Who we are
Introvision Designs is a limited company registered in England and Wales. We provide cyber security consultancy, data protection services, accreditation support, and technical IT consultancy to small businesses, charities, and other organisations across England and Wales.
Scott Taylor is both the data controller and the Data Protection Officer for this business. If you have any questions about this notice or how your information is handled, you can contact Scott directly.
Data Controller & Data Protection Officer
Scott Taylor · Introvision Designs Ltd
Suite I, Business Development Centre, Stafford Park 4, Telford, Shropshire, TF3 3BA
Company registration: 12854016 · ICO registration: ZA925079
Email: scott@introvision-designs.co.uk
Phone: 0121 405 4835
What information we collect and why
We only collect information that's genuinely necessary. Here's what that looks like in practice:
- Enquiries and contact: when you get in touch via the website form, email, or phone, we collect your name, contact details, and the details of your enquiry. We use this to respond to you and, if we go on to work together, to manage that relationship. The legal basis is legitimate interests.
- Client work: to deliver services, we may process personal data you share with us about your organisation or your own customers. Where this happens, it is governed by a Data Processing Agreement between us. You remain the data controller; we act as a data processor on your instructions.
- Accounting records: we keep records of invoices and payments as required by law. This includes your name, organisation, and contact details. The legal basis is compliance with a legal obligation.
- Communications: emails and messages you send us are retained as part of our business records. We don't use your contact details for marketing without your explicit consent.
We do not use cookies for tracking or analytics on this website. There is no third-party advertising, no pixel tracking, and no profiling.
The tools and services we use
We try to keep our technology footprint small, UK-based or European where possible, and under our own control. The table below lists the third-party services we use that may handle personal data.
| Service | What it's used for | Where data is held |
|---|---|---|
| Murena.io | Email and cloud file storage, accessed via desktop and a Fairphone running /e/OS (a privacy-focused open source Android operating system developed by the same organisation) | Europe (France) — /e/OS Foundation |
| Xero | Accounting and invoicing | United Kingdom |
| Veloxserv | Cloud server providing VPN access for secure remote working | United Kingdom (Wolverhampton) |
| Client / partner Microsoft environment | Email and Teams access where required by the client or partner organisation for project work | United Kingdom (client-controlled) |
Where we access client systems — including any Microsoft environment — this is covered by a Data Processing Agreement between Introvision Designs and the client or partner organisation. We access those systems only as instructed and only for the purposes of the work we've been engaged to do.
We do not use US-based cloud storage, US-based email services, or US-based analytics tools for our own business operations. Where client work requires access to US-hosted platforms, this is documented in the relevant Data Processing Agreement.
How long we keep your information
- Enquiries that don't lead to work: we keep these for up to 12 months, then delete them.
- Client records: we keep records relating to completed engagements for 6 years from the end of the contract, in line with standard limitation periods under English law.
- Accounting records: kept for 6 years as required by HMRC.
- Email correspondence: retained for the duration of the relationship and for a reasonable period afterwards, typically 3–6 years.
When data is no longer needed, we delete it securely. If you'd like us to delete your information sooner, please get in touch and we'll let you know whether there are any legal reasons we need to retain it.
Who we share your information with
We don't sell, trade, or share personal data with third parties for their own purposes. The only circumstances in which we share information are:
- With the service providers listed in the table above, where necessary to operate our business
- Where we're legally required to do so — for example, by a court order or a regulatory authority
- Where you've asked us to share it, or where it's clearly implied by the nature of the work
Your rights
Under UK GDPR, you have the following rights in relation to your personal data. These aren't just legal formalities — if you want to exercise any of them, please just contact us and we'll do our best to help promptly.
Access
You can ask for a copy of the personal data we hold about you.
Correction
You can ask us to correct anything that's inaccurate or incomplete.
Erasure
You can ask us to delete your data where there's no good reason for us to keep it.
Restriction
You can ask us to pause processing your data in certain circumstances.
Portability
Where processing is automated, you can ask for your data in a portable format.
Objection
You can object to processing based on legitimate interests, including for direct marketing.
We aim to respond to any request within one calendar month. If your request is complex or you've made several requests, we may extend this by a further two months, but we'll let you know.
If you're not happy with how we've handled your data, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113. We'd always prefer the chance to address a concern directly first, though.
Changes to this notice
If we make significant changes to how we handle personal data, we'll update this notice and change the date below. We won't notify you individually of routine updates, but if we start doing something meaningfully different with your data, we'll get in touch.
Contact us
Any questions about this notice, or about your data, are welcome — there's no such thing as a stupid question when it comes to privacy.
Scott Taylor · Introvision Designs Ltd
Suite I, Business Development Centre, Stafford Park 4, Telford, Shropshire, TF3 3BA
Company registration: 12854016 · ICO registration: ZA925079
Email: scott@introvision-designs.co.uk
Phone: 0121 405 4835
LinkedIn: thehelpfultechnologist
Last updated: April 2025