Privacy Policy | Grant Web Design

Introduction

Grant Web Design ("we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store and share personal information when you visit https://grantwebdesign.com, contact us, request a quote or use our services.

Data controller

Data controller: Grant Web Design (Ben Grant).
Email: benandrewgrant@gmail.com
Address: [business address]

Personal data we collect

Contact & identifying data: name, business name, email, phone, postal address, billing details.
Transactional & contract data: proposals, contracts, invoices, payment confirmations, project notes.
Technical data: IP address, browser, device, pages visited, timestamps, cookies (see Cookie Policy).
Communications data: emails, contact form messages, support logs.
Payment data: payment processor references (we do not store full card numbers).

How we collect data

Directly from you when you submit forms, email us, sign contracts or pay invoices; automatically via cookies & analytics; and from third parties where permitted (payment processors, directories, referrals).

Legal bases for processing

We process personal data on the following legal bases under GDPR:

Contract: to perform and manage services you request (design, hosting, maintenance).
Consent: for optional marketing and non-essential cookies (you may withdraw consent anytime).
Legal obligation: compliance with tax and accounting laws.
Legitimate interests: operating, securing and improving our website and services (analytics, fraud prevention) provided your rights are not overridden.

Purpose of processing

We use personal data to respond to enquiries, provide and manage services, process payments, communicate service updates, comply with legal obligations, and improve our website via analytics. Marketing is only sent with consent.

Third-party processors

We use third-party processors under contract. Common examples include:

Form handling: Formspree (contact form submissions)
Hosting & CDN: your web host / Cloudflare (if used)
Analytics: Google Analytics (GA4) or Plausible
Email providers: Google Workspace, Mailgun, SendGrid (if used)
Payments: Stripe, PayPal (we do not store card numbers)

If any processor transfers data outside the EEA we use appropriate safeguards (SCCs, Data Privacy Framework or equivalent). Update this list to match services you use.

Data retention

Enquiries/leads: retained up to 12 months unless you become a client. Client contracts & accounting records: retained for the duration of the contract and up to 7 years for legal/tax reasons (adjust per your accountant). Backups/support logs: retained only as necessary (e.g., 30–90 days) unless law requires longer retention.

Your rights

Access: request a copy of your personal data.
Rectification: correct inaccurate data.
Erasure: request deletion where lawful (some data retained for legal reasons).
Restriction: limit processing in certain situations.
Portability: receive a machine-readable copy of data you provided.
Objection: object to processing under legitimate interests or for direct marketing.

To exercise rights contact: benandrewgrant@gmail.com. We aim to respond within one month (may extend where complex).

Complaints

If you are unhappy with how we handle your personal data, you may lodge a complaint with the Data Protection Commission (Ireland): https://www.dataprotection.ie.

Security

We implement appropriate technical and organisational measures including HTTPS, access controls, regular updates and secure backups. In the event of a data breach we will notify affected individuals and regulators as required by law.

Children

Our services are not directed at children under 16 and we do not knowingly collect personal data from children.

International transfers

Some processors may transfer data outside the EEA. Where this happens, we ensure appropriate safeguards such as SCCs or equivalent protections are in place.

Marketing

We send marketing communications only with your consent. You may opt out via unsubscribe links or by emailing privacy@grantwebdesign.com.

Changes to this policy

We may update this policy periodically. The Effective Date above shows the current version.

Contact

Data Controller: Grant Web Design (Ben Grant)
Email: benandrewgrant@gmail.com
Address: [business address]