Mousehold Studio

Legal

Privacy Policy

How Mousehold Studio collects, uses and protects your personal information when you visit this website or enquire about working with us.

We take your privacy seriously. This policy explains what personal information we collect when you use this website, why we collect it, what we do with it, and the rights you have under UK data protection law.

1. Who we are

Mousehold Studio is a boutique digital studio based in Norwich, Norfolk. We provide web design, local SEO, Google Ads management, website care and custom software for service-led businesses.

Our details

  • Trading name: Mousehold Studio
  • Business owners: Harry Wood and Alexander Wood
  • Address: 5 Vicarage Court, Mousehold Lane, Norwich, NR7 8HG, United Kingdom
  • Phone: +44 7376 669399
  • Email: hello@mouseholdstudio.com

2. What information we collect

We collect only the information we need to respond to your enquiry, provide our services, and run this website effectively.

Information you give us directly

  • Contact form submissions: your name, business name, email address, phone number if you choose to provide it, and the content of your message.
  • Email correspondence: any information you include when you email us or reply to our messages.
  • Phone calls: if you call us, we may note your name, contact details and the nature of your enquiry.
  • Project enquiries: details about your business, your current website or digital setup, and what you want to achieve.

Information collected automatically

  • Technical data: your IP address, browser type and version, device type, operating system, and screen resolution.
  • Usage data: the pages you visit, how long you spend on them, how you arrived at our site, and what you click on.
  • Location data: an approximate location based on your IP address, city or region level, not your exact address.

3. Cookies

We keep cookies to a minimum. Our site may use essential session cookies required for the site to function correctly. If we add analytics or marketing cookies later, we will ask for your consent first and give you clear information about what they do.

4. How we use your information

We use your personal information for the following purposes and on the following legal bases:

Responding to enquiries (legitimate interest)

  • Answering questions you send through our contact form, by email or over the phone.
  • Providing quotes, proposals and information about our services that you have asked for.
  • Following up on enquiries where we reasonably believe you would expect to hear from us.

Providing our services (contract)

  • If you become a client, we process your information to deliver the services you have engaged us for, including web design, SEO, Google Ads, website care or custom software.
  • This includes communicating with you about your project, managing your account, sending invoices, and providing support.

Improving our website (legitimate interest)

  • Understanding which pages are most useful to visitors.
  • Identifying technical issues or broken pages.
  • Making the site faster and easier to use.

Legal obligations

  • Keeping records for tax and accounting purposes.
  • Complying with any legal or regulatory requirement that applies to us.

5. How we store and protect your information

We take reasonable technical and organisational measures to protect your personal information from loss, misuse, unauthorised access, disclosure or alteration.

Storage

  • Contact form submissions and email correspondence are stored in our email and project management systems.
  • Client project data is stored in secure development, hosting and backup environments.
  • We use trusted third-party providers for hosting, email, analytics and business operations.

Security

  • We use strong passwords, multi-factor authentication where available, and access controls to limit who can view personal data.
  • We keep software, plugins and systems up to date with security patches.
  • We train anyone working with us on data protection responsibilities.
  • No website or online system can be guaranteed completely secure. We will tell you promptly if we become aware of a data breach that affects your personal information.

6. Who we share your information with

We do not sell your personal information, trade it, or share it with advertisers.

Trusted third-party services

We use a small number of trusted third-party services to run our business and this website. These may process personal data on our behalf. They include:

  • Hosting providers, to keep our website and client projects online.
  • Email providers, to send and receive email.
  • Analytics platforms, to understand how our website is used (only where consent has been given).
  • Project management and development tools, to manage client work.
  • Payment processors and accounting software, to invoice clients and keep financial records.

Other circumstances

  • If we are required to disclose information by law, regulation or court order.
  • If we sell or transfer part or all of our business, your data may transfer with it, but only for the purposes you originally provided it for.
  • With your explicit consent, where required.

7. How long we keep your information

We do not keep personal information forever. Our retention periods are:

  • Enquiry and contact form data: up to two years after our last correspondence, unless you become a client.
  • Client project data: for the duration of the project and up to six years after it ends, for legal, accounting and warranty purposes.
  • Financial and invoicing records: for the period required by UK tax law, typically six years.
  • Website analytics data: for up to 26 months, in line with standard analytics retention settings.
  • Backups: retained as part of our operational backup cycle, typically on a rolling basis, and deleted in accordance with our backup retention schedule.

8. International data transfers

Most of the third-party services we use are based in the UK or the European Economic Area. Some tools may process data outside the UK, for example in the United States. Where this happens, we choose providers who offer appropriate safeguards, such as Standard Contractual Clauses or an adequacy decision recognised under UK GDPR, and we limit what data is shared.

9. AI-assisted work

We may use AI-assisted tools, code assistants, research tools and productivity software to help us provide our services more efficiently. We will not knowingly submit your confidential business information, customer personal data, or sensitive information into public AI tools unless you have approved this or appropriate safeguards are in place. AI-assisted outputs are always reviewed by a human before they are used.

10. Your rights under UK GDPR

Under UK data protection law, you have the following rights in relation to the personal information we hold about you:

Your rights

  • Right to be informed: you have the right to know what we do with your personal data (which is what this policy is for).
  • Right of access: you can ask us for a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct any inaccurate or incomplete personal data.
  • Right to erasure: you can ask us to delete your personal data in certain circumstances.
  • Right to restrict processing: you can ask us to limit how we use your data in certain circumstances.
  • Right to data portability: you can ask us to provide your data in a structured, commonly used format.
  • Right to object: you can object to us processing your data where we rely on legitimate interest as the legal basis.
  • Right to withdraw consent: where we rely on consent, you can withdraw it at any time.

Exercising your rights

To exercise any of these rights, email us at hello@mouseholdstudio.com. We will respond within one calendar month. There is no charge for making a request, unless it is manifestly unfounded or excessive. We may ask you to confirm your identity before proceeding.

Making a complaint

If you are unhappy with how we have handled your personal data, please tell us first so we can try to put things right. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator. Their website is at ico.org.uk.

11. Links to other websites

Our website may link to third-party websites, tools or platforms. We do not control those sites and are not responsible for their content, privacy practices or security. Please check the privacy policy of any site you visit.

12. Children's privacy

Our website and services are not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

13. Changes to this privacy policy

We review this policy regularly and update it when our practices, services or legal obligations change. The latest version will always be available on this page. If we make significant changes, we will make this clear on our website.

14. Last updated

This privacy policy was last updated on 19 February 2025.

Questions about these privacy practices?

If you have questions about how we handle your data, or want to exercise your rights, email us directly.

hello@mouseholdstudio.com