Privacy Policy

Without Limits Group (Trading as Without Limits Originals, Without Limits Creative, formerly Lumexi Studios)

Effective Date: Wednesday, 18th February 2026

1. Who We Are

Without Limits Group is a UK registered partnership operating from the United Kingdom.

We trade as:

• Without Limits Originals

• Without Limits Creative

• Formerly Lumexi Studios

For the purposes of UK data protection law, Without Limits Group acts as a data controller.

We are registered with the UK Information Commissioner’s Office (ICO).

If you have any questions about this Privacy Policy or your personal data, you can contact us at:

Email: data@withoutlimitsgroup.com

2. The Personal Data We Collect

2.1 Information You Provide to Us

We collect personal data when you:

• Submit an enquiry via our website

• Complete a Google Form

• Contact us directly

• Engage our services

• Opt in to marketing communications

This may include:

• Full name

• Email address

• Phone number

• Physical address

• Company details (if provided)

We collect this information for communication, administrative, contractual, and service delivery purposes.

2.2 Information Collected Automatically

When you visit our website (hosted via Wix), we may collect:

• IP address

• Browser type and device information

• Pages visited

• Website interaction data

3. How We Use Your Data

We use personal data to:

• Respond to enquiries

• Provide and manage contracted services

• Maintain client relationships

• Send marketing communications (where consent has been given)

• Improve our website and services

• Maintain internal business records

• Comply with legal, regulatory, & crime solving obligations

We do not sell, rent, or trade personal data.

4. Lawful Basis for Processing (UK & EU Users)

Under UK GDPR, we rely on:

• Consent – for marketing communications and non-essential cookies

• Contract – where processing is necessary to provide services

• Legitimate Interests – to operate, improve, and protect our business

• Legal Obligation – where required by law

Where we rely on consent, you may withdraw it at any time

5. Marketing Communications

We may send marketing communications only where you have explicitly opted in.

You may withdraw consent at any time by:

• Clicking an unsubscribe link (if present), or

• Emailing data@withoutlimitsgroup.com

We do not send unsolicited marketing communications.

6. Payments

We do not accept payments directly through our website.

Where payments are required for services, they are processed securely via Stripe, a third-party payment processor. Or via bank transfer. We do not store or process credit card details.

Stripe processes personal data in accordance with its own privacy policy.

7. Third-Party Service Providers

We use trusted service providers to operate our business, including:

• Wix (website hosting and infrastructure)

• Google Analytics (website analytics)

• Google Workspace (email, file storage, forms)

• Notion (CRM and client management)

• n8n (workflow automation)

• Stripe (payment processing)

• Adobe (E-Sign)

• Third-Party Debt Collection Agencies

• HM Courts and tribunals service

  
  

Our website may embed content from:

• LinkedIn

• TikTok

• Instagram & Facebook (Meta)

• YouTube

• X

Embedded content may collect data as if you visited those platforms directly. We do not control third-party data practices and recommend reviewing their privacy policies.

8. International Data Transfers

Due to the use of international service providers and our provision of services to clients in the UK, Europe, the United States and the UAE, personal data may be processed outside the UK.

Where international transfers occur, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including:

• Client data: up to 6 years following the end of a contractual relationship to comply with UK tax and accounting obligations.

• Enquiry data: retained for a reasonable period unless a contractual relationship is established.

• Marketing data: retained until consent is withdrawn.

When personal data is no longer required, it is securely deleted or anonymised.

10. Your Rights

Under UK GDPR (and EU GDPR where applicable), you have the right to:

• Access your personal data

• Request correction of inaccurate data

• Request the deletion of your data

• Restrict processing

• Object to processing

• Request data portability

• Withdraw consent at any time

To exercise your rights:

• Clients may contact their project manager

• Website users may email data@withoutlimitsgroup.com

We may request proof of identity before fulfilling requests.

If you believe we have not handled your data appropriately, you have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) at www.ico.org.uk.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies in accordance with our Cookie Policy. Where required by law, we obtain prior consent before placing non-essential cookies (including analytics and marketing cookies) on your device.

You may manage or withdraw consent at any time via our cookie consent tool.

12. Data Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, misuse, alteration, or disclosure.

However, no internet-based system can be guaranteed to be completely secure.

13. Business Transfers

In the event of a merger, acquisition, restructuring, or sale of assets, personal data may be transferred as part of the business transaction, subject to appropriate safeguards.

14. Updates to This Policy

We may update this Privacy Policy from time to time. The most current version will always be available on our website with the updated effective date.