Privacy Policy — Commercetuned Limited

This Privacy Policy explains how COMMERCE TUNED LIMITED (“Commercetuned”, “we”, “us”, “our”) collects, uses, stores and protects personal data when you visit our website, contact us or use our services.

We are committed to transparency and to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and, where applicable, the EU GDPR for users located in the European Union.

1. Data Controller

The data controller responsible for your personal data is:

COMMERCE TUNED LIMITED
Company number: 04633285
Registered office: 3 Midway Close, Nettleham, Lincoln, United Kingdom, LN2 2TE
Email: info@commercetuned.co.uk

We do not currently appoint a representative in the EU.

2. Personal Data We Collect

We may collect the following categories of personal data:

2.1. Data you provide directly

  • First name and surname
  • Email address
  • Phone number
  • Company name and job title
  • Postal address
  • Billing details
  • Any information submitted via contact or service request forms
  • Any information provided when downloading content or requesting a proposal

2.2. Data collected automatically

  • IP address
  • Device and browser information
  • Cookies (see Cookie Policy — provided separately)
  • Device identifiers
  • Interaction data (pages visited, time on page, actions performed)

2.3. Analytics & tracking technologies

We use:

  • Google Analytics
  • Google Search Console
  • Google Tag Manager
  • LinkedIn Insight Tag

These tools may collect information about your interaction with our website.

3. Purposes of Processing

We use your personal data for the following purposes:

  • To respond to enquiries submitted through our website
  • To provide our SEO and digital marketing services
  • To prepare and manage commercial proposals
  • To manage invoicing, accounting and contractual obligations
  • To send newsletters and marketing communications (only with your consent)
  • To analyse website performance and user behaviour
  • To run advertising and remarketing campaigns through Google Ads and LinkedIn Ads
  • To maintain website security and prevent misuse
  • To comply with legal obligations

4. Legal Bases for Processing

We rely on the following legal bases:

  • Performance of a contract: to deliver services, manage proposals, and fulfil contractual obligations.
  • Legitimate interest: to analyse website performance, ensure security, improve our services, and follow up on leads in a proportionate and relevant manner.
  • Consent: for newsletters, non-essential cookies, and marketing communications.
  • Legal obligation: for accounting, invoicing and regulatory compliance.

Where legitimate interest is used, we ensure that our interest does not override your rights and freedoms, and conduct appropriate balancing assessments.

5. Data Retention

We retain personal data only for as long as necessary:

  • Client data: retained for 6 years, in line with UK tax and accounting obligations.
  • Lead and marketing data: retained until consent is withdrawn or the user requests deletion.
  • Website analytics data: retained according to Google Analytics’ configured retention period.
  • Form submission data: retained for the duration needed to respond and follow up.

We securely delete or anonymise data when retention periods expire.

6. Sharing Personal Data

We may share your personal data with:

6.1. Service providers (data processors)

  • IONOS (website hosting)
  • Google Analytics / Google Tag Manager / Google Workspace
  • LinkedIn Insight Tag
  • WordPress (CMS)

These providers process data under signed agreements and only as instructed by Commercetuned.

6.2. Legal authorities

Where required by law, court order or regulatory obligation.

We do not sell personal data.

7. International Data Transfers

Some of our service providers (such as Google and LinkedIn) may store or process data outside the UK or EU, including the United States.

To ensure equivalent protection, we rely on:

  • Standard Contractual Clauses (SCCs) adopted by the European Commission
  • International Data Transfer Addendum (IDTA) for transfers under UK law
  • Transfer Risk Assessments (TRAs) when required
  • Countries with adequacy regulations recognised by the UK Government or European Commission

We ensure appropriate safeguards are in place before data is transferred internationally.

8. Your Rights

Under the UK GDPR and EU GDPR (where applicable), you have the following rights:

  • Right of access to your personal data
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure (in certain situations)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing based on legitimate interest or direct marketing
  • Right not to be subject to automated decision-making (we do not use automated decisions beyond basic remarketing)

You can exercise your rights by contacting:
info@commercetuned.co.uk

9. Automated Decision-Making and Profiling

We do not carry out automated decision-making that produces legal or significant effects.

We only use basic remarketing via Google Ads and LinkedIn Ads to display relevant ads based on website interactions. This does not involve sensitive or intrusive profiling.

10. Data Security

We implement appropriate technical and organisational measures, including:

  • Encrypted connections (HTTPS)
  • Access controls and role-based permissions
  • Secure data storage and backups
  • Staff awareness of data protection practices
  • Contracts with processors to ensure compliance

No digital transmission is completely secure, but we work to maintain the highest level of protection.

11. Complaints

If you believe your data has been mishandled, you may contact us at:

info@commercetuned.co.uk

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.
Significant changes will be communicated on our website.
Please check this page regularly for updates.

Contact us