Privacy Policy
PRIVACY POLICY
Last updated: 25/05/26
Data Controller: rrwebdevelopment
1. Controller Information
This website and associated services are operated by:
rrwebdevelopment
Email: rrwebdevelopment10@gmail.com
We act as the Data Controller under Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) for personal data processed in connection with our business activities.
We may use third-party service providers to support our operations. Where we do so, they act as Data Processors unless otherwise stated.
2. Scope
This Privacy Policy applies to personal data collected from:
- Website visitors
- Clients and prospective clients
- Business contacts and leads
- Individuals communicating via email, forms, messaging, or similar channels
- Users interacting with our services or systems
- Any individuals whose data is processed in the course of our business activities
It applies regardless of the method of collection or storage.
3. Categories of Personal Data We May Process
We may process the following categories of personal data depending on interaction:
3.1 Identity Data
- Name
- Company name
- Job title
- Identifiers provided in communication
3.2 Contact Data
- Email address
- Any contact details voluntarily provided in communication
3.3 Communication Data
- Emails and attachments
- Messages and form submissions
- Support requests and correspondence records
3.4 Technical Data
- IP address
- Browser type and version
- Device information
- Operating system
- Access timestamps and logs
3.5 Usage Data
- Website interactions
- Pages visited
- Session duration
- Navigation and referral data
- Click and interaction data (if applicable)
3.6 Transaction and Project Data
- Project details
- Service requests
- Agreements and related documentation
- Billing-related information (if applicable)
3.7 System-Generated Data
- Logs
- Error reports
- Analytical or performance data generated through system use
3.8 Special Category Data
We do not intentionally collect special category data under GDPR Article 9.
If such data is voluntarily provided, it will be processed only where necessary and lawful.
4. How We Collect Data
We may collect data through:
- Website contact forms
- Email communication
- Direct messages or inquiries
- Project onboarding and service discussions
- System logs and technical processes
- Cookies and similar technologies
- Third-party integrations or service providers
- Publicly available sources (where relevant and lawful)
5. Legal Bases for Processing
We process personal data under one or more of the following legal bases:
- Contract performance – to provide requested services or take pre-contractual steps
- Legal obligation – compliance with tax, accounting, or regulatory requirements
- Legitimate interests – business operations, communication, service improvement, and security
- Consent – where required for optional processing such as marketing or non-essential cookies
- Vital interests – in rare cases involving protection of life or safety
6. Purposes of Processing
Personal data may be used for:
- Providing web development and related services
- Managing communication and client relationships
- Handling enquiries and support requests
- Business administration and internal operations
- Service improvement and development
- Security, fraud prevention, and abuse detection
- Legal, tax, and accounting compliance
- Website analytics and performance monitoring
- Optional marketing communications (where consent is given)
7. Cookies and Tracking Technologies
We may use cookies and similar technologies for:
- Essential website functionality
- Security and performance
- Analytics and usage measurement
- Optional marketing or tracking features (if enabled)
Where required by law, non-essential cookies are only used after user consent is given.
Users may manage or disable cookies through browser settings.
8. Analytics
We may use analytics tools to understand website usage and improve services.
This may include:
- Page views and navigation behaviour
- Device and browser information
- Interaction and engagement data
- Traffic sources and performance metrics
Analytics data is used for statistical and operational purposes only and does not involve the sale of personal data.
9. Data Sharing
We may share personal data with trusted third parties where necessary, including:
- Hosting and infrastructure providers
- Communication and email service providers
- Cloud storage services
- Analytics and monitoring tools
- Payment or billing service providers (if applicable)
- Professional advisors (e.g. legal or accounting services)
- Public authorities where required by law
All third parties are required to handle personal data securely and in compliance with applicable data protection laws.
10. International Data Transfers
If personal data is transferred outside the European Economic Area (EEA), appropriate safeguards are applied, which may include:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Additional technical and organisational protections
11. Data Retention
We retain personal data only as long as necessary for the purposes for which it was collected, including legal, accounting, and operational requirements.
Typical retention periods may include:
- Project and client data: retained as long as necessary for business purposes
- Financial and accounting records: as required by applicable law
- Communication and inquiry data: retained as long as necessary for business purposes
- Analytics and technical logs: retained for limited operational periods
After this period, data is securely deleted or anonymised.
12. Data Security
We implement appropriate technical and organisational security measures, including:
- Encrypted communication (HTTPS/TLS)
- Secure hosting infrastructure
- Access controls and authentication measures
- Role-based access restrictions
- Regular updates and system maintenance
- Backup and recovery procedures
- Monitoring and logging systems
- Confidentiality obligations for any personnel or contractors
While no system is completely secure, reasonable measures are taken to protect personal data.
In the event of a personal data breach, we will notify the relevant supervisory authority and affected individuals through this website where required under GDPR.
13. Data Subject Rights
Under GDPR, you have the right to:
- Access your personal data
- Request correction of inaccurate data
- Request deletion of your data
- Restrict or object to processing
- Request data portability
- Withdraw consent at any time (where applicable)
- Lodge a complaint with a supervisory authority
14. Age Restriction
Our services are intended only for individuals aged 18 years or older.
We do not knowingly collect personal data from individuals under 18. If such data is identified, it will be deleted promptly.
15. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
If this changes, this policy will be updated accordingly.
16. Third-Party Services
We may use third-party services to support our operations, including:
- Hosting providers
- Communication tools
- Analytics services
- Security tools
- Payment or billing systems (if applicable)
Each provider operates under its own privacy terms and applicable legal agreements.
17. Changes to This Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last updated” date.
18. Contact
For any questions regarding this Privacy Policy or personal data:
rrwebdevelopment
Email: rrwebdevelopment10@gmail.com