Privacy Policy

Laires Labs ("we", "us") takes data protection seriously. This policy explains what personal data we collect, why we collect it, and the rights you have under UK GDPR and the Data Protection Act 2018.

Who we are

Laires Labs is a London-based engineering studio founded by Robin Laires. The data controller for the purposes of UK GDPR is Robin Laires.

You can contact us at robin@laireslabs.com.

Data we collect

When you contact us

If you email us, book a call, or submit an enquiry, we collect your name, email address, company name, and the content of your message. We use this information solely to respond to your enquiry and to evaluate whether we can help you.

When you visit the site

We use a small number of cookies and analytics tools (see "Cookies" below) to understand which pages are visited and how the site performs. Analytics data is aggregated and does not identify individual visitors.

During an engagement

If we are engaged to build a system for your firm, we may process data you provide as part of the engagement. This data is processed under a separate Data Processing Agreement that we sign with each client. The system itself is deployed inside your own infrastructure, so production data does not leave your environment.

Lawful basis

We process personal data on the following lawful bases:

• Legitimate interests — to respond to business enquiries and run our website.
• Contract — to deliver work we have agreed with you under a signed engagement.
• Consent — for any optional cookies or marketing communications.

How long we keep data

Enquiry emails are retained for up to 24 months unless they lead to a signed engagement, in which case they are kept for the duration of the engagement plus seven years for tax records. You can request earlier deletion at any time.

Sharing data

We do not sell, rent, or share personal data with third parties for their own purposes. We use a small number of processors to operate the business: an email provider, a calendar booking tool, an analytics provider, and a hosting provider. These processors operate under data processing agreements that comply with UK GDPR.

International transfers

Some of the processors above store data outside the UK, typically in the European Economic Area or the United States. All such transfers rely on appropriate safeguards, including UK adequacy decisions, the UK International Data Transfer Agreement, or Standard Contractual Clauses where applicable.

Your rights

Under UK GDPR you have the right to access, correct, delete, restrict, or port your personal data, and to object to processing or withdraw consent. To exercise any of these rights, email us at robin@laireslabs.com. You also have the right to complain to the Information Commissioner's Office at ico.org.uk.

Cookies

We use a small set of cookies to operate the site and to measure aggregate usage. Strictly necessary cookies are set automatically; analytics cookies require your consent via the banner shown on first visit. You can withdraw consent at any time by clearing your browser cookies for this site.

Security

We apply industry-standard controls to the data we hold, including encryption in transit, access controls on systems we operate, and the principle of least privilege. For engagement-specific security commitments, see our security and compliance page.

Updates to this policy

We may update this policy from time to time. Material changes will be flagged at the top of this page with a new "last updated" date.