1. Introduction
Levqor Ltd ("Levqor," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your information in connection with Levqor Done-For-You engagements and any later gated continuity access if separately offered.
We comply with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and other applicable data protection laws.
2. Data Controller
Levqor Ltd is the data controller for personal data processed under this policy.
Contact: privacy@levqor.ai
Location: United Kingdom
3. Information We Collect
3.1 Contact and Identity Information
- Email address
- Name, if provided
- Company or organisation name, if provided
3.2 DFY Engagement Information
For accepted or proposed DFY engagements, we may also collect:
- Business requirements and workflow specifications
- System access credentials or access instructions where required for delivery
- Communications, approvals, scope clarifications, and delivery-related records
3.3 Payment Information
Payments are processed by our payment processor. We do not store your full card details. We may receive transaction metadata such as amount, date, status, and payment reference for our records.
3.4 Operational and Technical Data
- Pages visited and forms submitted
- Workflow-related configuration or execution records where relevant to delivery
- Device type, browser, and operating system
- IP address and general location data
- Timestamps of activity, delivery, and support interactions
4. How We Use Your Information
- To provide services: Validate scope, administer accounts where relevant, execute accepted work, and deliver DFY engagements.
- To operate safely: Maintain auditability, verify approvals, and manage support, correction, or escalation handling.
- To communicate with you: Send service updates, support replies, delivery notices, and legal or security notices.
- To protect the service: Detect and prevent fraud, abuse, misuse, and security incidents.
- To comply with law: Meet legal, tax, accounting, and regulatory obligations.
5. Legal Basis for Processing
Under UK GDPR, we process your data on one or more of these bases:
- Contract: Where processing is necessary to provide or prepare services you requested or purchased.
- Legitimate interests: To operate, secure, improve, and defend our services and business.
- Consent: Where you gave specific consent, such as for optional communications.
- Legal obligation: Where we must comply with applicable law.
6. Data Retention
- Contact and intake records: Retained for as long as reasonably necessary to administer enquiries, accepted work, and legal obligations.
- DFY project data: May be retained after project completion for support, audit, dispute handling, and compliance purposes, subject to the governing policy stack.
- Deletion requests: We will assess and action valid requests in accordance with applicable law and any overriding retention obligations.
- Backups: Data may remain in encrypted backups for a limited retention period.
7. Your Rights
Under UK GDPR, you may have rights including:
- Access
- Rectification
- Erasure
- Portability
- Restriction
- Objection
- Withdrawal of consent, where consent is the basis
To exercise your rights, contact privacy@levqor.ai. We will respond in accordance with applicable law.
8. Data Sharing
We may share data only where reasonably necessary, including with:
- Service providers: Hosting, payment, email, delivery, or support providers acting on our instructions.
- Professional advisers: Legal, tax, compliance, insurance, or dispute-related advisers where required.
- Authorities: Where disclosure is required by law or necessary to protect rights, safety, or the service.
- Business transfers: In connection with a merger, acquisition, restructuring, or asset sale.
We do not sell your personal data.
9. International Transfers
Your data may be processed outside the United Kingdom. Where this occurs, we use appropriate safeguards where legally required.
10. Security
We implement technical and organisational measures appropriate to the risk, including:
- Encryption in transit and, where applicable, at rest
- Access controls and authentication controls
- Monitoring, incident response, and recovery processes
- Role-based access discipline for sensitive customer work
11. Confidentiality for DFY Customers
DFY Confidentiality Commitment
For DFY customers, we apply additional confidentiality protections to customer project information.
- Business processes, workflows, and system designs shared for delivery are treated as confidential.
- Project details are not disclosed except as needed to provide the service or where required by law.
- Credentials and access materials are handled with controlled access and deleted or disabled when no longer required, subject to legal or evidential obligations.
- We will not use your project as a public case study without explicit permission.
This commitment applies to information shared in connection with the DFY engagement.
12. Cookies
We may use cookies or similar technologies for authentication, preferences, analytics, and service operation. See our Cookie Policy where applicable.
13. Complaints
If you are unhappy with how we handle your personal data, contact privacy@levqor.ai first. You may also complain to the UK Information Commissioner's Office where applicable.
14. Changes to This Policy
We may update this policy from time to time. Material changes may be communicated through appropriate service or legal notice channels.
15. Contact
Levqor Ltd
Email: privacy@levqor.ai
United Kingdom
Processors, AI handling, email delivery, and retention
Named service providers may include Stripe for payment processing, OpenAI for AI-assisted processing where enabled, Resend for transactional email delivery, hosting and infrastructure providers, and support tooling used to operate bounded Done-For-You engagements.
Accounting, invoice, receipt, payment, tax, audit, security, and dispute records may be retained for 7 years where required for legal, tax, accounting, audit, or dispute-handling purposes. Project and workflow data is retained only where needed for delivery proof, support, security, auditability, or legal obligations.
Last updated: April 2026