Privacy notice
How we handle personal data, why we hold it, and the rights you have over it.
Last updated 8 June 2026.
This notice explains how Doddle Design Ltd collects, uses and protects personal data when you visit www.doddledesign.co.uk, contact us, or work with us. It also sets out the rights you have under UK data protection law - the UK GDPR and the Data Protection Act 2018.
Who we are
Doddle Design Ltd is a company registered in England and Wales (company number 11560893). Our registered office is at Warren House, Bawtry Road, Doncaster, England, DN4 7NB. We are the data controller for the personal data described in this notice.
For anything to do with your data, or this notice, email hello@doddledesign.co.uk.
The personal data we collect
We collect the following.
- Enquiry details. When you use the contact form or email us, we collect your name, email address, the company you mention, and whatever you put in your message.
- Usage data. Aggregate, mostly anonymous data about how the site is used - pages viewed, rough location, device and browser type, and how you arrived. This comes from the analytics tools described below.
- Company-level visit data. We use a service that estimates which organisations visit the site from their network information. This identifies companies, not named individuals.
- Technical logs. Our hosting provider keeps standard server logs, including IP addresses, for security and to keep the site running.
We don't ask for special category data (such as health, ethnicity or beliefs) and we'd ask you not to send it through the contact form.
How we use it, and our lawful bases
Under the UK GDPR we must have a lawful basis for using your data. We rely on the following.
- Legitimate interests. To respond to your enquiry, run and improve the site, understand which organisations are interested in our work, keep proper business records, and protect the site from spam and abuse. We've weighed these interests against your rights and don't think they override them.
- Consent. For non-essential analytics where consent is required. You can withdraw consent at any time, for example through your browser settings.
- Contract. Where we're delivering work to you under an engagement, to manage that relationship.
- Legal obligation. Where we have to keep records to meet our legal and accounting duties.
Cookies and analytics
We use a small number of cookies and similar technologies for analytics and visitor insight. We don't run advertising cookies or cross-site retargeting pixels. Our cookie notice lists each one, what it does, and how to turn it off.
Who we share it with
We don't sell your data and we don't share it for anyone else's marketing. We do use a handful of trusted providers who process data on our behalf, under contract and only on our instructions.
- EmailJS. Delivers contact-form messages to our inbox. It processes the name, email, company and message you submit.
- Google. Google Analytics 4 for aggregate site analytics, and Google Ads to measure which campaigns lead to enquiries.
- Vercel. Hosts the site and provides privacy-friendly, cookieless usage analytics.
- Leadfeeder (Dealfront). Estimates which organisations visit the site. It works at company level, not on named individuals.
We may also disclose data where the law requires it, or to establish or defend legal claims.
Where your data is held
Some of these providers are based outside the UK, including in the United States. Where personal data leaves the UK, we rely on the transfer protections recognised under UK law - an adequacy decision, or the UK International Data Transfer Addendum to the EU Standard Contractual Clauses, so your data keeps an equivalent level of protection.
How long we keep it
We keep enquiry details for as long as we're in conversation with you and for a reasonable period afterwards, so we have a record of the contact, then we delete them. Analytics data is held in aggregate according to each provider's retention settings. We don't keep personal data for longer than we need it.
How we protect it
The site is served over an encrypted connection. We use reputable providers, keep access to enquiry data limited to the people who need it, and review our setup from time to time. No online service can be completely secure, but we take the handling of your data seriously.
Your rights
Under the UK GDPR you have the right to ask us to do the following.
- Give you a copy of the personal data we hold about you.
- Correct data that's wrong or incomplete.
- Delete your data, where there's no reason to keep it.
- Restrict or object to how we use it.
- Receive certain data in a portable format, or have it sent to another provider.
- Withdraw consent, where we relied on consent in the first place.
To exercise any of these, email hello@doddledesign.co.uk. We'll respond within one month. We don't make decisions about you by automated means alone.
Complaints
If you're unhappy with how we've handled your data, please tell us first so we can put it right. You also have the right to complain to the Information Commissioner's Office at ico.org.uk or on 0303 123 1113. We're registered with the ICO under registration number [ICO registration number].
Children
This site is aimed at businesses and isn't directed at children. We don't knowingly collect data about anyone under 16.
Changes to this notice
We may update this notice as our business or the law changes. The date at the top shows when it was last revised.
Got a question about your data?
Email us directly. We'll get back to you.