Privacy Policy

Dygiko (“we”, “us”, “our”) is a UK-based web design studio. Our website is dygiko.com. You can contact us at sam@dygiko.com.

We are committed to protecting your personal data and complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We may collect the following personal data:

• Contact form data: Name, email address, phone number, business type, and your message when you submit our contact form.
• Payment data: When you purchase a package via Stripe, Stripe processes your payment card data. We do not store card details on our servers.
• Usage data: Basic analytics such as page views and general location (country level), collected anonymously.
• Cookies: We use minimal session cookies required for site functionality. We do not use advertising or tracking cookies.

We use your personal data to:

• Respond to your enquiries submitted via the contact form
• Process your payment for web design services
• Deliver the services you have purchased
• Send you project updates and communications related to your order

We do not sell your data to third parties. We do not use your data for marketing unless you have explicitly opted in.

We process your personal data under the following legal bases:

• Contractual necessity: Processing required to deliver the services you have purchased.
• Legitimate interests: Responding to enquiries and communicating with potential clients.
• Consent: Where you have specifically opted in to receive marketing communications.

We use the following third-party services which may process your data:

• Stripe — Payment processing. Stripe is PCI DSS compliant. View their privacy policy at stripe.com/privacy.
• Resend — Email delivery service used to send contact form submissions. Data is processed in the EU/UK.
• Trustpilot— Review platform. If you choose to leave a review, Trustpilot's own privacy policy applies.
• Google Analytics — Anonymous website analytics. IP addresses are anonymised.

We retain contact form data for up to 24 months after your last interaction with us, unless you request deletion earlier. Payment records are retained for 7 years as required by UK tax law.

Under UK GDPR, you have the right to:

• Access — Request a copy of the personal data we hold about you.
• Rectification — Request correction of inaccurate data.
• Erasure — Request deletion of your personal data where we have no lawful basis to retain it.
• Portability — Request your data in a machine-readable format.
• Object — Object to processing based on legitimate interests.

To exercise any of these rights, contact us at sam@dygiko.com. We will respond within 30 days.

Our website uses only essential cookies necessary for basic functionality. No consent banner is required for essential cookies under UK GDPR.

If we introduce analytics or marketing cookies in the future, we will update this policy and obtain your consent where required.

We implement appropriate technical and organisational security measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our website uses HTTPS encryption.

If you have any questions about this privacy policy or how we handle your data, please contact us at sam@dygiko.com.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you believe we have not handled your data correctly.