Brad Holmes web developer, designer and digital strategist.

Dad, husband and dog owner. Most days I’m trying to create fast, search-friendly websites that balance UX, Core Web Vitals, and digital strategy from my studio in Kettering, UK.

If you’re here, you either found something I built on Google or you’re just being nosey. Either way, this is me, the work, the thinking, and the bits in between.

Brought to you by Brad Holmes

Privacy Policy

1. Introduction

Brad Holmes (“we,” “us,” “our,” or “Brad Holmes”) operates brad-holmes.co.uk (the “Website”). This Privacy Policy explains how we collect, use, process, and protect your personal data when you visit our Website or engage with our services.

We are committed to protecting your privacy and being transparent about how we handle your information. This policy complies with the General Data Protection Regulation (GDPR) and UK data protection law.

Please read this policy carefully. By using the Website or services, you acknowledge and accept the practices described here.

2. Information We Collect

Information You Provide Directly

We collect information you voluntarily provide, including:

  • Contact Forms: Name, email address, company, phone number, message content
  • Email Communications: Any information included in emails sent to us
  • Service Engagement: Project details, business information, and requirements shared during consultations
  • Inquiries & Support: Questions, feedback, or content submitted through the Website

Information Collected Automatically

When you visit the Website, we automatically collect certain technical information:

  • Usage Data: Pages visited, time on page, scroll depth, interactions
  • Device Information: Browser type, operating system, device type
  • Network Information: IP address, referral source, access times
  • Performance Data: Load times, errors, technical metrics

This information is collected through standard web server logs and analytics services.

Information from Third Parties

We may receive information from:

  • Analytics providers (aggregated, non-identifying data)
  • Business contacts who refer you to us
  • Publicly available sources for business research

3. How We Use Your Data

We use the information we collect for the following purposes:

Service Delivery

  • Responding to your inquiries and providing requested information
  • Delivering consulting services and strategic advice
  • Sending project updates, reports, and deliverables
  • Invoicing and payment processing

Website Improvement

  • Analyzing how users interact with the Website
  • Identifying technical issues and performance problems
  • Improving user experience and site functionality
  • Testing new features and optimizations

Communication

  • Sending you service-related updates and notices
  • Responding to your questions or concerns
  • Following up on inquiries or service engagement

Business Operations

  • Maintaining records of service delivery and agreements
  • Fraud prevention and abuse detection
  • Compliance with legal and regulatory obligations

Marketing (with consent)

  • Sending newsletters or content updates (only if you’ve opted in)
  • Notifying you about new content or services
  • Maintaining contact for future service opportunities

We do not use your data for:

  • Selling or renting your personal information
  • Automated decision-making or profiling
  • Marketing without your explicit consent
  • Purposes other than those described in this policy

4. Legal Basis for Processing

Under GDPR, we process your personal data on one or more of these legal bases:

Type of ProcessingLegal Basis
Service delivery & consultingContractual obligation or pre-contract steps
Responding to inquiriesLegitimate interest in customer service
Website analytics & improvementLegitimate interest in optimizing our service
Legal compliance & securityLegal obligation or legitimate interest
Marketing communicationsConsent (opt-in)
Fraud preventionLegitimate interest in protecting our business

Where we rely on legitimate interest, we have assessed that our use of your data does not override your rights and freedoms. You have the right to object to processing based on legitimate interest.

5. Data Sharing & Third Parties

Who We Share Data With

We may share your personal data with:

  • Service Providers: Email providers, hosting services, analytics platforms, and payment processors who help us deliver services
  • Legal Compliance: Law enforcement, regulators, or courts when required by law
  • Business Transfers: Potential acquirers if our business is sold or merged

Data Processors & Agreements

All third-party service providers are bound by data processing agreements that require them to:

  • Process data only on our instructions
  • Maintain appropriate security measures
  • Not share data with other parties
  • Delete or return data when services end

International Data Transfers

Some of our service providers are located outside the UK and EU. Where data is transferred internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses (where applicable)
  • Adequacy decisions by the UK ICO or EU Commission
  • Your explicit consent (where required)

What We Don’t Do

  • We do not sell your personal data
  • We do not share data for marketing purposes without permission
  • We do not share confidential client information

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected.

Type of DataRetention PeriodReason
Inquiry/contact form data1-2 yearsBusiness correspondence & follow-up
Client service data6 years (post-engagement)Legal & financial obligations
Website analytics12 months (or less)Website improvement & performance
Email communicationsDuration of engagement + 1 yearLegal & business records
Marketing consent recordsUntil consent withdrawnCompliance with opt-in preference

After the retention period, data is securely deleted or anonymized. Where data is anonymized, it is no longer subject to GDPR protections.

7. Your Rights Under GDPR

You have the following rights regarding your personal data:

Right of Access

You can request a copy of the personal data we hold about you. We will provide this in a structured, commonly used, and machine-readable format within 30 days.

Right to Rectification

You can request that we correct inaccurate or incomplete personal data.

Right to Erasure

You can request deletion of your personal data, subject to certain exceptions (e.g., legal obligations, active service contracts).

Right to Restrict Processing

You can request that we limit how we process your data while we verify its accuracy or resolve a dispute.

Right to Data Portability

You can request your data in a portable format to transfer to another service provider.

Right to Object

You can object to processing based on legitimate interest or for marketing purposes. We will stop processing unless we have a compelling reason to continue.

Right to Withdraw Consent

Where we process data based on your consent, you can withdraw that consent at any time. Withdrawal does not affect processing that occurred before withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe we have mishandled your data.

How to Exercise Your Rights

To exercise any of these rights, contact us at: studio@brad-holmes.co.uk

We will respond to your request within 30 days. We may ask you to verify your identity before processing your request.

8. Cookies & Tracking Technologies

What Are Cookies?

Cookies are small text files stored on your device that allow us to recognize you and remember preferences. We use cookies for:

Essential Cookies

  • Website functionality and security
  • Remembering your preferences
  • Preventing fraud and abuse

Status: Always enabled (required for the Website to function)

Analytics Cookies

  • Understanding how users interact with the Website
  • Measuring page performance and user behavior
  • Improving content and user experience

Status: Enabled with consent (see cookie banner on first visit)

Marketing Cookies

  • Tracking engagement with our content
  • Measuring conversion and inquiry sources

Status: Enabled with explicit consent only

Third-Party Cookies

Some third-party services (analytics, advertising platforms) may set their own cookies. These are controlled by their privacy policies, not ours. You can control third-party cookies through your browser settings.

Managing Your Cookies

You can control cookies through:

  • Browser Settings: Disable or delete cookies in your browser preferences
  • Opt-Out Tools: Use industry opt-out mechanisms for behavioral tracking
  • Cookie Banner: Adjust consent preferences using our consent management tool

Note: Disabling cookies may limit Website functionality.

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against:

  • Unauthorized access or disclosure
  • Accidental loss, destruction, or damage
  • Unlawful processing or misuse

Security Measures

  • Encrypted transmission of sensitive data (SSL/TLS)
  • Secure storage on protected servers
  • Limited access to personal data (staff only when necessary)
  • Regular security reviews and updates
  • Data protection agreements with service providers

Data Breach Notification

In the unlikely event of a data breach, we will:

  • Notify affected individuals without undue delay
  • Report the breach to the ICO if required by law
  • Take steps to minimize harm and prevent recurrence

Important: While we implement strong security measures, no system is completely secure. Transmission over the internet carries inherent risks. You are responsible for keeping your passwords and login credentials confidential.

10. External Links & Third-Party Sites

The Website may contain links to external websites and services. This Privacy Policy applies only to brad-holmes.co.uk. We are not responsible for the privacy practices of linked sites.

When you click external links, you are subject to their privacy policies. We recommend reviewing their policies before sharing personal information.

11. Children’s Privacy

The Website is not intended for children under 18 years old. We do not knowingly collect personal data from children.

If we become aware that we have collected data from a child under 18, we will delete it immediately. If you believe we have collected data from a child, please contact us at studio@brad-holmes.co.uk.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Posting the updated policy on this page
  • Updating the “Last Updated” date
  • Sending you an email notification (for material changes)

Your continued use of the Website after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

Data Controller Information

Brad Holmes
Email: studio@brad-holmes.co.uk
Website: brad-holmes.co.uk

Your Privacy Rights Inquiries

If you have questions about this Privacy Policy, wish to exercise your GDPR rights, or want to make a complaint, please contact the details above.

You can expect a response within 10 business days. For formal data access requests, we will provide a response within 30 days.

Information Commissioner’s Office

If you are not satisfied with our response, you can lodge a complaint with the ICO:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
UK
www.ico.org.uk

Version 1.0 | Last Updated: April 2025

This Privacy Policy applies to brad-holmes.co.uk and any services provided through the Website or direct engagement.

TOP