Sancta Lux Solutions Ltd Logo
← Back to Home
Legal & Compliance

Privacy Policy

1) Who we are

Sancta Lux Solutions Ltd (“we”, “us”, “our”) is a UK company providing business & management consultancy and coordination of property-related services in Italy (strictly non-financial and non-regulated).

Controller: Sancta Lux Solutions Ltd, Company No. 15464060 (UK). Registered Office: International House, 101 King’s Cross Road, London, WC1X 9LP, United Kingdom.

Local Unit (Italy): Via Poggiarelli, 35, 56030 Terricciola (Pisa), Italy – Codice Fiscale: 91031250524.

Contact: info@sanctaluxsolutions.co.uk

This Privacy Policy is intended to meet the requirements of the UK GDPR and, where applicable, the EU GDPR for activities carried out in Italy.

2) What personal data we collect

  • Identity & contact data (e.g., name, email, postal address; for clients, vendors and prospects who contact us).
  • Engagement & contract data (scope of work, invoices, payments, service history).
  • Operational data related to coordinating contractors and property works (notes, schedules, confirmations).
  • Technical & usage data from our website (basic logs, cookies—see Cookies section).
  • Compliance data where legally required (e.g., records needed for tax or regulatory obligations).

3) How we obtain data

  • Directly from you (email, contact forms, contracts, meetings).
  • From your representatives/partners when you authorise them to share data with us.
  • From service providers involved in works coordination (only what is necessary for the task).
  • Automatically via our website (basic logs and cookies).

4) Purposes & legal bases

  • Providing services & fulfilling contracts (UK/EU GDPR Art. 6(1)(b)).
  • Legitimate interests such as running and improving our operations, preventing misuse, keeping records (Art. 6(1)(f)).
  • Legal obligations e.g., tax/accounting, responding to lawful requests (Art. 6(1)(c)).
  • Consent where required (Art. 6(1)(a)); you may withdraw consent at any time.

5) Sharing your data

We may share personal data with:

  • Professional advisors and contractors strictly on a need-to-know basis to deliver the services (e.g., notaries, technicians, vetted vendors).
  • Service providers (e.g., IT/hosting, email, accounting) under written agreements and confidentiality obligations.
  • Authorities where required by law or to protect our legal rights.

We do not sell personal data.

6) International transfers

As a UK company operating in Italy, data may be processed in the UK and Italy. Where we use providers located outside the UK/EU, we rely on appropriate safeguards (e.g., adequacy regulations/decisions or Standard Contractual Clauses, as applicable).

7) Retention

We keep data only as long as necessary for the purposes collected, including to meet legal, accounting or reporting requirements. Typical retention: contract and invoicing records for up to 6–10 years; operational correspondence for the duration of the engagement plus a reasonable period; website logs for a short period for security and diagnostics.

8) Your rights

Depending on the jurisdiction (UK/EU), you may have the right to request: access, rectification, erasure, restriction, objection to processing based on legitimate interests, and data portability. Where processing relies on consent, you can withdraw consent at any time.

To exercise your rights, contact: info@sanctaluxsolutions.co.uk. We may need to verify your identity before responding.

9) Cookies & website analytics

Our website currently uses only essential cookies and basic server logs for security and delivery. If we introduce analytics or non-essential cookies, we will update this Policy and (where required) obtain your consent via a cookie banner.

10) Security

We implement technical and organisational measures appropriate to the risk, including access controls, encryption in transit (TLS/SSL), and vendor due diligence. No method of transmission or storage is 100% secure, but we work to protect your data against unauthorised access, use or disclosure.

11) Children

Our services are not directed to children and we do not knowingly collect children’s personal data.

12) Contact & complaints

Controller contact: info@sanctaluxsolutions.co.uk

If you are in the UK, you can also contact the Information Commissioner’s Office (ICO). If you are in the EU/Italy, you may contact your local Data Protection Authority (in Italy: Garante per la protezione dei dati personali). We encourage you to contact us first to resolve any concern.

ICO registration: see “ICO Registration Certificate” on our website or request details via email.

13) Changes to this Policy

We may update this Policy from time to time. The latest version will always be posted on this page with the effective date below.

Effective date: 22 April 2025