Skip to main content
Letter N° P-01  —  Privacy Policy 16 July 2026
Last updated · 12 May 2026 · UK GDPR + DPA 2018

Privacy Policy.

Get my free audit

Plain English.
Data Protection Act 2018.
Last updated 12 May 2026.

This policy explains what personal data Ahitanseo Limited collects, how we use it, who we share it with, and the rights you have under UK GDPR and the Data Protection Act 2018. We've tried to write it in plain English — if anything is unclear, ask through the contact form.

1. Who we are

Ahitanseo Limited ("we", "us", "our") is the data controller for personal data collected through this website (https://ahitanseo.co.uk). Our registered office is at Shergill Cottage, 1 Pin Lane, Farnham Common, SL2 3QS, United Kingdom.

Contact for data-protection matters: the contact form.

2. What information we collect

2.1 Information you give us directly

  • Free audit form — when you submit a website audit request, we collect your name, email address, website URL, and target location.
  • Contact form / direct email — when you email us or use the contact form, we receive your email address and the content of your message.

2.2 Information we collect automatically

  • Server logs — when you visit the site, our hosting provider (Cloudflare) automatically records technical information including IP-derived country, timestamp, page URL, referrer, and user agent. Logs are typically retained by Cloudflare for 30 days.
  • Cloudflare Web Analytics — we use Cloudflare's privacy-friendly, cookieless analytics to count aggregate visits. No personal data, no fingerprinting, no cross-site tracking.

2.3 Cookies

See our Cookie Policy for the full breakdown. Short version: the site currently uses no marketing or analytics cookies. Cloudflare may set strictly-necessary security cookies (e.g. __cf_bm) for bot management.

3. How and why we use your information

Purpose Legal basis (UK GDPR)
Producing and delivering your automated website audit report Article 6(1)(b) — performance of pre-contractual services at your request
Replying to your enquiries / general correspondence Article 6(1)(f) — our legitimate interest in responding to people who contact us
Maintaining site security + preventing abuse Article 6(1)(f) — our legitimate interest in protecting our service
Complying with legal or regulatory obligations Article 6(1)(c) — legal obligation

We do NOT add audit submitters to a marketing list without explicit opt-in. We do not sell or rent your personal data to anyone, for any purpose, ever.

4. Who we share your information with

We share your data only with the service providers we need to operate the website and deliver your audit. They process data on our instructions only:

  • Cloudflare, Inc. (United States) — hosts the site and stores audit form submissions in Cloudflare Workers KV. Transfers protected by the EU-US Data Privacy Framework and Standard Contractual Clauses.
  • Resend, Inc. (United States) — delivers transactional emails (audit notifications). Same safeguards apply.

5. International transfers

Some of our processors are based in the United States. Where data leaves the UK / EEA, we rely on Standard Contractual Clauses (SCCs) and the UK addendum to ensure equivalent protection. You can request copies of these by emailing us.

6. How long we keep your information

  • Audit form submissions — 2 years from submission
  • Email correspondence — retained for as long as needed to maintain the conversation, deleted on request
  • Server logs — typically 30 days (Cloudflare's standard retention)
  • Newsletter / marketing list — until you unsubscribe (we don't currently operate one)

7. Your rights under UK GDPR

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate or incomplete data
  • Erasure ("right to be forgotten") — ask us to delete your data
  • Restriction — ask us to limit how we process your data
  • Portability — receive your data in a machine-readable format
  • Object — to processing based on legitimate interests
  • Withdraw consent — where processing is based on consent
  • Complain to the ICO — Information Commissioner's Office (the UK supervisory authority): ico.org.uk

8. How to exercise your rights

Send a request through the contact form with "Data request" in your message and tell us what you'd like us to do. We aim to respond within 30 days as required by UK GDPR.

9. Children's data

This site is a B2B service. It is not directed at people under 18, and we do not knowingly collect personal data from children.

10. Changes to this policy

We may update this policy from time to time. Material changes will be reflected in the "Last updated" date above. If we make significant changes to how we use your data, we'll notify affected users by email where reasonable.

11. How to contact us about your data

Questions, requests, or complaints about this policy or our data handling:
the contact form

Surinder Ahitan Independent SEO consultant
Farnham Common · 16 July 2026
WhatsApp