Privacy Policy

Email Privacy Policy

Digital Office LtdLast updated: June 2026

1. Who We Are

Digital Office Ltd (“we”, “us”, “our”) is the data controller responsible for the personal information you provide through our website contact forms.

For any privacy-related questions, please contact us: mark@digitaloffice.co.uk

This policy explains how we collect, use, store, and protect personal data submitted via our website contact and enquiry forms, in accordance with:

  • the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018
  • the EU General Data Protection Regulation (EU GDPR) (Regulation 2016/679)
  • the Privacy and Electronic Communications Regulations 2003 (PECR)

2. What Personal Data We Collect

When you submit a contact or enquiry form on our website, we may collect the following personal data:

  • Your name
  • Your email address
  • Your telephone number (if provided)
  • The content of your message or enquiry
  • Any other information you choose to include in your message

We do not collect sensitive personal data (also known as special category data) through our contact forms. Please do not include sensitive information such as health details, financial information, or government identification numbers in your messages.

3. Why We Collect Your Data (Purposes)

We collect and process your personal data for the following purposes:

  • To respond to your enquiry or message
  • To provide information, quotes, or assistance you have requested
  • To maintain a record of our communications with you
  • To comply with any legal obligations that may arise from our correspondence

4. Our Legal Basis for Processing

We process your personal data under the following lawful bases, as required by Article 6 of UK GDPR and EU GDPR:

4.1 Legitimate Interests

Processing your enquiry and responding to you is necessary for our legitimate interests in operating our business and communicating with potential and existing clients (Article 6(1)(f)). We have assessed that this interest is not overridden by your fundamental rights and freedoms.

4.2 Contract Performance

Where your enquiry relates to a potential or existing contract or service arrangement, we process your data as necessary to take steps at your request prior to entering a contract, or to perform that contract (Article 6(1)(b)).

4.3 Legal Obligation

In some circumstances, we may be required to process your data to comply with a legal obligation (Article 6(1)(c)).

5. How We Use Your Data

Your personal data is used solely to handle your enquiry and any subsequent communications. We will:

  • Use your data only for the purposes stated in this policy
  • Not sell, rent, or trade your personal data to third parties
  • Not use your data for automated decision-making or profiling
  • Not add you to any marketing or newsletter list without your separate, explicit consent

6. Who We Share Your Data With

We do not share your personal data with third parties except in the following limited circumstances:

6.1 Service Providers

We may use trusted third-party providers to operate our email and website infrastructure (for example, email hosting providers). These providers act as data processors on our behalf and are contractually bound to process your data only on our instructions and in accordance with applicable data protection law.

6.2 Legal Requirements

We may disclose your personal data if required to do so by law, a court order, or a regulatory authority, or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or the safety of others.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of all or part of our business, your personal data may be transferred as part of that transaction. We will notify you if this occurs and your data will remain subject to this privacy policy.

7. International Data Transfers

We aim to keep your personal data within the UK and the European Economic Area (EEA). If any service provider processes data outside these areas, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses (SCCs) approved by the UK ICO or the European Commission
  • An adequacy decision by the relevant regulatory authority
  • Other lawful transfer mechanisms under UK GDPR or EU GDPR

8. How Long We Keep Your Data

We retain personal data submitted through contact forms for as long as is necessary to fulfil the purpose for which it was collected, and for a reasonable period thereafter to address any follow-up queries or legal requirements.

As a general guide:

  • General enquiries that do not lead to a business relationship: up to 12 months
  • Enquiries that lead to a contractual relationship: for the duration of that relationship and up to 6 years afterwards, in line with the UK Limitation Act 1980

When data is no longer needed, we will securely delete or anonymise it.

9. Your Rights

Under UK GDPR and EU GDPR, you have the following rights in relation to your personal data. You can exercise any of these rights by contacting us at mark@digitaloffice.co.uk.

9.1 Right of Access

You have the right to request a copy of the personal data we hold about you (a Subject Access Request).

9.2 Right to Rectification

If the data we hold about you is inaccurate or incomplete, you have the right to request that we correct it.

9.3 Right to Erasure

In certain circumstances, you have the right to request that we delete your personal data (the “right to be forgotten”).

9.4 Right to Restrict Processing

You may ask us to restrict how we process your data in certain circumstances, for example while a dispute is being resolved.

9.5 Right to Object

You have the right to object to processing based on our legitimate interests. We will stop processing unless we can demonstrate compelling legitimate grounds that override your rights.

9.6 Right to Data Portability

Where processing is based on your consent or a contract and is carried out by automated means, you have the right to receive your data in a structured, commonly used, machine-readable format.

9.7 Right to Withdraw Consent

If we ever process your data based on consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of any processing carried out before you withdrew consent.

We will respond to all valid requests within one month. This period may be extended by up to two further months for complex or numerous requests, in which case we will notify you.

10. Automated Decision-Making and Profiling

We do not use automated decision-making or profiling in relation to data collected through our contact forms. All responses to enquiries are handled by a human member of our team.

11. Data Security

We take appropriate technical and organisational measures to protect your personal data against accidental loss, destruction, alteration, unauthorised disclosure, or access. These measures include:

  • Secure, password-protected email accounts
  • Use of reputable, security-certified email and hosting providers
  • Access controls limiting who within our organisation can access personal data

Please note that transmission of information via the internet is not completely secure. Although we take steps to protect your data, we cannot guarantee the security of data transmitted to us electronically; any such transmission is at your own risk.

12. How to Complain

12.1 Contact Us First

If you have a concern about how we handle your personal data, please contact us first at mark@digitaloffice.co.uk. We will do our best to resolve your concern promptly.

12.2 UK Supervisory Authority

If you are not satisfied with our response, or if you are based in the UK, you have the right to lodge a complaint with the UK’s supervisory authority:

Information Commissioner’s Office (ICO)
https://ico.org.uk/make-a-complaint/
Telephone: 0303 123 1113

12.3 EU Supervisory Authority

If you are based in the European Union, you have the right to lodge a complaint with the supervisory authority in your country of residence or the country where the alleged infringement occurred. A full list of EU data protection authorities is available at:

https://edpb.europa.eu/about-edpb/about-edpb/members_en

13. Third-Party Websites

Our website may contain links to third-party websites. This privacy policy applies only to our website and to personal data we collect directly. We are not responsible for the privacy practices of any third-party websites and encourage you to read their privacy policies before providing any personal data to them.

14. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices, technology, or legal requirements. The “Last updated” date at the top of this document shows when the policy was most recently revised. We encourage you to review this policy periodically.

Where changes are material, we will take reasonable steps to notify you, for example by posting a prominent notice on our website.

15. Contact Us

For any questions, requests, or concerns relating to this policy or to the personal data we hold about you, please contact:

Digital Office Ltd
Email: mark@digitaloffice.co.uk

This policy is intended to comply with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and the Data Protection Act 2018. It does not constitute legal advice. If you require legal guidance on data protection matters, please consult a qualified solicitor.