1. Who is responsible for your data?

Data controller: Ewan Rolfe (trading as Ewan Rolfe)
Address: 29 Long Henry, Park Hill, South Street, Sheffield, S2 5AW
Email: ewan.rolfe@gmail.com

2) The personal data I collect

I only collect what I need to run the website and respond to enquiries.

When you contact me (contact form or email)

• Name

• Email address

• Phone number (if you provide it)

• Any information you include in your message

When you book via Calendly

• Name

• Email address

• Booking details (date/time)

• Any information you choose to include when booking

When you browse the website

I use Google Analytics (GA4) to understand how the site is used (e.g., which pages are visited, time on site, device/browser information). 

This data is collected via cookies if you consent through the cookie banner.

3) What I use your data for

I use your personal data to:

• Respond to enquiries and messages

• Arrange and manage calls booked via Calendly

• Improve the website using analytics (GA4), where you’ve consented to analytics cookies

• Keep basic records to manage the business properly and consistently

I do not sell personal data, and I do not use your data for marketing newsletters.

4) Lawful bases for processing (UK GDPR)

I rely on the following lawful bases:

• Legitimate interests – to respond to enquiries, manage communication, and run the website effectively (balanced against your rights).

• Contract / steps to enter a contract – where you book a call or request information that may lead to paid work.

• Consent – for analytics cookies (Google Analytics) via the cookie banner. You can withdraw consent at any time through your cookie settings.

5) Cookies and analytics

This site uses a cookie consent banner.

• If you accept analytics cookies, Google Analytics (GA4) may place cookies and process usage data to help me understand website performance.

• If you decline analytics cookies, GA4 tracking should not run (beyond any strictly necessary cookies required for the site to function).

You can change your cookie preferences at any time via the cookie banner/settings.

6) Who I share data with (processors)

I keep sharing limited and purposeful. Your data may be processed by:

• Google (Google Analytics and Google Workspace/Gmail)

• Calendly (to manage bookings)

My website hosting provider may also process basic technical data (e.g., server logs) to deliver the site securely and reliably. I do not use this for profiling or marketing.

These providers act as data processors (or separate controllers in some contexts) and are expected to handle data in line with applicable data protection standards.

7) International transfers

Some suppliers I use (such as Google and Calendly) may process data outside the UK. Where this happens, it is protected using appropriate safeguards (such as UK adequacy regulations and/or approved contractual protections).

8) How long I keep your data (retention)

I only keep data for as long as it’s genuinely needed:

• Enquiry messages (contact form/email): typically up to 12 months after the last meaningful contact, unless a longer period is needed to manage an ongoing relationship or resolve an issue.

• Calendly booking records: typically up to 24 months for practical record-keeping.

• Analytics (GA4): retained according to the settings in Google Analytics and only collected where you consented to analytics cookies.

If you want me to delete an enquiry thread sooner, you can ask.

9) Your data protection rights

Under UK GDPR, you have the right to:

• Access your personal data

• Correct inaccurate data

• Request deletion (where applicable)

• Restrict or object to processing (in certain circumstances)

• Request data portability (in certain circumstances)

• Withdraw consent (where processing is based on consent, such as analytics cookies)

To exercise any rights, email ewan.rolfe@gmail.com.

10) Complaints

If you’re unhappy with how I handle your data, please contact me first so I can address it.

You also have the right to complain to the Information Commissioner’s Office (ICO), the UK’s data protection regulator.

11) Security

I take reasonable steps to protect personal data from loss, misuse, and unauthorised access. This includes using reputable service providers, access controls, and secure systems where available. No method of transmission or storage is completely risk-free, but I aim to keep data protected and handled sensibly.

12) Changes to this policy

I may update this policy occasionally to reflect changes to the website or how data is handled. The effective date at the top will be updated whenever changes are made.