Privacy Policy

Last updated: 29 June 2026

1. Introduction

This Privacy Policy explains how Intellistart Limited (“Intellistart”, “we”, “our” or “us”) collects, uses, stores and protects personal information when you visit our website, enquire about our services or engage us as a client.

We are committed to protecting personal information and processing it in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and other applicable data protection legislation.

2. Who We Are

Intellistart Limited is a company incorporated in England and Wales.

For the purposes of UK GDPR, Intellistart is the Data Controller in relation to personal information collected through our website and in managing our own business.

Where we process personal data solely on behalf of a client whilst delivering our services, we act as a Data Processor under a separate Data Processing Agreement.

Our Data Processing Agreement

3. Personal Data We Collect

Depending on how you interact with us, we may collect:

Enquiries

  • Name
  • Company name
  • Email address
  • Telephone number
  • Information you provide when contacting us

Clients

Where you become a client, we may collect:

  • Contact details
  • Billing information
  • Contract information
  • Project communications

Website Information

When you visit our website we may collect:

  • IP address
  • Browser type
  • Device information
  • Website usage statistics
  • Cookie identifiers
  • Analytics information

Providing your information

Where we ask for personal information to provide our services or respond to an enquiry, failure to provide the requested information may prevent us from responding or performing our contractual obligations.

Source of personal data

We normally collect personal information directly from you. In some circumstances, we may receive information from your employer, your organisation, publicly available sources or third-party service providers where this is necessary to provide our services.

4. Personal Data We Process on Behalf of Clients

As part of providing our services, we may have authorised access to personal data held within our clients’ systems.

Examples include:

  • CRM platforms such as HubSpot
  • Website enquiry systems
  • Analytics platforms
  • Advertising platforms
  • Marketing automation systems

In these circumstances:

  • our client remains the Data Controller;
  • Intellistart acts solely as Data Processor;
  • we process personal data only on documented instructions from our client;
  • we do not use client personal data for our own purposes;
  • we do not create or maintain independent marketing databases containing client customer information;
  • except where technically necessary to deliver agreed services, client data remains within the client’s own systems.

5. Services We Provide

Our services include:

  • Website design and development
  • Branding and graphic design
  • Search Engine Optimisation (SEO), including GEO and AEO
  • Copywriting
  • Pay Per Click (PPC) advertising
  • Google Ads management
  • Conversion tracking implementation
  • CRM onboarding and configuration
  • Website hosting
  • Domain registration
  • Email marketing assistance where requested
  • Digital consultancy

Some services require limited access to personal data held within client-owned systems. Such access is always limited to what is necessary to provide the agreed services.

6. How We Use Your Information

We use personal information to:

  • respond to enquiries;
  • provide contracted services;
  • administer client relationships;
  • manage hosting and domain services;
  • process payments;
  • improve our website;
  • comply with legal obligations;
  • maintain security.

We do not sell personal information to third parties.

7. Lawful Bases for Processing

We rely on one or more of the following lawful bases:

Purpose

Lawful Basis

Responding to enquiries

Legitimate interests and pre-contract steps

Delivering services

Performance of a contract

Billing and accounting

Legal obligation

Managing client relationships

Contract and legitimate interests

Website analytics

Consent where required and legitimate interests where applicable

Marketing existing clients

Legitimate interests

Marketing prospective clients

Consent where required

8. Advertising and Analytics

Where we provide PPC advertising services, we may configure and manage advertising platforms including Google Ads and related tracking technologies.

Where appropriate, advertising measurement may involve the processing of pseudonymised identifiers such as:

  • Google Click Identifiers (GCLIDs)
  • Conversion identifiers
  • Cookie identifiers

Wherever reasonably practicable, we seek to minimise the amount of personal data processed and use pseudonymised identifiers for campaign optimisation.

9. Sharing Personal Information

We may share personal information where necessary with trusted service providers including:

  • website hosting providers;
  • domain registrars;
  • email providers;
  • payment providers;
  • analytics providers;
  • advertising platforms;
  • CRM providers;
  • professional advisers, including but not limited to compliance and PII advisors;
  • IT support providers.

Where these organisations process personal data on our behalf, they do so under appropriate contractual obligations.

10. International Transfers

Some of our service providers may process personal data outside the United Kingdom.

Where this occurs, we ensure appropriate safeguards are in place in accordance with UK GDPR.

11. Security

We implement appropriate technical and organisational measures to protect personal information, including:

  • access controls;
  • password management;
  • secure cloud platforms;
  • restricted staff access;
  • staff confidentiality obligations;
  • regular software updates and security practices.

12. Data Retention

We retain personal information only for as long as necessary.

Typical retention periods include:

  • General enquiries – up to 6 years.
  • Client project records – up to 6 years after completion of services.
  • Financial records – as required by law.
  • Website analytics – in accordance with our analytics provider settings.
  • Call recordings (where applicable) – up to 12 months unless retained longer for legal or contractual reasons.

13. Your Rights

Subject to UK GDPR, you have the right to:

  • access your personal data;
  • request correction;
  • request deletion;
  • restrict processing;
  • object to processing;
  • request data portability;
  • withdraw consent where consent is relied upon.

Requests should be sent using the contact details below.

Intellistart does not make decisions about individuals based solely on automated processing that produce legal or similarly significant effects.

14. Cookies

Our website uses cookies to:

  • remember preferences;
  • improve website functionality;
  • analyse website traffic;
  • measure advertising performance where consent has been provided.

Please see our separate Cookie Policy for further information.

Cookie Policy

15. Third-Party Websites

Our website may contain links to third-party websites.

We are not responsible for their privacy practices and encourage you to review their privacy policies separately.

16. Data Breaches

We maintain procedures for identifying, investigating and responding to suspected personal data breaches.

Where required by law, we will notify affected individuals and the Information Commissioner’s Office.

Where we act as a Data Processor, we will notify the relevant client without undue delay in accordance with our contractual obligations.

17. Changes to this Policy

We may update this Privacy Policy from time to time.

We will always strive to publish the latest version on this website.

18. Contact Us

If you have any questions regarding this Privacy Policy or wish to exercise your data protection rights, please contact:

Intellistart Limited
Email: customerservice@intellistart.co.uk

Registered Office:
148 Rose Bowl
Portland Crescent
Leeds
LS1 3HB
United Kingdom

If you are unhappy with how we have handled your personal information, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO). We would, however, appreciate the opportunity to address your concerns before you contact the ICO.