We take data seriously, which is why we only ask for what we need. This document sets out how we’re complying with the General Data Protection Regulation (GDPR) to keep your personal information safe.
If you have any questions or concerns, please get in touch
When we say “Grow Your Website”, “we”, “I”, or “us”, we are referring to Grow Your Website. When we say, “services”, we are referring to Grow Your Website providing website design, website development or digital consultancy services to individuals and businesses.
What data do we collect?
Upon our first interaction, we only ever ask for your:
- email address
- company name
- website address
- telephone number (optional)
Should you appoint us to work with you, we’ll enter a contract together, at which point, we’ll request your address, for invoicing purposes.
You may share other information about yourself before, during or after the service you engage with, for example, your full company details within your email signature – as with all data we come in to contact with, we promise not to share this.
Why do we collect your personal information?
We collect your information to:
- keep you up to date, if you subscribed to our mailing list
- arrange and conduct a website review or any other service for you/your business
- ask for your feedback on your experience with us
- process invoices and quotes
- respond to any queries or requests
- promote the work we’ve done for you via our website and social media
- to follow up on your satisfaction levels with regards to the service delivered by Grow Your Website
- comply with legal requirements
Who has access to your information?
Grow Your Website collects and has access to your information. Under no circumstances, will we sell or share your data.
All third party data processors used on this website are GDPR compliant. Here’s what we use:
- The Grow Your Website Team have access to your information in order to deliver a great customer experience.
- WordPress is the platform used to develop this website.
- Fluent Forms is used for all of the online enquiry forms on this website.
- MailerLite is used for our mailing list subscriptions and to send hints, tips and offers direct to your inbox.
- Totemic IT provide our secure web hosting and the domain name for this website.
- Google Analytics is used to track the use of our website.
- HotJar is used to analyse your experience while using our website.
- Microsoft Outlook, Google Drive and One Drive are used to communicate and store client information.
Where is your data stored/used?
All data is stored on a secure computer, One Drive or Google Drive and can only be accessed by the Grow Your Website team.
From time to time, we like to shout about the great work we do. This will almost always include tagging you and your business in a post about a project we’ve worked on together – a success story – but if you tell us you don’t want to be tagged or mentioned, please let us know.
We tend to share our success stories and client feedback via:
We may also promote our services, using a quote given by you, online or in printed marketing.
How long is your data stored?
Personal data shall be processed and stored for as long as required by the purpose they have been collected for.
- If a client has appointed Grow Your Website to deliver a project (big or small), client data will be retained until such contract has been fully delivered, plus 12 months after.
- If an individual has subscribed to one of our mailing lists, their data will be stored until they unsubscribe.
- For the purposes of accountancy and tax, any invoices and receipts will be stored for the length of time required HMRC, currently six years.
- Grow Your Website may to retain personal data for a longer periods whenever the client has given consent to such processing, as long as such consent is not withdrawn.
- Furthermore, the Grow Your Website may be obliged to retain personal data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.
Once the retention period expires, personal data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
The GDPR provides the following rights for individuals (data subjects), the right to/of:
- be informed
- restrict processing
- data portability
- Also, rights in relation to automated decision making and profiling.
If you would like a copy of some or all of your personal information or to request rectification or erasure, please get in touch. We will respond to your request to modify or delete information within 28 days.