Back to Home

Privacy Policy

Next Step Modern Solutions Ltd
Last Updated: December 2025

1. Introduction

Next Step Modern Solutions Ltd ("we," "us," "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data when you visit our website or use our web design and development services.

We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).

2. Data We Collect

2.1 Information You Provide

When you contact us or request our services, we may collect:

  • Full name and business name
  • Email address and phone number
  • Project requirements and specifications
  • Budget information
  • Business details and industry information

2.2 Information Collected Automatically

When you visit our website, we may collect:

  • IP address and device information
  • Browser type and version
  • Pages visited and time spent on site
  • Referral source
  • Interaction data (forms completed, links clicked)

3. How We Use Your Data

We use your personal data for the following purposes:

  • Service delivery: To respond to inquiries, provide quotations, and deliver web design services
  • Communication: To manage project communication, send updates, and provide support
  • Business operations: For invoicing, payment processing, and record-keeping
  • Website improvement: To analyze website usage and improve user experience
  • Marketing: To send newsletters and promotional materials (with your consent)
  • Legal compliance: To meet tax, accounting, and regulatory obligations

4. Legal Basis for Processing

We process your data based on:

  • Contract: To fulfill our service agreements with you
  • Legitimate interests: For business development, analytics, and fraud prevention
  • Consent: For marketing communications and non-essential cookies
  • Legal obligation: For tax records and regulatory compliance

5. Third-Party Services

We may share your data with trusted third-party service providers who assist with our operations, including:

  • Calendly (appointment scheduling)
  • Website hosting providers
  • Email service providers
  • Payment processors
  • Analytics services (Google Analytics)
  • Cloud storage providers

These providers process data only on our instructions and are contractually obligated to protect your data. We do not sell your personal data to third parties.

6. Cookies and Tracking

We use cookies and similar technologies to enhance your browsing experience and analyze website performance. You can control cookie preferences through our cookie banner or your browser settings.

Types of Cookies:

  • Essential cookies: Required for website functionality
  • Analytics cookies: Help us understand how visitors use our site
  • Marketing cookies: Used for targeted advertising (with consent)

7. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse. These measures include encryption, access controls, secure servers, and regular security assessments.

8. Data Retention

We retain personal data only as long as necessary:

  • Inquiry data: 2 years from last contact
  • Client project data: Duration of engagement plus 7 years (for tax/legal compliance)
  • Marketing data: Until you unsubscribe plus 2 years
  • Financial records: 7 years (HMRC requirement)
  • Website analytics: 26 months

9. Your Rights

Under UK GDPR, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate data
  • Erasure: Request deletion of your data (subject to legal obligations)
  • Restriction: Limit how we use your data
  • Portability: Receive your data in a machine-readable format
  • Object: Opt-out of marketing or processing based on legitimate interests
  • Withdraw consent: For processing based on consent

To exercise any of these rights, contact us at hello@nextstepmod.com. We will respond within 30 days.

10. International Data Transfers

Your data may be transferred to and stored in countries outside the UK. We ensure appropriate safeguards are in place, such as Standard Contractual Clauses, to protect your data in accordance with UK GDPR requirements.

11. Children's Privacy

Our services are not directed at individuals under 18 years old. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be communicated via email or website notice. Continued use of our services constitutes acceptance of the updated policy.

13. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at:

Email: hello@nextstepmod.com

Company: Next Step Modern Solutions Ltd

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at www.ico.org.uk