Privacy Policy

Masuyo Digital is the data controller responsible for your personal data. We are based in the United Kingdom. You can contact us regarding any data protection matters at hello@masuyodigital.com.

We may collect and process the following categories of personal data:

• Identity data: your name, business name, and job title where provided.
• Contact data: your email address, telephone number, and postal address.
• Communication data: messages you send us via our contact or enquiry forms, and email correspondence.
• Technical data: your IP address, browser type and version, operating system, time zone, and pages visited on our website.
• Usage data: information about how you use our website, including referring URLs, pages viewed, and session duration.
• Marketing preferences: your preferences regarding receiving marketing communications from us.

We do not intentionally collect any special category data (such as health information, racial or ethnic origin, or political opinions). Please do not submit such data to us through our website.

We collect data through the following means:

• Direct interactions: when you complete a contact form, project enquiry form, or email us directly.
• Automated technologies: when you visit our website, we may automatically collect technical and usage data via cookies and similar technologies.
• Third-party services: we use third-party form processing services (such as Formspree) and analytics tools (such as Google Analytics) that may collect data on our behalf.

We use your personal data for the following purposes:

• To respond to enquiries and provide you with information about our services.
• To deliver services you have engaged us to provide.
• To manage our relationship with you, including billing and account management.
• To send you marketing communications where you have consented, or where we have a legitimate interest to do so.
• To improve our website and services through analytics.
• To comply with our legal obligations.

Our lawful bases for processing under UK GDPR are: performance of a contract (where we are delivering services to you), legitimate interests (for analytics and internal business purposes), consent (for marketing communications), and legal obligation (where applicable).

Our website uses cookies (small text files stored on your device) to enhance your experience and understand how our site is used. Cookies we use include:

• Essential cookies: necessary for the website to function. These cannot be disabled.
• Analytics cookies: used to collect anonymous information about how visitors use the site. We use Google Analytics 4 for this purpose. This data helps us improve our content and user experience.
• Preference cookies: used to remember your settings or choices on return visits.

You can control or delete cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of the website. For more information about managing cookies, visit www.allaboutcookies.org.

Where required by law (for non-essential cookies), we will seek your consent before placing cookies on your device.

We do not sell your personal data. We may share your data with:

• Service providers who process data on our behalf, such as form processing services, email delivery platforms, and hosting infrastructure. These parties process data only in accordance with our instructions.
• Analytics providers such as Google Analytics, which may process data in accordance with their own privacy policies.
• Legal or regulatory authorities where we are required to disclose data by law.

Where we transfer data outside the UK, we ensure appropriate safeguards are in place in accordance with UK GDPR requirements.

We retain your personal data only for as long as necessary for the purposes it was collected and in accordance with our legal obligations. Specifically:

• Enquiry and contact data: retained for up to 2 years from last contact, or as long as necessary to manage an ongoing client relationship.
• Client and project data: retained for up to 6 years after the end of the client relationship, in line with legal requirements for financial records.
• Analytics data: retained in aggregated form. Individual session data is subject to the retention policies of the analytics provider.

Once data is no longer needed, it is securely deleted or anonymised.

You have the following rights regarding your personal data:

• Right of access: you can request a copy of the personal data we hold about you.
• Right to rectification: you can ask us to correct inaccurate or incomplete data.
• Right to erasure: in certain circumstances, you can ask us to delete your personal data.
• Right to restriction: you can ask us to restrict the processing of your data in certain circumstances.
• Right to data portability: you can request that we transfer your data to another organisation in a structured, machine-readable format.
• Right to object: you can object to our processing of your data where we rely on legitimate interests as our lawful basis.
• Rights related to automated decision-making: we do not make automated decisions with significant effects based on your personal data.

To exercise any of these rights, contact us at hello@masuyodigital.com. We will respond within one calendar month. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, or unauthorised disclosure. Our website is served over HTTPS and our server infrastructure includes access controls, monitoring, and regular backups.

No method of transmission or storage is 100% secure. If you believe your data has been compromised, please contact us immediately at hello@masuyodigital.com.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to read their privacy policies before providing any personal data.

Our website and services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The “last updated” date at the top of this page indicates when the policy was last revised. We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes your acceptance of the updated policy.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us: