Privacy Policy
Last updated: 13 December 2025
This website is operated by an individual based in the UK. Personal data is handled in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. What data is collected
Only the following data may be collected:
Anonymous analytics data
Anonymous analytics cookies are used to understand how the site is used (for example, page views and traffic sources).
IP addresses are anonymised, and no data is collected unless consent is given via the cookie banner.
Email correspondence
If contact is made by email, the email address, name, and message content will be stored in the email inbox for the purpose of responding and ongoing communication.
No contact forms, accounts, or user profiles are used on this website.
2. How data is used
Personal data is used only for:
- Understanding general website usage (analytics, with consent)
- Responding to enquiries
- Communicating with clients
- Invoicing and basic business administration for active or former clients
Data is not used for marketing lists, profiling, or automated decision-making.
3. Client data
For working clients, limited business and contact information may be stored, including:
- Name
- Business name
- Email address
- Phone number
- Business address (for invoicing only)
Client information is stored using tools such as Notion, Google Workspace, and Microsoft OneDrive, which act as GDPR-compliant data processors. Data is anonymised where possible and reviewed periodically, with deletion or anonymisation carried out once it is no longer required.
Project files are stored locally on encrypted hard drives and backed up to encrypted external drives. Finished projects are archived separately using encrypted storage.
4. Legal basis for processing
Data is processed on the following lawful bases:
- Consent — for analytics cookies
- Legitimate interests — to respond to enquiries and communicate with clients
- Legal obligation — for invoicing and financial record-keeping where required
5. Data sharing
Personal data is not sold or shared with third parties.
Where third-party services are used to support business operations (such as analytics, cloud storage, or documentation tools), they are used solely for that purpose and are selected for GDPR compliance. These services act only as data processors and do not use the data for their own purposes.
6. Data retention
- Analytics data is retained in aggregated, anonymous form.
- Email correspondence is retained only as long as reasonably necessary.
- Client data is reviewed periodically and deleted or anonymised when no longer required.
7. Your rights
Under UK GDPR, the following rights apply:
- The right to access personal data
- The right to request correction or deletion
- The right to withdraw consent (for analytics cookies)
- The right to object to or restrict processing in certain circumstances
Requests can be made by email.
8. Contact details
For privacy-related queries or data requests, contact can be made via email at:
