Privacy Policy

Last updated: May 2026

1. Who we are

Let's Make A Website Ltd ("LMAW", "we", "us", "our") is a limited company registered in England and Wales. We operate the letsmakeawebsite.co.uk website and provide website creation and hosting services to small businesses. This privacy policy explains how we collect, use, and protect your personal data.

2. What data we collect

We collect the following information from you:

• Account information: Your name, email address, phone number (optional), and business name when you create an account.
• Business details: Company registration number, business type, and business address provided during setup.
• Payment information: Billing address, payment method details (processed securely by Stripe). We do not store full credit card details.
• Website content: Text, images, and other content you upload to your website.
• Usage data: How you interact with our platform (login times, features used, support interactions).
• Communication: Any messages you send to our support team.
• Website visitor data: We use Plausible Analytics to understand how visitors use your website. This tool does not use cookies or collect personal data.

3. Our legal basis for processing your data

We process your personal data on the following legal bases:

• Contract: To provide our services and fulfil our agreement with you.
• Legal obligation: To comply with tax law, accounting requirements, and fraud prevention.
• Legitimate interests: To improve our services, conduct fraud prevention, and maintain platform security.
• Consent: Where you have explicitly opted in (e.g., marketing communications).

4. How we use your data

We use your personal data for the following purposes:

• To provide, maintain, and improve our website building and hosting services.
• To manage your account, process payments, and send service notifications.
• To manage domain registrations and email provisioning through third-party providers.
• To sync your business information to Google Business Profile, Meta, and Bing (with your consent).
• To respond to your enquiries and provide customer support.
• To conduct analytics and improve our platform performance and user experience.
• To comply with legal and regulatory obligations.
• To prevent fraud and abuse of our services.

5. Marketing communications

We only send marketing communications if you have opted in. You can unsubscribe from marketing emails at any time by clicking the unsubscribe link in our emails or contacting us at privacy@letsmakeawebsite.co.uk. We comply with the Privacy and Electronic Communications Regulations 2003 (PECR) and will not send unsolicited marketing messages to your phone or fax.

6. Third-party data sharing

We may share your personal data with the following third parties to provide our services:

• Supabase: Our database provider (located in EU, under GDPR adequacy agreement).
• Stripe: Payment processor for secure payment handling.
• Cloudflare: Website hosting and content delivery network provider.
• Migadu: Email hosting provider for your custom email addresses.
• ResellerClub: Domain registration provider.
• Google, Meta, Bing: For business listing synchronisation (with your consent).
• Plausible Analytics: Website analytics (no personal data collected).

We do not share your personal data for marketing purposes without your explicit consent. We will not sell your data to third parties.

7. Data transfers outside the UK/EU

Some of our service providers are located outside the UK and EU. Where personal data is transferred outside the UK/EU, we ensure appropriate safeguards are in place, including Standard Contractual Clauses or adequacy decisions. Your data will not be transferred to countries lacking adequate data protection.

8. Your rights under UK GDPR

You have the following rights regarding your personal data:

• Right of access: You can request a copy of the personal data we hold about you.
• Right to rectification: You can correct inaccurate or incomplete data.
• Right to erasure: You can request deletion of your data (subject to legal retention requirements).
• Right to restrict processing: You can limit how we use your data.
• Right to data portability: You can request your data in a portable format.
• Right to object: You can object to processing for marketing or legitimate interest purposes.
• Right to withdraw consent: You can withdraw consent for any processing where consent is the legal basis.

To exercise these rights, contact us at privacy@letsmakeawebsite.co.uk with details of your request. We will respond within 30 days (or up to 3 months for complex requests).

9. Data retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

• Account data: Retained while your account is active. After cancellation, we delete your data within 30 days unless legal obligations require longer retention.
• Payment records: Retained for 6 years for tax and accounting compliance.
• Support communications: Retained for 2 years after your account closure for dispute resolution and legal defence.

10. Security

We implement technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. This includes encryption in transit and at rest, regular security assessments, and restricted access to personal data. However, no method of transmission over the internet is 100% secure. You are responsible for keeping your password confidential.

11. Cookies and tracking

Our website uses essential cookies to maintain your session and provide services. We do not use tracking cookies for marketing purposes. Our analytics partner, Plausible Analytics, does not use cookies. You can disable cookies in your browser settings, but this may affect the functionality of our website.

12. Children's privacy

Our services are not directed at children under 13 years of age. We do not knowingly collect personal data from children. If we become aware that a child has provided personal data, we will take steps to delete such data and terminate the child's account.

13. Changes to this policy

We may update this privacy policy from time to time. We will notify you of significant changes via email or by posting the revised policy on our website with an updated "Last updated" date. Your continued use of our services after such changes constitutes your acceptance of the revised policy.

14. Data Protection Officer

We take data protection seriously. If you have concerns about how we handle your data, please contact our Data Protection Officer at privacy@letsmakeawebsite.co.uk.

15. Contact and complaints

For privacy enquiries or to exercise your rights under UK GDPR, contact us at: privacy@letsmakeawebsite.co.uk

If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk.