HomePrivacy Policy
Legal

Privacy Policy

How we collect, use and protect your personal information — in plain English.

Last updated: 29 May 2026  ·  Version 1.0

1. Who We Are

Acacia Web ("we", "us", "our") is a web design and development service based in the United Kingdom. Our website is www.acaciaweb.co.uk. You can contact us at contact@acaciaweb.co.uk.

We are the data controller for the personal information we hold about you. This policy explains what information we collect, why we collect it, how we use it, and your rights under UK GDPR and the Data Protection Act 2018.

2. What Information We Collect

Information you give us

When you use our contact form, we collect:

  • Your name
  • Your email address
  • Your phone number (optional)
  • The service you are enquiring about
  • Your approximate budget (optional)
  • The contents of your message

Information collected automatically

When you visit our website, we may collect technical information including your IP address, browser type and version, the pages you visit, and the date and time of your visit. This is collected via server logs and, where applicable, Google Analytics.

3. How We Use Your Information

We use the information you provide to:

  • Respond to your enquiry and communicate with you about your project
  • Provide you with the services you have requested
  • Send you a confirmation that we have received your message
  • Comply with our legal obligations

We use automatically collected data to understand how visitors use our website so we can improve it. This data is aggregated and does not identify individuals.

4. Legal Basis for Processing

Under UK GDPR, we rely on the following lawful bases to process your personal data:

  • Consent — you tick a consent checkbox when submitting our contact form
  • Legitimate interests — to respond to enquiries and improve our services, where your interests do not override ours
  • Contract performance — where we are providing services to you under an agreement

5. How Long We Keep Your Data

We retain enquiry data for up to 24 months from the date of your last contact with us. Where a project agreement is entered into, we retain relevant records for 6 years from the end of the contract in accordance with our legal and accounting obligations.

You may request deletion of your data at any time — see Section 8.

6. Who We Share Your Data With

We do not sell, rent or trade your personal information to any third party.

We may share your data with:

  • Our hosting provider (BlinkWeb / our server infrastructure) — solely for the purposes of hosting this website and delivering email
  • Google Analytics — aggregated, anonymised usage data only (see our cookie section below)
  • Legal authorities — where we are required to do so by law

All third parties we work with are required to handle your data in compliance with applicable data protection law.

7. Cookies

Our website may use cookies. A cookie is a small text file placed on your device. We use:

  • Essential cookies — required for the website to function (e.g. session cookies)
  • Analytics cookies — Google Analytics, used to understand how visitors interact with our site. You may opt out via Google's opt-out tool

You can control cookies via your browser settings. Disabling cookies may affect site functionality.

8. Your Rights

Under UK GDPR you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate data
  • Erasure — ask us to delete your personal data ("right to be forgotten")
  • Restriction — ask us to limit how we use your data
  • Portability — receive your data in a structured, machine-readable format
  • Object — object to processing based on legitimate interests
  • Withdraw consent — where we rely on consent, you may withdraw it at any time

To exercise any of these rights, email us at contact@acaciaweb.co.uk. We will respond within one calendar month.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK supervisory authority for data protection.

9. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or disclosure. Our website uses HTTPS/TLS encryption. Access to personal data is restricted to those who need it to deliver our services.

No method of transmission over the internet is 100% secure. While we take every reasonable precaution, we cannot guarantee absolute security.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies.

11. Changes to This Policy

We may update this policy from time to time. Any changes will be published on this page with an updated revision date. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this privacy policy or how we handle your data, please contact us: