Privacy Policy

Privacy Policy

PRIVACY POLICY
Last updated: June 19, 2025

1. Introduction
William Swires, trading as centurionroof.co.uk (“we,” “us,” or “our”), operates www.centurionroof.co.uk (“Website”). We are committed to protecting your privacy and handling your personal data responsibly in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our Website to request estimates for conservatory roofing and insulation services in the North West of the UK.

By using our Website, you agree to the data practices described in this Privacy Policy. If you do not agree, please do not use the Website.

2. Contact Information
For questions about this Privacy Policy or our data practices, please contact us at:

  • Email: Bill.Centurionroof@gmail.com

  • Address: [Insert your business address here, or omit if you prefer not to list one publicly]

We are the data controller responsible for your personal data under UK data protection laws.

3. Data We Collect
We collect the following types of personal data:

  • Information You Provide: When you register an account, request an estimate, or contact us, we may collect:

    • Name

    • Email address

    • Phone number

    • Postcode

    • Details about your conservatory (e.g., size, specifications)

  • Automatically Collected Data: When you visit our Website, we may collect technical information via cookies or similar technologies, including:

    • IP address

    • Browser type and version

    • Device information

    • Usage data (e.g., pages visited, time spent on the Website)

  • Enquiry Data: Information you provide when contacting us via email, phone, or other means.

4. How We Use Your Data
We use your personal data for the following purposes:

  • To provide and manage our services, including generating and sending estimates for conservatory roofing and insulation.

  • To communicate with you, such as responding to enquiries or confirming estimates.

  • To improve our Website and services by analyzing usage trends and user feedback.

  • To comply with legal obligations, such as record-keeping or responding to regulatory requests.

  • To send marketing communications (e.g., updates about our services) only with your explicit consent. You can opt out at any time by contacting us or using the unsubscribe link in our emails.

5. Legal Basis for Processing
We process your personal data based on the following legal grounds under UK GDPR:

  • Consent: For marketing communications or where you explicitly agree to data processing.

  • Contract: To fulfill our obligations to provide estimates or respond to your enquiries.

  • Legitimate Interests: For Website improvement, security, or usage analysis, provided these interests do not override your rights and freedoms.

  • Legal Obligation: To comply with applicable laws or regulations.

6. Data Sharing and Disclosure
We do not sell, rent, or trade your personal data. We may share your data with:

  • Service Providers: Trusted third parties (e.g., website hosting providers, email services) who assist us in operating the Website, subject to strict data protection agreements.

  • Legal Authorities: If required by law, court order, or to protect our rights, property, or safety.

  • Business Transfers: In the event of a sale, merger, or acquisition of our business, your data may be transferred as part of the transaction, with appropriate safeguards in place.

7. Data Storage and Security

  • Storage: Your data is stored securely on servers located in the UK or the European Economic Area (EEA). If data is transferred outside the EEA, we ensure compliance with UK GDPR through appropriate safeguards, such as Standard Contractual Clauses.

  • Security Measures: We use industry-standard measures, including encryption, access controls, and secure connections, to protect your data from unauthorized access, loss, or alteration. However, no online transmission is entirely secure, and you share data at your own risk.

  • Retention: We retain your data only as long as necessary for the purposes outlined in this policy or to comply with legal requirements. For example, estimate-related data is typically retained for 2 years from the date of your last interaction, unless you request deletion sooner. Data required for legal or tax purposes may be kept longer.

8. Your Rights
Under UK GDPR, you have the following rights regarding your personal data:

  • Access: Request a copy of the data we hold about you.

  • Rectification: Correct inaccurate or incomplete data.

  • Erasure: Request deletion of your data, subject to legal or contractual obligations.

  • Restriction: Limit how we process your data in certain circumstances.

  • Portability: Receive your data in a structured, machine-readable format.

  • Objection: Object to processing based on legitimate interests or for marketing purposes.

  • Withdraw Consent: Revoke consent at any time, where processing relies on consent.

To exercise these rights, email us at Bill.Centurionroof@gmail.com (mailto:Bill.Centurionroof@gmail.com). We will respond within one month, unless the request is complex, in which case we may extend the response time by up to two additional months. If you’re dissatisfied with our response, you can lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or by phone at 0303 123 1113.

9. Cookies and Tracking Technologies
Our Website uses cookies and similar technologies to enhance functionality, analyze usage, and improve user experience. Cookies are small text files stored on your device. Types of cookies we may use include:

  • Essential Cookies: Necessary for Website operation (e.g., account login).

  • Analytics Cookies: To understand how users interact with the Website.

  • Marketing Cookies: To deliver relevant advertisements, with your consent.

You can manage cookie preferences through your browser settings or by contacting us. Disabling cookies may affect Website functionality. [If you plan to add a detailed Cookie Policy, insert a link here or note its availability on the Website.]

10. Third-Party Links
Our Website may contain links to third-party websites. We are not responsible for their privacy practices or content. Please review their privacy policies before providing personal data.

11. Children’s Privacy
Our Website is not intended for children under 13. We do not knowingly collect data from minors. If we discover such data, we will delete it promptly. If you believe we have collected data from a child, please contact us.

12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Updates will be posted on the Website with a revised “Last updated” date. Significant changes may be communicated to registered users via email. Continued use of the Website after changes constitutes acceptance of the updated policy.

13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

  • Email: Bill.Centurionroof@gmail.com

  • Address: [Insert your business address, if applicable]

Notes on Implementation and Integration

  1. Website Placement:

    • Add the Privacy Policy to your Website, ideally via a footer link labeled “Privacy Policy” alongside your Terms and Conditions.

    • Consider a pop-up or checkbox during account registration or estimate requests to confirm users have read and agreed to both the Privacy Policy and Terms and Conditions, enhancing legal enforceability.

  2. Integration with Terms and Conditions:

    • The Privacy Policy aligns with your updated Terms and Conditions (provided in my previous response), which reference the Privacy Policy in Section XIV. Ensure both documents are accessible and consistent in tone and branding.

    • The Terms already include your details (William Swires trading as centurionroof.co.uk, email Bill.Centurionroof@gmail.com (mailto:Bill.Centurionroof@gmail.com)), the North West UK service area, consumer rights clarification, and the 7-business-day cancellation process.

  3. Data Retention Period:

    • I’ve suggested a 2-year retention period for estimate-related data, which is reasonable for business purposes (e.g., follow-ups or tax records). Adjust this based on your needs or legal advice, especially since UK tax laws may require keeping certain records for up to 6 years.

  4. Cookies:

    • The policy mentions cookies, as most websites use them for analytics or functionality. If you use tools like Google Analytics or have a cookie consent banner, consider adding a separate Cookie Policy or expanding Section 9. I can draft a Cookie Policy if needed.

    • Ensure you have a cookie consent mechanism (e.g., a banner) to comply with UK GDPR and the Privacy and Electronic Communications Regulations (PECR).

  5. Business Address:

    • I’ve included a placeholder for your address. As a sole trader, you may choose not to list a public address for privacy reasons. If you omit it, ensure your contact email is sufficient for user and regulatory communication. If you have a business address, add it for transparency.

  6. GDPR Compliance:

    • The policy covers key GDPR requirements: transparency, legal basis, user rights, and security. Maintain a record of data processing activities (e.g., what data you collect, why, and how long you keep it), as GDPR requires this for businesses, even sole traders.

    • Respond promptly to data subject requests (e.g., access or deletion) to avoid ICO complaints.

  7. Consumer Rights:

    • Your Terms and Conditions now clarify that estimates are non-binding and formal contracts comply with the Consumer Rights Act 2015. If you provide roofing services, ensure any formal contracts include details on the 14-day cooling-off period for off-premises contracts and other consumer rights.

  8. Legal Review:

    • While this Privacy Policy and the updated Terms and Conditions are robust for a small business, consider having a UK-based legal professional review them to ensure full compliance, especially since you’re a sole trader with personal liability. This is particularly important for liability exclusions and consumer contract terms.

  9. Website Updates:

    • Update any outdated references on your Website (e.g., “Centurion Roof Limited”) to William Swires trading as centurionroof.co.uk.

    • Add a note on the homepage or services page stating that your services are limited to the North West of the UK, reinforcing the geographic restriction in the Terms.

  10. Further Assistance:

    • If you need a Cookie Policy, additional website content (e.g., FAQs or service descriptions), or help with branding consistency, let me know.

    • I can also assist with drafting email templates for responding to data subject requests or estimate confirmations.