or incomplete.

Right to erasure. You can ask us to delete your personal information in certain circumstances.

Right to restrict processing. You can ask us to limit how we use your information.

Right to data portability. You can ask us to provide your information in a structured, commonly used, machine-readable format.

Right to object. You can object to us processing your information in certain circumstances, including for direct marketing.

Right to withdraw consent. Where we rely on your consent, you can withdraw it at any time.

To exercise any of these rights, email us at anil@upasak.co.uk. We will respond within one month.

If you are unhappy with how we have handled your information, you have the right to make a complaint to the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Helpline: 0303 123 1113
Website: ico.org.uk

We would appreciate the chance to address your concerns first, so please consider contacting us before you go to the ICO.

9. Changes to this policy

We may update this policy from time to time. When we do, we will change the "Last updated" date at the top of this page. If we make significant changes, we will let you know by a more prominent notice on our website.

10. Contact us

For any questions about this policy or how we handle your information, contact:

Upasak Limited
Email: anil@upasak.co.uk

11. About cookies

Cookies are small text files that are placed on your device (computer, tablet, or phone) when you visit a website. They are widely used to make websites work, improve how they function, and provide information to the site's owners.

Some cookies last only for the length of your visit ("session cookies") and are deleted when you close your browser. Others remain on your device for a set period or until you delete them ("persistent cookies").

Cookies set by the website you are visiting are called "first-party cookies". Cookies set by other domains (for example, an analytics or advertising service) are called "third-party cookies".

12. How we use cookies

We use cookies for the following purposes.

Essential cookies

These cookies are necessary for our website to function. They allow you to navigate the site and use its core features, such as submitting our contact form and accessing secure areas. Without these cookies, the website cannot work properly.

Examples include:

Session cookies set by WordPress to maintain your visit

Anti-spam cookies set by Elementor to protect form submissions

Cookies that remember whether you have accepted our cookie notice

These cookies do not require your consent because they are strictly necessary for the website to operate.

Analytics cookies

We use analytics cookies to understand how visitors use our website. This helps us improve the site over time. The information collected is aggregated and anonymous where possible. We do not use it to identify individual visitors.

If we use Google Analytics, it sets cookies including _ga, _gid, and _gat to track usage patterns. Data is processed in line with Google's privacy policy.

These cookies are only set if you give your consent through our cookie notice.

Functional cookies

If used, these cookies remember choices you make on our website (such as your preferred language) to give you a better experience. They are only set if you give your consent.

13. Third-party cookies

Some cookies on our website are set by third-party services we use. These third parties have their own privacy and cookie policies which apply to their cookies. Third-party services may include:

Google Analytics (analytics) — see Google's privacy policy at policies.google.com/privacy

Hostinger (web hosting) — see hostinger.com/privacy-policy

Elementor (form processing) — see elementor.com/privacy

We do not control these cookies and recommend you check the relevant third party's policies for full details.

14. Managing your cookie preferences

You can manage cookies in several ways.

On our website. If we display a cookie notice when you first visit, you can use it to accept or reject non-essential cookies. You can change your preferences at any time by clearing your browser cookies and revisiting the site.

In your browser. Most browsers let you block or delete cookies through their settings. The exact steps vary by browser:

Chrome: Settings → Privacy and security → Cookies and other site data

Safari: Preferences → Privacy → Manage Website Data

Firefox: Settings → Privacy & Security → Cookies and Site Data

Edge: Settings → Cookies and site permissions → Manage and delete cookies

Note: if you block all cookies, including essential ones, parts of our website may not work properly.

15. Do Not Track

Some browsers offer a "Do Not Track" setting that asks websites not to track your browsing activity. Because there is no agreed industry standard for what websites should do when they receive a Do Not Track signal, we do not currently respond to it. You can manage cookies and tracking through the methods above.