No-fuss websites in Kent and the south east, with applegreen
Skip navigation

Applegreen Websites Privacy Policy

Here you can find out what data we collect on our visitors and clients, how we treat your data and what your rights are over it. If you are still unsure about anything, or your question is not covered here, please contact us.

Click on each question to see our answers.

Who are we?

Applegreen Websites is run by Stephanie Boucher, of 36 High Street, Biddenden, Kent TN27 8AH, UK.

We can be contacted either by post at that address, by phone on 01580 291706 or by email on

Show less

What information do we collect?

We collect and store several types of data.

  • For clients who have worked with us, we collect names, email addresses, a contact phone number, postal address and sometimes bank details.
  • For clients, logins to the control panels and sometimes WordPress installation.
  • For people who have signed up to our email newsletter, email addresses only.
  • For enquirers who do not progress to become our clients, we collect an email address and contact phone number.
Show less

Why do we collect it?

The reasons vary with the types of data and people from whom we collect it.

  • For clients, email and phone contact are essential for working together, and later for staying in touch via our newsletter. A website is an ongoing commitment on both sides: we would be failing in our duty if we did not inform our clients of legal and practical updates concerning their site.
  • Bank details and postal addresses are used to purchase websites domains and hosting for websites, from third-party providers such as 1an1, LCN, WPEngine and others. In these cases the control panel logins are passed to the clients as their own property.
  • For newsletter subscribers, an email address is essential for sending it out.
Show less

How long do we store it?

The length of time varies with the type of data and people concerned:

  • For clients and newsletter subscribers, the data is stored indefinitely, or until such time as the owner of the data asks us to dispose of it, or unsubscribes.
  • The exception to this is bank details, which are passed on to web hosting companies and not retained by us.
  • For enquirers, the data is stored for a period of one year and then disposed of if there is no follow up.
Show less

Where do we store it, and with whom is it shared?

All data is stored on the hard drive of our computer at the Applegreen office in Biddenden, Kent, and backed up to an external hard drive located in the same office. No data goes any further than this, with the following exceptions:

  • Client and subscriber emails are shared with MailChimp, who handle the newsletter list. See their privacy policy.
  • Client data (email address, phone number, postal address and bank details) are shared with website hosting companies for the purposes of creating an account for the website. Clients will know who their provider is and be able to check their own privacy policies: these clients handle their own subscriptions. A small number of our early clients were included in our own account with the hosting company, see 1and1's privacy policy.
  • These companies are either located in the UK and therefore subject to the same GDPR rules, or have a significant client base in the UK and comply with the regulation.
Show less

What is the legal basis on which we collect, retain and share data?

Consent: subscribers to our email newsletter have given their explicit consent for us to use their email address for that purpose.

Contractual obligations: clients who have paid us for creating a website for them, or for work on their existing site, are regarded as having agreed to an implied contract with us which serves in lieu of explicit consent.

Legitimate interest: we use details of enquirers to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact their rights, freedom or interests. We may send them our newsletter if we think they will benefit directly, for a period a a year.

Show less

What about cookies?

A cookie is a piece of data stored on the user's computer tied to information about the user. Cookies used on our website do not contain personally identifiable information.

We use cookies to collect anonymised and aggregated data of visits and pathways through the website, through Google Analytics. This data cannot be used to trace individual visitors.

For website visitors, this anonymised data is used to understand patterns of visitor behaviour on our website which we hope will lead to improvements.

Visitors to the website cannot be identified through the anonymised data we collect about their vist and the pathway they take through the site.

How Google uses the data when you use our website may be found here. This page also explains how you can disable this form of data collection if you do not wish it.

Analytics data is stored by Google for 50 months, after which it is automatically deleted.

You may also use your browser's ‘private’ or ‘incognito’ mode to prevent your visit from being counted as part of this data.

Show less

What are your rights over your data?

We are required to respond within 30 days to all requests regarding your data. You have the right:

  • to ask that we declare what data we are storing about you;
  • to request that we delete your data;
  • to have the data sent to you in a portable digital format, for another company to use;
  • to restrict us from processing your data;
  • to rectify your data if it is wrong or out of date;
  • to unsubscribe from our newsletter — a prominent Unsubscribe button is provided for that purpose;
  • disable the Google Analytics function by means of a browser add-on to ensure the prevention of the sending of any analytical information to Google.
Show less

What happens in case of a data breach?

A data breach is defined as “the accidental or unlawful destruction, loss, alteration unauthorised disclosure of, or access to, personal data”.

If we become aware of a data breach that concerns you, we will contact you immediately as part of our efforts to limit the damage caused.

The ICO will be notified immediately if possible, but within 72 hours at the latest.

Any complaints about the ways we handle your data should be made to the Information Commissioner's Office.

Show less

Last checked: February 2021