Transparency by
precise design.
At webdesignfactory, we treat user data with the same architectural rigor we apply to our code. Our policy is a commitment to the clarity, security, and digital sovereignty of every visitor to our London studio’s digital landscape.
Information
Infrastructures
We do not collect data for the sake of accumulation. Every byte of information processed by our systems serves a specific functional purpose—either to fulfill a creative request, maintain the high-performance integrity of our site, or comply with United Kingdom regulatory standards.
"Data is the foundation of digital experience; we ensure that foundation is built on consent and absolute clarity."
Identified Inputs
Name, email address, and professional affiliation provided via our Engage Studio forms. This data is used strictly for project consultation and never resold.
Technical Arrays
IP addresses, browser configurations, and viewport specifications captured to optimize the 'Infrared' visual delivery for your specific hardware.
Interaction Logs
Heatmaps and navigation flows used for R&D purposes to refine our UX standards without identifying individual user identities.
Cookie Metadata
Session-based tokens used for preference storage. Detailed controls for this can be managed via our Cookie Policy.
Security Architecture
We employ industry-standard encryption protocols (SSL/TLS) for data in transit and robust firewall architectures for data at rest. Our servers are located in high-security environments, adhering to the physical and digital safety standards expected of a premier UK digital studio.
Access to personal data is restricted to a small cohort of our technical team who require such information to deliver our services. All staff are bound by strict non-disclosure agreements and undergo regular security training to defend against the evolving landscape of digital threats.
- Zero-Trust Internal Policy
- End-to-End Form Encryption
- Bi-Monthly Security Audits
Your Digital
Sovereignty.
GDPR // UK DPA 2018
Access & Rectification
Under the UK General Data Protection Regulation (UK GDPR), you retain the right to request a digital transcript of the personal data we hold about you. Should any information be inaccurate or incomplete, we are obligated to rectify those records within 30 days of a verified request.
We believe that owning your data is a fundamental digital right. Our studio ensures that the process for data retrieval is as streamlined as the websites we build.
Erasure & Portability
Colloquially known as the 'Right to be Forgotten,' you may request the permanent deletion of your data from our active databases, provided there are no superseding legal requirements for retention (such as financial auditing or contract compliance).
You also have the right to request that your data be transferred to another service provider in a structured, machine-readable format—maintaining the mobility of your digital assets.
Compliance Commitment
webdesignfactory operates in full alignment with the Information Commissioner's Office (ICO) guidelines. We do not engage in automated decision-making or profiling that produces legal effects concerning our visitors. Our stance is strictly human-centric.
Operational
Boundaries
Last Updated: Feb 2026
Retention Protocols
We retain personal data only for as long as is necessary to fulfill the purposes outlined at the point of collection. For active creative partnerships, this typically spans the duration of the project plus a standard three-year archive period for technical support. If you are a visitor navigating the portfolio, session data is flushed according to our server's security hygiene schedule.
Third-Party Ecosystems
webdesignfactory integrates with specialized service providers to enhance our delivery (e.g., high-performance hosting, analytics, and CRM tools). These entities are strictly vetted to ensure they maintain privacy standards equivalent to our own. We never engage in the sale of data to marketing brokers or unrelated commercial entities.
International Transfers
While we are a London-based studio, the digital nature of web hosting means your data may occasionally be processed in data centers outside the UK/EEA. In such instances, we implement Standard Contractual Clauses (SCCs) to ensure your protection travels with your data.
Inquiries regarding
data sovereignty?
Our Data Protection Liaison is available for direct consultation regarding your rights and our storage methodologies.