0800 061 4038 Start your site →

Privacy notice.

Plain English, UK GDPR. Effective 23 April 2026. Last updated 30 April 2026.

1. Who we are.

Web Wise North Limited is a UK-registered company (England & Wales, company number 17194003) and the data controller for any personal data you share with us. Contact: nova@webwisenorth.co.uk.

2. What we collect.

  • When you enquire, book a build, or use a free tool: your name, business name, email, phone (if given), the content of your message, and the inputs you put into our calculators (cost calculator sliders, quiz answers, audit URL, etc).
  • When you become a customer: plus your billing address, VAT details (if applicable), domain and hosting logins we set up on your behalf, any brand assets and copy you share.
  • When you visit the site: anonymous usage data (page views, referrer, rough location from IP, device type) via Google Analytics 4 and Microsoft Clarity (heatmaps + session replays — anonymised), and Meta Pixel for ad attribution. All only fire if those tools are configured.
  • When you submit a free tool (audit, cost calculator, quiz, damp-check): we run a Google PageSpeed scan on the URL you give us (audit only — sent directly to Google), email you a result, send a confirmation SMS via TextMagic if you supplied a UK mobile, and notify Andrew via Telegram bot.
  • When you book a call: Cal.com (cal.eu/andrewdixon/...) collects your name, email, phone, and chosen slot to put the meeting in our calendar.
  • Server logs: your IP address and request metadata, held by our hosts (Netlify, Cloudflare) for security and abuse prevention for up to 30 days.

3. Why we have it (legal basis).

  • Replying to your enquiry — legitimate interest (you asked us to).
  • Delivering a build you've paid for — performance of a contract.
  • Sending you project updates and the occasional service email — legitimate interest; you can opt out anytime.
  • Analytics cookies — your consent; you can refuse or withdraw.
  • Accounting and tax records — legal obligation (HMRC requires 6 years of records).

4. Who we share it with.

Only the providers we need to run the service. All are UK/EU data-protection compliant or under UK-adequate transfer arrangements:

  • Stripe — payment processing. Card details go to Stripe directly; we never see them.
  • Netlify and Cloudflare — hosting, DNS, form submissions, security.
  • Google Workspace — email, documents.
  • Resend — outbound email delivery (audit reports, confirmations, notifications).
  • Google PageSpeed Insights API — runs the technical audit on the URL you give us (audit only). Result is shared back to you and not stored beyond a 24-hour cache for repeat URLs.
  • TextMagic — sends the speed-to-lead SMS confirmation when you supply a UK mobile.
  • Telegram — internal notification only (alerts Andrew when you submit a form so he can reply quickly). Your details stay between you and Andrew.
  • Cal.com (EU) — booking a call. They host the booking page and put the meeting in our calendar.
  • Google Analytics 4 and Microsoft Clarity — anonymous site analytics + heatmaps + session replays. Fire only if you accept analytics cookies in the banner.
  • Google Ads and Meta (Facebook) Pixel — paid-traffic attribution and retargeting. Fire only if you accept advertising cookies in the banner. Currently configured but inactive until paid campaigns launch.
  • HMRC and our accountant — for tax and statutory records.

We do not sell, rent, or swap your data. Ever. Nor is it used to train AI models.

5. How long we keep it.

  • Enquiries that don't turn into projects: up to 12 months, then deleted.
  • Customer records: life of the project + 6 years after, for HMRC.
  • Care-plan customers: duration of the plan + 6 years after cancellation.
  • Analytics data: 14 months (Google Analytics default), anonymised after.
  • Server logs: up to 30 days.

6. Your rights under UK GDPR.

You have the right to:

  • Ask what data we hold about you (subject access request)
  • Correct anything that's wrong
  • Ask us to delete your data (subject to our legal record-keeping duties above)
  • Restrict or object to processing — including opt-out of any marketing email
  • Receive a copy of your data in a portable format
  • Withdraw consent at any time

Email nova@webwisenorth.co.uk to exercise any of these. We reply within one working day and act within the statutory 30 days.

7. Cookies.

We split cookies into three categories. The banner you saw on first visit lets you choose which to allow. You can change your mind any time:

  • Necessary — the small first-party cookies essential for the site to work (session, CSRF, preference memory). Always on.
  • Analytics — Google Analytics 4 (`_ga`, `_ga_*`, retained 14 months) and Microsoft Clarity (`_clck`, `_clsk`, retained 1 year). Help us see which pages convert. Off by default.
  • Advertising — Google Ads (`_gcl_*`, retained up to 90 days) and Meta Pixel (`_fbp`, `fr`, retained up to 90 days). Used for paid-traffic attribution and retargeting. Off by default. Currently configured but inactive until paid campaigns launch.

Manage cookie preferences →

8. Security.

The site runs on TLS (https everywhere). Form submissions are encrypted in transit. Customer data is held in access-controlled accounts with 2FA. If we ever suffer a data breach that puts your rights at risk, we will notify you and the ICO within 72 hours as required.

9. Complaints.

If you're unhappy with how we've handled your data, please email us first — we'd rather put it right. If we can't resolve it, you have the right to complain to the UK Information Commissioner's Office: ico.org.uk, 0303 123 1113.

10. Updates to this notice.

If we update this notice we'll refresh the date at the top and, if the changes are material, email any active customers affected. Older versions are kept on request.

11. Contact.

Questions about this privacy notice — email nova@webwisenorth.co.uk.

📞 Call Free audit