Terms, Privacy & Legal
This page sets out the complete legal framework governing your use of Lexa Systems' website and services. Please read it carefully. It is governed by the laws of England and Wales.
Company Information
The following information identifies the operating entity responsible for this website and the services offered through it.
References to "Lexa Systems", "we", "us", or "our" throughout these notices refer to the above entity. References to "you" or "your" refer to any individual or organisation accessing or using our website or services.
Terms & Conditions
By accessing our website or engaging our services, you confirm that you have read, understood, and agree to be bound by these Terms. If you do not agree, you must not use our website or services.
2.1 Eligibility
You must be at least 18 years of age and have full legal capacity to enter into binding contracts in your jurisdiction. By using our services, you represent and warrant that you meet these requirements. Services are intended for business use (B2B) and are not directed at consumers as defined under the Consumer Rights Act 2015 unless expressly stated in a specific service agreement.
2.2 Services We Provide
Lexa Systems provides bespoke artificial intelligence automation consultancy, software development, workflow automation, and related digital services (collectively, "Services"). The precise scope, deliverables, timelines, and commercial terms for each engagement are set out in a separate written Service Agreement, Statement of Work, or Order Confirmation ("Project Agreement"). These Terms apply alongside and supplement any such Project Agreement. In the event of conflict, the Project Agreement takes precedence.
2.3 Quotes and Proposals
Any written quote, proposal, or estimate we provide is valid for 30 days from the date issued, unless otherwise stated, and does not constitute a binding offer. A contract is formed only when both parties have executed a Project Agreement, or when we issue a written acceptance of your order and receive the agreed deposit or initial payment.
2.4 Your Obligations
To enable us to provide the Services, you agree to:
- Provide accurate, complete, and up-to-date information as reasonably requested;
- Grant us timely access to relevant systems, platforms, credentials, and personnel;
- Review and provide feedback on deliverables within agreed timescales;
- Ensure that any third-party software, data, or content you supply does not infringe the intellectual property rights of any third party;
- Comply with all applicable laws in your use of the Services and any deliverables.
Failure to meet these obligations may result in delays for which we bear no liability, and may entitle us to charge additional fees at our standard rates.
2.5 Fees, Invoicing & Payment
- All fees are as set out in the applicable Project Agreement and are exclusive of VAT unless otherwise stated.
- Invoices are payable within 14 days of issue unless otherwise agreed in writing.
- For project-based engagements, a deposit (typically 50%) is due prior to commencement. The remainder is due upon completion or as staged in the Project Agreement.
- Interest on late payments accrues at 8% per annum above the Bank of England base rate in accordance with the Late Payment of Commercial Debts (Interest) Act 1998.
- We reserve the right to suspend Services if any invoice remains unpaid beyond 21 days of its due date, without prejudice to any other remedy available to us.
- Expenses reasonably incurred in performing the Services (e.g., software licences, third-party API costs) will be invoiced at cost unless included in the Project Agreement.
2.6 Intellectual Property
- Client IP: Any data, materials, or pre-existing intellectual property you provide to us remains your sole property.
- Our IP: Any tools, frameworks, methodologies, or pre-existing code we use remain our property. We grant you a perpetual, royalty-free, non-exclusive licence to use such elements solely as embedded in the deliverables.
- Deliverables: On receipt of full payment, all intellectual property rights in bespoke deliverables created specifically for you vest in you absolutely, unless otherwise agreed in writing.
- You must not reverse-engineer, decompile, or create derivative works from any proprietary tools or frameworks we retain.
2.7 Confidentiality
Each party agrees to keep confidential all information disclosed by the other that is reasonably identifiable as confidential, including but not limited to business strategies, technical information, pricing, client data, and project details. This obligation does not apply to information that: (a) is or becomes publicly available other than through breach; (b) was already known to the receiving party; (c) is received lawfully from a third party; or (d) is required to be disclosed by law or regulation. Confidentiality obligations survive termination of any agreement for a period of 5 years.
2.8 Warranties & Representations
We warrant that:
- We have the right to enter into and perform the Services;
- Services will be performed with reasonable skill and care in accordance with applicable professional standards;
- Deliverables will materially conform to the specifications agreed in the Project Agreement.
We do not warrant that the Services will be uninterrupted, error-free, or that any specific commercial outcomes (e.g., revenue increases, time savings) will be achieved. Any indicative results referenced in our marketing materials are illustrative only.
2.9 Limitation of Liability
To the maximum extent permitted by applicable law:
- We exclude all liability for indirect, consequential, special, or punitive losses, including loss of profits, loss of business, loss of data, or reputational damage, even if we have been advised of the possibility of such losses.
- Our total aggregate liability to you in connection with any contract or these Terms shall not exceed the total fees paid by you to us under the relevant Project Agreement in the 12 months immediately preceding the event giving rise to the claim.
- Nothing in these Terms limits or excludes our liability for: (a) death or personal injury caused by our negligence; (b) fraud or fraudulent misrepresentation; or (c) any other matter for which liability cannot be limited or excluded by law.
2.10 Indemnity
You agree to indemnify, defend, and hold harmless Lexa Systems and its personnel from and against any claims, damages, losses, and expenses (including reasonable legal fees) arising from: (a) your breach of these Terms or any Project Agreement; (b) your misuse of any deliverable; or (c) any third-party claim relating to materials or data you provided to us.
2.11 Termination
- Either party may terminate a Project Agreement on written notice as specified therein.
- Either party may terminate immediately on written notice if the other is in material breach that is not remedied within 14 days of written notice, becomes insolvent, or enters administration or liquidation.
- On termination: all outstanding fees for work completed become immediately due; we will return or destroy your confidential information on request; any licences granted to you for deliverables paid for in full shall continue.
2.12 Force Majeure
Neither party will be liable for failure or delay in performing obligations due to circumstances beyond their reasonable control, including but not limited to natural disasters, pandemics, government actions, cyber-attacks on infrastructure providers, or telecommunications failures, provided the affected party notifies the other promptly and uses reasonable efforts to mitigate the impact.
2.13 Entire Agreement & Variation
These Terms, together with any applicable Project Agreement, constitute the entire agreement between the parties and supersede all prior representations, agreements, or understandings. No variation to these Terms is binding unless made in writing and signed by an authorised representative of Lexa Systems.
2.14 Severability & Waiver
If any provision of these Terms is found invalid or unenforceable, the remaining provisions shall continue in full force. Failure to enforce any right under these Terms does not constitute a waiver of that right.
2.15 Governing Law & Dispute Resolution
These Terms and any disputes arising from them are governed by the laws of England and Wales. Both parties agree to the exclusive jurisdiction of the courts of England and Wales, save that we may seek emergency injunctive relief in any competent court. Before commencing legal proceedings, the parties agree to attempt good-faith negotiation for a period of 30 days.
Privacy Policy
This policy explains how Lexa Systems collects, uses, stores, and protects your personal data. We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), and the Privacy and Electronic Communications Regulations 2003 (PECR).
3.1 Data Controller
Lexa Systems is the data controller responsible for your personal data. Our contact details are set out in Section 1 above. For data protection matters, please contact us at contact@lexa.systems.
3.2 What Personal Data We Collect
Depending on how you interact with us, we may collect:
- Identity data: name, job title, company name;
- Contact data: email address, phone number, postal address;
- Financial data: billing address, payment method details (processed by Stripe — we do not store full card numbers);
- Technical data: IP address, browser type and version, device type, operating system, referring URLs, pages visited, time and date of access;
- Usage data: information about how you use our website and services;
- Communications data: emails, enquiry form submissions, call notes, and other correspondence;
- Project data: business process information, workflow documentation, and operational data you share with us in the course of service delivery;
- Marketing preferences: your preferences regarding marketing communications.
We do not knowingly collect any special category data (e.g., health, biometric, or political data) unless explicitly requested for a specific project and with your explicit consent.
3.3 How We Collect Personal Data
We collect data through:
- Direct interactions — when you complete a contact form, book a consultation, send an email, or engage our services;
- Automated technologies — cookies, server logs, and analytics tools as described in our Cookie Policy;
- Third parties — referrals, social media platforms (LinkedIn), and scheduling tools (Calendly).
3.4 Purposes, Legal Bases & Retention
| Purpose | Legal Basis (UK GDPR) | Retention Period |
|---|---|---|
| Responding to enquiries and booking consultations | Legitimate interest | 2 years from last contact |
| Entering into and performing service contracts | Contract performance | Duration + 7 years (tax / legal) |
| Sending invoices and processing payments | Contract performance Legal obligation | 7 years (HMRC requirement) |
| Marketing communications (with opt-in) | Consent | Until consent withdrawn |
| Website analytics and improvement | Legitimate interest | 26 months (standard analytics) |
| Compliance with legal and regulatory obligations | Legal obligation | As required by applicable law |
| Fraud prevention and security | Legitimate interest | 3 years |
| Sharing testimonials / case study content | Consent | Until consent withdrawn |
3.5 Who We Share Data With
We share personal data only where necessary with:
- Payment processors: Stripe (PCI-DSS Level 1 certified) — for processing payments;
- Scheduling tools: Calendly — for booking consultations;
- Cloud hosting providers — for website and data hosting;
- Analytics providers — as described in our Cookie Policy;
- Professional advisors: solicitors, accountants, insurers — under confidentiality obligations;
- Regulatory authorities: HMRC, ICO, law enforcement — where required by law.
We do not sell, rent, or trade personal data to third parties for their own marketing purposes.
3.6 International Data Transfers
Some of our third-party service providers operate outside the UK. Where personal data is transferred to a country not recognised by the UK as providing adequate data protection, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the ICO, or we rely on the processor's own adequacy mechanisms. You may request details of the specific safeguards by contacting us.
3.7 Data Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or alteration. These include access controls, encryption in transit (TLS), and regular review of our security practices. In the event of a personal data breach that is likely to result in high risk to you, we will notify you and the ICO without undue delay and within 72 hours of becoming aware of it, as required by the UK GDPR.
3.8 Your Rights Under UK GDPR
You have the following rights in relation to your personal data:
Request a copy of the personal data we hold about you (subject access request).
Request correction of inaccurate or incomplete personal data.
Request deletion of your personal data where there is no compelling reason to retain it.
Request that we limit how we use your data in certain circumstances.
Receive your data in a structured, machine-readable format to transfer to another provider.
Object to processing based on legitimate interests, including direct marketing.
Not to be subject to solely automated decisions that produce significant legal or similar effects.
Where processing is based on consent, withdraw it at any time without affecting prior processing.
To exercise any of these rights, contact us at contact@lexa.systems. We will respond within one calendar month. We may need to verify your identity before processing your request. No fee is normally charged for exercising your rights.
3.9 Automated Decision-Making & Profiling
We do not currently use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
3.10 Children's Privacy
Our website and services are not directed at children under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us immediately and we will delete it.
3.11 Links to Third-Party Websites
Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party site you visit.
3.12 Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or applicable law. We will update the effective date at the top of this page. For material changes, we will take reasonable steps to notify affected individuals directly.
Cookie Policy
This policy explains what cookies are, which ones we use, and how you can control them. We comply with the Privacy and Electronic Communications Regulations 2003 (PECR) and the UK GDPR.
4.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They allow websites to recognise your device, remember your preferences, and collect information about your visit. Similar technologies such as web beacons, pixels, and local storage may also be used and are referred to collectively as "cookies" in this policy.
4.2 Cookies We Use
| Category | Cookie / Provider | Purpose | Duration | Consent Required |
|---|---|---|---|---|
| Session cookies (server) | Maintain your session and enable core website functionality. The site cannot function without these. | Session | No (exempt under PECR) | |
| cookieConsent (localStorage) | Stores your cookie consent preference to avoid showing the banner on every visit. | 1 year | No (functional necessity) | |
| Google Analytics (_ga, _gid, _gat) | Measures website traffic and user behaviour to help us improve the site. Data is anonymised where possible. | Up to 2 years | Yes | |
| Calendly embed | Enables the embedded scheduling widget for booking consultations. | Session / persistent | Yes |
Your consent matters. Non-essential cookies (analytics, functional, marketing) are only set after you click "Accept All" on our cookie banner. If you click "Reject All", only strictly necessary cookies are used.
4.3 Managing and Withdrawing Consent
You can manage your cookie preferences at any time using the following methods:
- Cookie banner: Revisit our website in a private/incognito window to see the banner again, or clear your browser's localStorage for this site.
- Browser settings: Most browsers allow you to refuse cookies or delete existing ones. Consult your browser's help documentation for instructions (e.g., Chrome, Firefox, Safari).
- Opt-out tools: For Google Analytics, use the Google Analytics Opt-out Browser Add-on.
Please note that disabling certain cookies may affect the functionality of our website.
4.4 Updates to This Cookie Policy
We will update this Cookie Policy when we change the cookies we use or when required by changes in applicable law. Updates will be reflected in the effective date on this page.
Acceptable Use Policy
This Acceptable Use Policy (AUP) sets out the permitted and prohibited uses of our website and any deliverables we create for you. It applies to all users and clients.
5.1 Permitted Use
You may use our website and deliverables solely for:
- Accessing information about our services;
- Making legitimate business enquiries;
- Using deliverables for the commercial purpose for which they were contracted;
- Any other purpose expressly agreed in writing with Lexa Systems.
5.2 Prohibited Conduct
You must not use our website, services, or deliverables to:
- Violate any applicable local, national, or international law or regulation;
- Transmit any unsolicited or unauthorised advertising or promotional material (spam);
- Introduce any virus, trojan, worm, logic bomb, or other malicious or harmful material;
- Gain unauthorised access to any computer system or network;
- Interfere with or disrupt the integrity or performance of our website or services;
- Harvest, scrape, or collect data from our website without our express written consent;
- Impersonate any person or entity, or misrepresent your affiliation with any person or entity;
- Engage in any activity that is defamatory, discriminatory, fraudulent, or otherwise objectionable;
- Sub-license, sell, resell, or transfer any deliverable to a third party without our prior written consent;
- Reverse-engineer, decompile, or attempt to extract the source code of any software we provide.
5.3 Consequences of Breach
Breach of this AUP may result in immediate suspension or termination of access to our services, legal action, and notification to relevant law enforcement authorities. We reserve the right to cooperate fully with any investigation by such authorities.
5.4 Website Availability
We do not guarantee that our website will always be available, uninterrupted, or error-free. We may suspend, withdraw, or restrict availability for operational or security reasons without notice. We are not liable if, for any reason, our website is unavailable at any time.
Complaints & Contact
6.1 How to Raise a Concern
If you have any concern about how we handle your personal data, wish to exercise a data subject right, or have a complaint about our services, please contact us in the first instance:
6.2 ICO Supervisory Authority
If you are not satisfied with our response to a data protection concern, you have the right to lodge a complaint with the UK's supervisory authority:
Information Commissioner's Office (ICO)
Website: ico.org.uk
Helpline: 0303 123 1113 (Monday to Friday, 9am–5pm)
Post: ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
You also have the right to bring a civil claim in court if you believe your data protection rights have been infringed.
6.3 Version History
| Version | Effective Date | Summary of Changes |
|---|---|---|
| v2.0 | 21 April 2026 | Full consolidation into single legal notices page. Enhanced UK GDPR compliance. Added Acceptable Use Policy, rights grid, and purposes table. Cookie table updated to reflect current tech stack. |
| v1.0 | 2024 | Initial legal notices published. |