Webartifice Privacy Policy

The plain-English version

Listen, we get it. Nobody enjoys reading privacy policies — they’re usually written by robots, for robots. But because we value honesty (and the law requires it), here’s a plain-English account of how we handle your data, followed by the formal detail if you want it.

  • We don’t sell your data. Ever. We think that’s a rubbish way to do business.
  • We only collect what we need. Fill in our contact form and we ask for your name and email, so we can actually reply. Hire us, and we keep your business details so we can invoice you.
  • Cookies, only with your say-so. A few essential cookies keep the site running. Anything else — like Google Analytics — waits until you’ve agreed to it via our cookie banner. The full breakdown is in our Cookie Policy.
  • We don’t hoard data. When we stop working together, your information doesn’t sit around forever. We clear out old data after 18 months, unless the tax man makes us keep it for accounting.
  • Want out? Email help@webartifice.co.uk and we’ll wipe your details from our systems.

The formal part

Data Controller: Stephen Tunnicliffe, trading as Webartifice
Contact: help@webartifice.co.uk · 115 Castlemain Avenue, Southbourne, Bournemouth, Dorset, BH6 5ER · 01202 375 274
ICO Registration Number: ZB992097

Under the UK General Data Protection Regulation (UK GDPR), we’re required to set out how we process your personal data — the legal bases, the timescales, and your rights. Here it is.

1. Lawful bases for processing

We only process your personal data where we have a valid legal reason to do so.

  • Consent. When you fill in a contact or enquiry form, you give us your consent to use those details to respond to you. You can withdraw that consent at any time.
  • Legitimate interests. For ordinary business-to-business communication, project management and operational emails with clients and prospective clients, we process data under our legitimate interest in providing web consultancy and development services.
  • Legal obligation. Where we’re legally required to keep records — financial transactions and invoicing for HMRC, for instance — our processing is based on meeting that statutory obligation.

2. How long we keep it

We don’t hold personal data indefinitely. Our retention is set as follows.

  • General business and enquiry data. Contact details, emails and project correspondence are kept for up to 18 months from our last active contact or the end of a project, then securely deleted.
  • Financial and accounting records. Personal data attached to invoices, contracts or financial transactions is kept for 6 years after the end of the relevant tax year, in line with UK company and tax law (including HMRC requirements).

3. Third-party data transfers

We use reputable third-party providers to run the business — Google for website analytics, and our secure email and hosting providers. The specific providers that set cookies are listed in our Cookie Policy.

Where any of these process data outside the UK or the European Economic Area, we make sure appropriate safeguards are in place — such as Standard Contractual Clauses (SCCs), International Data Transfer Agreements (IDTAs), or the UK extension to the EU–US Data Privacy Framework — so your data stays protected.

4. Your rights

Under the UK GDPR you have specific rights over your personal data, which you can exercise at any time by contacting us.

  • Right of access. Ask for a copy of the personal data we hold about you.
  • Right to rectification. Ask us to correct anything inaccurate or incomplete.
  • Right to erasure (“right to be forgotten”). Ask us to delete your data, provided we don’t have an overriding legal obligation — such as HMRC record-keeping — to retain it.
  • Right to restrict or object. Object to us using your data under legitimate interests, or for marketing.
  • Right to data portability. Where we process your data by automated means on the basis of consent or a contract, you can ask to receive it, or have it passed to another provider, in a portable format.
  • Right to withdraw consent. Where you gave consent — a form submission, say — you can take it back at any time.

If you feel we’ve handled your data badly, you can lodge a complaint with the Information Commissioner’s Office at ico.org.uk. We’d appreciate the chance to put it right with you directly first, though.

Last updated: 13/06/2026 · Next review: June 2027