A. Letts Design Privacy Policy

Privacy Policy

Who we are

Our website address is: http://oxfordwebdesigner.com

What personal data we collect and why we collect it


We use cookies to make your visit to our website smoother. These are very small text files that store information, mostly just noting that you visited so that when you return everything is as you left it. They also record choices you made e.g. dismissing a pop-up so that you will not need to do that action again. It is how the website ‘remembers’. We also use cookies for Analytics (see below).

We would like you to stick around even if our cookies aren’t to your taste. Therefore unless you actively accept they are turned off by default, and whether you accept or refuse you can always change your mind later. You can also turn cookies on and off on your computer, using your browser settings.


Analytics tells us how many people dropped by and what content they liked best (at least we assume they liked it, because they revisit it or spend a lot of time on that particular page). It’s how we know the website is being effective. None of the data is individualized; it’s all turned into statistics and is anonymous. It uses Cookies (see above) and Google Analytics (see ‘Who We share your data with’ below). Click here to find out more about how Google Analytics uses Cookies.

Contact Forms

The contact form does not store submitted messages anywhere, all it does is email us.

Who we share your data with

We use Google Analytics (see above) so that information (which is anonymous) is shared with Google. Nothing else on the website shares your data.

A. Letts Design registers internet services on their behalf of our customers (because it saves our customers time and we can make sure they are set up correctly, etc). If we register a 3rd party service for you we use your information to do it (and therefore share it with those services), so that the account is registered to you and not us (if there’s the option we might add ourselves as your Technical Support). We are often asked to post data to these services (so we need to share that data). This is all with customer consent, and usually because they requested it. We have due diligence procedures for ensuring that these services (as well as us), meet and understand GDPR.

How long we retain your data

We will not retain any unnecessary data. Current customers can expect us to keep hold of their data (usually they are backups). Customers who are no longer active can expect us to delete data within 6 months (please remember to backup responsibly)! We will notify you so you have the opportunity to access/retrieve it before it is erased. Old or irrelevant emails will be archived.

What rights you have over your data

You can request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

In the case of 3rd Party Services we register on your behalf (assuming that’s something you want us to do) these are registered to you, and therefore you can manage, add or delete data as you see fit. You have full access and (unless it’s a service we manage for you e.g. hosting) we will usually not have access ourselves (we request you change your password).

Your contact information

Usually we will have got your contact information directly from you, unless a friend of yours gave it to us (customers usually come directly to us, or through word-of-mouth). We certainly don’t get contact information from 3rd party ‘harvesters’ (we hate these) and we don’t send out anything unsolicited because we think it is annoying. We only use your contact information for legitimate reasons, usually talking to you, registering services on your behalf and invoicing. We will get your consent before ever sharing your contact information (see ‘who we share your data with’) and we protect your contact information as we do all our data (see ‘How we protect your data’).

Additional information

How we protect your data

All our devices are protected against viruses and malware. Websites have security software installed which are updated and backed up regularly. We issue strong passwords and use 2-factor authentication wherever possible (we recommend our customers do the same). We use a VPN to provide secure and encrypted connections which provides greater privacy and security for the data we send and receive.

What data breach procedures we have in place

Our breach procedures ensure that we have safeguards and measures in place to identify, assess, investigate and report any personal data breach at the earliest possible time.