Effective date: 28 September 2025
This Privacy Policy explains how Your Company Name (“we”, “us”) collects, uses, shares and protects your personal data when you interact with our website, products, and services. We comply with the UK GDPR and (where applicable) the EU GDPR. This page describes the types of data we process, the purposes and legal bases, how long we keep data, and your rights.
Data we collect
- Identity & contact: name, email, phone, company, role.
- Usage: pages viewed, clicks, device/browser, approximate location, referrer.
- Transactional: enquiries, proposals, contracts, invoices, project artifacts.
- Support: communications, meeting notes, feedback.
- Cookies: preferences, session management; analytics cookies where consented.
How we use your data (purposes & legal bases)
- Provide services & respond to enquiries
- To deliver projects, proposals, and support. Legal bases: contract, legitimate interests.
- Improve our website & services
- Diagnose issues, analyse traffic, enhance content. Legal bases: legitimate interests; consent for analytics cookies.
- Marketing communications
- With your consent (or soft opt‑in where permitted), we send updates you can opt out of anytime. Legal bases: consent, legitimate interests.
- Legal, compliance & security
- To prevent fraud, maintain security, and meet legal obligations. Legal bases: legal obligation, legitimate interests.
Cookies & analytics
We use essential cookies for site functionality. Non‑essential (e.g., analytics) cookies run only with your consent. You can change preferences via your browser or our cookie banner (where implemented).
Sharing your data
We may share limited data with trusted providers (e.g., hosting, analytics, CRM, productivity tools) under contract, solely to deliver our services. We do not sell your personal data. If required by law or to protect rights and safety, we may disclose information to authorities.
International transfers
Where data is transferred outside the UK/EEA, we use appropriate safeguards (e.g., UK IDTA/EU SCCs) and assess partner protections.
Data retention
We keep personal data only as long as needed for the purposes described or as required by law. Typical retention: enquiries (up to 24 months), project/contract data (up to 7 years), analytics data (per tool defaults or as configured).
Your rights
- Access, correction, deletion, and portability of your personal data
- Restriction or objection to processing (including legitimate interests)
- Withdraw consent at any time (where processing relies on consent)
- Complain to a supervisory authority (e.g., UK ICO) if you believe your rights are infringed
To exercise rights, contact us at privacy@yourdomain.com.
Security
We use reasonable technical and organisational measures to protect personal data. No method of transmission or storage is completely secure; we continuously improve our safeguards.
Children’s data
Our services are not directed at children. We do not knowingly collect personal data from individuals under 16.
Third‑party links
Our site may link to external websites. Their privacy practices are governed by their own policies.
Changes to this policy
We may update this policy from time to time. The “Effective date” reflects the latest version.
This policy is a general template and does not constitute legal advice. Please tailor to your specific processing activities.