Privacy Policy

1. Contact Information

2. Information We Collect

2.1 Information You Provide

• Enquiry Forms: Name, company, email, phone number, project details, goals, budget range, preferred timeline
• Email & Calls: Additional context you share when we speak via email, phone, or video call
• Billing Details: Contact information and payment references required to issue invoices and contracts

2.2 Data Collected Automatically

• Analytics: Anonymised visitor data (pages viewed, device type, approximate location) collected through privacy-friendly analytics providers
• Technical Logs: IP address, browser version, error logs, and security events generated by our hosting services
• Cookies: Essential cookies that keep the site functioning, plus optional analytics cookies if you consent

3. How We Use Your Information

3.1 Legal Basis

• Contract: Delivering design and development services, preparing statements of work, and managing projects
• Legitimate Interests: Responding to enquiries, improving our website, and safeguarding our platform against misuse
• Consent: Sending optional updates or resources—only when you opt in

3.2 Practical Uses

• Replying to enquiries within one business day
• Producing proposals, quotes, and contracts
• Carrying out commissioned work and providing support
• Processing invoices and bookkeeping
• Monitoring site performance and preventing abuse
• Sharing Fernside Studio news or resources when requested

4. When We Share Data

We never sell or rent your personal information. We only share it when necessary to deliver our services or meet legal obligations.

• Hosting & Infrastructure: Providers such as Vercel, Cloudflare, and Netlify that power our sites and contact forms
• Professional Services: Accountants, legal advisors, or payment processors who help us operate compliantly
• Legal Requirements: Situations where we must disclose information to comply with law enforcement or regulatory requests

Each third-party partner is vetted for GDPR compliance and only receives the minimum data required.

5. Security Measures

How we keep personal data safe:

• SSL encryption across every form and page
• Strong authentication on accounts and hosting platforms
• Access limited to personnel who need it to deliver services
• Regular backups stored in encrypted locations
• Ongoing reviews of vendors and internal processes

6. Data Retention

• Prospect Enquiries: Kept for 18 months in case you revisit the project
• Client Project Files: Stored for at least 7 years to meet legal and tax obligations, unless you request deletion earlier and regulations allow it
• Email Subscriptions: Retained until you unsubscribe or request removal
• Analytics Data: Aggregated and anonymised after 14 months

7. Your Rights

Under UK GDPR you can:

• Access: Request the data we hold about you
• Rectify: Correct inaccurate information
• Erase: Ask us to delete data when it’s no longer needed
• Restrict: Limit how we process your information
• Portability: Receive data in a machine-readable format
• Object: Object to processing when we rely on legitimate interests
• Withdraw Consent: Opt out of marketing at any time

To exercise these rights, contact us at liam@fernsidestudio.com

8. Cookies

8.1 What Are Cookies

Cookies are small files stored on your device that help websites function and understand usage patterns.

8.2 Types We Use

• Essential Cookies: Keep the site secure and functional. These cannot be disabled.
• Analytics Cookies: Anonymous usage data that helps us improve layouts and content.
• Preference Cookies: Remember your settings (such as cookie consent choices) for future visits.

8.3 Managing Cookies

You can block or delete cookies in your browser settings. Disabling essential cookies may affect site functionality.

9. International Transfers

Some of our providers operate outside the UK/EEA. When data leaves the UK, we rely on adequacy decisions or Standard Contractual Clauses to keep it protected.

• US-based Services: Hosting and analytics providers that store limited data in the United States
• EU Data Centres: Most project assets remain within the UK/EU wherever possible

We regularly review third-party partners to ensure they follow strong privacy standards.

10. Children’s Privacy

Fernside Studio’s services are aimed at adults. We do not knowingly collect information from anyone under 18. Please contact us if you believe a minor has provided data.

11. Policy Updates

We may update this policy when our processes change or new regulations come into force. We will post the new version here with an updated date and, where appropriate, notify clients directly.

12. Complaints

If you have concerns about how we process your data, contact us first so we can resolve the issue. You also have the right to complain to the Information Commissioner’s Office (ICO).

13. Contact Us

Questions about this policy or your personal data? Reach out anytime using the details below.