YOUR FREE WEBSITE GUYS. AN OFFICIAL AFFILIATE PARTNER OF THE FREE WEBSITE GUYS

PRIVACY POLICY

Data Protection & GDPR Policy

Your Free Website Guys

A) INTRODUCTION

At Your Free Website Guys, we may need to collect and use information about people we work with. This personal information — whether on paper, in computer records, or recorded by any other means — is handled and managed properly at all times.

We regard the lawful and correct treatment of personal information as vital to our success and to maintaining trust between us and those with whom we conduct business. We will ensure that we treat personal information lawfully, fairly, and securely.

To this end, we fully endorse and adhere to the principles of the General Data Protection Regulation (GDPR).

This policy applies to the processing of personal data in both manual and electronic records kept by us in connection with our business operations. It also covers our response to any data breach and the rights of individuals under GDPR.

This policy applies to the personal data of job applicants, existing and former employees, apprentices, volunteers, placement students, workers, and self-employed contractors. These are referred to as relevant individuals throughout this document.

B) DEFINITIONS

  • Personal data: Information that relates to an identifiable person who can be directly or indirectly identified — for example, a name, identification number, location data, or online identifier.
  • Criminal offence data: Data relating to an individual’s criminal convictions or offences.
  • Data processing: Any operation performed on personal data, whether automated or not, including collection, storage, retrieval, use, disclosure, restriction, erasure, or destruction.

C) DATA PROTECTION PRINCIPLES

Under GDPR, all personal data must be processed according to a set of core principles. In accordance with these, Your Free Website Guys will ensure that:

  1. Processing is fair, lawful, and transparent.
  2. Data is collected for specific, explicit, and legitimate purposes.
  3. Data collected is adequate, relevant, and limited to what is necessary.
  4. Data is accurate and kept up to date. Inaccurate data will be rectified or erased without delay.
  5. Data is not kept for longer than necessary for its purpose.
  6. Data is processed securely, protecting it from unauthorised access, loss, or damage.
  7. Any international transfer of data complies with GDPR requirements.

D) TYPES OF DATA HELD

We keep several categories of personal data on our employees and associates to support efficient business operations. This data may include:

  • Personal details (name, address, phone numbers, etc.)
  • Information from the recruitment process (CV, cover letter, references, education and employment history)
  • Payroll details (National Insurance number, bank account details, tax codes)
  • Medical or health information
  • Employment details (job title, salary, contracts, disciplinary and grievance records, performance data, training records, and leave information)

This information is required to carry out our processing activities, as detailed in our employee privacy notice.

E) EMPLOYEE RIGHTS

Individuals have the following rights under GDPR:

  1. To be informed about the data we hold and how we use it.
  2. To access their personal data (see “Access to Data” below).
  3. To have inaccuracies corrected (“rectification”).
  4. To have data deleted in certain circumstances (“erasure”).
  5. To restrict processing of data.
  6. To transfer data to another party (“portability”).
  7. To object to the processing of data.
  8. To prevent automated decision-making and profiling.

F) RESPONSIBILITIES

All staff and contractors at Your Free Website Guys are made aware of this policy and their responsibilities when processing data.

We have designated employees responsible for reviewing, auditing, and maintaining compliance with data protection requirements.

G) LAWFUL BASES OF PROCESSING

We only process data where a lawful basis exists, such as contract, legal obligation, legitimate interest, or consent.

When relying on consent, it will be:

  • Freely given, specific, informed, and unambiguous.
  • Requested individually and clearly.
  • Capable of being withdrawn at any time.

H) ACCESS TO DATA

Individuals can access their personal data by submitting a Subject Access Request (SAR).

We will respond within one month unless an extension is permitted under GDPR. Requests are generally free of charge unless excessive, repetitive, or unfounded.

I) DATA DISCLOSURES

Data may be disclosed to third parties when necessary, including:

  • For employee benefits administered by third parties.
  • To support disabled individuals (reasonable adjustments).
  • For health and safety or statutory obligations.
  • For payroll, insurance, or pension administration.
  • To assist law enforcement or regulatory bodies when required by law.

Disclosures will only occur when strictly necessary and compliant with GDPR.

J) DATA SECURITY

All staff must ensure that:

  • Hard copy records are stored in locked cabinets or secure storage.
  • Confidential data is only accessible by authorised personnel.
  • Screens are locked when devices are unattended.
  • Digital data is encrypted or password-protected.
  • Portable media (USBs, laptops) are secured and used only when essential.

Breaches of data security may result in disciplinary action, including dismissal.

K) THIRD-PARTY PROCESSING

When we use third parties to process data on our behalf, they are required by contract to adhere to our data protection standards and GDPR compliance obligations.

L) INTERNATIONAL DATA TRANSFERS

If we transfer personal data outside the UK or EEA, we will ensure that:

  • Transfers are protected by encryption and password controls.
  • Standard contractual clauses or other approved safeguards are in place.
  • Consent is obtained where required.

M) DATA BREACHES

All data breaches will be logged in our Data Breach Register.

Where required, we will notify the Information Commissioner’s Office (ICO) within 72 hours and affected individuals without undue delay.

N) TRAINING

All new employees must read and understand this policy as part of their induction.

Regular training ensures awareness of data protection responsibilities, breach procedures, and information security practices.

O) RECORDS

Your Free Website Guys maintains detailed records of all data processing activities, including purposes, lawful bases, and retention periods.

These records are reviewed and updated regularly.

P) DATA PROTECTION COMPLIANCE

Our appointed Data Protection Compliance Officer oversees adherence to this policy and GDPR requirements.

📧 Contact: hello@yourfreewebsiteguys.com

🌐 Website: https://www.yourfreewebsiteguys.com

Copyright © 2025 Your Free Website Guys- All Rights Reserved. Registered in England. Company No: 5611692067. Your Free Website Guys is a trading name under BE Holdings Group Ltd. We are also an Affiliate Partner of The Free Website Guys. 


  • Home
  • Privacy Policy
  • Terms and Conditions
  • APPLY NOW
  • Reviews
  • Cookie Policy
  • Become an affiliate

Want a free website built for your business?

Then please get in touch to

find out more

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept