← Back home

Privacy Policy

Last updated: 28 May 2026
Placeholder document. Replace the highlighted bits before going live (company details, ICO registration number, exact subprocessors). Register with the ICO (£40/year) at ico.org.uk/registration before processing real customer data.

1. Who we are

Digitally Done Ltd (company number [XXXXXXXX], registered office 9 Mossbrook Lane, London EC2A 4QR) is the controller of personal data described in this policy.

ICO registration number: [ZAXXXXXXX]

Data Protection contact: privacy@digitallydone.com

2. What data we collect

We collect personal data in three contexts:

ContextData collectedLawful basis (UK GDPR)
You contact us (website form, email, phone, WhatsApp) Name, email, phone, business name, message content Legitimate interest (responding to your enquiry)
You become a customer Billing name, address, payment-card data (held by Stripe/GoCardless, not by us), business details, account credentials Contract performance
Your customers interact with you via channels we manage (DMs, reviews, bookings) Names, messages, contact details, transaction context You are the controller. We process this data as your processor under our Terms.

3. How we use it

We do not sell your data or use it for advertising to third parties.

4. Subprocessors

To run the Services we share necessary data with the following processors. Each is bound by a Data Processing Agreement.

ProcessorPurposeLocation
Netlify (Netlify Inc.)Website hosting + form submissionsUSA (EU-US Data Privacy Framework)
Stripe Payments UK LtdCard payment processingUK / EEA
GoCardless LtdDirect-debit processingUK
OpenAI / Anthropic (LLM providers)AI-generated content and repliesUSA (Standard Contractual Clauses)
Meta Platforms Ireland LtdInstagram / WhatsApp / Facebook publishingEU / USA
Google Ireland LtdGoogle Business Profile, Gmail integrationEU / USA
[add others as you adopt]

5. How long we keep it

6. Your rights (UK GDPR)

You have the right to:

To exercise any of these rights, email privacy@digitallydone.com. We will respond within 30 days.

You also have the right to complain to the UK Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

7. Cookies

This website uses essential cookies only — no analytics, advertising or tracking cookies. If we add analytics in future (e.g. Plausible, Fathom — privacy-friendly tools), this section will be updated and you will be notified.

8. Security

All data is transmitted over HTTPS. Account passwords are hashed. Customer message data is encrypted at rest. We use principle-of-least-privilege access controls internally. If we ever suffer a breach affecting your data, we will notify you and the ICO within 72 hours as required by UK GDPR.

9. International transfers

Some of our processors are in the USA. Transfers are protected by either the EU-US Data Privacy Framework or Standard Contractual Clauses with additional safeguards.

10. Changes to this policy

We will email you at least 14 days before any material change to this policy.

11. Contact

Questions: privacy@digitallydone.com