Privacy Policy

Privacy Policy – Timeless Touch

This Privacy Policy describes how Timeless Touch (“the Company”, “we”, “us”, or “our”) collects, uses and discloses your information when you use our website and services, and explains your privacy rights and how the law protects you.​ By using our website or contacting us, you agree to the collection and use of information in accordance with this Privacy Policy.​

Interpretation and definitions

Interpretation

Words with initial capital letters have meanings defined under the following conditions. The following definitions apply whether they appear in singular or in plural.​

Definitions

For the purposes of this Privacy Policy:​

  • Account means a unique account created for you to access our services or parts of our services.​
  • Company refers to Timeless Touch, [insert registered address]. For the purpose of UK GDPR, the Company is the Data Controller.
  • Cookies are small files placed on your device by a website, often containing details of your browsing activity.​
  • Country refers to the United Kingdom.​
  • Data Controller means the natural or legal person which determines the purposes and means of the processing of personal data; for this website, this is Timeless Touch.​
  • Device means any device that can access the service such as a computer, mobile phone or tablet.​
  • Personal Data means any information relating to an identified or identifiable individual, such as a name, identification number, location data or online identifier.​
  • Service refers to the website and any related online services provided by Timeless Touch.​
  • Service Provider means any third party who processes data on behalf of the Company (for example, hosting providers, analytics services, and email platforms).​
  • Thirdparty Social Media Service refers to any social network or website through which a user can interact with our content or contact us (for example, Instagram or TikTok).​
  • Usage Data refers to data collected automatically, generated either by the use of the service or from the service infrastructure itself (for example, page visit duration).​
  • You means the individual accessing or using the service, or the company or other legal entity on whose behalf such individual is accessing or using the service.​

Under UK GDPR, you may be referred to as the Data Subject.

Collecting and using your personal data

Types of data collected

Personal data

While using our website or contacting us, we may ask you to provide personally identifiable information that can be used to contact or identify you. This may include, but is not limited to:​

  • Name (first name and last name)
  • Email address
  • Phone number
  • Postal address (including postcode, city and country)
  • Project details and any information you choose to share in enquiry forms or emails
  • Billing details if you purchase services (for example, invoice address and payment references; payment card details are handled by thirdparty processors and not stored by us)​

If you pay via bank transfer, we may see information associated with your bank, name and reference on our bank statements, which we keep for accounting and legal purposes.​

Usage data

Usage Data is collected automatically when using the website.​

Usage Data may include information such as your device’s IP address, browser type, browser version, the pages you visit, the time and date of your visit, time spent on pages, and other diagnostic data.​

When you access the website by or through a mobile device, we may collect information about the type of device, unique device ID, IP address, operating system, browser type, and other diagnostic data.​

Tracking technologies and cookies

We use Cookies and similar technologies to track activity on our website and store certain information to improve and analyse our service. Technologies may include cookies, web beacons, tags and scripts.​

You can instruct your browser to refuse cookies or to indicate when a cookie is being sent; however, some parts of the website may not function properly without cookies.​

We may use the following types of cookies:​

  • Necessary / essential cookies (session cookies) : Used to provide core website functionality, authenticate users and prevent fraudulent use of accounts.​
  • Cookie consent cookies (persistent cookies) : Used to remember your cookie preferences on the website.​
  • Functionality cookies (persistent cookies) : Used to remember choices you make, such as login details or preferences, to provide a more personalised experience.​
  • Analytics / performance cookies (persistent cookies) : Used by us or thirdparty providers to understand how visitors use the website and to improve content, functionality and user experience.​

For more information about cookies and how to manage them, please refer to your browser help section or independent resources such as “All About Cookies”.​

Use of your personal data

The Company may use personal data for the following purposes:​

  • To provide and maintain our service: Including monitoring usage and ensuring the website functions correctly.​
  • To manage your enquiries and any contract: Including responding to contact form submissions, providing estimates, carrying out services, and managing bookings or projects.​
  • To contact you: By email, phone or other agreed channels about your enquiry, project updates, and essential service communications.​
  • To provide you with news and offers : Where you have opted in, we may send newsletters or information about services similar to those you have enquired about, and you can opt out at any time.​
  • To manage your requests : Including handling customer service queries and datarelated requests.​
  • For business and legal purposes: Such as data analysis, improving our services, maintaining financial records, and complying with legal obligations or defending legal claims.​

We may share your personal information in the following situations:​

  • With Service Providers (for example, website hosting, email service, analytics, and payment processors) to support our business and website.
  • With professional advisers (for example, accountants or legal advisers) where reasonably necessary.​
  • With another organisation in connection with a business transfer, such as a merger or sale of assets.​
  • Where required by law or regulation, or to protect our rights, property, or safety or that of others.​
  • With your consent, where you have specifically agreed to a disclosure.​

We do not sell your personal data.​

Retention of your personal data

The Company will retain your personal data only for as long as is reasonably necessary for the purposes set out in this Privacy Policy, including to comply with legal, accounting or reporting requirements.

Usage Data is generally retained for a shorter period, except where it is used to strengthen security, improve functionality, or where longer retention is required by law.

Transfer of your personal data

Your information may be processed and stored in the UK and in other countries where our Service Providers are located. Where personal data is transferred outside the UK, we take reasonable steps to ensure appropriate safeguards are in place (for example, using approved contractual clauses) so that your data remains protected in line with UK data protection law.

By using our website and submitting information, you agree to these transfers, storing and processing.

Disclosure of your personal data

We may disclose your personal data:

  • In connection with any merger, sale of assets or acquisition of all or part of our business, where your data may be transferred as part of the transaction.
  • To law enforcement or public authorities if required by law or in response to valid legal requests (for example, a court order).
  • Where necessary to protect our rights, property, or safety, or that of our clients or the public, or to prevent or investigate possible wrongdoing.

Security of your personal data

We use appropriate technical and organisational measures to protect your personal data; however, no method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

Analytics

We may use thirdparty analytics providers (such as Google Analytics) to monitor and analyse the use of our website. These providers may collect data such as your IP address, device information and onsite behaviour, and use this to provide us with aggregated statistics.

Email marketing

If you subscribe to our mailing list or consent to marketing, we may use your personal data to send you newsletters, updates, or promotional information. You can unsubscribe at any time by using the link in our emails or by contacting us.

Legal basis for processing (UK GDPR)

We process personal data under one or more of the following legal bases:

  • Consent: where you have given clear consent (for example, to receive marketing emails).
  • Contract: where processing is necessary to enter into or perform a contract with you (for example, to provide services).
  • Legal obligation – where processing is necessary to comply with UK law.
  • Legitimate interests – where processing is necessary for our legitimate business interests and these are not overridden by your rights and interests.

Your data protection rights

Under UK data protection law, you have the following rights:

  • The right to access the personal data we hold about you.
  • The right to rectification of inaccurate or incomplete data.
  • The right to erasure of your data in certain circumstances (“right to be forgotten”).
  • The right to restrict or object to certain processing, including direct marketing.
  • The right to data portability for data you provided to us, in certain circumstances.
  • The right to withdraw consent where consent is the lawful basis, without affecting the lawfulness of processing before withdrawal.

You can exercise these rights by contacting us using the details below; we may need to verify your identity before responding.

You also have the right to complain to the UK Information Commissioner’s Office (ICO) at www.ico.org.uk if you are unhappy with how we handle your data.

Children’s privacy

Our website and services are not directed at children under 13 and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so that we can delete it where required.

Links to other websites

Our website may contain links to thirdparty websites that are not operated by us. If you click on a thirdparty link, you will be directed to that site and should review its privacy policy. We are not responsible for the content or privacy practices of thirdparty sites.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. Changes are effective when posted on this page and the “Last updated” date will be revised accordingly. You are advised to review this page periodically for any updates.

Contact us

If you have any questions about this Privacy Policy or our data practices, you can contact Timeless Touch:​