Privacy Policy

1. INTRODUCTION

This Privacy Policy explains how As Easy As (“we”, “our”, or “us”) collects, uses, shares, and protects personal information when you use our website, products, or services. We are committed to protecting your privacy and handling your data in an open and transparent manner. We take seriously the protection of your privacy and confidentiality and understand that all visitors to our website are entitled to know that their personal data will not be used for any purpose unintended by them. Our policy complies with UK law and the EU General Data Protection Regulation (GDPR). If you are not happy with any aspect of our Privacy Policy, your only recourse is to leave our website immediately.

2. WHO WE ARE

As Easy As Registered Office: 137 Longfellow Road, Worcester Park, Surrey KT4 8BA Data Protection Officer: Mike Sheehan Email: admin@aseasyas.co.uk Phone: 020 8412 1825

3. LEGAL BASES FOR PROCESSING YOUR INFORMATION

Under the GDPR, we must have a legal basis for processing your personal data. We rely on the following points depending on the context:

3.1 Contractual Necessity

We process certain information because it is necessary to perform our contract with you or to take steps at your request before entering into a contract. For example, when you create an account, purchase our products or services, or otherwise agree to our terms and conditions.

3.2 Consent

We process some information based on your explicit consent, such as when you agree to our use of cookies or opt-in to receive marketing communications. You can withdraw your consent at any time by contacting us or using the unsubscribe options we provide.

3.3 Legitimate Interests

We may process your information when we have a legitimate interest in doing so, provided your rights do not override these interests. Examples include:

• Improving and personalising our services
• Protecting against fraud and unauthorized transactions
• Administrative record-keeping
• Responding to your communications
• Protecting and asserting legal rights

3.4 Legal Obligation

We may process your information to comply with legal requirements, such as tax laws or responding to court orders and legal investigations.

4. INFORMATION WE COLLECT

4.1 Information You Provide to Us

• Account information (name, email address, password)
• Profile information (job title, company name)
• Payment information (invoice address, payment method details)
• Communications (when you contact our support team)
• Survey responses and feedback
• Project brief and requirements information
• Website content and materials (text, images, documents for website projects)
• Business information (company details, service descriptions, contact information for websites)
• Design preferences and feedback during the web development process
• Domain and hosting credentials (when managing client websites)

4.2 Information Collected Automatically

• Log data (IP address, browser type, pages visited, time spent)
• Device information (operating system, unique device identifiers)
• Location information (country, town or city)
• Cookies and similar technologies
• Usage information (features used, actions taken)
• Form submission data (contact forms, quote requests)
• Portfolio viewing behaviour (which projects visitors view)

5. HOW WE USE YOUR INFORMATION

We use your personal information for the following purposes:

5.1 Providing Our Services

• Creating and managing your account
• Processing transactions and fulfilling orders
• Providing customer support and responding to inquiries
• Personalising your experience
• Creating and developing websites according to your specifications
• Managing domain registration and hosting services
• Providing ongoing website maintenance and support
• Creating website backups and security monitoring

5.2 Improving Our Services

• Analysing usage patterns to enhance functionality
• Conducting research and development
• Debugging and fixing issues
• Building portfolio showcases (with client permission)
• Analysing website performance for optimisation

5.3 Portfolio and Marketing

• Showcasing completed projects in our portfolio (with explicit consent)
• Sending occasional updates about web design trends and services

5.4 Security and Compliance

• Verifying your identity
• Detecting and preventing fraud
• Complying with legal obligations
• Enforcing our terms and policies

6. COOKIES AND TRACKING TECHNOLOGIES

6.1 What Are Cookies

Cookies are small text files placed on your device when you visit our website. They allow us to recognize your device and remember certain information about your visit.

6.2 Types of Cookies We Use

6.3 Google Analytics

We use Google Analytics for anonymous reporting of site usage. No personalized data is stored. You can opt-out of Google Analytics monitoring by using https://tools.google.com/dlpage/gaoptout.

6.4 Managing Cookies

You can control cookies through your browser settings. However, if you block or delete cookies, some features of our website may not function properly. For more information about cookies, visit www.allaboutcookies.org.

7. INFORMATION SHARING AND DISCLOSURE

We do not sell, rent, or trade your personal information with third parties for their marketing purposes. We may share your information in the following circumstances:

7.1 Service Providers

We share information with trusted third parties who provide services on our behalf, such as:

• Web hosting providers (for client websites)
• Domain registrars (for domain management)
• SSL certificate providers
• Website backup services
• Content delivery networks (CDNs)
• Cloud hosting providers
• Analytics providers

All service providers are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them.

7.2 Business Transfers

If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

7.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

7.4 Protection of Rights

We may disclose information to protect and defend the rights, property, or safety of our company, our users, or others.

7.5 With Your Consent

We may share your information with third parties when you have given us your consent to do so.

7.6 Website Development

• Third-party themes and plugins may process data according to their own privacy policies
• Client website hosting may involve data processing by hosting providers
• Domain registration involves sharing information with domain registries as required by ICANN

7.7 Client Website Data

When we develop and maintain websites for clients, we may process personal data that appears on those websites or is collected through them:

• We process this data solely to provide web development and maintenance services
• Client data collection through contact forms, analytics, or other website features is governed by the client’s own privacy policy
• We do not use client website data for our own marketing or business purposes
• Clients remain the data controllers for any personal data collected through their websites
• We act as data processors when handling personal data on behalf of clients
• We process this data solely to provide web development and maintenance services
• Client data collection through contact forms, analytics, or other website features is governed by the client’s own privacy policy
• We do not use client website data for our own marketing or business purposes
• Clients remain the data controllers for any personal data collected through their websites
• We act as data processors when handling personal data on behalf of clients
• We process this data solely to provide web development and maintenance services
• Client data collection through contact forms, analytics, or other website features is governed by the client’s own privacy policy
• We do not use client website data for our own marketing or business purposes
• Clients remain the data controllers for any personal data collected through their websites
• We act as data processors when handling personal data on behalf of clients

8. INTERNATIONAL DATA TRANSFERS

• Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission
• Using specific contracts approved by the European Commission (Standard Contractual Clauses)
• For US-based providers certified under the EU-US Data Privacy Framework
• Obtaining your explicit consent to the proposed transfer
• Website hosting and CDN services may involve data processing in various countries
• Domain registration data is stored in international databases as required by ICANN

Specific Safeguards We Use:

• The processor is within the same corporate group as our business and abides by the same binding corporate rules
• Our contracts with data processors include transfer clauses written by or approved by a supervisory authority in the European Union
• We comply with a code of conduct approved by a supervisory authority in the European Union
• We are certified under an approved certification mechanism as provided for in the GDPR

9. YOUR PRIVACY RIGHTS

Under the GDPR and other applicable data protection laws, you have the following rights:

9.1 Access

You have the right to request copies of your personal data. We may charge a reasonable fee when a request is manifestly unfounded or excessive.

9.2 Rectification

You have the right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

9.3 Erasure

You have the right to request that we erase your personal data, under certain conditions.

9.4 Restrict Processing

You have the right to request that we restrict the processing of your personal data, under certain conditions.

9.5 Data Portability

You have the right to request that we transfer the data we have collected to another organization, or directly to you, under certain conditions. This includes receiving your personal data in a commonly used, machine-readable format (such as CSV or XML).

9.6 Object to Processing

You have the right to object to our processing of your personal data, under certain conditions.

9.7 Automated Decision-Making and Profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling.

9.8 Exercising Your Rights

To exercise any of these rights, please contact our Data Protection Officer using the contact details provided in Section 2. We will respond to all legitimate requests within one month.

9.9 PORTFOLIO DISPLAY CONSENT 

We may request permission to showcase completed websites in our portfolio:

• Explicit consent is required before displaying any client work
• You can withdraw consent for portfolio display at any time
• Website screenshots and project descriptions may be displayed with your permission
• Sensitive or confidential client information is never included in portfolio displays
• Client testimonials are only used with explicit written consent

10. DATA SECURITY

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage by:

• Website security monitoring for client sites under our management
• Regular backup procedures for client websites
• Secure file transfer protocols for sensitive client materials

• Development environment isolation to protect client data during website creation

10.1 SSL Encryption

We use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you provide to us. You can verify this by looking for a closed padlock symbol or other trust mark in your browser’s URL bar or toolbar.

10.2 Data Breach Procedures

We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

11. CHILDREN’S PRIVACY

Our services are not directed to children under the age of 18. We do not knowingly collect personal data from children under 18. If you are under 18, you may use our website only with consent from a parent or guardian. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

12. DATA RETENTION

We retain your personal information only for as long as necessary to fulfill the purposes for which we collected it, including:

When your data is no longer required, we will securely delete or anonymize it.

13. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The revised policy will be posted on this page with an updated “Last Updated” date. We encourage you to review this Privacy Policy regularly to stay informed about how we protect your information. Your continued use of our services after any changes to this Privacy Policy constitutes your acceptance of the revised policy.

14. HOW TO CONTACT US

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: Data Protection Officer: Mike Sheehan Email: admin@aseasyas.co.uk Address: 137 Longfellow Road, Worcester Park, Surrey KT4 8BA Phone: 020 8412 1825

Complaints

If you are not satisfied with our response to your concern, you have the right to lodge a complaint with the Data Protection Commissioner. This can be done at https://www.dataprotection.ie/docs/complaints/1592.htm. We hope to resolve any concerns directly and amicably, and we are committed to addressing your privacy concerns promptly.