Privacy Policy

Last Updated: 2nd May 2025

1. Introduction & Who We Are

This policy explains how SwanStack ("we", "us") uses your personal data when you visit swanstack.dev or use our services. We are committed to protecting your data under UK GDPR and the Data Protection Act 2018.

The Data Controller is SwanStack. Contact us about data protection at: hello@swanstack.dev.

2. Data We Collect & How

We may collect:

  • Identity/Contact Data: Name, email, phone, address, business details.
  • Client/Project Data: Information related to services you enquire about or receive.
  • Technical/Usage Data: IP address, browser/device info, website usage (via cookies/analytics).
  • Marketing Data: Your communication preferences, email for newsletters (if you subscribe).

We collect data when you provide it directly (forms, emails, calls), automatically via website interaction ( cookies/analytics – see our Cookie Policy here), or occasionally from public sources/third parties necessary for services.

3. How & Why We Use Your Data (Lawful Basis)

We only use your data when the law allows. Our main purposes and lawful bases are:

  • Performing a Contract: To provide quotes, deliver services, manage your account.
  • Legitimate Interests: To run our business effectively, respond to enquiries, improve our website/services, maintain security. We balance our interests with your rights.
  • Consent: To send you marketing emails/newsletters (you can unsubscribe anytime) or use non-essential cookies.
  • Legal Obligation: To comply with legal requirements (e.g., tax record keeping).

4. Data Sharing & Transfers

We don't sell your data. We may share it with trusted third parties essential for providing our services, such as:

  • IT / Hosting / Email / Analytics / SEO / Payment providers.
  • Professional advisors (legal, accounting).
  • Regulators (if legally required).

We require third parties to respect data security and use it only for specified purposes. If data is transferred outside the UK/EEA (e.g., via service providers), we ensure appropriate legal safeguards (like adequacy decisions or standard contractual clauses) are in place.

5. Data Security & Retention

We implement appropriate security measures or use safe third party services to protect your data. We retain personal data only for as long as necessary for the purposes it was collected, including legal, accounting, or reporting requirements.

6. Cookies

Our website uses cookies. For details on what cookies we use and how to manage them, please see our separate Cookie Policy here.

7. Your Data Protection Rights

Under UK law, you have rights regarding your personal data, including the right to: Access, Correct, Erase, Restrict processing, Object to processing, Data Portability, and Withdraw Consent (where applicable). Contact us at hello@swanstack.dev to exercise your rights.

8. Policy Updates & Complaints

We may update this policy occasionally; changes will be posted here. You have the right to lodge a complaint with the Information Commissioner's Office (ICO) (www.ico.org.uk), the UK's data protection authority. We appreciate the chance to address concerns first.