We Take Privacy Seriously Check Out Our Privacy Policy

We highly value our customer’s privacy and care about protecting their personal information, which is why we have created this page.

Have A Concern? Contact Us
View Privacy Policy

Need support?

If you’re not sure whether something is allowed, ask and we’ll clarify.
Terms Of Service
Privacy Policy
Acceptable Use Policy
Anti-Spam Policy
Cookie Policy
Refund Policy

Last updated: 30 April 2026

Conor Bradley Digital Agency is committed to protecting your privacy and handling your personal data responsibly, securely and transparently.

This Privacy Policy explains what personal data we collect, how we use it, who we share it with, how long we keep it and what rights you have.

1. Who we are

Conor Bradley Digital Agency is operated by Conor Bradley in the United Kingdom.

We provide services including website design, website hosting, managed WordPress hosting, domain registration, website maintenance, WordPress support, SEO, PPC advertising, Google Business Profile optimisation, digital marketing and related technical services.

For the purposes of UK data protection law, Conor Bradley Digital Agency is the data controller for personal data collected through our own website, client area, billing system, enquiries, marketing and direct communications.

Where we provide services to clients and process personal data on their behalf, such as managing a client website, hosting account, analytics account, contact form, email system or advertising account, we may act as a data processor. More information about this is included below.

ICO registration number: ZC135245

Website: https://conorbradley.co.uk

Client area: https://conorbradley.co.uk/billing/

Privacy contact: ku.oc.yeldarbronoc@ycavirp

2. What this Privacy Policy covers

This Privacy Policy applies to personal data collected through:

  • Our website: https://conorbradley.co.uk
  • Our client area and billing system: https://conorbradley.co.uk/billing/
  • Our blog, knowledge base and support areas
  • Contact forms, quote forms and enquiry forms
  • Email, telephone, WhatsApp, social media and other direct communications
  • Client accounts, invoices and support tickets
  • Website hosting, domain registration and technical support services
  • SEO, PPC, analytics and marketing services we provide

This policy does not replace the privacy policies of our clients. If we build, host, manage or support a client website, that client is usually responsible for its own privacy policy and how it handles its own customer data.

3. Personal data we collect

We may collect and use the following types of personal data.

Website visitors

When you visit our website, we may collect:

  • IP address
  • Browser type and version
  • Device type
  • Operating system
  • Pages viewed
  • Referring website or search engine
  • Date and time of visit
  • Cookie preferences
  • Analytics and usage information, where permitted

Enquiries and communications

When you contact us, request a quote or make an enquiry, we may collect:

  • Name
  • Business name
  • Email address
  • Phone number
  • Website URL
  • Message content
  • Any files, screenshots or information you choose to send us
  • Communication history

Client accounts and billing

When you become a client or create an account in our client area, we may collect:

  • Name
  • Business name
  • Email address
  • Phone number
  • Billing address
  • Service address, where applicable
  • Invoice and payment history
  • Account username
  • Support ticket history
  • Products and services purchased
  • VAT or tax details, where applicable
  • Fraud prevention and security information

We do not normally store full card details on our own systems. Payment information is usually processed by third party payment providers.

Hosting, website and technical support

When we provide hosting, website design, maintenance, support or technical services, we may collect or access:

  • Website admin login details
  • Hosting account details
  • Domain and DNS information
  • Email account information where support is required
  • Server logs and security logs
  • Website files and database information
  • Contact form submissions where required for support
  • Plugin, theme and WordPress configuration information
  • Backup data
  • Error logs and diagnostic information

Domain registration and management

When you register, transfer, renew or manage a domain name through us, we may collect and process information required to provide the domain service.

This may include:

  • Registrant name
  • Business or organisation name
  • Postal address
  • Email address
  • Phone number
  • Domain name
  • Domain registration date
  • Domain renewal date
  • Domain expiry date
  • Administrative contact details
  • Technical contact details
  • Billing contact details
  • Domain transfer information
  • Nameserver and DNS information
  • WHOIS, RDAP or other registration data linked to the domain
  • Domain verification or validation information
  • Registry or registrar reference numbers, where applicable

We process this information so that your domain can be registered, renewed, transferred, validated, managed and supported.

Domain registration data may need to be shared with:

  • Domain registrars
  • Domain registries
  • Registry operators
  • Domain authorities
  • ICANN, where applicable to generic domain names
  • Nominet, where applicable to .uk domain names
  • WHOIS, RDAP or registration data lookup services
  • Data escrow providers
  • Technical service providers
  • Dispute resolution providers
  • Law enforcement, regulators or other authorities where required
  • Other parties where required by domain registration rules, transfer rules, registry policies or legal obligations

Some domain registration information may be made available through WHOIS, RDAP or similar domain lookup services depending on the domain extension, registry rules, registrar settings, your status as an individual or organisation and any privacy or redaction options available.

Where privacy protection, proxy registration or redaction is available, we may use or offer it where appropriate. However, privacy protection does not always prevent registration data from being processed, stored, validated, escrowed, transferred, disclosed under lawful request or shared where required by registrar, registry, ICANN, Nominet or other domain authority rules.

You are responsible for providing accurate domain registration details and keeping them up to date. Inaccurate or outdated domain registration information may result in suspension, cancellation, failed renewal, failed transfer or loss of the domain name.

SEO, PPC, analytics and marketing services

Where we provide SEO, PPC, Google Ads, analytics or marketing services, we may access or process:

  • Google Analytics data
  • Google Search Console data
  • Google Ads account data
  • Google Business Profile data
  • Website traffic and conversion data
  • Call tracking or lead tracking data, where used
  • Keyword, ranking and performance data
  • Enquiry and conversion information
  • Business contact information
  • Campaign performance reports

Special category data

We do not intentionally collect special category data, such as health information, religious beliefs, political opinions or biometric data, unless you choose to provide it to us or it appears within information you ask us to process.

If you send us special category data, we will only use it where necessary for the purpose it was provided and where we have a lawful basis to do so.

4. How we collect personal data

We may collect personal data:

  • Directly from you when you contact us, place an order, create an account or request support
  • Through our website and client area
  • Through cookies and similar technologies
  • Through payment providers and billing systems
  • From domain registrars, hosting platforms and technical systems
  • From client websites, systems or accounts where we provide services
  • From WHOIS, RDAP or domain registration systems where relevant to domain support
  • From publicly available sources, such as your website, Google Business Profile or social media pages, where relevant to our services
  • From third party tools used to deliver our services

5. How we use your personal data and our lawful bases

We only use personal data where we have a lawful basis under UK data protection law.

Purpose Types of data used Lawful basis
Responding to enquiries Name, email, phone number, business details, message content Legitimate interests or steps before entering into a contract
Providing services Client details, account details, website information, hosting details, support history Contract
Managing client accounts and billing Contact details, invoices, payments, service records Contract and legal obligation
Registering, transferring, renewing and managing domains Registrant details, contact details, domain information, DNS information, WHOIS and RDAP registration data Contract, legal obligation and legitimate interests
Validating domain ownership or registration information Domain details, registrant details, contact details, registrar or registry information Contract, legal obligation and legitimate interests
Providing technical support Login details, server logs, website files, diagnostic data Contract and legitimate interests
Maintaining security and preventing abuse IP addresses, logs, account activity, fraud checks Legitimate interests and legal obligation
Handling abuse reports, spam complaints, malware reports or security incidents Account details, domain details, hosting logs, server logs, IP addresses, support history and relevant website data Legitimate interests, legal obligation and contract
Sending service updates Client contact details, service information Contract and legitimate interests
Sending marketing communications Name, email, business details, preferences Consent or legitimate interests, depending on the situation
Improving our website and services Analytics data, usage data, feedback Legitimate interests and consent where cookies are used
Running advertising and remarketing Cookie data, website usage, campaign data Consent
Keeping accounting and tax records Invoices, payment records, client details Legal obligation
Handling disputes, domain complaints, chargebacks or legal claims Relevant account, communication, billing, domain and service records Legitimate interests and legal obligation

6. Marketing communications

We may contact business contacts about our services where we believe there is a legitimate business interest and where the law allows us to do so.

You can opt out of marketing emails at any time by using the unsubscribe link in the email or by contacting us.

We will not sell your personal data.

We may send important service related emails, such as hosting renewal notices, billing reminders, domain renewal notices, security updates, abuse notices, policy updates or support responses. These are not marketing emails and may be necessary to provide our services.

7. Cookies and similar technologies

Our website uses cookies and similar technologies.

Cookies are small files stored on your device. They help websites function, remember preferences, improve performance and understand how visitors use a website.

We may use:

  • Strictly necessary cookies, required for the website, client area, security, checkout, login and billing functions
  • Preference cookies, used to remember choices such as cookie settings
  • Analytics cookies, used to understand website traffic and performance
  • Advertising and remarketing cookies, used to measure advertising performance or show relevant adverts
  • Security cookies, used to protect accounts, forms and systems
  • Embedded content cookies, which may be set by third party services such as videos, maps, review widgets or social media embeds

Non essential cookies, such as analytics and advertising cookies, should only be used where consent is given through our cookie banner or cookie settings.

You can manage cookies through your browser settings and, where available, through our cookie consent tool. You can also change or withdraw your cookie consent at any time using the cookie settings option on our website.

For more information, please see our Cookie Policy.

8. Who we share personal data with

We may share personal data with trusted third parties where necessary to provide our services, run our business, comply with the law or protect our systems.

This may include:

  • Hosting providers and server infrastructure providers
  • Domain registrars, registries and domain authorities
  • ICANN, where applicable to generic domain names
  • Nominet, where applicable to .uk domain names
  • WHOIS, RDAP and domain lookup services where applicable
  • Domain escrow providers where required by registrar or registry rules
  • WHMCS and client area software providers
  • Payment processors
  • Accounting and bookkeeping providers
  • Email hosting and email delivery providers
  • Website security, backup and monitoring providers
  • WordPress plugin, theme and software providers where needed for support
  • Google services, including Google Analytics, Google Ads, Google Search Console and Google Business Profile
  • Cookie consent and analytics tools
  • Review widget and marketing tool providers
  • Professional advisers, such as accountants, insurers or legal advisers
  • Debt recovery providers, where invoices remain unpaid
  • Law enforcement, regulators or public authorities where required by law

We require service providers to handle personal data securely and only use it for the purposes for which it was provided.

9. Domain registration, WHOIS, RDAP and registration data

Domain registration services require certain information to be processed so that domain names can be registered, renewed, transferred, validated and managed.

Depending on the domain extension and applicable registrar or registry rules, domain registration data may be:

  • Sent to the relevant registrar
  • Sent to the relevant registry or registry operator
  • Stored in registrar or registry systems
  • Stored with an escrow provider where required
  • Used to verify domain ownership
  • Used to validate registration details
  • Used to manage renewals, transfers and disputes
  • Shared where required by domain policies, registry rules, registrar rules, law enforcement, regulators or legal obligations
  • Displayed, redacted or partially displayed through WHOIS, RDAP or similar domain lookup tools

WHOIS and RDAP are systems used to look up domain registration information. The information shown publicly can vary depending on the domain extension, registry, registrar, privacy settings, redaction rules and whether the registrant is an individual, business or organisation.

For some domains, personal data may be hidden, redacted or replaced with privacy service details. For other domains, certain registration data may remain publicly visible or may be disclosed to authorised parties with a legitimate reason.

For .uk domain names, registration data may be handled in line with Nominet policies. Nominet states that registrant personal data is not normally published unless permission has been given, but registration data may still be released to third parties with a legitimate reason, such as legal rights enforcement or dispute resolution.

If you request a domain transfer, some registration or contact information may need to be processed, disclosed or temporarily made available so that the transfer can be completed, verified or disputed.

If a domain complaint, ownership dispute, abuse report, legal request or law enforcement request is received, we may need to share relevant domain registration data with registrars, registries, dispute resolution providers, legal advisers, regulators or authorities.

Where privacy protection or redaction is available, we may use it where appropriate. However, we cannot guarantee that all registration data will always remain private, because disclosure rules vary by domain extension, registrar, registry, location, legal request and policy requirement.

If you register a domain name through us, you are responsible for providing accurate registration details and keeping them up to date.

10. When we process data on behalf of clients

Where we provide website hosting, website maintenance, WordPress support, SEO, PPC, analytics, email support or technical services, we may process personal data on behalf of our clients.

In these cases, the client is usually the data controller and we act as a data processor.

This may include personal data contained in:

  • Website contact forms
  • Website databases
  • Customer accounts
  • Email accounts
  • Analytics platforms
  • Advertising accounts
  • Booking systems
  • CRM systems
  • Server logs
  • Website backups
  • Support tickets

We only process this data where necessary to provide the agreed services, follow the client’s instructions, troubleshoot issues, maintain security, manage backups, prevent abuse, comply with the law or protect legitimate business interests.

Clients are responsible for ensuring they have a valid lawful basis for the personal data they collect through their own websites and systems.

11. International transfers

Some of the third party services we use may process personal data outside the United Kingdom.

Where personal data is transferred outside the UK, we rely on appropriate safeguards where required, such as:

  • UK adequacy regulations
  • Standard contractual clauses
  • International data transfer agreements
  • Other lawful transfer mechanisms recognised under UK data protection law

12. How long we keep personal data

We only keep personal data for as long as necessary for the purpose it was collected, including to provide services, meet legal obligations, resolve disputes, maintain security and keep business records.

Typical retention periods include:

Type of data Typical retention period
Enquiry data Up to 24 months after the last contact, unless you become a client
Client account data For the duration of the client relationship and for a reasonable period afterwards
Invoices and accounting records Usually at least 6 years for tax and accounting purposes
Domain registration records For as long as needed to manage the domain and meet registrar, registry, transfer, dispute, escrow or legal requirements
Domain transfer and validation records For as long as needed to evidence the transfer, ownership, validation or dispute history
Support tickets For the duration of the client relationship and for a reasonable period afterwards
Hosting and server logs Kept for a limited period for security, troubleshooting and abuse prevention
Website backups Kept on a rolling basis depending on the backup schedule
Marketing data Until you unsubscribe, withdraw consent or the data is no longer needed
Contract and dispute records As long as necessary to manage legal, contractual, insurance, domain or billing matters

Where we process data on behalf of a client, retention may depend on the client’s instructions, the service provided, backup schedules and legal or security requirements.

13. How we protect personal data

We use appropriate technical and organisational measures to protect personal data.

These may include:

  • Password protected systems
  • Two factor authentication where available
  • Access controls
  • Secure hosting environments
  • Malware and security monitoring
  • Firewalls and server security tools
  • Regular software updates
  • Backups
  • Encrypted connections where available
  • Limiting access to personal data where possible
  • Removing or restricting access when no longer required

No website, hosting platform or online service can be guaranteed to be completely secure. However, we take reasonable steps to protect personal data and reduce risk.

14. Your rights

Under UK data protection law, you may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate personal data
  • Request deletion of your personal data
  • Request restriction of processing
  • Object to processing
  • Request data portability
  • Withdraw consent where processing is based on consent
  • Object to direct marketing at any time
  • Complain to the Information Commissioner’s Office

Some rights may not apply in all circumstances. For example, we may need to keep certain records for tax, legal, contractual, domain registration, dispute, fraud prevention or security reasons.

To exercise your rights, contact us using the details in this policy.

We may need to verify your identity before responding to a request.

15. Complaints

If you have a concern about how we handle your personal data, please contact us first so we can try to resolve it.

You also have the right to complain to the Information Commissioner’s Office.

ICO website: https://ico.org.uk

ICO registration number: ZC135245

16. Children

Our services are intended for businesses and adults. We do not knowingly provide services directly to children or knowingly collect personal data from children.

If you believe a child has provided us with personal data, please contact us so we can review and delete it where appropriate.

17. Third party websites

Our website may contain links to third party websites, platforms or services.

We are not responsible for the privacy practices, content or security of third party websites. You should read their privacy policies before providing personal data to them.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements or how we handle personal data.

The latest version will be published on this page with the updated date shown at the top.

19. Contact us

For privacy related enquiries, data protection requests or questions about this policy, please contact:

Conor Bradley Digital Agency
Website: https://conorbradley.co.uk
Email: ku.oc.yeldarbronoc@ycavirp
ICO registration number: ZC135245

Have Any Questions? Don’t hesitate to contact us.

Contact Email

Click to Email

Phone Number

0749 3741 816

Let’s make your vision a reality!

Before you leave why don’t you drop your details below so we can discuss what you’re looking to achieve?