Website Privacy Policy
John Kavanagh (trading through Kavanagh Digital Ltd.) is committed to protecting and respecting your privacy. This policy, together with the website terms of use, explains how personal data collected through johnkavanagh.co.uk is processed.
This website is a personal and professional consultancy website. It does not provide user accounts, public registration, subscriptions, advertising services, or e‑commerce checkout functionality.
For the purposes of the UK General Data Protection Regulation and the Data Protection Act 2018, the data controller is Kavanagh Digital Ltd. of 66 Paul Street, London, EC2A 4NE, a company registered in England and Wales under registration number 14076092. This policy applies only to the johnkavanagh.co.uk website and associated services within this domain. If you leave this website through a link to another website, that website will have its own privacy policy.
Contact
Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to mail@johnkavanagh.co.uk.
Information That May Be Collected from You
The following categories of data may be collected and processed:
- Contact details that you voluntarily provide when making an enquiry, such as your name, email address, organisation, role, telephone number, or other contact information.
- Enquiry and correspondence content, including messages, attachments, project information or other material you choose to send by email, form or another contact route.
- Technical data about your visit, such as IP address, browser type, and version, device type, operating system, approximate location inferred from technical data, pages visited, referrer, timestamps, error information, diagnostic data, and server logs.
- Analytics, performance, or usage data where tools are used to understand how the website is accessed, maintained and improved.
- Browser storage data, including cookies, Local Storage or Session Storage used for website functionality, preferences, diagnostics, or performance.
How and Why Your Personal Data is Used
Personal data is processed only where there is a lawful basis for doing so. The main purposes and lawful bases are:
- Responding to enquiries and correspondence, based on legitimate interests or steps taken before entering into a contract.
- Providing, maintaining, securing, and improving the website, based on legitimate interests.
- Diagnosing errors, preventing abuse, protecting against spam, maintaining logs, and investigating security issues, based on legitimate interests and, where applicable, legal obligations.
- Understanding website usage, performance, and content effectiveness, based on legitimate interests or consent where consent is required for a particular technology.
- Managing business, accounting, legal, tax, insurance, dispute, or compliance records, based on legal obligations and legitimate interests.
- Following up on professional enquiries or services you have requested, based on legitimate interests, consent, or steps taken before entering into a contract, depending on the context.
Cookies and Browser Storage
The website may use cookies and browser‑based storage mechanisms, including Local Storage and Session Storage, for functionality, preferences, diagnostics, performance, and analytics.
Technical data such as IP address, browser type, device details, referrer, timestamps, and page activity may be collected through normal website operation, hosting logs, analytics, or performance tooling. This data may identify or help identify a visitor when combined with other information, so it is handled as personal data where applicable.
Session Storage will usually expire when the browser session ends. Local Storage may persist for longer but can be cleared manually through your browser. Cookies and browser storage can usually be managed through your browser settings, although blocking them may affect website functionality, performance, or preferences.
AI‑Assisted Internal Tools
AI‑assisted tools may be used internally for research support, technical auditing, code review, debugging, testing, quality assurance, and review workflows. Personal data is not intentionally submitted to AI‑assisted tools unless there is a legitimate need to process it for one of the purposes described in this policy and appropriate safeguards have been considered. Published website content remains under human editorial control.
Sharing Your Personal Data
Personal data may be shared with third parties where necessary for the operation of the website, the handling of enquiries, the provision of professional services, legal compliance, or business administration. These may include:
- hosting, infrastructure, and website service providers;
- email, communication, and contact‑form service providers;
- analytics, diagnostics, performance, security, or spam‑prevention providers where such tools are used;
- professional advisers, accountants, insurers, or legal advisers;
- public authorities, regulators, courts, or law enforcement where disclosure is required by law or necessary to protect legal rights.
Personal data is not sold to advertisers. Aggregate or anonymous usage information may be used to understand and improve the website, but it is not used to identify individual visitors for advertising purposes.
Where Your Personal Data is Stored
Personal data may be processed in the United Kingdom, the European Economic Area or other countries depending on the service providers used. Some service providers may process data outside the UK. Where this happens, appropriate safeguards will be used where required by data protection law, such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Agreement or equivalent safeguards.
Whilst appropriate steps are taken to protect personal data, no method of transmission over the internet or electronic storage is completely secure. Once information is received, appropriate technical and organisational measures are used to reduce the risk of unauthorised access, loss, misuse, or disclosure.
Retention
Personal data is kept only for as long as reasonably necessary for the purposes described in this policy, including business, contractual, legal, accounting, tax, insurance, dispute, compliance, security, and operational purposes.
- Enquiries and correspondence are normally retained for up to six years where relevant to business, contractual, legal, accounting, tax, or dispute records.
- Technical logs are normally retained for a short operational period unless a longer period is needed for security, diagnostics, abuse prevention, legal, or dispute reasons.
- Analytics and performance data are retained according to the settings and retention periods of the relevant provider, where such tools are used.
- Legal, tax, and accounting records are retained for as long as required by law or necessary for legitimate business protection.
Your Rights
Subject to the conditions and exemptions under data protection law, you may have the right to:
- request access to personal data held about you;
- ask for inaccurate or incomplete data to be corrected;
- ask for personal data to be deleted;
- ask for processing to be restricted;
- object to processing based on legitimate interests;
- request data portability where this right applies to the processing;
- withdraw consent where processing is based on consent, without affecting the lawfulness of processing before withdrawal.
You can exercise these rights by contacting mail@johnkavanagh.co.uk. You also have the right to complain to the Information Commissioner's Office at ico.org.uk if you are unhappy with how your personal data has been handled.
Third Party Links
The site may contain links to third party websites, tools, platforms, or services. Those third parties are responsible for their own privacy practices. You should review their privacy policies before submitting personal data to them.
Changes to This Privacy Policy
Any changes that may be made to this privacy policy in the future will be posted on this page and, where appropriate, notified to you by email. You are advised to check this page regularly to keep up to date with any necessary changes.