This Privacy Policy applies to Digital Marketing Winds and covers all personal data collected through our website (digitalmarketingwinds.com), contact forms, newsletter subscriptions, and any direct communications with us. We are committed to complying with the UK GDPR and EU GDPR.
1. Who We Are
Digital Marketing Winds is an AI-powered digital marketing agency. We are the data controller for all personal information collected through our website and services.
For all data-related enquiries, contact our designated privacy lead at privacy@digitalmarketingwinds.com. We aim to respond to all data requests within 30 calendar days.
2. Data We Collect
We only collect data you actively provide to us, or data automatically generated by your use of our website. We do not buy, rent, or obtain personal data from third-party data brokers.
2.1 Contact Form
When you submit a discovery call request, we collect:
- Full name
- Email address
- Company name (optional)
- Website URL (optional)
- Service(s) of interest
- Monthly marketing budget range (optional)
- Your goals and message
2.2 Newsletter Subscription
When you subscribe to our newsletter, we collect your email address only. No other data is required.
2.3 Automatically Collected Data
When you visit our website, our hosting provider (Hostinger) may automatically log:
- IP address (anonymised where possible)
- Browser type and version
- Pages visited and time spent
- Referring website
- Date and time of visit
This data is used solely for website security, performance monitoring, and aggregate analytics. It is not used for advertising profiling.
2.4 Data You Send Us Directly
If you email us or contact us through LinkedIn or other channels, we retain those communications for the purpose of responding to your enquiry and maintaining a record of our relationship.
3. How We Use Your Data
We use your personal data for the following purposes only:
- To respond to enquiries — contact form submissions are used solely to follow up on your discovery call request.
- To send our newsletter — subscribers receive our fortnightly marketing insights email. Every email includes a clear one-click unsubscribe link.
- To deliver agreed services — if you become a client, we process data necessary to manage your account, campaigns, and reporting.
- To improve our website — aggregate, anonymised analytics help us understand which content is most useful.
- To comply with legal obligations — we retain certain records as required by applicable law.
We will never: sell your data to third parties, use it for advertising profiles, share it with partners without your explicit consent, or send unsolicited commercial communications unrelated to what you signed up for.
4. Legal Basis for Processing (GDPR)
Under the UK GDPR and EU GDPR, we rely on the following legal bases:
| Processing Activity | Legal Basis |
|---|---|
| Responding to contact form enquiries | Legitimate interests (pre-contractual communication) |
| Sending newsletter emails | Consent (opt-in via newsletter signup form) |
| Delivering client services | Contract performance |
| Website security logs | Legitimate interests (website security) |
| Legal record-keeping | Legal obligation |
5. Data Retention
We retain personal data only for as long as necessary for the purpose it was collected:
- Contact form enquiries: 2 years from last contact, or indefinitely if you become a client (for account management purposes).
- Newsletter subscriptions: Until you unsubscribe. We honour all unsubscribe requests within 10 working days.
- Client data: 6 years from end of contract, as required by UK tax and financial regulations.
- Website server logs: 90 days, then automatically purged.
- Email correspondence: 3 years from last communication.
When retention periods expire, data is securely deleted or anonymised.
6. Your Rights
Under the UK GDPR and EU GDPR, you have the following rights regarding your personal data. These rights are free of charge and we will respond within 30 calendar days.
Right of Access
Request a copy of the personal data we hold about you at any time.
Right to Rectification
Ask us to correct inaccurate or incomplete personal data without undue delay.
Right to Erasure
Request deletion of your personal data where there is no legitimate reason to retain it.
Right to Restriction
Ask us to restrict the processing of your data in certain circumstances.
Right to Portability
Receive your data in a structured, machine-readable format and transfer it elsewhere.
Right to Object
Object to processing based on legitimate interests or for direct marketing purposes.
Right to Withdraw Consent
Where processing is based on consent, withdraw it at any time without affecting prior processing.
Right to Lodge a Complaint
Complain to your national data protection authority if you believe we have breached the GDPR.
To exercise any of these rights, email privacy@digitalmarketingwinds.com with your name, email address, and a description of your request. We may need to verify your identity before processing certain requests.
7. Cookies & Analytics
7.1 Strictly Necessary Cookies
Our website uses only strictly necessary cookies required for the site to function (e.g. session management). These cannot be disabled without breaking core site functionality.
7.2 Analytics
We may use privacy-respecting, cookie-free analytics tools that do not fingerprint users, set tracking cookies, or share data with advertising networks. Where analytics are used, data is aggregate and anonymised — we cannot identify individual visitors.
We do not use Google Analytics, Meta Pixel, or any other advertising tracker on this website.
7.3 Managing Cookies
You can control cookies through your browser settings. Disabling cookies may affect some features of the site. For more information, visit allaboutcookies.org.
8. Third-Party Services
We use a small number of trusted third-party services to operate our website and communicate with you:
| Service | Purpose | Data Shared |
|---|---|---|
| Hostinger | Website hosting & server | Server logs (IP, pages, timestamps) |
| GitHub | Code repository & deployments | No personal data |
| Gmail / Google Workspace | Email delivery for form notifications | Email address, form content |
| Nodemailer (self-hosted) | Transactional email sending | Handled on our own server only |
All third-party providers are contractually bound to process data only as instructed and in accordance with applicable data protection law. We do not use any third-party advertising, remarketing, or data-brokering services on this website.
9. Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures, including:
- HTTPS/TLS encryption on all data in transit
- Access controls — personal data is only accessible to staff who need it
- Regular review of our data handling procedures
- No storage of sensitive payment data (we do not process payments through this website)
In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours and, where required, notify affected individuals without undue delay.
10. Children's Privacy
Our website and services are not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently collected data from a child, please contact us immediately at privacy@digitalmarketingwinds.com and we will delete it promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the “Last updated” date at the top of this page.
For material changes, we will notify active newsletter subscribers by email at least 14 days before the changes take effect. Continued use of our website after changes are published constitutes acceptance of the updated policy.
We recommend reviewing this page periodically. Previous versions are available on request.
12. Contact & Complaints
For any questions about this Privacy Policy, to exercise your data rights, or to raise a concern:
Data Controller
Digital Marketing Winds
Privacy & Data Protection
privacy@digitalmarketingwinds.comWe aim to respond to all data requests within 30 calendar days.
If you are not satisfied with our response, you have the right to lodge a complaint with your national data protection supervisory authority. In the UK, this is the Information Commissioner's Office (ICO) at ico.org.uk. In the EU, you may contact your local Data Protection Authority.