Privacy policy

PRIVACY AND DATA PROTECTION POLICY

Last Updated: June 16, 2026

LEXXORIA LTD (hereinafter referred to as the "Company", "We", "Us", or "Our") operates this platform and website, including all integrated technical resources, service options, communications, and digital delivery frameworks (collectively, the "Services"), to provide business and consumer clients with professional Quality Assurance (QA) testing, software automation compilation, technical consulting, and digital IT solutions.

Our platform is hosted by Shopify Inc., which delivers the underlying technical architecture enabling Us to manage transactions and administer the Services. This Privacy Policy outlines precisely how We collect, process, utilize, store, and disclose Your personal and technical data when You visit the Website, engage Our engineering services, configure corporate testing environments, or otherwise communicate with Us. If a conflict arises between Our Terms of Service and this Privacy Policy, this Policy shall exercise supreme governance regarding the processing, protection, and transfer of personal data.

Please read this Privacy Policy with due professional diligence. By accessing the Website, subscribing to service tiers, or initiating technical engagements, You formally acknowledge that You have read, understood, and consented to the data practices and governance structures outlined herein.

1. Personal Information We Collect and Process

When We utilize the term "personal information," We reference any data that explicitly identifies, relates to, describes, or could reasonably be associated or linked, directly or indirectly, with an identifiable individual or enterprise profile. It does not encompass anonymized, aggregate, or strictly de-identified engineering metrics that cannot be traced to a specific user.

Depending on how You interact with Our testing platform, the following categories of information may be collected and processed in compliance with the UK GDPR and the Data Protection Act 2018:

Corporate & Contact Specifications: Your legal first and last name, business entity name, corporate registration numbers, billing address, official corporate headquarters address, contact telephone metrics, and verified corporate email interfaces.
Financial & Transaction Assets: Credit card matrices, debit card details, bank transfer routing numbers, digital wallet data, payment confirmations, historical order logs, subscription frequencies, and invoices corresponding to logged engineering hours or milestone payments.
Operational Account Configurations: Usernames, encrypted authentication parameters, specialized settings, service preferences, and operational configurations used within Our service dashboards.
Technical QA & Project Assets (Client Dependencies): Source code repository links (e.g., GitHub, GitLab, Bitbucket paths), API access configurations, staging environment URLs, deployment parameters, database architecture frameworks, software application binaries, bug-tracking access details, and associated technical files submitted for the execution of QA operations.
Communications Logs: Complete records of written communication, correspondence history, customer support tickets, diagnostic requests, and project brief interactions initiated with Our engineering or management personnel.
Infrastructure & Network Identifiers: IP addresses, browser specifications, operating system versions, localization data, unique network hardware IDs, access timestamps, and performance telemetry tracked via automated diagnostic systems.

2. Channels of Personal and Technical Data Ingestion

We extract and compile structural information using three primary methodologies:

Direct Ingestion From the Client: Collected when You request a custom quote, register a corporate profile, subscribe to a QA package, submit software blueprints for evaluation, or interact directly with Our engineering support channels.
Automated Network Tracking: Collected seamlessly through Your operational interaction with Our web interfaces via system cookies, server logs, pixel tags, and integrated browser monitoring tools designed to evaluate platform stability.
Service Providers & Third-Party Networks: Gathered from integrated technical nodes, such as payment gateways, authentication utilities, configuration managers, and code verification systems operating on Our behalf.

3. Strategic Purposes of Data Processing

LEXXORIA LTD processes Your personal and operational data based on legitimate business interests, contractual requirements, and statutory obligations, specifically for the following purposes:

Execution and Delivery of Technical QA Services: To satisfy Our contractual commitments, build testing environments, write automation suites, execute manual verification matrices, log bugs, manage accounts, process payments, and ensure seamless delivery of all digital project reports.
Technical Security and Fraud Prevention: To protect Our corporate networks, validate client identities, secure payment processing, detect and mitigate malicious attempts to compromise Our software systems, and ensure the safety of our infrastructure.
Client Relationship Management & Support: To deliver professional customer care, resolve engineering disputes, communicate project updates, and maintain stable business-to-business communications.
Marketing, Analytics, and Service Enhancement: To evaluate Website user trends, analyze system interactions, optimize platform functionality, and communicate promotional details or service upgrades that match Your technical interest profile.
Statutory and Regulatory Legal Compliance: To satisfy mandatory accounting duties, respond to valid legal processes, cooperate with law enforcement requests under UK legislation, and protect the contractual and intellectual property rights of LEXXORIA LTD.

4. Disclosures and Cross-Functional Transfers of Personal Information

In certain circumstances, We may share Your personal and technical data with authorized third parties for legitimate business operations subject to this Privacy Policy. These scenarios include:

Our Core Infrastructure Provider (Shopify): To host the core commercial store, process order processing data, and maintain payment gateway linkages.
Operational Service Contractors: Shared with specialized IT management firms, cloud storage entities (e.g., AWS, Google Cloud Engine), data analytics platforms, customer management dashboards, and external engineering resources operating under strict non-disclosure terms.
Corporate Group Entities & Affiliates: Transferred internally within Our corporate architecture to optimize accounting practices and human resource balancing.
Legal Enforcement and Business Restructuring: Shared if required by law to defend Our legal rights, protect public safety, comply with judicial subpoenas, or complete corporate mergers, acquisitions, or asset transfers.

5. Specialized Data Governance with Shopify

As Our infrastructure host, Shopify Inc. handles personal data regarding Your activities on Our platform to improve system features. Data sent through this interface may be routed across international networks and stored in data hubs outside Your home country. Shopify may also use compiled interaction data for enhanced fraud detection and merchant analytics across their wider network, acting as an independent Data Controller for those specific processes. You can learn more by visiting the Shopify Consumer Privacy Policy and manage Your configuration via the Shopify Privacy Portal.

6. Data Protection, Security, and Storage Retention

We deploy modern encryption, access controls, and technical firewalls designed to secure Your personal information and project assets. However, You acknowledge that no digital storage method or internet transmission protocol can guarantee absolute security against malicious actors.

Your technical codebases, repository contents, and testing data are kept confidential and are stored securely only for as long as necessary to complete the testing project, maintain Your profile, fulfill legal accounting obligations, resolve disputes, and enforce Our contract agreements.

7. Your Statutory Rights Under UK GDPR & EEA Frameworks

If You access Our Services from the United Kingdom or the European Economic Area (EEA), You possess the following comprehensive legal rights under regional data protection laws:

Right of Access & Portability: The right to demand a clear copy of all personal information We hold about You and transfer it to another provider.
Right of Rectification: The right to demand that We correct inaccurate or incomplete operational data.
Right of Erasure ("Right to be Forgotten"): The right to request the total deletion of Your personal parameters from Our active systems, subject to statutory tax and contract retention exclusions.
Right to Restrict or Object to Processing: The right to limit or halt Our processing of Your data for specific marketing, profiling, or analytical interests.
Right to Withdraw Consent: The right to revoke data processing permissions at any time, without affecting the legality of processing completed prior to Your withdrawal.

To exercise any of these rights, please submit an official request to Our team at info@info@lexxoria.ltd. We will verify Your identity before taking action, in accordance with applicable regulations.

8. International Data Transfers

Your data may be processed, handled, and transferred to computing nodes located outside the UK or the EEA. Whenever such transfers occur, We protect the safety of Your data by using recognized legal transfer frameworks, such as the European Commission's Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum (IDTA), unless the target country is already recognized as providing an adequate level of data protection.

9. Regulatory Complaints and Appeals

If You believe that Our data handling practices violate data protection regulations, please contact Us directly so We can address Your concerns. You also maintain the absolute legal right to lodge a formal complaint with Your regional supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO) (ico.org.uk). For individuals residing within the EEA, a complete listing of data protection regulators can be reviewed here.

10. Regulatory Identification and Corporate Contact

For the purposes of applicable data protection laws, LEXXORIA LTD acts as the primary Data Controller for Your personal information. If You have any questions, concerns, or requests regarding this Privacy Policy, please reach out to Us using the coordinates below:

LEXXORIA LTD
Registered Corporate Office: Avon House, Avonmore Road, London, W14 8TS, United Kingdom
Official Data Protection Interface: info@lexxoria.ltd