This Privacy Policy explains how DayBuild Websites Ltd (“we”, “us”, “our”) collects, uses, stores, and protects personal data in accordance with applicable data protection laws, including:
UK GDPR
Data Protection Act 2018
DayBuild Websites Ltd is the data controller responsible for your personal data.
We are registered with the
Information Commissioner's Office (ICO).
We may collect:
Name and contact details (email, phone number, address)
Business information (where applicable)
Billing and payment details
Communications and correspondence
Website and account credentials (where required)
Failure to provide required data may affect our ability to deliver services.
We process personal data under:
Contract – to deliver services
Legal obligation – including HMRC compliance
Legitimate interests – responding to enquiries and business development
Consent – where required (e.g. cookies, marketing)
We use personal data to:
Respond to enquiries
Provide services
Manage contracts and billing
Maintain records
Improve our services
We process data in accordance with UK GDPR principles:
Lawful, fair, transparent
Limited to purpose
Accurate and up to date
Stored only as long as necessary
Securely processed
We implement appropriate safeguards including:
Secure systems and restricted access
Password protection and encryption where appropriate
Staff confidentiality obligations
We only share data where necessary with:
HM Revenue and Customs (HMRC)
Our appointed accountants
Hosting and infrastructure providers (e.g. 20i)
Payment providers (e.g. Stripe, GoCardless)
Accounting platform: Xero
Professional advisers and consultants
Legal or regulatory authorities where required
Where data is processed outside the UK, we ensure appropriate safeguards are in place, including:
Adequacy decisions
Standard contractual clauses
Use of reputable providers with strong security frameworks
We operate a primarily paperless environment. Data may be stored using:
Hosting and server infrastructure providers
Where cloud services are used, we ensure appropriate safeguards are in place to protect personal data.
We retain data only as necessary:
General enquiries: up to 12 months
Contract data: duration + 10 years
Financial records: 6 years (HMRC requirement)
Contact records: until no longer required or deletion requested
We may retain data longer where legally required or justified.
At the end of the retention period, data will be securely deleted, anonymised, or archived.
You have rights under UK GDPR including:
Access your data
Correct inaccurate data
Request deletion
Restrict processing
Object to processing
Data portability
Withdraw consent
You may also complain to the
Information Commissioner's Office
We use cookies and obtain consent for non-essential cookies.
See our separate Cookie Policy.
We are not responsible for third-party websites or their privacy practices.
In the event of a data breach, we will:
Investigate and mitigate
Notify affected individuals where required
Report to the ICO where legally necessary
We may update this policy from time to time. The latest version will always be published on our website.
For any privacy-related queries or requests:
📧 hello@daybuild.website
We may require proof of identity before responding.
