Privacy Policy

Last updated: 26 February 2025

Thank you for visiting James Ford Marketing. We are committed to protecting your personal data and complying with the UK GDPR, the Data Protection Act 2018, and all applicable privacy regulations.

This Privacy Policy explains what personal data we collect, how we use it, and your rights.

1. Who We Are

James Ford Marketing
Website: https://jamesfordmarketing.com
Contact Email: james@jamesfordmarketing.com
Location: Oxfordshire, United Kingdom
Data Controller: James Ford

2. What Personal Data We Collect and Why

We only collect the data needed to operate our website and deliver our services.

2.1 Contact Forms & Enquiries

When you submit a form on our website (for example a contact form or discovery call request), we may collect:

  • Name
  • Email address
  • Business name (optional)
  • Phone number (optional)
  • Message content and any details you choose to share

Why we collect this: To respond to your enquiry, provide information about our services, and maintain communication with you.

Legal basis: Legitimate interests – responding to business enquiries and operating our consultancy.

2.2 Email Communication

If you email us directly, we collect your email address and any information you include in your message.

Why we collect this: To manage and respond to your enquiry and keep a record of our communications.

2.3 Cookies

We use essential cookies to make the site work and analytics cookies to understand how visitors use our website.

For more detail, please refer to our separate Cookie Policy (once published).

2.4 Google Analytics / Search Console

We use Google Analytics and Google Search Console to analyse website traffic and performance. Google may collect:

  • Pages visited and time spent on the site
  • Browser and device type
  • Approximate location (city/country level)
  • Referring website or source
  • Technical information such as IP address (which can be anonymised)

We use this data in aggregated form to understand which pages are performing well and where we can improve the website experience.

Legal basis: Legitimate interests – improving our website and services.

2.5 Comments (If Enabled)

If comments are enabled on the site and you leave a comment, WordPress collects the data shown in the comments form as well as your IP address and browser user agent string to help with spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to check if you are using it. After your comment is approved, your profile picture is visible to the public in the context of your comment.

2.6 Media Uploads

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the site.

2.7 Embedded Content from Other Websites

Articles or pages on this site may include embedded content (for example videos, images, maps or other articles). Embedded content from other websites behaves in exactly the same way as if the visitor has visited the other website directly.

These websites may collect data about you, use cookies, embed additional third-party tracking and monitor your interaction with that embedded content, including tracking your interaction if you have an account and are logged in to that website. We recommend reviewing the privacy policies of those third-party services.

2.8 Technical & Security Logs

Our hosting provider and security tools may automatically log information such as:

  • IP address
  • Browser and device details
  • Pages requested
  • Date and time of access
  • Error logs and security events

Why we collect this: To maintain the security and stability of our website, prevent abuse and detect suspicious activity.

Legal basis: Compliance with legal obligations and legitimate interests (security and fraud prevention).

3. Who We Share Your Data With

We do not sell your personal data. We may share limited data with carefully selected third parties who help us operate our website and services, including:

  • Our website hosting provider
  • Content delivery and security services such as Cloudflare (if used)
  • Website analytics providers such as Google Analytics
  • Email and productivity service providers (for example Microsoft 365 or Google Workspace)
  • Anti-spam and security tools used on this site

These providers only process your data as necessary to provide their services to us and are bound by data protection obligations.

4. How Long We Keep Your Data

We only keep your personal data for as long as necessary for the purposes for which it was collected, or to comply with legal, accounting, or reporting requirements. Typical retention periods are:

  • Contact form submissions and enquiry emails: up to 12–24 months, or as needed for ongoing projects.
  • Analytics data: up to 26 months, in aggregated or anonymised form.
  • Comments: indefinitely, unless you request removal.
  • Security and error logs: typically 30–90 days, depending on our hosting configuration.

5. Your Rights Under UK GDPR

Under data protection law, you have the following rights regarding your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data where there is no good reason for us to continue processing it.
  • Right to restrict processing – to request that we limit how we use your data in certain circumstances.
  • Right to object – to object to processing based on our legitimate interests.
  • Right to data portability – to request that we transfer your data to you or to another organisation, where technically feasible.
  • Right to withdraw consent – where we rely on your consent (for example for non-essential cookies), you can withdraw it at any time.

To exercise any of these rights, please contact us at james@jamesfordmarketing.com. We may need to verify your identity before responding to your request.

6. How We Protect Your Data

We apply appropriate technical and organisational measures to protect your personal data, including:

  • Use of SSL encryption (HTTPS) across the site
  • Secure hosting and regular updates to our website software
  • Access controls and authentication for administrative accounts
  • Use of security and monitoring tools to detect suspicious activity

7. Data Breach Procedures

If we become aware of a data breach that may affect your personal data, we will:

  • Investigate and act promptly to secure our systems
  • Assess the potential impact on individuals
  • Notify the relevant supervisory authority where legally required
  • Inform affected individuals where there is a high risk to their rights and freedoms

8. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We recommend that you review the privacy policies of any external sites you visit.

9. Children’s Data

Our services are aimed at businesses and professionals. We do not knowingly collect data relating to children under the age of 16. If you believe that a child has provided us with personal data, please contact us and we will delete it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal reasons. When we do, we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically.

11. How to Contact Us

If you have any questions about this Privacy Policy, your data, or your rights, please contact:

James Ford Marketing
Email: james@jamesfordmarketing.com
Website: https://jamesfordmarketing.com
Location: Oxfordshire, United Kingdom