← Back to home

Privacy Policy

Last updated: 30 April 2026

1. Who we are

Bryan Blue Zone is a trading name of Lucidx Ltd, a company registered in England and Wales (Company No. [INSERT COMPANY NUMBER]).

  • Registered office: Flat 4, 79 Southwood Road, London, SE9 3QF
  • Email: deon@lucidx.co.uk
  • Telephone: 07830 129 686

Lucidx Ltd is the data controller for the personal data we process through the Bryan Blue Zone brand and its associated websites and services.

If you have any questions about this policy or how we handle your data, you can reach us using any of the contact details above.

2. What this policy covers

This policy explains:

  • What personal data we collect when you interact with Bryan Blue Zone
  • Why we collect it and what we do with it
  • The legal basis for each use
  • How long we keep it
  • Who we share it with
  • Your rights and how to exercise them

It applies to anyone who visits our website, signs up for our content or services, makes a purchase, enquires about working with us, or contacts us directly.

3. The personal data we collect

We only collect what we actually need.

When you visit our website

IP address, device type, browser, operating system, referral source, pages viewed, and time on page. This comes from analytics tools and helps us understand how people use the site.

When you sign up for our content or services

Your name and email address. We may ask for additional information (such as company name or role) where it's relevant to what you're signing up for.

When you enquire about working with us

Whatever you choose to share in your enquiry — typically your name, email, phone number, and a description of what you're looking for help with.

When you make a purchase

Your name, billing and delivery address, email, phone number, and order details. Payment is processed by our payment provider — we do not store your full card details on our systems.

When you contact us

Your name, contact details, and the content of your message.

We do not knowingly collect personal data from anyone under 18.

4. How we use your data, and the legal basis for each use

PurposeLegal basis
Providing the services you've signed up forPerformance of a contract / our legitimate interests
Sending you content, newsletters, and updates you've subscribed toYour consent
Sending marketing emails about our servicesYour consent — separate opt-in, withdrawable at any time
Processing and fulfilling ordersPerformance of a contract
Responding to enquiries and customer supportPerformance of a contract / our legitimate interests
Website analytics and improving the serviceOur legitimate interests
Fraud prevention, network security, and protecting our systemsOur legitimate interests / recognised legitimate interests under UK GDPR
Meeting our legal obligations (tax, accounting, regulatory)Legal obligation
Establishing, exercising or defending legal claimsOur legitimate interests

You can withdraw your consent at any time by clicking the unsubscribe link in any marketing email or by emailing us at deon@lucidx.co.uk. Withdrawing consent does not affect the lawfulness of any processing we did before you withdrew it.

5. Marketing emails

We will only send you marketing emails if you've given us specific permission to do so. Every marketing email includes a clear unsubscribe link. One click and you're out — no questions, no friction.

6. Cookies and similar technologies

We use a small number of cookies on the Bryan Blue Zone website:

  • Strictly necessary cookies — needed for the site to function. These don't require consent.
  • Analytics cookies — help us understand how the site is used. Under the Data (Use and Access) Act 2025, these are treated as low-risk and don't require opt-in consent, but we still tell you they're used and give you a clear way to opt out.
  • Functional cookies — improve your experience by remembering preferences.

We don't use advertising cookies or share data with ad networks.

You can manage your cookie preferences through the cookie banner the first time you visit, or by clearing cookies in your browser at any time. Full details are in our [Cookie Policy].

7. Who we share your data with

We do not sell your data. Ever.

We share your data with the following categories of trusted service providers, only to the extent needed to run the business:

  • Hosting and platform providers — for our website and the services we deliver.
  • Email service provider — to deliver the emails you've signed up for.
  • Payment processor — for processing payments. Our payment provider acts as a separate controller for payment data; their privacy policy is available on their website.
  • Analytics providers — to help us understand site usage in aggregate.
  • Fulfilment partners — where applicable, to deliver products you've ordered.
  • Professional advisers — accountants, lawyers, and insurers where reasonably necessary.
  • Authorities — if we're legally required to disclose information (e.g. in response to a court order or HMRC request).

Every supplier we share data with is bound by a written data processing agreement and is required to handle your data in line with UK data protection law.

8. International transfers

Some of our service providers are based outside the UK — primarily in the United States and the European Economic Area.

Where data is transferred outside the UK, we rely on one of the following safeguards:

  • UK adequacy regulations for transfers to the EEA and other adequate jurisdictions.
  • The UK-US Data Bridge (the UK extension of the EU-US Data Privacy Framework) for transfers to certified US providers.
  • The UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU Standard Contractual Clauses, where neither of the above applies.

We've assessed each transfer to make sure the level of protection is not materially lower than under UK law, in line with the updated ICO guidance on international transfers.

9. How long we keep your data

We don't hold onto data we don't need. Our retention periods:

  • Sign-ups and subscribers: Until you unsubscribe, or 3 years of inactivity, whichever comes first.
  • Customer and order records: 6 years from the end of the relevant tax year, to meet HMRC requirements.
  • Enquiries and correspondence: 2 years from the date of the last contact.
  • Website analytics data: Up to 26 months in aggregated form.
  • Marketing consent records: For as long as the consent is active, plus 2 years after withdrawal as evidence that consent was lawfully obtained.

After these periods, data is securely deleted or anonymised.

10. How we keep your data safe

We use appropriate technical and organisational measures to protect your data, including:

  • HTTPS encryption across the site
  • Access controls and multi-factor authentication on internal systems
  • Vetted, GDPR-compliant suppliers with written processing agreements
  • Regular review of who has access to what

No system is completely secure, but if a personal data breach ever occurs that's likely to result in a risk to your rights, we'll notify the ICO within 72 hours of becoming aware of it, and we'll tell you directly if the risk to you is high.

11. Your rights

Under UK data protection law, you have the following rights:

  • Right to be informed — about how we process your data.
  • Right of access — to a copy of the personal data we hold about you.
  • Right to rectification — to have inaccurate or incomplete data corrected.
  • Right to erasure — to have your data deleted in certain circumstances.
  • Right to restrict processing — to limit how we use your data in certain circumstances.
  • Right to data portability — to receive your data in a structured, commonly-used, machine-readable format where processing is based on consent or contract.
  • Right to object — to processing based on legitimate interests, including direct marketing (which you can object to at any time, and we'll stop immediately).
  • Rights related to automated decision-making — we do not make solely automated decisions that have legal or similarly significant effects on you.
  • Right to withdraw consent — at any time, where consent is the legal basis.

To exercise any of these rights, email deon@lucidx.co.uk. We'll respond within one calendar month. If a request is particularly complex, we may extend that by up to two further months and will let you know within the first month.

There's no charge for a first request. We may charge a reasonable fee for repeat or excessive requests.

12. Making a complaint

If you're unhappy with how we've handled your data, please contact us first.

Email: deon@lucidx.co.uk
Post: Flat 4, 79 Southwood Road, London, SE9 3QF

We'll acknowledge your complaint within 30 days and aim to resolve it without undue delay. We'll keep you updated on progress and let you know the outcome.

If you're not satisfied with our response, you have the right to complain to the Information Commissioner's Office:

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Helpline: 0303 123 1113
Website: ico.org.uk

You can complain to the ICO without contacting us first.

13. Children

Our services are intended for adults. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us and we'll delete it.

14. Changes to this policy

We may update this policy from time to time. When we do, we'll change the "Last updated" date at the top of this page. If the changes are significant, we'll let you know by email or through a notice on the website before they take effect.

15. Contact

For anything related to this policy, your data, or your rights:

Bryan Blue Zone
A trading name of Lucidx Ltd, registered in England and Wales (Company No. [INSERT COMPANY NUMBER])
Flat 4, 79 Southwood Road, London, SE9 3QF
deon@lucidx.co.uk
07830 129 686