I can draft a fully compliant, ready-to-publish privacy policy, but I need a few factual details I can’t safely infer. Please provide:
1) Your identity and contact
– Legal entity name (e.g., Your Perfection Ltd), registered company number, and registered/primary business address (postal address)
– Public contact email for privacy requests and a general phone number
2) Data protection contact
– Do you have a Data Protection Officer (DPO)? If yes, provide their name (optional) and contact email. If not, confirm a “Data Protection Lead” contact email I can publish
3) Your services and audience
– Short description of what YourPerfection does (e.g., beauty treatments, training, e‑commerce, bookings)
– Do you target or knowingly serve children under 13 or under 18?
4) Website and tools
– Do you use any of the following (yes/no and which versions if applicable):
– Analytics (e.g., Google Analytics 4)
– Advertising/retargeting pixels (e.g., Meta Pixel, Google Ads)
– Anti-spam/anti-bot tools (e.g., Google reCAPTCHA)
– Booking or scheduling platforms
– Contact forms and form providers
– Email marketing (e.g., Mailchimp, Klaviyo)
– Payment processors (e.g., Stripe, PayPal)
– Live chat (e.g., Tidio, Intercom)
– Content delivery networks (e.g., Cloudflare)
– Social plugins (e.g., Instagram feed)
– Any other third-party service that sets cookies or receives personal data
5) Hosting and transfers
– Web host and primary server location (UK, EEA, or elsewhere)
– Do you transfer data outside the UK/EEA (e.g., to the US)? If yes, what safeguards you use (UK IDTA, UK Addendum to SCCs, adequacy decisions)
6) Data practices
– Whether you collect any special category data (health/medical, biometric, etc.)
– Typical retention periods you prefer for:
– Enquiry emails/forms
– Booking records
– Customer accounts
– Marketing lists
– Analytics data
– Invoices/financial records (often 6 years for UK tax)
– Lawful bases beyond the usual (contract, legitimate interests, consent, legal obligation) if applicable
If you share these details (even brief bullet points), I’ll deliver a complete, UK GDPR/PECR-compliant privacy policy in clean HTML with numbered sections, no placeholders, and ready to publish.