Privacy Policy

How we collect, use, and protect your personal information.

Last updated: 2 July 2026

Who we are

Digiweave is a UK-based web design service. Our website address is digiweave.co.uk. References to “we”, “us”, or “our” in this policy mean Digiweave.

Digiweave is the data controller for the purposes of UK GDPR and applicable data protection legislation in relation to the personal data described in this policy.

What personal data we collect and why

Contact forms and enquiries

When you submit an enquiry through our contact form, email us, call us, or otherwise get in touch, we collect the information you provide. This may include your name, email address, telephone number, business details, website address, project requirements, and the content of your message.

We use this information to respond to your enquiry, discuss your requirements, provide quotes and proposals, assess whether we can assist, manage our client relationships, and maintain appropriate business records.

This processing is carried out on the basis of our legitimate interests in operating our business, responding to prospective and existing clients, and managing pre-contract communications. Where the processing is necessary to take steps before entering into a contract with you, or to perform a contract with you, we may also rely on contract as the lawful basis.

Payments, billing, and client records

If you become a client, sign a service agreement, or make a payment to Digiweave, we may process personal data needed to manage your service, agreement, payment, subscription, invoices, receipts, and related business records.

This may include your name, business name, email address, telephone number, billing details, payment status, transaction references, invoice details, service plan, agreed pricing, agreed scope of work, contract details, and correspondence relating to your purchase or service.

We use this information to provide the agreed services, manage payments and subscriptions, issue invoices or receipts, maintain accounting and business records, handle support requests, respond to queries, manage renewals or cancellations, and comply with legal or regulatory obligations.

Payment processing is handled by Stripe. When you pay using a Stripe payment link or Stripe-hosted checkout page, your payment details are submitted directly to Stripe and processed in accordance with Stripe’s own privacy and security terms. Digiweave does not receive or store your full card number or full payment card security details.

The lawful bases for this processing are contract, where processing is necessary to take steps before entering into a service agreement or to perform our agreement with you; legal obligation, where we need to keep accounting, tax, and business records; and legitimate interests, where necessary to manage our business, maintain records, prevent fraud, resolve queries, or deal with disputes.

Client services and project delivery

Where we provide web design, website management, hosting, support, maintenance, ecommerce, booking, payment, integration, or related services, we may process information needed to deliver those services. This may include business contact details, website content, images, brand materials, technical information, project instructions, support requests, access details, and records of work carried out.

We use this information to provide and manage the services agreed with you, communicate with you about your project, maintain service records, provide support, and meet our contractual and legal obligations.

The lawful bases for this processing are contract, legitimate interests in providing and managing our services, and legal obligation where we are required to retain or process records for legal, accounting, or regulatory purposes.

Where we process personal data on behalf of a client in relation to that client’s own website, customers, users, enquiries, orders, bookings, or other end-user data, that processing will be governed by the relevant service agreement and any applicable data processing terms agreed with the client.

Technical and security information

Our website infrastructure and security systems may automatically process certain technical data, including IP addresses, browser and device information, request logs, timestamps, error logs, and security events.

We use this information to operate the website, protect it against unauthorised access and abuse, investigate technical issues, prevent spam or malicious activity, and maintain service continuity.

This processing is carried out on the basis of our legitimate interests in maintaining a secure, reliable, and functional website and business infrastructure.

Cookies and similar technologies

We do not use analytics, advertising, remarketing, or profiling cookies on this website.

Our website infrastructure and security systems may set strictly necessary cookies or similar technologies to protect the website and its users from abuse, fraud, and malicious activity. These are functional and security-related only. They are not used for tracking, profiling, or marketing purposes and do not require your consent under applicable UK data protection and privacy law.

Embedded third-party content

Some pages on this website include embedded video content hosted by YouTube, which is operated by Google LLC. This content is not loaded automatically. Where a video appears on a page, you will be shown a preview image and given the option to load the video.

If you choose to load embedded video content, the content will be retrieved directly from YouTube’s servers, and YouTube may set its own cookies and process your personal data in accordance with Google’s Privacy Policy. We recommend reviewing that policy before choosing to load any embedded content.

We are not responsible for the data practices of YouTube, Google, or any other third party whose content or services you choose to access via this website.

How long we retain your data

Contact form submissions and enquiry records are retained for as long as is reasonably necessary to respond to your enquiry, manage any resulting business relationship, and maintain appropriate business records.

Client, payment, invoice, contract, service, and accounting records are retained for as long as reasonably necessary for business administration, accounting, tax, legal, and record-keeping purposes. We may need to retain certain records even if you ask us to delete other personal data, where we have a legal obligation or legitimate business reason to keep them.

Technical and security logs are kept for a limited period proportionate to our operational and security requirements.

You may request deletion of your personal data at any time, subject to any legal obligation or legitimate business reason we have to retain it.

Who we share your data with

We do not sell, rent, or share your personal information with third parties for their own marketing purposes.

To operate this website and run our business, we use carefully selected third-party service providers. These may include providers of website infrastructure, hosting, website security, form processing and message delivery, email and business communications, payment processing, accounting, professional support, and other business systems.

We use Stripe to process payments, manage payment links, confirm payment status, support billing-related records, and help prevent fraud. Where you make a payment through Stripe, Stripe may process personal data such as your name, email address, billing details, payment method information, transaction details, device information, and fraud-prevention information.

Stripe may act as our processor for some payment processing activities and as an independent controller for certain legal, regulatory, security, fraud-prevention, and compliance purposes. Stripe’s own privacy information also applies to its processing of personal data. You can read Stripe’s Privacy Policy at stripe.com/gb/privacy.

Where a provider acts as a data processor on our behalf, we require it to process your data only for the relevant service purpose and to maintain appropriate safeguards. Some providers may act as independent data controllers for limited legal, regulatory, security, fraud-prevention, or business purposes, in which case their own privacy terms will also apply.

We may also share personal data where necessary with professional advisers, insurers, regulators, law enforcement bodies, courts, dispute resolution providers, or other parties where required by law or where necessary to establish, exercise, or defend legal rights.

International transfers

Some of the third-party providers we use, including payment, hosting, security, communication, or business service providers, may process personal data outside the United Kingdom.

Where this happens, we rely on appropriate safeguards where required by data protection law. These may include adequacy regulations, standard contractual clauses, the UK International Data Transfer Addendum, the UK International Data Transfer Agreement, or other legally recognised transfer mechanisms.

Your rights

Subject to the conditions and exceptions in UK GDPR and applicable data protection legislation, you have the right to:

  • access the personal data we hold about you;
  • request correction of inaccurate or incomplete data;
  • request erasure of your data;
  • object to certain processing of your data;
  • request restriction of processing in certain circumstances;
  • request data portability where applicable;
  • withdraw consent where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner’s Office, the UK’s supervisory authority for data protection matters, at ico.org.uk.

To exercise any of your rights, please contact us using the details at the bottom of this page.

How we protect your data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These include security controls, access restrictions, system monitoring, and regular maintenance.

No website, payment system, email system, or online service can be guaranteed to be completely secure. However, we take reasonable steps to protect the personal data we process and to work with reputable service providers where third-party systems are used.

Changes to this policy

We may update this policy from time to time. Any changes will be posted on this page with an updated revision date.

Contact us

If you have any questions about this privacy policy or our data practices, please contact us using our contact form or call us directly on 01684 252202.

You can also email us at .