Okapi Creative Privacy Policy
Introduction
Okapi Creative is the trading name of Seer Arts Ltd, a web development and design agency based in Cambridge, England. This Privacy Statement explains how personal data is collected, used, stored, and protected when someone visits the website, makes an enquiry, becomes a client, or otherwise interacts with the business.
This statement is intended to provide clear and transparent information in line with UK data protection law.
Who controls the data
Seer Arts Ltd is the data controller for the personal data covered by this Privacy Statement. Okapi Creative is the trading name used in connection with the services provided by Seer Arts Ltd.
Seer Arts Ltd trading as Okapi Creative
Cambridge, England, United Kingdom
Email: .(JavaScript must be enabled to view this email address)
Telephone: +44 7894 547 227
Personal data collected
Depending on how someone interacts with the business, the following personal data may be collected:
- Name
- Business or organisation name
- Email address
- Telephone number
- Postal address
- Billing and payment details
- Project briefs, content, files, and correspondence
- Technical data such as IP address, browser type, device information, and website usage data
- Marketing preferences
- Any other information voluntarily provided through contact forms, email, phone, or project communications
How personal data is used
Personal data may be used to:
- Respond to enquiries and provide quotations
- Communicate about projects, proposals, and support requests
- Deliver web design, web development, hosting coordination, maintenance, publishing, or related digital services
- Process payments and maintain accounting, tax, and business records
- Manage contracts and client relationships
- Improve website performance, security, and user experience
- Send service-related communications
- Send marketing communications where permitted by law or where consent has been given
- Meet legal and regulatory obligations
Lawful bases for processing
Personal data is processed under one or more of the following lawful bases:
- Contract — where processing is necessary to take steps before entering into a contract or to provide agreed services
- Legitimate interests — where processing is necessary for running and improving the business, managing enquiries, protecting the website, or maintaining client relationships, provided those interests are not overridden by the individual’s rights
- Consent — where consent has been given, for example for certain marketing communications or non-essential cookies
- Legal obligation — where records must be kept or information disclosed to comply with tax, accounting, fraud prevention, or other legal duties
Sharing personal data
Personal data may be shared where necessary with trusted third parties such as hosting providers, domain registrars, email and communications providers, cloud storage services, payment processors, accountants, analytics providers, security services, and professional advisers. Personal data may also be disclosed where required by law or where necessary to protect legal rights.
Data is only shared where there is a valid business or legal reason to do so, and reasonable steps are taken to ensure appropriate confidentiality and security.
International transfers
Some third-party providers may process personal data outside the United Kingdom. Where this happens, appropriate safeguards will be used where required by law.
Data retention
Personal data is kept only for as long as reasonably necessary for the purpose for which it was collected. Retention periods may include:
- Enquiry data: up to 24 months
- Client and project records: for the duration of the project and typically up to 6 to 7 years afterwards where needed for tax, accounting, contractual, or legal purposes
- Marketing records: until consent is withdrawn or an objection is received, unless a longer retention period is legally justified
- Technical logs and analytics data: for a limited period appropriate to security, diagnostics, and reporting needs
Cookies and website analytics
The website may use cookies or similar technologies for essential site functions, analytics, security, and performance monitoring. Where non-essential cookies are used, consent should be obtained where required, and users should be given clear information about those cookies and their choices.
If a separate cookie policy or cookie banner is used, it should be read alongside this Privacy Statement.
Data security
Appropriate technical and organisational measures are used to protect personal data against unauthorised access, misuse, loss, alteration, or disclosure. While no system can be guaranteed completely secure, reasonable safeguards are applied to reduce risk and support secure handling of information.
Individual rights
Under UK data protection law, individuals may have the right to:
- Request access to their personal data
- Request correction of inaccurate or incomplete information
- Request erasure in certain circumstances
- Request restriction of processing in certain circumstances
- Object to processing based on legitimate interests
- Withdraw consent where consent is the lawful basis
- Request data portability where applicable
- Lodge a complaint with the Information Commissioner’s Office
Complaints
Any concerns about the use of personal data should be raised in the first instance using the contact details above. Individuals also have the right to complain to the Information Commissioner’s Office (ICO), the UK regulator for data protection matters.
Changes to this statement
This Privacy Statement may be updated from time to time to reflect changes in services, legal requirements, or data processing practices. The latest version should always be published on the website with the updated revision date.
This template is designed for use by Okapi Creative, trading name of Seer Arts Ltd.