We will never sell, distribute or intentionally make your personal information public and have implemented appropriate technical and organisational security measures to protect the data you share with us from loss and preserve its security and confidentiality. We aim to collect the minimum of personal information needed to provide an effective service.
We believe in being transparent about what data we are collecting and how it will be handled. The information below sets out our privacy policy in detail. In each case we’ll explain why a particular piece of data is being processed and how long it will be retained. We are also committed to providing relevant information and control at the point of collection so that you can make informed decisions about what personal data you choose to share with us.
Unless otherwise stated any personal data is captured on the lawful basis of legitimate commercial interests. That is to say we are using your data in a way that you might reasonably expect and which has a minimal privacy impact.
We collect and process information about you only where we have a legal basis for doing so. This legal basis will depend on the individual services you use and how you use them. Additional information is provided below but in general terms we will only collect and use your information where:
In cases where you have consented to our use of your personal information for a specific purpose you have the right to change your mind at any time. Where we are using your information because we have a legitimate interest to do so, you have the right to object to that use, but in some cases this may mean you are no longer able to access our services.
Like most businesses we rely on a number of third-party providers to support our day-to-day operations, for example in areas such as online file storage and email delivery. We may also hire third parties to operate, maintain or improve our website and other digital services. Some of these service providers will, by necessity, have access to or be directly involved in processing or storing a subset of the personal information you share with us.
All our third-party data processors have been carefully chosen as service suppliers who also practice responsible data handling. We believe that each has in place appropriate protections to ensure the security of the data we store or process with them and have clear policies for how they treat that data. Their individual Privacy Policies can be reviewed separately.
Under certain circumstances we will transfer your information outside of the European Economic Area. We will only do this when it is necessary to perform a contract we have with you or where the receiving organisation has adequate safeguards in place - for example certification under the EU-US Privacy Shield framework.
Our website is hosted in the UK in a data centre managed by Memset Hosting. When you visit our website or access one of the files stored on our web server information about this request will be automatically stored in our log files to provide usage statistics, enable security features and aid technical troubleshooting. This is on the legal basis of legitimate commercial interests. In these cases your IP address at the time acts as a unique identifier and is stored along with information about your operating system, browser version and the pages/files you access.
Like most businesses we use Google Analytics to help understand how our website is being discovered and interacted with and we use this information to help improve the experience for our visitors and make decisions about future development. Google Analytics presents us with aggregate information about the geographic location, device types and operating systems used by our website visitors, but not in a way that personally identifies you. Additionally Google will record your computer’s IP address and set a number of temporary cookies in your browser to help distinguish you as an individual visitor as you move around our site. In the interests of limiting the amount of data Google collects via our site we are using Google’s standard Analytics implementation and have not enabled any additional advertising features, such as remarketing tags which would tie your usage of our site in with your broader browsing habits. Any user-level data that is associated with Analytics' cookies are retained for up to 26 months from your last activity on our site, after which it is automatically deleted from Analytics' servers.
Our website and emails contain a number of links to third party sites. It is important to be aware that these external sites are governed by their own privacy policies and we do not accept any responsibility or liability for these policies. The inclusion of a link to an external source should not be understood to be an endorsement of that website, its owners or their products/services. Always check the individual privacy policies of these external sites before you submit any personal data through them.
When you submit one of our online contact forms the information you provide is sent to us by email. Your name, email address and a contact phone number are all collected as required fields and we will also record a timestamp for the purposes of fulfilling our obligation under data protection regulations to appropriately log submissions of personal data.
On its way to us your message will pass through anti-spam filters operated by Fasthosts to identify poor quality content or viruses. These are automated processes with no human involvement. Fasthosts will only access email content under very limited circumstances, such as investigating fraudulent or abusive activity. You can read the detail of Fasthosts data privacy policy here: https://www.fasthosts.co.uk/terms/privacy-notice
Enquiry emails are only available to a limited number of team members who are all bound by a strict confidentially agreement. We treat all information provided as confidential and won’t share it beyond the company without your explicit consent.
Our default retention period for these emails is 36 months from the point of last contact, we will delete your data after 36 months if there has been no further correspondence in that time.
Because your submission could include attachments and other information we can’t limit what data you share with us. We request that you only share information directly relating to your enquiry and that you have the appropriate consent to disclose the information your share with us. It is important to be aware that email is not considered a secure means of communication so please limit the extent of the personal or commercially sensitive information you share with us in this way.
Cookies are temporary files stored in your web browser by a website to help track usage and enable services that rely on a persistent identity. You can control which cookies you accept and remove them at any time by adjusting your browser settings, but it is important to be aware that some cookies are essential and our website may not function as expected without them.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features. However, you can block or delete them by changing your browser preferences.
These cookies are used to enhance the performance and functionality of our websites. They are non-essential but without them certain functionality may become unavailable, you can block or delete them by changing your browser preferences.
These cookies collect information to help us understand how our website is being used or customise it in order to enhance your experience.
This website also uses the following embedded services:
When you send us an email, either to one of the addresses displayed on our website or an individual member of staff, we will collect your email address and any other information you provide within your email.
Fasthosts are our email service provider so any emails you send us will be stored on their servers. You can learn more here: https://www.fasthosts.co.uk/terms/privacy-notice
The information you provide will only be processed in relation to the purpose of your correspondence with us. We have no fixed retention period for email correspondence, but we are committed to only storing your data for no longer than is necessary to serve our legitimate interests of record keeping or to perform a contract we have entered into with you.
Our website and services are not for use by children under 16 years and we will not knowingly collect or use the personal data of children. If you are under the age of 16 please do not provide any personal data even if prompted to do so.
A breach is considered any loss, alteration, unauthorised disclosure of, or access to, personal data. We are committed to disclosing any personal data breaches that might adversely affect your rights and freedoms without undue delay so that you can take appropriate action. Any notifiable breaches will also be reported to the UK’s Information Commissioner’s Office within 72 hrs.
The General Data Protection Regulation (2018) gives you the right to know what personal data we hold, to have it updated if it is inaccurate or removed entirely if you no longer consent to our use of it. We will endeavour to respond to any such requests within 14 days confirming receipt and outlining what follow-up actions will be taken and when.
We also welcome questions about our Privacy Policy and these or any access requests should be directed to our Data Protection Officer either via email: 
or by post:
Attn. Data Protection Officer
Calvary Design Limited
17 Chestnut Road
Ashford
Middlesex
TW15 1DD
To help us process your request quickly, please clearly mark any access requests “PERSONAL DATA REQUEST” (in CAPITALS please)
Any updates we may make to our Privacy Policy in the future will be published on this page and significant changes noted below.
21 May 2018 - Expanded Privacy Policy published in preparation for the new General Data Protection Regulation
"The new website is professional, informative and helping parental engagement"Phil Wells (Chair of Governors, Ashford CE Primary School)