Privacy Policy: Your Data, Our Promise at Web Weaver Wizard Welcome to Web Weaver Wizard! We're not just about weaving amazing websites; we're also committed to protecting your privacy and handling your personal data with the utmost care and respect. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, webweaverwizard.com, or engage with our services. Your trust is incredibly important to us. This policy complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. 1. Who We Are (Your Data Controller) Web Weaver Wizard is a trading name For the purposes of data protection law, we are the data controller responsible for your personal data. You can contact us about privacy matters at: Email: tony@webweaverwizard.com Phone: 07300325347 2. The Data We Collect (What We Gather & Why) We only collect personal data that is necessary for us to provide our services and manage our business effectively. a) Information You Provide to Us Directly: When you interact with us, you might provide: Contact Data: Your name, email address, phone number. Business Data: Your company name, business address, website URL, and details about your services or project needs. Communication Data: Any information you provide when you contact us via our contact form, email, phone calls, or during meetings (in-person or virtual). Why we collect this: To respond to your enquiries, provide quotations, understand your project requirements, communicate effectively about your project, and deliver our web design services. b) Information We Collect Automatically (Website Usage Data): When you visit webweaverwizard.com, we may collect: Technical Data: Your IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform. Usage Data: Information about how you use our website, including the pages you visit, the time spent on those pages, unique device identifiers, and referral sources. Why we collect this: To ensure our website functions correctly, understand how visitors use our site, improve user experience, and for internal analytics and troubleshooting. This data is generally anonymised or aggregated and does not identify you directly. c) Information from Other Sources: Occasionally, we might receive information about you from third parties, such as: Analytics Providers: Google Analytics (based outside the UK/EEA, but operating under EU-US Data Privacy Framework) provides anonymised usage data. Social Media Platforms: If you interact with us on platforms like Instagram, we may see public information from your profile. Why we collect this: To enhance our understanding of our website performance and marketing effectiveness. 3. How We Use Your Data (Our Legal Basis) We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances: To perform the contract we are about to enter into or have entered into with you (e.g., to build your website). Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (e.g., to improve our services, for marketing if you are an existing client or have enquired). Where we need to comply with a legal obligation (e.g., for tax and accounting purposes). With your consent, where we specifically ask for it (e.g., for certain marketing communications, though often our marketing is based on legitimate interest). Specifically, we use your data for: Providing and managing our services: To communicate about your project, send invoices, deliver the website, and provide support. (Legal Basis: Contract, Legitimate Interest). Responding to enquiries: To answer your questions and provide quotes. (Legal Basis: Legitimate Interest, Pre-contractual steps). Improving our website and services: To understand how our website is used and make improvements. (Legal Basis: Legitimate Interest). Marketing (with care!): To send you updates, news, or offers about our services that we believe might be of interest to you, particularly if you've enquired or are an existing client. You can always opt-out. (Legal Basis: Legitimate Interest, Consent where appropriate). Legal & regulatory compliance: To comply with our legal obligations. (Legal Basis: Legal Obligation). 4. Sharing Your Data (When We May Disclose Information) We will never sell your personal data. We may share your data with trusted third parties only where necessary to provide our services or manage our business: Service Providers: Third-party companies who provide services on our behalf, such as hosting providers, email platforms, payment processors, or analytics services. We only share the minimum data necessary and ensure they comply with data protection laws. Professional Advisors: Our lawyers, accountants, or other professional advisors where necessary for legal or financial advice. Legal Compliance: If required by law, court order, or governmental regulation. We ensure all third parties respect the security of your personal data and treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes. 5. International Transfers (Where Your Data Might Travel) Some of our service providers may be based outside the UK or European Economic Area (EEA). Whenever we transfer your personal data out of the UK/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: The transfer is to a country deemed to provide an adequate level of protection for personal data by the UK government. Specific contracts approved by the UK government are in place which give personal data the same protection it has in the UK. For transfers to the USA, data may be transferred to organisations that are part of the EU-US Data Privacy Framework (which the UK government has recognised as adequate). 6. Data Security (Keeping Your Data Safe) We've implemented appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. 7. Data Retention (How Long We Keep Your Data) We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements. Generally, for client records and transactional data, we retain it for up to 6 years after the end of our relationship to comply with tax and accounting obligations. Marketing consent is reviewed periodically. 8. Your Legal Rights (Your Data, Your Control!) Under UK GDPR, you have important rights regarding your personal data. You have the right to: Request access to your personal data (commonly known as a "data subject access request"). Request correction of the personal data that we hold about you. Request erasure of your personal data (where there is no good reason for us to continue processing it). Object to processing of your personal data where we are relying on a legitimate interest. Request restriction of processing of your personal data. Request the transfer of your personal data to you or to a third party. Withdraw consent at any time where we are relying on consent to process your personal data. If you wish to exercise any of these rights, please contact us using the details in Section 1. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). 9. Cookies (Our Little Digital Helpers) Our website uses cookies to help us improve your experience. Cookies are small text files placed on your device. We use them for: Essential functionality: To make our website work properly. Analytics: To understand how people use our website (e.g., Google Analytics). You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. We will typically use a cookie consent banner to manage your preferences. 10. Changes to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. 11. Complaints (If You're Not Happy) We hope we can resolve any query or concern you may have about our use of your information. However, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance. Thank you for trusting Web Weaver Wizard with your data. We're here to make your online journey secure and successful! Last updated: 2nd June 2025