Skip to main content

04/03/2026

This Privacy Policy explains how SFXLY LTD (“Company”, “we”, “us”, or “our”) collects, uses, processes, and protects personal data when users access or interact with the website https://sfxly.com/ (the “Website”).

The Company is registered under Reg. Number 17062769 and located at:

Building 3, Chiswick Park
566 Chiswick High Road
London, W4 5YA
United Kingdom

Email: [email protected] 

This Privacy Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and other applicable data protection laws.

By accessing or using the Website, you acknowledge that you have read and understood this Privacy Policy.

1. Definitions

For the purposes of this Privacy Policy, “Company”, “we”, “us”, and “our” refer to SFXLY LTD. “Website” refers to the online platform available at https://sfxly.com. “User”, “customer”, or “you” refers to any individual accessing or interacting with the Website. “Personal Data” refers to any information that can identify an individual directly or indirectly.

2. Scope of this Privacy Policy

This Privacy Policy applies to all personal data collected through the Website and related services. It describes how we collect information, how we use it, how we protect it, and the rights available to users regarding their personal data.

This Policy applies solely to information collected through the Website and does not apply to external websites or services that may be linked from the Website.

3. Personal Data We Collect

When users interact with the Website, certain personal information may be collected. This may include information provided voluntarily by users, such as names, email addresses, billing addresses, or other contact details entered during purchases or communications with the Company.

Technical information may also be collected automatically when users visit the Website. This may include IP addresses, browser type, device information, and usage data related to interactions with the Website.

The Company collects only the information necessary to operate the Website, process orders, respond to inquiries, and improve the overall functionality of the service.

4. Payment Information

The Website does not collect, process, or store payment card information.

All payment transactions are handled exclusively by independent third-party payment service providers. When a user makes a purchase, payment information is transmitted directly to the payment processor and is governed by that provider’s own privacy policy and security practices.

The Company does not have access to full payment details such as credit card numbers.

5. How We Use Personal Data

Personal data collected through the Website may be used for several purposes related to the operation and improvement of the service. This includes processing purchases, delivering digital products, providing customer support, maintaining user accounts, and responding to inquiries.

Personal data may also be used to maintain the security of the Website, detect fraudulent activity, comply with legal obligations, and improve the functionality and performance of the Website.

The Company processes personal data only where a lawful basis exists under applicable data protection laws.

6. Legal Basis for Processing Data

The Company processes personal data based on several lawful grounds under applicable data protection laws. Processing may occur where it is necessary for the performance of a contract, such as delivering purchased products or responding to user requests.

Processing may also occur where it is necessary to comply with legal obligations, protect the legitimate interests of the Company, or where the user has provided consent.

7. Data Security

The Company implements a variety of technical and organizational safeguards to protect personal data from unauthorized access, alteration, disclosure, or destruction.

These measures include the use of encryption technologies, controlled access to internal systems, secure server environments, and continuous monitoring of security practices. Access to personal data is restricted to authorized personnel who require the information in order to perform their duties.

The Company also performs regular evaluations of security procedures in order to maintain a high level of protection for user data.

8. GDPR Compliance and Data Protection Principles

The Company complies with the principles of the UK General Data Protection Regulation (UK GDPR) and related data protection legislation.

We implement appropriate technical and organizational measures designed to ensure that personal data is processed securely and lawfully. These measures include internal policies governing data protection practices, regular security reviews, staff training related to data protection obligations, and adherence to key principles such as data minimization, transparency, and confidentiality.

Personal data is processed only for legitimate purposes and only for the period necessary to fulfill those purposes.

9. International Transfers of Personal Data

In certain circumstances, personal data may be transferred to or processed in countries located outside the European Economic Area (EEA) or the United Kingdom.

When such transfers occur, the Company ensures that appropriate safeguards are in place to protect personal data in accordance with applicable data protection laws. These safeguards may include the use of standard contractual clauses or other legally recognized mechanisms designed to ensure adequate protection of personal information.

10. Strong Customer Authentication (SCA)

The Company supports the use of Strong Customer Authentication (SCA) as part of secure online payment processing.

SCA requires additional verification steps during certain transactions in order to confirm a customer’s identity. This authentication process may involve two or more independent verification elements, such as knowledge-based information, possession of a registered device, or biometric confirmation.

These security procedures are designed to reduce fraud and enhance the safety of online transactions.

11. Compliance with PSD2 Regulations

The Company complies with requirements established under the Payment Services Directive 2 (PSD2).

PSD2 regulations require payment service providers to implement Strong Customer Authentication for many online payment transactions. As payments on the Website are processed by third-party providers, these providers may require users to complete multi-factor authentication before a payment is finalized.

These procedures enhance the security of financial transactions conducted through the Website.

12. Data Retention

The Company retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, regulatory, or accounting obligations.

Once personal data is no longer required for these purposes, it is securely deleted or anonymized where appropriate.

13. Sharing of Personal Data

The Company may share personal data with service providers that assist in operating the Website, processing transactions, or maintaining technical infrastructure.

These service providers are required to handle personal data in accordance with applicable data protection laws and are permitted to use such information only for the purposes specified by the Company.

The Company does not sell or rent personal data to third parties.

14. Cookies and Tracking Technologies

The Website may use cookies or similar technologies to improve user experience, analyze Website performance, and maintain the functionality of certain features.

Cookies are small files stored on a user’s device that allow the Website to recognize returning visitors and collect usage data. Additional information about cookies may be provided in a separate Cookies Policy.

15. User Rights

Under applicable data protection laws, users have certain rights regarding their personal data. These rights may include the right to access personal data, request corrections, request deletion, restrict processing, or object to certain types of data processing.

Users may also have the right to request a copy of their personal data in a portable format where applicable.

Requests related to personal data may be submitted by contacting the Company at [email protected]

16. Children’s Data

The Website is not specifically directed toward children. The Company does not knowingly collect personal data from individuals where such collection would violate applicable data protection laws.

17. Third-Party Websites

The Website may contain links to external websites operated by third parties. The Company does not control and is not responsible for the privacy practices or content of such external websites.

Users are encouraged to review the privacy policies of any third-party websites they visit.

18. Changes to this Privacy Policy

The Company reserves the right to update or modify this Privacy Policy at any time in order to reflect changes in legal requirements, business practices, or Website functionality.

Updated versions will be published on the Website. Continued use of the Website after updates are published constitutes acceptance of the revised Privacy Policy.

19. Governing Law

This Privacy Policy is governed by and interpreted in accordance with the laws of England and Wales.

Any disputes related to this Privacy Policy shall be subject to the jurisdiction of the courts of England and Wales.

20. Contact Information

If you have any questions about this Privacy Policy or how your personal data is handled, you may contact:

SFXLY LTD
Building 3, Chiswick Park
566 Chiswick High Road
London, W4 5YA
United KingdomEmail: [email protected]