Privacy Policy

Last updated: 21 March 2026  |  Effective from: 1 January 2025

1. Who We Are

AOV WebDesigns Limited ("we", "us", "our") is a company registered in England and Wales.

  • Registered company name: AOV WebDesigns Limited
  • Companies House number: XXXXXXXX
  • Registered office: 123 Business Park, London, UK
  • ICO registration number: ZXXXXXXXX
  • Email: info@aovwebdesigns.com

We are registered with the UK Information Commissioner's Office (ICO) as a data controller. This policy explains what personal data we collect, why we collect it, and your rights under UK GDPR and the Data Protection Act 2018.

2. Data We Collect and Why

2.1 Contact Form

When you submit our contact form we collect your name, email address, and message.

  • Legal basis: Legitimate interests (Article 6(1)(f) UK GDPR) – responding to your enquiry.
  • Retention: 12 months, then securely deleted.

2.2 Account Registration

When you create an account we collect your full name, email address, and a hashed password.

  • Legal basis: Contract (Article 6(1)(b)) – necessary to provide the account service.
  • Retention: For as long as your account is active, plus 6 months after deletion to handle any outstanding issues.

2.3 Purchases & Payments

When you purchase a service, we collect your name, email, and order details. Payment card processing is handled entirely by Stripe, Inc. – we never see or store your full card number. Stripe's privacy policy is at stripe.com/gb/privacy.

  • Legal basis: Contract (Article 6(1)(b)); Legal obligation for invoicing / VAT records (Article 6(1)(c)).
  • Retention: 7 years to comply with HMRC requirements.

2.4 Server Logs and IP Addresses

Our web server automatically records your IP address, browser type, pages visited, and timestamps in access logs.

  • Legal basis: Legitimate interests – security, abuse prevention.
  • Retention: 30 days.

2.5 Cookies

We use cookies as described in our Cookie Policy. Strictly necessary cookies are used on the legal basis of legitimate interests. Optional cookies (analytics, marketing) are only set with your consent.

2.6 UK Lotto Analysis Tool

The Lotto Analysis tool does not collect personal data. Number frequency data is sourced from publicly available National Lottery draw results. We do not link your use of this tool to your account or identity.

3. How We Use Your Data

  • To respond to your enquiries and provide our services
  • To create and manage your account
  • To process payments and issue invoices
  • To comply with legal and regulatory obligations
  • To improve the security and performance of this website
  • To send service-related emails (e.g. order confirmations, password resets)

We do not sell your personal data. We do not use it for automated decision-making or profiling.

4. Who We Share Your Data With

RecipientPurposeLocation
Stripe, Inc.Payment processingUSA (Standard Contractual Clauses)
Hostinger / web hostWebsite hosting & emailEU / UK
Tawk.to (if enabled)Live chatUSA (SCCs)

All third-party processors are contractually bound to process your data only on our instructions and in compliance with data protection law.

5. International Transfers

Where data is transferred outside the UK, we ensure appropriate safeguards are in place (e.g. Standard Contractual Clauses approved by the UK ICO, or adequacy decisions).

6. Your Rights Under UK GDPR

You have the right to:

  • Access – request a copy of your personal data
  • Rectification – ask us to correct inaccurate data
  • Erasure – request deletion of your data (subject to legal retention obligations)
  • Restriction – ask us to restrict processing in certain circumstances
  • Portability – receive your data in a structured, machine-readable format
  • Object – object to processing based on legitimate interests
  • Withdraw consent – where processing is based on consent, you may withdraw at any time

To exercise any right, contact us at info@aovwebdesigns.com. We will respond within 30 days. We do not charge a fee for routine requests.

If you are not satisfied with our response, you may complain to the UK Information Commissioner's Office at ico.org.uk or call 0303 123 1113.

7. Security

We take reasonable technical and organisational measures to protect your data, including:

  • HTTPS / TLS encryption for all data in transit
  • Passwords stored as bcrypt hashes – never in plain text
  • CSRF protection on all forms
  • IP-based rate limiting on sensitive forms
  • Regular security reviews

No transmission over the internet is 100% secure. We will notify you and the ICO of any breach that is likely to result in a high risk to your rights, as required by law.

8. Children

Our services are not directed at children under 13, and we do not knowingly collect data from children. If you believe we have inadvertently collected such data, please contact us immediately.

9. Changes to This Policy

We may update this policy from time to time. The date at the top of the page shows when it was last revised. Significant changes will be communicated by email where possible.

10. Contact Us

For any privacy-related question or to exercise your rights:

AOV WebDesigns Limited
123 Business Park, London, UK
info@aovwebdesigns.com