Privacy policy

Made For Builders is a marketing and technology partner for trade and construction businesses, and the controller of the personal data described here. For any privacy question, reach us through our contact page; full identifying details of the controller are available on request through that same channel.

We process only what we need to serve you:

• Data you give us in forms: name, email, phone number, company, and the message you write.
• Data from the commercial relationship if you become a client: billing and service communications.
• Aggregated technical data about site usage (no tracking cookies — see our cookie policy).

Each processing activity rests on a lawful basis under Article 6 UK GDPR:

• Replying to your enquiry or preparing a proposal: steps prior to entering a contract (Art. 6(1)(b)).
• Delivering and billing the contracted service: performance of a contract (Art. 6(1)(b)).
• Improving the site with aggregated metrics: legitimate interests (Art. 6(1)(f)).
• Sending marketing communications only if you opt in: consent (Art. 6(1)(a)), withdrawable at any time.

We do not sell your data or pass it to third parties for their own marketing. We share data only with suppliers acting as processors under Article 28 UK GDPR contracts: hosting and performance analytics (Vercel) and the operational tools needed to deliver the service.

Some suppliers may be located outside the UK (for example, the United States). Transfers rely on UK adequacy regulations or on the International Data Transfer Agreement (IDTA) or UK Addendum to standard contractual clauses.

Enquiry data is kept while the conversation is active and at most one year after the last contact. Client data is kept for the duration of the engagement and afterwards for the periods required by UK tax and company law. It is then deleted or anonymised.

Under the UK GDPR you can exercise these rights free of charge through our contact page:

If you believe we have not handled your data properly, you can complain to the Information Commissioner's Office (ICO), ico.org.uk.

• Access: know what data of yours we process and get a copy.
• Rectification: correct inaccurate data.
• Erasure: ask us to delete your data.
• Restriction: limit processing while a request is resolved.
• Portability: receive your data in a structured format.
• Objection: object to processing based on legitimate interests.
• Withdraw consent at any time, without affecting prior processing.

We apply technical and organisational measures proportional to the risk: TLS encryption in transit, role-based access, and vendors with recognised security certifications. No system is infallible; a breach affecting your rights would be notified under Articles 33 and 34 UK GDPR.

If we change this policy, we will update the date on this page. Material changes will be communicated visibly. The version published here is always the current one.