Skip to main content

Privacy Policy

How we collect, use, and protect your personal data

Last updated: 2 April 2026

Code Next ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, store, and share your information when you visit our website (codenext.co.uk) or use our services.

We are registered in England and operate from Unit 33-37 Bilton Way, Luton, LU1 1UU. For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, Code Next is the data controller.

1. Information We Collect

1.1 Information You Provide

We may collect the following information when you interact with us directly:

  • Name, email address, phone number, and company name when you submit an enquiry form or contact us.
  • Project details and requirements shared during consultations.
  • Billing and payment information when you engage our services.
  • Any other information you voluntarily provide in correspondence with us.

1.2 Information Collected Automatically

When you visit our website, we may automatically collect:

  • IP address and approximate geographic location.
  • Browser type, version, and operating system.
  • Pages visited, time spent on pages, and navigation paths.
  • Referring website or source that directed you to our site.
  • Device type and screen resolution.

1.3 Information from Third Parties

We may receive information about you from third-party sources such as business partners, analytics providers, and publicly available directories, which we may combine with other data we hold about you.

2. How We Use Your Information

We use your personal data for the following purposes:

  • To respond to your enquiries and provide requested information about our services.
  • To deliver, manage, and improve our software development services.
  • To process payments and manage our contractual relationship with you.
  • To send you relevant updates, newsletters, and marketing communications (where you have opted in).
  • To analyse website usage and improve our website performance and user experience.
  • To comply with legal obligations and protect our legitimate interests.
  • To detect, prevent, and address fraud, security issues, or technical problems.

3. Legal Basis for Processing

Under the UK GDPR, we process your personal data on one or more of the following legal bases:

  • Consent: Where you have given clear consent for us to process your data for a specific purpose, such as receiving marketing communications.
  • Contractual Necessity: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Where processing is necessary to comply with a legal requirement, such as tax reporting or regulatory obligations.
  • Legitimate Interests: Where processing is necessary for our legitimate business interests, such as improving our services and website, provided these interests do not override your rights and freedoms.

4. Data Sharing

We do not sell your personal data to third parties. We may share your information with:

  • Service Providers: Trusted third-party companies that assist us in operating our website, conducting our business, or providing services to you (e.g., hosting providers, payment processors, email service providers). These providers are contractually obligated to protect your data.
  • Legal Requirements: Where we are required to disclose your data to comply with a legal obligation, court order, or regulatory request.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of the transaction. We will notify you of any such change.
  • Professional Advisors: Our accountants, lawyers, and other professional advisors where necessary for business operations.

5. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

  • Enquiry data: Retained for up to 2 years after your last interaction with us, unless a contractual relationship is established.
  • Client data: Retained for the duration of our business relationship and for up to 7 years after the relationship ends, in accordance with UK tax and accounting requirements.
  • Marketing data: Retained until you withdraw your consent or opt out of communications.
  • Website analytics data: Retained for up to 26 months in anonymised or aggregated form.

When data is no longer required, it will be securely deleted or anonymised.

6. Your Rights Under UK GDPR

You have the following rights in relation to your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can ask us to correct any inaccurate or incomplete data.
  • Right to Erasure: You can request that we delete your personal data, subject to certain legal exceptions.
  • Right to Restrict Processing: You can ask us to limit how we use your data in certain circumstances.
  • Right to Data Portability: You can request your data in a structured, commonly used, and machine-readable format.
  • Right to Object: You can object to the processing of your data where we rely on legitimate interests as our legal basis.
  • Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using the details in the Contact section below. We will respond to your request within one month.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse site usage. Cookies are small text files stored on your device when you visit our website.

7.1 Types of Cookies We Use

  • Essential Cookies: Required for the basic functionality of our website. These cannot be disabled.
  • Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage data.
  • Functional Cookies: Remember your preferences and settings to provide a personalised experience.
  • Marketing Cookies: Used to track visitors across websites and display relevant advertisements.

7.2 Managing Cookies

You can manage your cookie preferences through your browser settings or our cookie consent tool. Please note that disabling certain cookies may affect the functionality of our website.

8. Security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it, including:

  • Encryption of data in transit using TLS/SSL protocols.
  • Secure access controls and authentication mechanisms.
  • Regular security assessments and vulnerability testing.
  • Employee training on data protection and information security best practices.
  • Secure data storage with regular backups.

While we take all reasonable steps to protect your data, no method of transmission over the Internet is completely secure. We cannot guarantee the absolute security of your information.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. Any material changes will be posted on this page with an updated revision date.

We encourage you to review this page periodically to stay informed about how we protect your data. Continued use of our website or services after changes have been posted constitutes your acceptance of the updated policy.

10. Contact Our Data Protection Officer

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Data Protection Officer:

Chat on WhatsApp