Back to home

Privacy Policy

Last updated: 5 July 2026 · Effective date: 5 July 2026

WebDoneNow ("we", "us", "our") operates the website webdonenow.com and provides website design and maintenance services to small businesses. This Privacy Policy explains how we collect, use, and protect your personal data.

1. Who We Are

WebDoneNow is a trading name operated by John Kemp. We provide website design, development, and maintenance services to businesses in the United Kingdom, the United States, and other markets.

Contact: dakota.vale@webdonenow.com

2. What Data We Collect

Data you provide directly

  • Business information: business name, trade, service area, services offered
  • Contact details: your name, phone number, email address
  • Project details: domain name, photos, business descriptions, content for your website
  • Payment information: card details are processed by Stripe and are not stored on our servers

Data collected automatically

  • Usage data: pages visited, time on site, referring URL, browser type, IP address (via standard web server logs and analytics)
  • Cookies: we may use essential cookies for site functionality. No third-party advertising cookies are used.

Data collected for lead generation

  • We use publicly available business directories (e.g. Google Maps, business listings) to identify businesses that may benefit from our services
  • We collect business name, trade, phone number, email address, and website status from these public sources
  • For UK limited companies and LLPs, we rely on legitimate interest under UK GDPR and PECR to send B2B marketing emails
  • For US businesses, we comply with the CAN-SPAM Act

3. How We Use Your Data

  • To design, build, and maintain websites for our clients
  • To process payments and manage client accounts
  • To send marketing emails to businesses we believe may benefit from our services
  • To respond to enquiries and provide customer support
  • To improve our services and website

4. Legal Basis for Processing (UK GDPR)

  • Contract: processing your data to deliver services you've purchased
  • Legitimate interest: sending B2B marketing emails to limited companies and LLPs (Legitimate Interest Assessment available on request)
  • Consent: where you have provided consent (e.g. via a contact form)
  • Legal obligation: retaining records for tax and accounting purposes

5. Sharing Your Data

We do not sell or rent your personal data. We share data only with:

  • Stripe — payment processing (PCI-compliant)
  • Zoho — email hosting and communication
  • Cloudflare — DNS and web infrastructure
  • Hosting provider — where client websites are deployed

Each third party processes data under their own privacy policies and GDPR-compliant data processing agreements where applicable.

6. International Data Transfers

  • We operate in the UK and may process data from clients in the US and other countries
  • Data may be processed by third-party services (Stripe, Zoho, Cloudflare) whose infrastructure is located outside the UK/EU
  • We rely on standard contractual clauses and adequacy decisions for international transfers where required

7. Data Retention

  • Client project data: retained for the duration of the client relationship plus 6 years for accounting/tax compliance
  • Lead generation data: retained until opt-out is requested or 24 months from last contact, whichever is sooner
  • Usage analytics: retained for 12 months

8. Your Rights (UK GDPR)

You have the right to:

  • Access your personal data (Subject Access Request)
  • Rectify inaccurate or incomplete data
  • Erase your personal data (right to be forgotten)
  • Restrict processing of your data
  • Object to processing based on legitimate interest
  • Data portability — receive your data in a structured, machine-readable format
  • Withdraw consent at any time (where processing is based on consent)
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk

9. Your Rights (US — CAN-SPAM)

  • You have the right to opt out of marketing emails at any time
  • Opt-out requests are honoured within 10 business days
  • Every marketing email includes a clear unsubscribe link and our physical postal address

10. US State Privacy Laws (CCPA/CPRA & Others)

If you are a resident of California, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know: what personal data we collect about you and how it is used
  • Right to delete: request deletion of your personal data
  • Right to opt out: of the sale or sharing of your personal data — we do not sell or share your data
  • Right to non-discrimination: you will not be treated differently for exercising your privacy rights

To exercise these rights, email dakota.vale@webdonenow.com with your request.

Other US states (Virginia, Colorado, Connecticut, Utah, and others) have similar privacy laws. We honour equivalent rights for residents of those states.

11. Unsubscribe

To unsubscribe from marketing emails, click the unsubscribe link in any email we send, or email dakota.vale@webdonenow.com with "Unsubscribe" in the subject line. You can also use our unsubscribe page.

12. Cookies

Our website uses minimal cookies: essential cookies only (for form functionality). No tracking cookies, no advertising cookies, no third-party analytics cookies.

13. Children's Privacy

We do not collect data from anyone under 16. Our services are aimed exclusively at businesses.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

15. Contact

For privacy enquiries, data requests, or complaints: dakota.vale@webdonenow.com

This Privacy Policy is provided as a starting point and should be reviewed by a legal professional before relying on it for regulatory compliance.