Privacy Policy.
This policy explains what personal data Ahitanseo Limited collects, how we use it, who we share it with, and the rights you have under UK GDPR and the Data Protection Act 2018. We've tried to write it in plain English — if anything is unclear, email contact@ahitanseo.co.uk.
1. Who we are
Ahitanseo Limited ("we", "us", "our") is the data controller for personal data collected through this website (https://ahitanseo.co.uk). Our registered office is at Shergill Cottage, 1 Pin Lane, Farnham Common, SL2 3QS, United Kingdom.
Contact for data-protection matters: contact@ahitanseo.co.uk.
2. What information we collect
2.1 Information you give us directly
- Free audit form — when you submit a website audit request, we collect your name, email address, website URL, and target location.
- Contact form / direct email — when you email us or use the contact form, we receive your email address and the content of your message.
2.2 Information we collect automatically
- Server logs — when you visit the site, our hosting provider (Cloudflare) automatically records technical information including IP-derived country, timestamp, page URL, referrer, and user agent. Logs are typically retained by Cloudflare for 30 days.
- Cloudflare Web Analytics — we use Cloudflare's privacy-friendly, cookieless analytics to count aggregate visits. No personal data, no fingerprinting, no cross-site tracking.
2.3 Cookies
See our Cookie Policy for the full breakdown. Short version: the
site currently uses no marketing or analytics cookies. Cloudflare may set strictly-necessary
security cookies (e.g. __cf_bm) for bot management.
3. How and why we use your information
| Purpose | Legal basis (UK GDPR) |
|---|---|
| Producing and delivering your automated website audit report | Article 6(1)(b) — performance of pre-contractual services at your request |
| Replying to your enquiries / general correspondence | Article 6(1)(f) — our legitimate interest in responding to people who contact us |
| Maintaining site security + preventing abuse | Article 6(1)(f) — our legitimate interest in protecting our service |
| Complying with legal or regulatory obligations | Article 6(1)(c) — legal obligation |
We do NOT add audit submitters to a marketing list without explicit opt-in. We do not sell or rent your personal data to anyone, for any purpose, ever.
4. Who we share your information with
We share your data only with the service providers we need to operate the website and deliver your audit. They process data on our instructions only:
- Cloudflare, Inc. (United States) — hosts the site and stores audit form submissions in Cloudflare Workers KV. Transfers protected by the EU-US Data Privacy Framework and Standard Contractual Clauses.
- Resend, Inc. (United States) — delivers transactional emails (audit notifications). Same safeguards apply.
5. International transfers
Some of our processors are based in the United States. Where data leaves the UK / EEA, we rely on Standard Contractual Clauses (SCCs) and the UK addendum to ensure equivalent protection. You can request copies of these by emailing us.
6. How long we keep your information
- Audit form submissions — 2 years from submission
- Email correspondence — retained for as long as needed to maintain the conversation, deleted on request
- Server logs — typically 30 days (Cloudflare's standard retention)
- Newsletter / marketing list — until you unsubscribe (we don't currently operate one)
7. Your rights under UK GDPR
You have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure ("right to be forgotten") — ask us to delete your data
- Restriction — ask us to limit how we process your data
- Portability — receive your data in a machine-readable format
- Object — to processing based on legitimate interests
- Withdraw consent — where processing is based on consent
- Complain to the ICO — Information Commissioner's Office (the UK supervisory authority): ico.org.uk
8. How to exercise your rights
Email contact@ahitanseo.co.uk with the subject "Data request" and tell us what you'd like us to do. We aim to respond within 30 days as required by UK GDPR.
9. Children's data
This site is a B2B service. It is not directed at people under 18, and we do not knowingly collect personal data from children.
10. Changes to this policy
We may update this policy from time to time. Material changes will be reflected in the "Last updated" date above. If we make significant changes to how we use your data, we'll notify affected users by email where reasonable.
11. Contact
Questions, requests, or complaints about this policy or our data handling:
contact@ahitanseo.co.uk