Who we are Our work What we do How we work Pricing Articles Insights Let's talk
Legal Approx. 10 min read

Privacy Policy

How we collect, use, and protect your data in compliance with UK GDPR.

VisualWeb Ltd (company number 16870681) is the controller of personal data collected via visualweb.co.uk, via enquiries and proposals, and when delivering our services. This Privacy Policy explains what we collect, why we collect it, how we share it, and the rights you have under UK GDPR, the Data Protection Act 2018, and (for cookies and marketing) the Privacy and Electronic Communications Regulations 2003 (PECR).

Controller Details

Name: VisualWeb Ltd

Address:

Company Number: 16870681

Email:

Data Protection Officer: Please contact us directly using the details above.

If you do not agree with this Policy, please do not use our Site or provide personal data.

1. Personal Data We Collect and How We Use It

We collect and process personal data for the specific purposes outlined below. The lawful basis for processing is indicated for each category.

Category of DataPurposeLawful Basis
Identity & Contact
(Name, email, phone, job title)		To respond to enquiries, provide proposals, manage our relationship, and communicate with you.Contract (performance or steps prior)
Legitimate Interests (business communication)
Financial & Transactional
(Billing address, payment details, invoices)		To process payments, manage accounts, and maintain financial records.Contract
Legal Obligation (tax/accounting)
Technical & Usage
(IP, browser, device info, logs)		To secure our Site, prevent fraud, ensure load balancing, and analyse performance.Legitimate Interests (network security, running our business)
Consent (for non-essential cookies)
Marketing
(Preferences, interaction data)		To send relevant newsletters or updates about our services.Consent
Legitimate Interests (soft opt-in for existing clients)
Recruitment
(CVs, cover letters)		To assess applications for employment or freelance work.Contract (steps prior)
Legitimate Interests

Legitimate Interests: Where we rely on legitimate interests, we have balanced our business interests against your rights and freedoms. For example, we have a legitimate interest in keeping our Site secure and understanding how it is used to improve our services.

2. Data Sharing and International Transfers

We do not sell your personal data. We share data only with the following categories of recipients under written agreements that ensure confidentiality and compliance with UK GDPR:

  • Service Providers: Hosting, email, CRM, analytics, and project management tools (acting as processors).
  • Professional Advisers: Lawyers, accountants, and insurers (acting as controllers or processors).
  • Authorities: HMRC, regulators, or law enforcement where required by law.
  • Business Transfers: Potential buyers or investors in the event of a merger or sale.

International Transfers: Some of our service providers are located outside the UK or EEA (e.g., in the USA). We ensure your data is protected by using UK-approved safeguards, such as:

  • Adequacy Regulations: Transferring to countries deemed to provide adequate protection (e.g., the UK-US Data Bridge).
  • Standard Contractual Clauses (SCCs) / IDTA: Using UK-approved contracts that mandate data protection standards.

3. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected.

  • Enquiries: Up to 24 months from the last meaningful contact.
  • Client Contracts & Financial Records: 7 years after the end of the financial year in which the transaction occurred (for tax and legal limitation periods).
  • Technical Logs: Typically 12 months, unless required for security investigation.
  • Recruitment: 12 months after the vacancy closes (unless you consent to longer).

When data is no longer required, we securely delete or anonymise it. We review our retention periods regularly.

4. Cookies and Similar Technologies

Our Site uses cookies (small text files placed on your device) to distinguish you from other users and improve our services. We use the following types:

  • Strictly Necessary: Essential for the operation of the Site (e.g., security, page navigation). These are always active.
  • Analytics & Performance: Help us understand visitor counts and traffic sources (e.g., Google Analytics). We only set these with your active consent.
  • Marketing: Track your activity to display relevant ads. We only set these with your active consent.

You can manage your preferences via our cookie banner or browser settings.

5. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or destruction. These include encryption in transit (TLS), access controls, and vendor security assessments.

6. Your Rights

Under the UK GDPR, you have specific rights regarding your personal data. You can exercise these rights free of charge by contacting us at .

  • Right to be Informed: To be informed about how we collect and use your data (as set out in this Policy).
  • Right of Access: To request a copy of the personal data we hold about you.
  • Right to Rectification: To request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): To request deletion of your data where there is no compelling reason for us to keep it.
  • Right to Restrict Processing: To block or suppress processing of your data in certain circumstances.
  • Right to Data Portability: To obtain and reuse your data for your own purposes across different services.
  • Right to Object: To object to processing based on legitimate interests or direct marketing.
  • Rights related to Automated Decision Making: We do not use automated decision-making or profiling that produces legal effects.
  • Right to Withdraw Consent: Where we rely on consent (e.g., for cookies), you can withdraw it at any time.

Right to Complain: If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Information Commissioner’s Office (ICO)

Website: ico.org.uk

Helpline: 0303 123 1113

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

7. Children's Privacy

Our Site and services are not directed at children under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child without verification of parental consent, we will take steps to remove that information from our servers.

8. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new policy on this page with a new effective date.

Last Updated: November 26, 2025

Contact Us