Privacy Policy (GDPR Compliant – EU/UK)
1. Who We Are
Our website address is: https://webdesignghost.co.uk.
The data controller responsible for this website is:
Web Design Ghost
Email: info@webdesignghost.co.uk
Location: United Kingdom
2. What Personal Data We Collect and Why
Comments
When visitors leave comments, we collect:
- Data entered in the comments form
- IP address
- Browser user agent string (to help detect spam)
We also create an anonymized hash from your email address, which may be sent to the Gravatar service to check if you are using it. Gravatar Privacy Policy.
Legal basis: Legitimate interest (spam prevention), and consent (Gravatar usage if opted in).
Media
If you upload images, avoid including embedded location data (EXIF GPS). Visitors can extract such data if it exists.
Legal basis: Consent.
Cookies
We use cookies for the following purposes:
- Remembering user input (e.g. comment form details)
- Authentication and session management
- Content editing convenience
| Cookie Purpose | Duration | Legal Basis |
|---|---|---|
| Comment info (name/email/website) | 1 year | Consent |
| Temporary login cookie | Session only | Legitimate interest |
| Login/session cookies | 2 days – 2 weeks | Contract (for registered users) |
| Post-editing identifier | 1 day | Legitimate interest |
You can manage or block cookies through your browser settings.
Embedded Content from Other Sites
Articles may include embedded content (e.g., videos, images, articles). Such content behaves as if you visited the third-party site directly. These sites may collect data, use cookies, and track interactions.
Legal basis: Consent (via interaction with third-party content).
3. Who We Share Your Data With
We do not sell or rent your personal data.
However, if you request a password reset, your IP address will be included in the reset email.
Visitor comments may be checked through an automated spam detection service.
Legal basis: Legitimate interest, security, legal obligation.
4. How Long We Retain Your Data
- Comments: Indefinitely, including metadata, for follow-up recognition and moderation.
- User accounts: Personal data is stored in user profiles and can be edited or deleted by users anytime (except usernames).
Legal basis: Contract (for account services), Legitimate interest.
5. Your Rights Under GDPR
As an EU/UK resident, you have the right to:
- Access the personal data we hold about you
- Rectify inaccurate or incomplete data
- Request deletion (“right to be forgotten”)
- Restrict or object to processing
- Data portability (receive a copy of your data in a structured format)
- Withdraw consent at any time (where processing is based on consent)
- Lodge a complaint with a supervisory authority (e.g. the ICO in the UK)
To exercise any of these rights, contact us at info@webdesignghost.co.uk.
6. Data Security
We implement appropriate technical and organizational measures to protect your personal data. However, no method of transmission over the Internet is 100% secure.
7. Data Transfers
If your data is transferred outside the UK/EU (e.g., to third-party services like Gravatar), we ensure that adequate safeguards are in place, such as Standard Contractual Clauses (SCCs).
8. Changes to This Policy
We may update this privacy policy from time to time. The latest version will always be available on this page. Significant changes will be communicated via our website or by email (if applicable).