top of page

Privacy Policy

Effective Date:

Effective Date: 2025

At Foundry Works, we are committed to safeguarding your privacy. This Privacy Policy explains in detail how we collect, use, store,

and protect your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data

Protection Act 2018. By using our website or services,

you agree to the practices described below.

1. Information We Collect

We collect different types of information to provide and improve our services:

  • Personal Identification Data: Your name, email address, phone number, billing/shipping address.

  • Payment Data: Details required to process payments (handled securely through third-party providers).

  • Technical Data: IP address, browser type, operating system, and device information.

  • Usage Data: Information on how you interact with our website (pages visited, time spent, clicks).

  • Communication Data: Any information you provide when contacting us via email, phone, or forms.

We only collect information that is necessary and relevant for our services.

2. How We Use Your Information

Your data is used for the following purposes:

  • To deliver and manage the services you request.

  • To process orders, payments, and issue invoices.

  • To respond to your enquiries, provide customer support, and resolve issues.

  • To improve the functionality, design, and performance of our website.

  • To send updates, promotions, and marketing materials (only if you opt-in).

  • To detect, prevent, and address fraud or security issues.

  • To comply with legal and regulatory obligations.

3. Legal Basis for Processing

We process your personal information under one or more lawful bases, including:

  • Contractual necessity: To provide services you have requested or purchased.

  • Legal obligation: To meet regulatory or legal requirements.

  • Legitimate interests: To operate and improve our business while protecting your data.

  • Consent: When you have explicitly agreed (e.g., to receive marketing communications).

4. Data Sharing and Third Parties

We only share your data when it is strictly necessary. Your information may be shared with:

  • Service providers: IT, website hosting, analytics, and payment processors.

  • Professional advisers: Accountants, auditors, legal or financial consultants.

  • Authorities: If required to comply with laws or enforce legal rights.

We will never sell, rent, or trade your personal data to third parties for commercial gain.

5. Data Retention

We keep your personal data only for as long as necessary to fulfill the purposes for which it was collected. Specifically:

  • Customer data: Retained while you are an active client and up to 6 years after (for tax/legal reasons).

  • Marketing data: Retained until you unsubscribe or withdraw consent.

  • Technical/usage data: Retained for a limited period for security and analytics purposes.

Once data is no longer needed, it is securely deleted or anonymised.

6. Your Rights Under UK GDPR

You have full control over your personal data. Your rights include:

  • Right of Access: Request a copy of the personal data we hold about you.

  • Right to Rectification: Correct inaccurate or incomplete data.

  • Right to Erasure: Request deletion of your personal information ("right to be forgotten").

  • Right to Restrict Processing: Limit how we use your data.

  • Right to Data Portability: Receive your data in a structured, commonly used format.

  • Right to Object: Stop certain processing activities, such as marketing.

  • Right to Withdraw Consent: You can withdraw your consent at any time if processing is based on consent.

To exercise these rights, contact us at the details below.

7. Cookies and Tracking Technologies

Our website uses cookies and similar tools to:

  • Ensure functionality of the website.

  • Improve user experience and personalise content.

  • Analyse website performance and traffic.

  • Support targeted advertising (if applicable).

You can manage or disable cookies via your browser settings. For more details, please see our Cookie Policy.

8. Data Security

We implement strong security measures to protect your data, including:

  • Encryption of sensitive information.

  • Secure storage systems with restricted access.

  • Regular monitoring to prevent breaches and cyberattacks.

However, while we take every precaution, no online transmission or storage system can be guaranteed 100% secure.

9. International Data Transfers

If your data is transferred outside the UK (for example, by our service providers), we ensure:

  • Transfers are to countries with adequate data protection laws, or

  • Standard Contractual Clauses and safeguards approved by the UK government are in place.

10. Updates to This Privacy Policy

We may update this Privacy Policy occasionally to reflect changes in our practices or legal requirements. The updated version will always be available on our website, with a revised “Effective Date.”

bottom of page