I am committed to protecting and respecting your privacy.
1. What information I collect about you
– Contact Form, Email or Telephone Enquiries
– Website comments
– Embedded content
2. Who I share your data with
3. How long I retain your data
4. What rights you have over your data
5. Where I send your data
6. How I protect your data
7. Data Breaches
What information I collect, and why I collect it
Contact Form, Email or Telephone Enquiries
As Greystoke Web Design, I (the Data Controller) will collect your name, address, email address and telephone number. I may do this via email or telephone, or the contact form on my website. I will also hold details of the services I provide to you, including the date. If you submit a request via a contact form, I will also collect your IP address.
Why I need to collect it
I need to collect minimal personal information so I can provide the products and services you have requested from me, enter into contracts with you, and send you invoices and receipts. When you contact me via a contact form, I also need to collect your IP address to help prevent spam.
I will never contact you with details of any other products or services that I may provide in the future.
I need to keep track of when I provided services to you so my records are up to date and accurate, and so that I can delete non-essential data (See below).
When visitors leave comments on the site I collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Comments – Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. This is because visitors to the website can download and extract any location data from images on the website.
Comments – Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who I share your data with
I will never share the data you provide with any 3rd party unless absolutely necessary for the core operations of my business. I will never share your data with a 3rd party for marketing purposes.
When a contact form or a comment is submitted via my website, that data is shared with Kualo Limited (“
How long I retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so I can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
If you submit a contact form, the contact form data is retained only until I have the chance to respond to your query. I will then delete the contact form data from
Customers: HMRC requires me to keep business records for 5 years following the 31st January tax year deadline submission for the relevant tax year: www.gov.uk/self-employed-records/how-long-to-keep-your-records. These records include invoices and receipts with relevant customer details. I will conduct an annual audit in February of each year to ensure that all relevant customer details that can be deleted are securely destroyed. I will only hold data for confirmed customers. Any inquiries which do not result in business will be deleted.
What rights you have over your data
Right to ask me what personal data I hold
You have the right to access any personal data I hold for you. Please be aware that if you do so, for your own security, I may need to ask you additional questions to verify your identity, before I release that information.
If you have left comments on this site, you can request to receive an exported file of the personal data I hold about you, including any data you have provided to me. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
Right to be forgotten
You have the right to ask me to delete any personal data I hold for you. This request should be made in writing so we both have a record. Again you can request this by contacting me at firstname.lastname@example.org Please be aware that if you do so, for your own security, I may need to ask you additional questions to verify your
Right to complain
If you believe the information I hold on you is incorrect you can request to see it and have it corrected or deleted. To raise a complaint about how I have handled your personal data, you can contact me at email@example.com
If you are not satisfied with my response or do not believe I am processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Where I send your data
Visitor comments may be checked through an automated spam detection service, because I need to protect my website from spam.
How I protect your data
All traffic between your browser and my website are encrypted and protected via SSL (Secure Socket Layers).
Data submitted via a contact form or comments will be stored under my account on
All personal data retained by me is held on a secure network storage drive, encrypted, and protected by a strong, unique password. Only I have access to your data records.
Finally, I will report any unlawful data breach of this website’s database or the databases of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Thank you for reading!
Now please take a minute to review your cookies, if you haven’t already done so!