PrivacyPolicy

Monument Digital Limited (“Monument Digital”, “we”, “us”, “our”) is committed to protecting and respecting your privacy. This policy explains how we collect, use, and look after personal information when you visit our website or engage us for services.

For the purposes of UK data protection law, including the UK GDPR and the Data Protection Act 2018, Monument Digital Limited is the data controller for the personal data described in this policy. We are a company registered in England and Wales (company number 13464127), with our registered office at 1 Brassey Road, Old Potts Way, Shrewsbury, Shropshire, SY3 7FA. We are registered with the Information Commissioner’s Office under reference ZC081784. You can contact us about this policy at enquiries@monumentdigital.co.uk.

We collect personal data in the following ways:

• Information you give us. When you complete a contact or enquiry form, book a call, or email us, we collect details such as your name, email address, telephone number, company name, and the content of your message.
• Information we collect automatically. When you visit our website we may collect technical data such as your IP address, browser type, device information, and the pages you view, through cookies and similar technologies.
• Information from our work together. If you become a client, we process the information needed to deliver our services. This may include access credentials, content, and data relating to your own customers where you instruct us to host or maintain your systems.

We use personal data to:

• respond to your enquiries and prepare quotes or proposals;
• deliver, manage, and support the services you have engaged us for;
• administer our contracts, including billing and record-keeping;
• improve our website and understand how it is used;
• send you relevant updates about our services, where you have agreed to receive them;
• comply with our legal and regulatory obligations.

We rely on the following lawful bases under the UK GDPR:

• Consent— where you have opted in, for example to marketing communications.
• Contract— where processing is necessary to provide services you have requested, or to take steps before entering a contract.
• Legitimate interests — to operate and improve our business and website, provided your rights do not override those interests.
• Legal obligation— where we are required to process data to comply with the law.

Our website uses cookies and similar technologies to function correctly and to help us understand how visitors use the site. Analytics cookies are only set with your consent. You can manage or disable cookies through your browser settings, although some parts of the site may not work as intended if you do.

We do not sell your personal data. We share it only where necessary, with:

• service providers who help us run our business, such as hosting, email, analytics, and infrastructure providers, all of whom act as our processors under a written agreement;
• professional advisers such as our accountants and legal advisers;
• regulators or law enforcement, where we are legally required to do so.

Where personal data is transferred outside the UK, for example to a cloud provider, we ensure appropriate safeguards are in place, such as UK adequacy regulations or the International Data Transfer Agreement.

We take the security of personal data seriously. As an ISO 27001 accredited organisation, we maintain documented information security controls covering data, access, and systems. While no system can be guaranteed completely secure, we apply appropriate technical and organisational measures to protect the data we hold.

We keep personal data only for as long as necessary for the purposes set out in this policy, or as required to meet legal, accounting, or reporting obligations. Enquiry data that does not lead to an engagement is typically held for up to 24 months. Client records are retained for the duration of our engagement and for a reasonable period afterwards.

Under UK data protection law you have the right to:

• access the personal data we hold about you;
• ask us to correct inaccurate or incomplete data;
• ask us to delete your data in certain circumstances;
• restrict or object to our processing of your data;
• request the transfer of your data to another provider;
• withdraw consent at any time, where we rely on consent.

To exercise any of these rights, contact us at enquiries@monumentdigital.co.uk. We will respond within one month.

If you have concerns about how we handle your personal data, please contact us first so we can try to resolve them. You also have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority, at ico.org.uk.

We may update this policy from time to time. The date at the top of this page shows when it was last revised. Where changes are significant, we will communicate them through appropriate channels.

Monument Digital Limited
1 Brassey Road, Old Potts Way, Shrewsbury, Shropshire, SY3 7FA
enquiries@monumentdigital.co.uk