moorSITES Web Design and Development is a service offered by Simon Hill trading as moorSITES. I am based in Belstone, near Okehampton in Devon, UK.
I take your privacy seriously – collecting only the data I need to be able to provide you with my services. I do not share your data with any other organisations, and make every effort to ensure that the data I hold is kept secure.
What personal data I collect and why I collect it
When you submit an enquiry, I collect your enquiry details, and any other contact details or information that you provide me with. This information is collected solely for the purposes of responding to your enquiry and, if requested, creating, building and managing your website.
I do not permanently store card or bank account details on any of my systems. If you make a card payment via the moorSITES Client Area, the payment is processed externally by either PayPal (https://www.paypal.com/uk/webapps/mpp/ua/privacy-full) or Stripe (https://stripe.com/gb/privacy). If you opt to make a credit or debit card payment via Stripe, your card details are passed via an encrypted connection to Stripe and exchanged for a token, which is then stored in my database. If you change your card details in the Client Area, but do not immediately use the new card to make a payment, the card details will be stored temporarily until such time as they are used to make a payment – at which point they will be transferred to Stripe and exchanged for a token. The moorSITES Client Area database resides on a secure PCI-compliant server to cater for such eventualities.
The social media sharing buttons on the moorSITES public site are provided by AddToAny (https://www.addtoany.com/privacy ) and require two cookies to be set, for the purposes of security and the efficient loading of resources. These cookies expire after 24 hours. No personal information is stored within these cookies.
When you visit my sites, Google Analytics sets a cookie to enable it to distinguish individual users, which expires after 2 years. It also sets a temporary cookie, which expires after 1 minute, to control the rate of exchange of data with its servers. The cookies do not contain any personally identifiable data.
I use Google Analytics to collect information about the number of visits to my sites. I use a standard implementation of Google Analytics, which does not store any personally identifiable information. Visitors’ IP addresses are used, where possible, to determine the area in which their device is located but the IP address itself is not data that can be accessed through Google Analytics. All data in Google Analytics is aggregated and anonymised.
My sites do not directly set any marketing cookies. However, Third Party content embedded within my sites may set additional cookies for their own marketing purposes. Pages on my sites may include embedded content (such as Google Maps, YouTube videos and Facebook feeds). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Security and Spam Protection
This site employs software to protect against unauthorised login, spam and other malicious activity. Where malicious activity is detected, the IP address from which it originated will be stored.
How long I retain your data
If you provide me with your contact details or other information, I will retain it indefinitely, unless you have specifically requested otherwise or until such time as you request that it is removed. During the time that I retain your details, I will use them only for the purpose(s) for which you gave your consent – such as corresponding over a question or request, receiving news updates, or for processing orders.
What rights you have over your data
You can request full details of any information that I hold about you. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.
Where I send your data
Both the moorSITES public website and the moorSITES Client Area site are hosted on a secure PCI-compliant server situated within the UK. Your contact information, and information for managing your website will also be held securely in my own computer records systems or cloud storage (see below).
How I protect your data
Both the moorSITES public website and the moorSITES Client Area site use the https protocol and, as such, any data you exchange with the sites is transmitted over a secure, encrypted connection – details of the security certificate can be viewed by clicking on the symbol to the left of our website address in your browser address bar. Access to data held within the sites, or within our own computer systems and cloud storage with Microsoft (https://privacy.microsoft.com/en-gb/privacystatement), DropBox (https://www.dropbox.com/en_GB/privacy) and Google (https://policies.google.com/), is password-protected and subject to additional layers of security.
Data breach procedures
If I suspect that there has been any unauthorised access to, or disclosure of, the personal data that I hold, I will immediately inform anyone who I believe may have been affected.
For any matter related to privacy or the storage and processing of personal data, please contact me at: firstname.lastname@example.org