Privacy Policy

Last updated: March 2025

1. Introduction

Wright Websites ("we", "us", "our") is committed to protecting your personal data. This privacy policy explains how we collect, use, store and protect information about you when you use our website, engage our services or communicate with us. We are the data controller for the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information we collect

We may collect and process the following categories of personal data:

• Identity and contact data: name, email address, telephone number, company name and job title.
• Technical data: IP address, browser type and version, time zone, device information and other technology on the devices you use to access our website.
• Usage data: how you use our website and services, including pages visited and actions taken.
• Marketing and communications data: your preferences in receiving marketing and your communication preferences.
• Contract and transaction data: details of services you have purchased or enquired about, and correspondence with us.

3. How we collect your data

We collect personal data through: direct interactions (enquiry forms, correspondence, contracts); automated technologies (cookies and similar technologies when you use our website); and third parties (e.g. analytics providers, payment processors) where relevant. For more detail on cookies, see our Cookie Policy.

4. Legal basis and purposes

We process your personal data only where we have a lawful basis: to perform a contract with you or take steps at your request; for our legitimate interests (e.g. improving our services, security, marketing) where not overridden by your rights; to comply with legal obligations; or, where applicable, with your consent. We use your data to provide and improve our services, communicate with you, manage accounts and contracts, send relevant marketing (where permitted), and meet legal and regulatory requirements.

5. Data sharing and international transfers

We may share your data with service providers who act as processors (e.g. hosting, email, analytics) under written agreements. We do not sell your personal data. Where we transfer data outside the UK, we ensure appropriate safeguards (e.g. adequacy decisions or standard contractual clauses) are in place.

6. Retention

We retain personal data only for as long as necessary for the purposes set out in this policy or as required by law. This may include retention for the duration of our contract, for legal claims or regulatory compliance, and in accordance with our retention schedule.

7. Your rights

Under UK data protection law you have rights including: access; rectification; erasure ("right to be forgotten"); restriction of processing; data portability; to object to processing; and to withdraw consent where processing is consent-based. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO). To exercise any of these rights, contact us using the details below.

8. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure or destruction, in line with the principle of data security by design and by default.

9. Changes to this policy

We may update this privacy policy from time to time. The "Last updated" date at the top indicates when it was last revised. Continued use of our website or services after changes constitutes acceptance of the updated policy where permitted by law.

10. Contact

For questions about this privacy policy or our use of your personal data, please contact us at the details provided on our website (e.g. contact page or footer). We will respond to valid requests in accordance with applicable law.