Privacy Policy

[COMPANY_LEGAL_NAME] ([REGISTERED_ADDRESS]) runs CodedPixels — a website builder for UK small businesses. We help you design a website plan and, when our full platform launches, build and host your site.

On our marketing site today, we may collect:

• Email address — when you join the Site Import waitlist or complete Get Started
• Configurator choices — template, features, package, and price totals you select
• Consent records — when you tick form consent or accept or reject analytics cookies
• Technical data — optional hashed IP address or truncated user agent to prevent abuse on public forms

We do not collect passwords or payment card details in MVP sign-up. Checkout is simulated — no payment is taken.

• Respond to your interest and follow up on your plan
• Save and restore your configurator choices
• Improve our product and understand how the site is used
• Prevent abuse and keep the service secure
• Meet legal and regulatory obligations

• Contract / steps at your request — processing needed when you sign up or ask us to save your plan
• Consent — analytics cookies (only after you click Accept) and marketing emails when you opt in
• Legitimate interest — security, fraud prevention, and aggregated analytics where applicable. Analytics cookies remain consent-gated.

We use essential cookies and local storage so the site works, including remembering your cookie choice. With your permission, we also use analytics cookies (Google Analytics 4) to see how people use our configurator.

We do not load Google Analytics until you click Accept analytics cookies. IP anonymisation is enabled in our GA4 property settings.

To change your choice, clear site data in your browser or wait for our re-consent prompt (we ask again after 12 months). Cookie consent and form consent are independent — you may reject analytics cookies and still sign up with the form checkbox ticked.

We do not sell your personal data. We use trusted providers (subprocessors) to run the service:

We will update this list when our providers change.

Your data is stored in Google Firebase (Firestore, Cloud Functions, Cloud Storage) in europe-west2 (London).

When we launch full accounts (Phase 2+), Firebase Authentication runs on Google's global infrastructure. We will tell you clearly when that applies to your account.

We keep personal data only as long as needed for the purposes above. Retention periods follow our data schema (Dr. Patrick O'Brien):

When our builder ships (Phase 2), you can export your leads at any time from your account.

Under UK GDPR, you have the right to:

• Access — ask for a copy of your personal data
• Correction — ask us to fix inaccurate data
• Deletion — ask us to delete your data in certain circumstances
• Restrict processing — ask us to limit how we use your data
• Object — object to processing based on legitimate interest
• Withdraw consent — where we rely on consent, you can withdraw it at any time

You can also complain to the UK Information Commissioner's Office (ICO) at ico.org.uk.

CodedPixels is not aimed at anyone under 18. We do not knowingly collect data from children.

We may update this policy from time to time. We will post changes on this page. If we make material changes to how we use cookies, we will ask for your consent again where required.

For privacy questions or to exercise your rights, contact our [DPO_NAME] at [PRIVACY_EMAIL — contact product owner].

See also our Terms of Service.