Privacy Policy

1. WHO WE ARE

Flying Raven Design Limited (“we”, “us”, “our”) operates the website https://www.flyingravendesign.com (the “Site”).

Contact email: privacy@flyingravendesign.com

For the purposes of the UK GDPR and EU GDPR we are the data controller of the personal information described in this policy.

2. PERSONAL DATA WE COLLECT

• Information you provide – name, email, telephone, company, and any free-text message you enter via the embedded Google Form or Google Ads lead-form asset.  

• Automatically collected data – IP address, browser and device information, referral URL and event timestamps, gathered via Google Tag Manager and Google Ads Conversion-Linker cookies such as “_gcl_au” and “_gcl_aw”.  

• Advertising identifiers – the Google Click ID (GCLID) plus hashed email or phone when Enhanced Conversions for Leads is enabled in Google Ads.

We do not knowingly collect special-category data or information about children under 16.

3. HOW WE USE YOUR DATA & LEGAL BASES

• To respond to contact or quote requests – based on your consent.  

• To send marketing updates when you ask for them – based on your consent (you can withdraw at any time).  

• To measure advertising performance and prevent fraud – based on our legitimate interests in understanding how visitors engage with our ads and site.  

• To improve the Site and our services – based on legitimate interests.  

• To comply with legal obligations such as tax or regulatory requirements – based on legal obligation.

You may withdraw consent at any time (see Section 8).

4. WHO WE SHARE DATA WITH

• Google Ireland Ltd – provides cloud hosting, lead-capture, advertising and analytics (Google Forms, Google Ads, Tag Manager). Transfers are safeguarded by EU Standard Contractual Clauses, the UK Addendum and Google’s ISO 27001 certification.  

• Selected service providers (email, CRM, web hosting) – only where necessary to fulfil your request and under written data-processing agreements.  

• Regulators or law-enforcement bodies – only when required by law or court order and only the information that is strictly necessary.

We never sell your personal data.

5. INTERNATIONAL TRANSFERS

Google and some service providers may process data on servers outside the UK/EEA (e.g. USA). Transfers rely on SCCs, the UK Addendum and Google’s Data Processing Terms. We assess partners’ security measures to ensure GDPR adequacy.

6. RETENTION PERIODS

• Contact / lead details collected via Forms or Ads – kept for 18 months from collection unless you become a customer.  

• Customer records and invoices – retained for 6 years to satisfy UK tax requirements.  

• Advertising cookies (“_gcl_*”) – stored for up to 13 months (Google default).  

• Emails and CRM notes – deleted or anonymised 24 months after our last contact.

7. COOKIES & SIMILAR TECHNOLOGIES

• “_gcl_au” – stores ad-click information for remarketing; lasts 3 months.  

• “_gcl_aw” – records Google Ads conversions; lasts 90 days.  

• “lead_form_id” – prevents duplicate lead-form submissions in Google Ads; lasts for the session.

A cookie banner lets you accept or reject non-essential cookies. You can also clear cookies via your browser settings.

8. YOUR RIGHTS

You may: Access, Rectify, Erase, Restrict, Object, Port your data, and Withdraw consent.  

To exercise any right, email privacy@flyingravendesign.com — We respond within 30 days.  

You may lodge a complaint with the ICO or your local supervisory authority.

9. SECURITY MEASURES

• All submissions transmitted over HTTPS/TLS 1.2+  

• Google Cloud data encrypted at rest and in transit  

• Role-based access & 2-factor authentication  

• Periodic security reviews and staff training

10. CHANGES TO THIS POLICY

We may update this Policy to reflect changes in law or our operations. The “Last reviewed” date shows when it was most recently updated. Significant changes will be announced on this page or by email.

Questions? Email privacy@flyingravendesign.com or write to the address in Section 1.