Privacy Policy

At SwiftForge Ltd, we take your privacy seriously. This policy explains what personal data we collect when you use our website or engage with our services, how we use it, and what rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

Please read this policy carefully. By using our website, you acknowledge you have read and understood how we handle personal data.

1. Who We Are

SwiftForge Ltd is the data controller responsible for your personal data.

As data controller, we determine the purposes and means of processing your personal data. If you have any questions about how we handle your data, please contact us using the details above.

2. What Data We Collect and Why

2.1 Data you provide directly

Contact form submissions: When you complete the contact form on our website, we collect your name, email address, phone number (if provided), the service you're enquiring about, and the content of your message. This data is used solely to respond to your enquiry.

Email correspondence: If you contact us directly by email, we will collect and store the information you provide in that correspondence, including your email address and any personal details you choose to share.

Newsletter sign-ups: If you subscribe to receive updates or marketing communications from us, we collect your email address and, where provided, your name. You can unsubscribe at any time using the link in any email we send you.

2.2 Data collected automatically

Website analytics: We use analytics tools to understand how visitors use our website. This may include data such as pages visited, time spent on the site, referral source, browser type, device type, and approximate geographic location derived from your IP address. This data is aggregated and used to improve our website.

Cookies: Our website uses cookies — small text files stored on your device. See Section 6 for full details of how we use cookies and how to manage your preferences.

2.3 Data collected in the course of providing services

When you engage SwiftForge Ltd for professional services, we may collect additional information necessary to deliver those services, including business contact details, project-related information, and billing information. This will be covered in the specific agreement between us.

3. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis for processing your personal data. We rely on the following bases:

• Legitimate interests — for processing contact form submissions to respond to enquiries, for website analytics to improve our services, and for maintaining records of business correspondence. We have assessed that our legitimate interests are not overridden by your rights and interests in these cases.
• Consent — for sending marketing communications such as newsletters. You can withdraw your consent at any time by unsubscribing or contacting us.
• Contract — for processing data necessary to fulfil a contract with you, or to take steps at your request before entering into a contract.
• Legal obligation — where we are required to process data to comply with a legal requirement, such as maintaining financial records for HMRC.

4. How We Use Your Information

We use the personal data we collect for the following purposes:

• To respond to enquiries submitted through our contact form or by email
• To provide the services you have requested or engaged us for
• To send you marketing communications where you have consented to receive them
• To improve our website and understand how it is being used
• To comply with our legal and regulatory obligations
• To maintain records of our business activities as required by law

We will not use your personal data for any purpose that is incompatible with the purposes described in this policy without first seeking your consent.

5. Third Parties and Data Sharing

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

We may share your data with trusted third-party service providers who assist us in operating our website and delivering our services. These providers act as data processors on our behalf and are bound by contractual obligations to keep your data secure and to use it only as we direct.

Current and potential third-party processors include:

• Website hosting: Our website is hosted by DreamHost. Data processed in connection with website hosting is subject to DreamHost's privacy policy.
• Email services: We use email services to send and receive communications. Emails may be processed by our email provider's servers.
• Analytics tools: Where we use website analytics (such as Google Analytics), visitor data is processed by the provider in accordance with their privacy policy. Where applicable, we use anonymised or aggregated data.
• Accounting and invoicing software: Client billing information may be processed by our accounting software provider.

We may also disclose your personal data if required to do so by law, court order, or regulatory authority, or to protect the rights, property, or safety of SwiftForge Ltd, our clients, or others.

6. Cookies and Tracking

Cookies are small text files that are placed on your device when you visit a website. They help websites function correctly, remember your preferences, and — where used — collect analytics data.

Types of cookies we use:

Strictly necessary cookies: These are essential for the website to function and cannot be switched off. They are typically set in response to actions you take, such as completing a form. These do not require consent.

Analytics cookies: Where we use analytics tools (such as Google Analytics), these cookies collect information about how visitors use our website — which pages are visited, how long visitors stay, and where they came from. This data helps us improve our website. These cookies are only set with your consent.

Marketing cookies: If we use any advertising or remarketing tools in future, these cookies would track your activity to help us deliver relevant advertising. These are only set with your explicit consent.

Managing cookies:

When you first visit our website, you will be presented with a cookie consent notice that allows you to accept or decline non-essential cookies. You can update your preferences at any time by clearing your browser cookies and revisiting the site.

You can also control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the website. For more information, visit aboutcookies.org.

7. How Long We Keep Your Data

We retain personal data only for as long as necessary for the purposes for which it was collected, and in accordance with our legal obligations. Our retention periods are as follows:

• Contact form enquiries: Up to 2 years from the date of the last contact, unless a service relationship develops, in which case the data may be retained for the duration of that relationship and up to 6 years after it ends
• Client records and financial data: 6 years from the end of the relevant tax year, as required by HMRC
• Marketing email subscribers: Until you unsubscribe or withdraw consent, plus a reasonable period to process the deletion
• Website analytics data: In accordance with the retention settings of the analytics tool used (typically 14 months for Google Analytics)
• Email correspondence: Up to 6 years from the date of the correspondence

When data is no longer needed, we securely delete or anonymise it.

8. Your Rights

Under UK GDPR, you have the following rights in relation to your personal data:

To exercise any of these rights, please contact us at hello@swiftforge.co.uk. We will respond within one calendar month of receiving your request. We may need to verify your identity before processing certain requests.

If you are unhappy with how we have handled your data or a request you have made, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

9. How We Protect Your Data

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, loss, alteration, or disclosure. These measures include:

• SSL/TLS encryption for all data transmitted via our website (HTTPS)
• Strong access controls and password management practices
• Multi-factor authentication on systems that hold personal data
• Regular software updates and security patching
• Limiting access to personal data to those who need it to perform their role

While we take every reasonable precaution, no method of transmission over the internet or electronic storage is 100% secure. If you have concerns about the security of data you have shared with us, please contact us at hello@swiftforge.co.uk.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, notify you directly.

10. International Transfers

We aim to keep your personal data within the UK and European Economic Area (EEA) wherever possible. Where we use third-party services that may process data outside the UK or EEA — such as certain cloud platforms — we ensure that appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses, in accordance with UK GDPR requirements.

11. Children's Privacy

Our website and services are directed at business professionals and are not intended for children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.

12. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or services. When we make significant changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of our website following any changes constitutes your acceptance of the updated policy.

13. How to Contact Us

If you have any questions about this privacy policy, how we handle your personal data, or wish to exercise any of your rights, please contact us: