Privacy Policy

Last updated: 14/12/2025

This Privacy Policy explains how Core Web UK (“we”, “us”, “our”) collects, uses and protects your personal information. We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are a sole-trader business:

Core Web UK

Owned by: Toufik Beladi
Address: 125 Lower Addiscombe Road, Croydon, CR0 6PU
Email: info@corewebuk.co.uk
GDPR enquiries: privacy@corewebuk.co.uk
Phone: 07821 004213

1. Information We Collect

We only collect information necessary to provide our services or respond to you. This includes:

Name
Email address
Phone number
Business name
Project details
Messages sent through our contact form
Email subscription details

We do not collect payment card details on our website. Payments will be securely processed by Stripe.

We do not use Google Analytics, tracking pixels, advertising cookies, or behavioural tracking tools.

2. How We Use Your Information

We use your personal data to:

Respond to enquiries
Provide quotations
Deliver web design, SEO and maintenance services
Fulfil emergency website repair services and other digital service products purchased through our website
Manage invoices and payments
Send agreed updates or subscription information
Maintain business records

3. Legal Basis for Processing

Under UK GDPR, we process your data using the following legal bases:

Contract – to provide a service you have requested
Legitimate interest – to respond to enquiries and maintain communication
Consent – for email marketing (if you subscribe)
Legal obligation – to keep financial records

4. How We Store & Protect Your Information

Your data is stored securely through:

Hostinger (website hosting)
Email service (encrypted mail servers)
Stripe (if using card payments)

We take reasonable measures to prevent unauthorised access, disclosure or misuse.

Emergency Website Access & Credentials

For emergency website repair services, we may temporarily request secure access credentials such as website admin login, hosting panel access, or DNS records.

These credentials are used solely to diagnose and resolve the reported issue. Access details are not stored beyond the duration of the emergency repair and are never retained for future use unless explicitly agreed as part of an ongoing service.

We take appropriate technical and organisational measures to ensure all access data is handled securely and confidentially.

5. Who We Share Your Data With

We only share your data when necessary to run our business:

Hostinger – website hosting
Stripe – secure payment processing
Email provider – to receive and send messages

For emergency support requests, communication may take place via phone call, SMS, or WhatsApp to ensure timely service delivery. These communications are used strictly for service-related purposes and are not shared with third parties.

We never sell or rent your data.

6. Data Retention

We keep personal data only as long as necessary:

Contact form enquiries: up to 12 months
Client project data: up to 6 years (for tax/legal purposes)
Email subscriptions: until you unsubscribe

7. Your Rights Under UK GDPR

You have the right to:

Access your data
Correct inaccurate data
Request deletion
Withdraw consent
Object to processing
Request a copy of the data we hold

To exercise your rights, email: privacy@corewebuk.co.uk

8. Cookies

We only use essential cookies required for website functionality.
See our Cookie Policy for full details.

9. Payments via Stripe

If you purchase services or subscriptions online:

All card details are handled by Stripe, not by us
Stripe processes your data according to its own Privacy Policy
We never see or store your card numbers

Payments made for emergency website repair services are for digital services delivered remotely and are processed immediately upon confirmation.

10. Changes to This Policy

We may update this page occasionally. Updates will be posted here with a new “Last updated” date.