Legal
Every policy in one place.
Procurement teams at clinics, schools and multi-site groups Google "legal" before they sign. So here is one URL with every document we publish, grouped by audience, each with a one-line summary, last-updated date, and rough read time. The five-minute version of "do they take this seriously?" answered up front.
For everyone using this site
If you visit ukwebmarketing.com, contact us, or read the blog, these are the documents that govern that.
- Open →
Privacy Policy
What personal data we collect, why, what your rights are, and how to exercise them. UK GDPR + Data Protection Act 2018.
- Open →
Cookie Policy
What cookies this site sets, currently none of our own, plus what Stripe sets during checkout. PECR companion to the Privacy Policy.
- Open →
Terms & Conditions
The rules of using the service, what is included in your bespoke build and monthly retainer, what you and we are responsible for, and how things end if they end.
- Open →
Accessibility Statement
Our WCAG 2.2 AA commitment (AAA where the content allows), what we test with, the known limitations, and how to report a barrier.
For clients on a monthly retainer
If you are on a bespoke build and monthly retainer with me, these define the working relationship and the data handling that goes with it.
- Open →
Cancellation & Refund Policy
When you can cancel, when you are entitled to a refund, the statutory 14-day right for consumers, and the no-lock-in handover of your build files.
- Open →
Data Processing Agreement
The UK GDPR Article 28 controller-processor instrument governing any personal data we handle on your behalf. Auto-applies to every monthly retainer.
For security researchers
If you have found (or are looking for) a security issue, please follow these. We will not pursue legal action against good-faith research that stays in scope.
- Open →
Vulnerability Disclosure Policy
Scope, safe-harbour, reporting channel, response SLA. Pair with /.well-known/security.txt for the machine-readable contact.
For procurement & suppliers
If you are a procurement team reviewing us against a DPA template, or a vendor we are evaluating, these are the canonical reference documents.
- Open →
Sub-processor Disclosure
The canonical list of every third party we engage to process personal data, name, role, residency, data category, transfer safeguard. 30-day notice on changes.
Questions about any of this?
Email hello@ukwebmarketing.com with the policy name in the subject. Procurement teams who need a signed paper copy of the DPA or specific sub-processor evidence, same address; we will respond within 5 working days.