Privacy Policy

Last updated: [insert date]

1. Introduction

1.1 We are committed to safeguarding the privacy of our website visitors, service users, individual clients and client representatives.

1.2 This policy applies where we act as a data controller with respect to the personal data of such persons — in other words, where we determine the purposes and means of processing that personal data.

1.3 We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask for your consent to our use of cookies when you first visit our website.

1.4 In this policy, “we”, “us” and “our” refer to Group Emmett Design Architects. For more information about us, see Section 12 below.

2. The Personal Data That We Collect

2.1 In this section we set out the general categories of personal data we process, and, where applicable, the source of that data.

2.2 Contact data – information that enables us to get in touch with you, such as your name, email address, telephone number, postal address, and any social media contact identifiers. The source of the contact data is you and/or your organisation.

2.3 Service data – information provided or generated during the delivery of our architectural and design services. This may include project details, property information, and associated correspondence.

2.4 Communication data – information contained in or relating to communications between you and us. This includes messages sent through our website forms, email correspondence, and related metadata generated by our systems.

2.5 Usage data – information about how you use our website and services, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. This information is collected through our analytics tools.

2.6 Please do not supply any other person’s personal data to us unless we specifically request it and you have that person’s consent.

3. Purposes of Processing and Legal Bases

3.1 We may process your personal data for the following purposes and under the following legal bases:

• Relationships and communications– to manage our relationships, provide support, communicate with clients, and administer projects. Legal basis: our legitimate interests in maintaining client relationships and ensuring the proper administration of our business.
• Service delivery– to prepare fee proposals, contracts, and design or technical documentation. Legal basis: performance of a contract.
• Direct marketing– we may occasionally send marketing or informational material about our services. Legal basis: consent or legitimate interests in promoting our business.
• Research and analysis– to monitor, improve, and secure our website and services. Legal basis: legitimate interests.
• Record keeping– to create and maintain our records, backups, and databases. Legal basis: legitimate interests.
• Security and fraud prevention– to protect our website, data, and business. Legal basis: legitimate interests.
• Legal claims and compliance– to establish, exercise, or defend legal rights or meet legal obligations. Legal basis: legitimate interests or compliance with a legal duty.

4. Retaining and Deleting Personal Data

4.1 We retain personal data only for as long as necessary for the purposes set out in this policy or as required by law.

4.2 The retention periods below are typical for our business and may vary where legally required or professionally necessary:

• Contact data:retained for a minimum of 90 days and up to 2 years following last contact.
• Service data:retained for a minimum of 90 days and up to 12 years following completion, in line with professional indemnity insurance obligations.
• Communication data:retained for up to 2 years following the date of the communication.
• Usage data:retained for up to 2 years from the date of collection.

4.3 We may retain personal data longer where necessary to comply with a legal obligation or to protect your or another person’s vital interests.

5. Security of Personal Data

5.1 We take appropriate technical and organisational precautions to protect your personal data from loss, misuse, or unauthorised access.

5.2 Your information is stored securely on password-protected systems, cloud storage platforms, and (where applicable) in secure manual records.

5.3 We ensure that any third-party services we use (e.g. IT support, hosting, or backup services) comply with UK GDPR standards.

6. Your Rights

6.1 You have the following rights under UK data protection law:

• Access– to request a copy of your personal data.
• Rectification– to correct inaccurate or incomplete information.
• Erasure– to request deletion of your personal data (where legally permissible).
• Restriction– to request we restrict processing of your personal data.
• Objection– to object to certain types of processing.
• Data portability– to request transfer of your data to another provider.
• Complaint– to lodge a complaint with the Information Commissioner’s Office (ICO).
• Withdrawal of consent– where processing is based on consent, you may withdraw it at any time.

6.2 These rights are subject to certain limitations. More information is available from the ICO at www.ico.org.uk.

6.3 To exercise any of these rights, please contact us in writing using the details below.

7. Third-Party Websites

7.1 Our website may include links to other websites. We are not responsible for the privacy policies or practices of third parties, and we encourage you to review those before providing personal data.

8. Personal Data of Children

8.1 Our website and services are directed at persons aged 18 and over.
8.2 If we become aware that we hold personal data relating to a person under 18, we will delete it promptly.

9. Updating Your Information

9.1 Please contact us if the personal data we hold about you needs to be corrected or updated.

10. Cookies and Website Analytics

10.1 Our website uses cookies to improve functionality and performance, and to help us understand how visitors use the site.
10.2 For further details, please see our Cookie Policy.

11. Amendments

11.1 We may update this policy from time to time by publishing a new version on our website.
11.2 You should check this page periodically to ensure you are happy with any changes.
11.3 Where appropriate, we may notify you of significant changes by email.

12. Our Details

12.1 This website is owned and operated by Group Emmett Design Architects.
12.2 Our principal place of business is in Devon, United Kingdom.
12.3 You can contact us:

• By post: Higher Slade Farm, Sheldon, Nr Honiton, Devon, EX14 4QS
• By email: [email protected]
• By telephone: 07896017642
• Using our website contact form: groupemmettdesign.co.uk

13. Data Protection Contact

If you have any questions or concerns about how we process your personal data, please contact:

Data Protection Lead

Group Emmett Design Architects
Email: [email protected]

If you remain dissatisfied, you can contact the Information Commissioner’s Office (ICO) at www.ico.org.uk.