Privacy Policy

Introduction

Smarta Studio ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website smartastudio.com or engage our services.

We operate as a sole trader / limited company registered in England and Wales, based in Nantwich, Cheshire. We are the data controller for the personal data we process.

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have any questions, please contact us at hello@smartastudio.com.

What Data We Collect

We may collect and process the following categories of personal data:

Contact information – name, email address, telephone number, and company name provided via our contact form or during client onboarding.
Communications – messages, emails, and notes exchanged between you and us.
Technical data – IP address, browser type and version, time zone, operating system, and other technology identifiers collected automatically when you visit our website.
Usage data – pages visited, time spent on pages, referral source, and other analytics data.
Financial data – invoicing details such as billing name and address (we do not store card or bank details directly; payments are processed by third-party providers).
Project data – briefs, assets, and other content you share with us as part of a project.

How We Collect Your Data

We collect data in the following ways:

Directly from you – when you complete our contact form, send us an email, or engage us for services.
Automatically – via cookies and similar technologies when you browse our website (see our Cookie Policy for full details).
From third parties – for example, referrals from business partners or publicly available information.

Legal Basis for Processing

We only process your personal data where we have a lawful basis to do so. The bases we rely on are:

Contractual necessity – to fulfil a contract with you or to take steps at your request before entering into a contract.
Legitimate interests – to operate and improve our business, prevent fraud, and communicate with existing clients and prospects, where this does not override your rights.
Consent – for example, when you opt in to receive marketing communications or agree to the use of non-essential cookies. You may withdraw your consent at any time.
Legal obligation – where we are required to process data to comply with a legal or regulatory requirement.

How We Use Your Data

We use your personal data for the following purposes:

Responding to enquiries and providing quotations.
Delivering our web design, branding, and digital services.
Sending invoices and managing project finances.
Communicating project updates, feedback, and support.
Improving our website and services through analytics.
Sending marketing communications where you have given consent or where we have a legitimate interest (you can opt out at any time).
Complying with legal and regulatory obligations.

Third-Party Processors

We work with trusted third-party services to operate our business. These providers act as data processors on our behalf and are contractually obliged to keep your data secure and use it only as directed. Key processors include:

Sanity.io – headless CMS used to manage website content (hosted in the United States; covered by appropriate transfer safeguards).
Vercel – website hosting and deployment infrastructure (United States; covered by appropriate transfer safeguards).
Clerk – user authentication for client portal access.
Xero – accounting and invoicing software.
Google Analytics / similar – anonymous website analytics to help us understand traffic and improve content.
Email service providers – for transactional and marketing emails.

We do not sell your personal data to third parties, and we do not share it with any party other than those listed above or where required by law.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are:

Client data and project records – 7 years from the end of the contract (in line with HMRC requirements).
Marketing communications – until you unsubscribe or withdraw consent.
Enquiry data (where no contract is formed) – 12 months.
Website analytics data – as per the analytics provider's retention settings (typically 14–26 months).

After the applicable retention period, your data is securely deleted or anonymised.

Your Rights Under UK GDPR

You have the following rights in relation to your personal data. To exercise any of them, please contact us at hello@smartastudio.com.

Right of access – to request a copy of the personal data we hold about you.
Right to rectification – to request correction of inaccurate or incomplete data.
Right to erasure ("right to be forgotten") – to request deletion of your data where there is no legitimate reason for us to continue processing it.
Right to restrict processing – to ask us to suspend processing in certain circumstances.
Right to data portability – to receive your data in a structured, machine-readable format.
Right to object – to object to processing based on legitimate interests or for direct marketing purposes.
Rights related to automated decision-making – we do not make solely automated decisions that have a legal or significant effect on you.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection: ico.org.uk or 0303 123 1113.

Data Security

We take the security of your personal data seriously. We implement appropriate technical and organisational measures to protect against unauthorised access, alteration, disclosure, or destruction. These include encrypted connections (HTTPS), access controls, and regular security reviews.

No method of transmission over the internet is 100% secure, however, and we cannot guarantee absolute security.

Cookies

Our website uses cookies. For full details of the cookies we use and how to manage them, please read our Cookie Policy.

Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies.

Children

Our website and services are not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Email: hello@smartastudio.com
Website: smartastudio.com/contact
Location: Nantwich, Cheshire, United Kingdom

Introduction

We operate as a sole trader / limited company registered in England and Wales, based in Nantwich, Cheshire. We are the data controller for the personal data we process.

This policy is written in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you have any questions, please contact us at hello@smartastudio.com.

What Data We Collect

We may collect and process the following categories of personal data:

Contact information – name, email address, telephone number, and company name provided via our contact form or during client onboarding.
Communications – messages, emails, and notes exchanged between you and us.
Technical data – IP address, browser type and version, time zone, operating system, and other technology identifiers collected automatically when you visit our website.
Usage data – pages visited, time spent on pages, referral source, and other analytics data.
Financial data – invoicing details such as billing name and address (we do not store card or bank details directly; payments are processed by third-party providers).
Project data – briefs, assets, and other content you share with us as part of a project.

How We Collect Your Data

We collect data in the following ways:

Directly from you – when you complete our contact form, send us an email, or engage us for services.
Automatically – via cookies and similar technologies when you browse our website (see our Cookie Policy for full details).
From third parties – for example, referrals from business partners or publicly available information.

Legal Basis for Processing

We only process your personal data where we have a lawful basis to do so. The bases we rely on are:

Contractual necessity – to fulfil a contract with you or to take steps at your request before entering into a contract.
Legitimate interests – to operate and improve our business, prevent fraud, and communicate with existing clients and prospects, where this does not override your rights.
Consent – for example, when you opt in to receive marketing communications or agree to the use of non-essential cookies. You may withdraw your consent at any time.
Legal obligation – where we are required to process data to comply with a legal or regulatory requirement.

How We Use Your Data

We use your personal data for the following purposes:

Responding to enquiries and providing quotations.
Delivering our web design, branding, and digital services.
Sending invoices and managing project finances.
Communicating project updates, feedback, and support.
Improving our website and services through analytics.
Sending marketing communications where you have given consent or where we have a legitimate interest (you can opt out at any time).
Complying with legal and regulatory obligations.

Third-Party Processors

Sanity.io – headless CMS used to manage website content (hosted in the United States; covered by appropriate transfer safeguards).
Vercel – website hosting and deployment infrastructure (United States; covered by appropriate transfer safeguards).
Clerk – user authentication for client portal access.
Xero – accounting and invoicing software.
Google Analytics / similar – anonymous website analytics to help us understand traffic and improve content.
Email service providers – for transactional and marketing emails.

We do not sell your personal data to third parties, and we do not share it with any party other than those listed above or where required by law.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are:

Client data and project records – 7 years from the end of the contract (in line with HMRC requirements).
Marketing communications – until you unsubscribe or withdraw consent.
Enquiry data (where no contract is formed) – 12 months.
Website analytics data – as per the analytics provider's retention settings (typically 14–26 months).

After the applicable retention period, your data is securely deleted or anonymised.

Your Rights Under UK GDPR

You have the following rights in relation to your personal data. To exercise any of them, please contact us at hello@smartastudio.com.

Right of access – to request a copy of the personal data we hold about you.
Right to rectification – to request correction of inaccurate or incomplete data.
Right to erasure ("right to be forgotten") – to request deletion of your data where there is no legitimate reason for us to continue processing it.
Right to restrict processing – to ask us to suspend processing in certain circumstances.
Right to data portability – to receive your data in a structured, machine-readable format.
Right to object – to object to processing based on legitimate interests or for direct marketing purposes.
Rights related to automated decision-making – we do not make solely automated decisions that have a legal or significant effect on you.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection: ico.org.uk or 0303 123 1113.

Data Security

No method of transmission over the internet is 100% secure, however, and we cannot guarantee absolute security.

Cookies

Our website uses cookies. For full details of the cookies we use and how to manage them, please read our Cookie Policy.

Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies.

Children

Changes to This Policy

Contact Us

If you have any questions or concerns about this Privacy Policy or how we handle your data, please contact us:

Email: hello@smartastudio.com
Website: smartastudio.com/contact
Location: Nantwich, Cheshire, United Kingdom

Introduction

What Data We Collect

How We Collect Your Data

Legal Basis for Processing

How We Use Your Data

Third-Party Processors

Data Retention

Your Rights Under UK GDPR

Data Security

Cookies

Links to Other Websites

Children

Changes to This Policy

Contact Us

(1.0) Pages

(2.0) Connect

tools for decision makers, devs and geeks.

(1.0) Learn

(2.0) For decision makers

(3.0) For geeks and developers

Privacy Policy

Introduction

What Data We Collect

How We Collect Your Data

Legal Basis for Processing

How We Use Your Data

Third-Party Processors

Data Retention

Your Rights Under UK GDPR

Data Security

Cookies

Links to Other Websites

Children

Changes to This Policy

Contact Us