Design for Online®

Privacy Policy

Last updated: 7 May 2025

This privacy policy explains how Design For Online Ltd (“DFO“, “we“, “our“, or “us“) collects, uses and protects your personal information when you visit www.designforonline.com (the “Website“) or otherwise interact with us. If you do not agree with this policy, please discontinue use of the Website.

1. Who we are

Legal entity: Design For Online Ltd (company no. 10328553 ), registered in England & Wales.
Registered office: ASK House 2 Northgate Avenue Bury Saint Edmunds IP32 6BB United Kingdom
Data Protection Registration (ICO): 00015433851
Data Protection Officer / contact: Email hello@designforonline.com or write to the address above.

2. Which laws apply

UK GDPR (retained Regulation (EU) 2016/679)
Data Protection Act 2018 (DPA 2018)
Privacy and Electronic Communications Regulations 2003 (PECR)
Upcoming Data Use & Access Act 2025 (once in force)

3. Key terms

Term	Meaning
Personal data	Information that identifies or can identify a living individual.
Processing	Any action performed on personal data (collection, storage, transfer, etc.).
Cookies	Small text files placed on your device by websites.

4. What data we collect, why, and how long we keep it

Purpose / Activity	Categories of personal data	Lawful basis (UK GDPR Art 6)	Typical retention
Essential cookies & security (session management, load balancing)	Online identifiers, IP addresses	Legitimate interests (Art 6 (1)(f)) – running a functional, secure site.	Session + up to 30 days in server logs.
Analytics (Google Analytics 4 via Google Tag Manager)	Online identifiers, usage data (pages viewed, events)	Consent (Art 6 (1)(a)) obtained via Cookiebot CMP.	14 months (Google default)
Advertising & remarketing (Google AdSense, Google Ads remarketing tags via GTM)	Online identifiers, browsing behaviour	Consent (Art 6 (1)(a)) via Cookiebot	Up to 13 months (Google policy)
Live chat (Tidio)	Name (if provided), email, chat transcript, IP, browser metadata	Consent when you initiate chat; Legitimate interests to answer enquiries (Art 6 (1)(f)).	6 months from last interaction (confirm)
Contact‑form enquiries / quotations	Name, email, phone, company, message details	Consent (Art 6 (1)(a)) and pre‑contract steps (Art 6 (1)(b)).	24 months after last correspondence
Newsletter & direct marketing	Name, email, marketing preferences, interaction data	Consent (Art 6 (1)(a)); PECR Sch 1 pt 1.	Until you withdraw consent or 24 months after last open/click
Client account & billing	Name, company, address, email, invoices, payment records	Contract (Art 6 (1)(b)); legal obligation for tax (Art 6 (1)(c)).	7 years post‑tax year

We do not carry out automated decision‑making producing legal or similarly significant effects on you, nor do we profile visitors beyond the analytics/advertising activities listed above.

5. How we obtain consent

We use the Cookiebot Consent Management Platform (CMP). On your first visit you will see a banner that:

Explains that we use non‑essential cookies for analytics and advertising.
Presents equally prominent Accept and Reject buttons.
Provides a Preferences link where you can toggle cookie categories.

You can change or withdraw consent at any time by clicking the floating Cookie Settings icon.

Essential cookies cannot be disabled, as the site cannot function without them.

6. Third‑party recipients & international transfers

Service	Location of processing	Safeguards
Google LLC (GA4, AdSense, Ads, GTM)	USA / worldwide	EU‑US & UK‑US Data Privacy Framework; UK Transfer Addendum and SCCs as fallback.
Cookiebot (Cybot A/S)	Denmark / EU	Covered by EU GDPR adequacy.
Tidio LLC	USA / EU	UK‑US DPF + SCCs.
MailPoet	UK & USA	UK‑US DPF + SCCs.

Where adequacy expires (e.g., EU‑UK decision renews on 27 June 2025), we will apply Standard Contractual Clauses with the UK Transfer Addendum or any successor mechanism.

7. Your rights

Under the UK GDPR you have the right to:

be informed about our processing;
access your data;
rectify inaccurate data;
erase data (“right to be forgotten”);
restrict processing;
data portability;
object to processing;
withdraw consent at any time;
not be subject to automated decision‑making including profiling.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO). If you live in the EEA, you may complain to your local supervisory authority as well.

8. Children’s privacy

Our services are not directed to children under 18 and we do not knowingly collect their data. If you believe we have collected personal data from a child, please contact us and we will delete it.

9. Data security

We store personal data on ISO‑27001 certified servers, enforce TLS 1.3 encryption in transit, restrict employee access on a need‑to‑know basis, and conduct annual penetration testing.

10. How to contact us

Email: hello@designforonline.com
Post: Eldo House, Suffolk Business Park, Kempson Way, Bury St Edmunds, Suffolk, IP32 7AR, UK
Tel: 01284 245170

If you have any questions about this policy or wish to exercise your rights, please get in touch.

11. Changes to this policy

We may update this notice to reflect legal or operational changes. The “Last updated” date at the top will be amended accordingly.

Design for Online have been amazing from start to finish, our new website is truly brilliant and we have already seen an increase in activity and business. Thanks guys!

Great company so help boost your business in the right way. Easy to understand and talk to, and very quick to respond to any questions.

Great, professional friendly service. Looks after your company needs. David Haley - National Expert Witness Agency.

Design For Online recently designed and created a professional website for my small business. Cannot recommend Design For Online enough. Great at listening to my requirements and delivering exactly what I needed. Top class.

"The team have been extremely helpful providing SEO services for us for the past 3 months, we have had a lot more leads on our website as a direct result."

Started working with them on our SEO a few months ago to get more people on our website as we were not showing up well on Google. They have helped us get more visits to our site and so far have seen great results and can now see us climbing up the rankings.

Really thankful for the work Design for online have done for my website and SEO needs. Highly recommended. Great company.

Redesign our existing website, create a new website to work alongside this and also help us with our PPC ad campaigns and SEO

I had a great experience with design for online, super skilled and knowledgeable

We approached Design For Online to create a new website for us and also to help with our social media strategy. They have been fantastic so far and the ongoing support received has been excellent.

5 stars don't do Design for Online justice! they have been simply amazing from start to finish, and our new website is a perfect way to start our venture, with all the required functionality built in. Prices are more than reasonable too, and I have no doubt we shall be using them moving forwards!