Privacy Policy

This policy is in place for DPA and GDPR compliance. Nevertheless, I believe everyone has the right to privacy, regardless of legislation put in place. I do not want or need any personal information about you unless you choose to give it to me. However, should you provide me with information, you can be assured that it will only be used in accordance with this privacy statement.

This policy is effective from 20th May 2018 and has been updated for GDPR compliance.

What I collect and why

I only collect personal data from people who contact me about a project. This information may include:

  • Name and job title.
  • Contact details including email address, telephone number and office address.
  • Details about your project.

I do not collect personal information from visitors of this website who choose not to contact me directly. In general, server logs are not kept but may be enabled for short periods of time for error troubleshooting. This website sets cookies for basic functionality and traffic analysis but the cookies do not reveal personal information about you. (For more information, see the section How I use cookies.)

I require the information clients and prospects give me for internal record keeping and to communicate with them about their project. Any site traffic data I collect is only used to improve my products and services.

How I protect your data

I have put in place a several measures to prevent unauthorised access to information I collect. These include but are not limited to the following.

  • All my personal workstations and local servers are enabled with full-disk encryption.
  • Backups on local storage are encrypted.
  • Passwords are created with a cryptographically-strong pseudo random number generator.
  • Passwords are unique and managed using an encrypted password manager.
  • ‘Bugs’ and ‘honeypots’ are implanted within my systems to help alert me if I’ve been breached.
  • Encrypted communications and file transfers are used whenever possible.
  • I use a secure email provider that encrypts messages stored on their servers, as well as offering encrypted communications if supported by the receiving party.
  • Two factor authentication is enabled with third-party providers whenever possible.

Data sharing

I use third party providers who make it possible or more efficient to deliver my services. Their systems require me to enter client contact information so that my clients can use their services. However, I only use providers who are PCI, DPA and GDPR compliant.

The third party providers I use are as follows:

Sometimes I may partner with a third-party contractor or agency in order to fulfill a project’s requirements. They may be based outside the European Economic Area. When I do so, I only give the contact information needed to communicate with my clients about a project. If you are a client, you will be introduced to any third-party contractors at the start of the project and may choose not to work with them for any reason.

How long I retain your data

  • Database dumps and backups for content migration projects are deleted within 90 days after project close-down.
  • Contact form entries are saved for five years.
  • Analytics records are stored for one year.
  • Client records are retained for fifteen years. This length of time is necessary because many are long-term clients.

Controlling your personal information

I will never sell, distribute or lease your personal information to third parties unless I have your explicit permission or are required by law to do so. You may choose to restrict the collection or use of your personal information in the following ways:

  • You may request details of personal information which I hold about you under the Data Protection Act 1998. A small fee will be payable. If you would like a copy of the information held on you please contact me.
  • You may contact me to update or delete any records I hold about you.
  • I will comply within 30 days to any requests to correct or delete information I hold about you.

How I use cookies

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

I use traffic log cookies to identify which pages are being used. This helps me analyse data about webpage traffic and improve my website in order to tailor it to customer needs. I only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help me provide you with a better website by enabling me to monitor which pages you find useful and which you do not. A cookie in no way gives me access to your computer or any information about you, other than the data you choose to share with me.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. For more help on how to disable your cookies or delete them visit

The table below describes the cookies set by this website.

Cookie Type Duration Description
cookielawinfo-checkbox-necessary Persistent 1 hour Stores which types of cookies you have approved.
cookielawinfo-checkbox-non-necessary Persistent 1 year Stores which types of cookies you have approved.
viewed_cookie_policy Persistent One year from set/update Stores your acceptance of our cookie policy so that the notification bar no longer displays.
X-Mapping-ihnbadbn Session End of browser session Used by our web hosting company to manage the load on their servers.
_cfduid Session 30 days Helps Cloudflare detect malicious visitors to this website
_ga Persistent 2 years Used by Google Universal Analytics to distinguish users.
_gat Persistent 24 hours Used by Google Universal Analytics to distinguish users.
_gid Persistent 1 minute Used by Google Universal Analytics to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_.
__utma Persistent Two years from set/update. Used to distinguish users and sessions. Set by Google Analytics when their code executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmb Persistent 30 mins from set/update Set by Google Analytics to determine new sessions/visits. The cookie is updated every time data is sent to Google Analytics.
__utmc Session End of browser session Set by Google Analytics to determine whether a visitor user is in a new session/visit.
__utmz Persistent Six months from set/update Set by Google Analytics to store the traffic source or campaign that explains how a visitor reached our site. It is updated every time data is sent to Google Analytics.

Google provides a Browser Add-on that enables you to opt out of all Google analytics: Google Analytics opt out

Links to other websites and embedded content

My website may contain links to other websites of interest. However, once you have used these links to leave my site, you should note that I do not have any control over that other website. Therefore, I cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

DPA registration number

According to the Data Protection Act 1998, I am exempt from ICO Notification. I therefore don’t have a DPA registration number.


You may contact me for questions and requests regarding this privacy policy via my contact form.