Home / Privacy Policy

Legal

Privacy Policy

How Dockyard Bathrooms collects, uses and protects your personal data.

Last updated: March 2026

This policy explains how Dockyard Bathrooms Ltd (a company registered in England and Wales) collects and uses your personal data when you visit our website or contact us. We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

The data controller is:

Dockyard Bathrooms Ltd
Registered in England & Wales
Dartford, Kent DA1
07376 641 877
hello@dockyardbathrooms.com

If you have any questions about how we handle your data, please contact us at the details above.

2. What data we collect

We collect personal data in the following ways:

Contact & enquiry forms

When you submit an enquiry or book a consultation via our website, we collect: your name, email address, telephone number, postcode or location, details about your project, and how you heard about us.

Client portal

If you access the Dockyard Bathrooms Client Portal, we use your email address and a project-specific access code to authenticate you. Your session is stored locally in your browser's sessionStorage and is not retained after you close your browser.

Website analytics

We may use Google Analytics to collect anonymised data about how visitors use our website (pages visited, time on site, device type). This data does not identify you personally. We obtain your consent before activating analytics cookies via the cookie banner on our website.

3. How we use your data

We use your personal data to:

  • Respond to your enquiry or process your consultation booking
  • Manage your bathroom project and communicate progress updates
  • Process payments and issue invoices
  • Provide access to the Client Portal during your project
  • Send aftercare information and warranty documentation after your project completes
  • Comply with our legal obligations (e.g. retaining financial records for HMRC)

We will never sell your personal data to third parties or use it for unsolicited marketing without your explicit consent.

4. Our lawful basis

Under UK GDPR, we rely on the following lawful bases for processing your data:

  • Contract — processing necessary to fulfil our agreement with you as a client
  • Legitimate interests — responding to enquiries from prospective clients
  • Legal obligation — retaining financial and contractual records as required by law
  • Consent — analytics cookies (you can withdraw consent at any time via the cookie settings)
5. Who we share your data with

We share your data with the following third-party service providers where necessary:

  • Formspree — processes contact and booking form submissions. Data is transmitted securely and stored in accordance with their privacy policy.
  • Stripe — processes card payments. We do not store your payment card details. Stripe is PCI-DSS compliant.
  • Google Analytics — anonymised website analytics (only if you accept analytics cookies).
  • Google Fonts — fonts are loaded from Google's servers. Your IP address may be transmitted to Google. We use font-display=swap to minimise this where possible.

We do not transfer your data outside the UK or EEA except where the processors above operate within appropriate safeguarding frameworks (e.g. UK adequacy decisions).

6. How long we keep your data

We retain personal data for the following periods:

  • Enquiries that don't proceed — deleted within 12 months of last contact
  • Client project records — retained for 6 years after project completion (required for tax purposes and to honour our 12-month installation guarantee and any applicable limitation periods)
  • Financial records — 6 years from the end of the relevant tax year (HMRC requirement)
  • Analytics data — as per Google Analytics data retention settings (default 14 months)
7. Cookies

Our website uses the following types of cookies:

  • Strictly necessary — used to remember your cookie consent preference (stored in localStorage). No consent required.
  • Analytics (optional) — Google Analytics cookies, activated only if you click "Accept" on the cookie banner. You can withdraw consent by clearing your browser's localStorage.

We do not use advertising, targeting or social media cookies.

8. Your rights

Under UK GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate or incomplete data
  • Erasure — request deletion of your data where we have no legal obligation to retain it
  • Restriction — ask us to limit how we use your data in certain circumstances
  • Portability — receive your data in a structured, machine-readable format
  • Object — object to processing based on legitimate interests
  • Withdraw consent — withdraw any consent you have given at any time

To exercise any of these rights, contact us at hello@dockyardbathrooms.com. We will respond within one calendar month. If you are not satisfied with our response, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

9. Data security

Our website is served over HTTPS. Form submissions are transmitted via Stripe and Formspree using TLS encryption. We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or disclosure. Access to client project data in the Client Portal is protected by project-specific access codes.

10. Changes to this policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically. Continued use of our website after changes are made constitutes acceptance of the updated policy.

Questions about this policy?

Contact George at hello@dockyardbathrooms.com or call 07376 641 877.

Call Now Book Free Consult