We are committed to protecting and respecting your privacy.
- Information About Us
- What information we collect about you
– Contact Form, Email or Telephone Enquiries
– Website comments
– Embedded content
- Who we share your data with
- How long we retain your data
- What rights you have over your data
- Where we send your data
- How we protect your data
- Data Breaches
- Customer Website Data
Information About Us
We respect your privacy, and aim to comply with the latest data protection regulations. This policy explains how we collect and handle data relating to website visitors. Please note that this policy may be altered in the future. It was last updated in January 2022. Our website address is: www.greystokewebdesign.co.uk
Greystoke Web Design Ltd. Registered in England, Company Number 13652856
Registered Office 1 Hay Meadow Garth, Greystoke, Penrith, Cumbria, CA11 0UR
Registered with the ICO under ZB285081
What information we collect, and why we collect it
Contact Form, Email or Telephone Enquiries
As Greystoke Web Design, we (the Data Controller) will collect your name, address, email address and telephone number. We may do this via email or telephone, or the contact form on our website. We will also hold details of the services we provide to you, including the date we provided them. If you submit a request via a contact form, we will also collect your IP address.
Why we need to collect it
We need to collect minimal personal information so we can provide the products and services you have requested from us, enter into contracts with you, and send you invoices and receipts. When you contact us via a contact form, we also need to collect your IP address to help prevent spam.
We will never contact you with details of any other products or services that we may provide in the future.
We need to keep track of when we provided services to you so our records are up to date and accurate, and so that we can delete non-essential data (See below).
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
Comments – Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. This is because visitors to the website can download and extract any location data from images on the website.
Comments – Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Who we share your data with
We will never share the data you provide with any 3rd party unless absolutely necessary for the core operations of our business. We will never share your data with a 3rd party for marketing purposes.
When a contact form or a comment is submitted via this website, that data is shared with Kualo Limited (“
How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
If you submit a contact form, the contact form data is retained only until we have the chance to respond to your query. We will then delete the contact form data from
Customers: HMRC requires us to keep business records for 6 years following the end of the last company financial year: https://www.gov.uk/running-a-limited-company/company-and-accounting-records. These records include invoices and receipts with relevant customer details. We will conduct an annual audit in October of each year to ensure that all relevant customer details that can be deleted are securely destroyed. We will only hold data for confirmed customers. Any inquiries which do not result in business will be deleted.
What rights you have over your data
Right to ask us what personal data we hold
You have the right to access any personal data we hold for you. Please be aware that if you do so, for your own security, we may need to ask you additional questions to verify your identity, before we release that information.
If you have left comments on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Right to be forgotten
You have the right to ask us to delete any personal data we hold for you. This request should be made in writing so we both have a record. Again you can request this by contacting us at Please be aware that if you do so, for your own security, we may need to ask you additional questions to verify your
Right to complain
If you believe the information we hold on you is incorrect you can request to see it and have it corrected or deleted. To raise a complaint about how we have handled your personal data, you can contact us at
If you are not satisfied with our response or do not believe we are processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Where we send your data
Visitor comments may be checked through an automated spam detection service, because we need to protect our website from spam.
How we protect your data
All traffic between your browser and our website is encrypted and protected via SSL (Secure Socket Layers).
Data submitted via a contact form or comments will be stored under our account on
All personal data retained by us is held on a secure network storage drive, encrypted, and protected by a strong, unique password.
Finally, we will report any unlawful data breach of this website’s database or the databases of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Customer Website Data
Thank you for reading!
Updated on 14/01/2022 to add ICO registration details
Updated on 17/10/2021 to reflect the new limited company status
Update on 22/08/2020 to add in use of ManageWP.