Privacy Policy

RWD is a website design and digital marketing firm. In line with the General Data Protection Regulation that is enacted from 25th May 2018, we’ve updated our Privacy Notice so that anyone who wishes to be informed about what we do with their data should find out everything they need to know on this page. Naturally, if there is anything that you would like to know about how we process your personal data that you can’t see here, please get in touch.

Personal Data

The purpose of the GDPR legislation is to give individuals more control over their personal data and how it is processed. We fully endorse this principle and want to be completely transparent about the data we collect, why we collect it, how we use it and what happens to it when you no longer require our services.

Visitors to Our Website

When we receive a visitor to, we use the third-party service Google Analytics to collect the standard internet log information. Google Analytics works by reading the user's IP address then setting a cookie on containing a unique ID (so Google can get accurate audience figures). The IP address is then never used again. The unique ID has no personal identity information held within it.

If you object to Google Analytics collecting data, you can download a browser add-on that will prevent Google Analytics from using your data:

For more information:

Contact Form Data

The only information we ask prospective clients to supply is contact information. On our website, we have a ‘Contact Us’ form that enables those who want to find out more about our services to get in touch quickly. The only compulsory fields in this form are ‘Name’ and ‘Email’. You may also opt to include your telephone number, company name and a message indicating what services you would like more information about.

Contact form data is never stored in a database, it's only ever emailed directly to our email address. If you have not entered into a contract with us (or you are so indecisive that you request that we hang onto your details while you finish making up your mind) we will manually delete this email after 1 year. We use the third-party provider Gmail to store our emails. Deleting emails in Gmail sends them to the Trash folder where they disappear forever after 30 days. Any correspondence that does not result in a contract will be kept for up to 1 year before being deleted.

We will never sell this data or use it for marketing purposes.

Client Data

The contract that we agree with our clients forms the legal basis for storing and processing their data. If a client chooses to end the contract and leave us completely, we will take a copy of their website files and database, store it on an external device that is securely stored. We then remove the website from our server. The stored version of the information and all correspondence will be kept for up to 5 years in case any queries arrive subsequent to your departure. You may of course request a copy of your stored data at any time and we will supply it digitally or on a suitable portable device.

For development purposes, we use the third-party provider BitBucket to store a copy of all website files. These files will also be kept for up to 5 years after the termination of a contract. BitBucket is owned and run by Atlassian. Read their updated GDPR compliant Privacy Policy on the Atlassian website.

Transport Layer Security

All the websites that we design and curate (including our own) have Transport Layer Security (TLS). TLS keeps secure all the data being transferred between your computer and the website you are viewing. Websites with TLS have a little padlock symbol to the left of the website address in the URL bar.

Email Marketing

When we need to contact multiple clients at once (for marketing purposes or when we have important updates to our privacy policy to announce) we sometimes use the third-party provider Mailchimp. Mailchimp gathers statistical information about email opening and clicks that enable us to gauge response to our emails. You can opt out of receiving marketing emails by following the ‘unsubscribe’ link in the footer of the email or requesting that we remove you from our marketing list (we may still contact you for contractual reasons).

Read MailChimp's Privacy Policy

Your Rights

The GDPR enshrines rights that individuals may exercise in relation to their data:

  1. The right to be informed
  2. The right of access
  3. The right to rectification
  4. The right to erasure
  5. The right to restrict processing
  6. The right to data-portability
  7. The right to object
  8. The right not to be subject to automated decision-making including profiling

If you feel that any of these rights are being infringed, we will do everything that we can to address the problem.