Privacy Policy – Portico Stone Limited

Last updated: 08 December 2025

1. Who we are

This website (https://porticostone.co.uk/is operated by Portico Stone Limited (“we”, “us”, “our”).

Company number: 07906185
Postal address: Winslow House, Ashurst Park, Church Lane, Sunninghill, Ascot, Berkshire, SL5 7DD, United Kingdom
Email: enquiries@porticostone.com
Telephone: +44 7344688292

For the purposes of the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018, we are the data controller for personal data collected via this website.

2. What data we collect

We do not provide user accounts and we do not run an online shop on this website. Personal data comes in through:

2.1 Contact form (Forminator – WordPress)

When you use the contact form, we collect the information you enter, typically:

  • Name

  • Email address

  • Telephone number (if you provide it)

  • Company / organisation (if you provide it)

  • Project or enquiry details (free-text message and any other fields you complete)

 

2.2 Direct contact (email or phone)

If you contact us by email or telephone using the details on the site, we process the personal data you provide to us, such as:

  • Your name and contact details

  • The content of your message

  • Any project or contract-related information you give us

This data sits in our email systems and other internal records.

2.3 Technical data and server logs

When you visit the site, our hosting provider (Hostinger) automatically collects and stores standard server log data, which typically includes:

  • IP address

  • Date and time of access

  • Pages/URLs requested

  • HTTP status codes

  • Referrer URL (if provided by your browser)

  • Browser type and operating system (user agent)

Hostinger’s access logs are standard for HTTP/S hosting and are used for security, diagnostics and performance. Hostinger

We do not attempt to identify individual visitors from these logs unless we have to investigate abuse, security incidents or legal issues.

3. Purposes and legal bases

We process personal data for the following purposes under UK GDPR:

3.1 Responding to enquiries and providing quotes

  • Purpose: To read, store and respond to messages sent through the contact form or directly by email/phone, and to prepare proposals or quotes related to our services.

  • Legal bases:

    • Performance of a contract or taking steps at your request before entering a contract (Article 6(1)(b) UK GDPR)

    • Our legitimate interests in running and growing our business and responding to enquiries (Article 6(1)(f))

3.2 Ongoing project, contract and client communication

  • Purpose: To manage projects, maintain records of communications, and handle any related administration or aftercare.

  • Legal bases:

    • Performance of a contract (Article 6(1)(b))

    • Compliance with legal obligations (for example, tax and accounting) (Article 6(1)(c))

    • Legitimate interests in maintaining business records and defending legal claims (Article 6(1)(f))

3.3 Security, fraud prevention and diagnostics

  • Purpose: To operate, secure and maintain the website and hosting environment, to detect and prevent misuse, and to investigate technical issues (using server logs and other technical data).

  • Legal basis: Legitimate interests in ensuring the security and proper operation of the website and our systems (Article 6(1)(f))

We do not use your data from this site for mass marketing campaigns, newsletters, or profiling.

4. Cookies and similar technologies

4.1 WordPress core cookies

WordPress uses a small number of necessary cookies, for example a test cookie (wordpress_test_cookie) used to check whether your browser accepts cookies. These are functional/technical cookies and do not contain identifying content about you as a visitor. WordPress Developer Resources+1

We do not offer public user accounts on this site, so the usual WordPress “logged-in user” cookies should not appear for ordinary visitors.

4.2 Forminator

We use Forminator solely for the contact form. According to Forminator documentation and public guidance, the plugin:

  • Stores submitted form data in the WordPress database

  • May set cookies only for certain advanced features; for a standard contact form, it does not typically set its own tracking cookies

wpmudev.com+1

4.3 Elementor / Elementor Pro

Elementor is used to build and layout pages. In its basic configuration, Elementor does not add additional analytics or advertising cookies by itself. Additional cookies only arise if we deliberately integrate external tools (such as analytics or marketing scripts) through Elementor; we are not doing that at present.

4.4 Analytics and advertising cookies

We are not currently running:

  • Google Analytics or similar web analytics

  • Facebook/Meta Pixel, LinkedIn Insight Tag or similar advertising or retargeting tools

  • Third-party social media tracking scripts

As a result, the site is limited to essential / functional cookies required for basic operation and security.

5. Data sharing and processors

We do not sell your personal data.

We share personal data only where necessary with:

  • Hosting provider: Hostinger International Ltd (or other Hostinger group entities as applicable) as our web hosting provider. Hostinger processes server logs and stored website data on our behalf under its own data processing terms and privacy policy. Hostinger+1

  • Email and IT service providers: Providers of email and productivity tools (for example, email hosting) that we use to send and receive communications.

  • Professional advisers: Accountants, legal advisers or other professionals, if needed for advice, compliance or defence of legal claims.

  • Authorities: Where required by law, we may disclose data to law enforcement, courts or regulators.

All third parties that process personal data on our behalf are required to handle it securely and only in line with our instructions and applicable law.

6. International transfers

Our hosting and some service providers may store or access data outside the UK.

  • Hostinger is a global provider with infrastructure and entities within the EU/EEA and other jurisdictions. Where personal data is transferred outside the UK/EEA, Hostinger relies on recognised safeguards (such as Standard Contractual Clauses or equivalent mechanisms) to protect the data. Hostinger+1

Where we use any other providers outside the UK/EEA, we aim to ensure that appropriate safeguards are in place, such as:

  • An adequacy regulation covering the destination country; or

  • Standard Contractual Clauses or similar contracts approved under UK law.

7. Data retention

We keep personal data only as long as necessary for the purposes described above or as required by law.

In particular:

  • Contact form submissions (Forminator):
    By default, Forminator’s retention setting of “0” means submissions are stored indefinitely until manually deleted. We are using the plugin’s default behaviour, so form submissions are retained until we remove them or until they are no longer needed for the enquiry, project, or legal/accounting reasons. 

  • Email correspondence:
    Retained for as long as needed to manage the enquiry, any resulting work, and our records and legal obligations (for example, limitation periods for legal claims).

  • Project and client records:
    Retained for the duration of the project and for a period afterwards in line with standard business, tax and legal retention periods.

  • Server logs:
    Retained by our hosting provider according to their internal policies, typically for a limited period sufficient for security, diagnostics and legal compliance. Hostinger

When data is no longer required, it is deleted or irreversibly anonymised, where feasible.

8. Security

We take reasonable technical and organisational measures to protect personal data, including:

  • Enforcing HTTPS to encrypt data in transit between your browser and our server

  • Using reputable hosting with access controls and logging

  • Restricting access to personal data to people who need it for their role

  • Applying updates and security patches to the website software within practical timeframes

No system is perfectly secure, but we aim to keep risk proportionate and under control.

9. Your rights

Under UK data protection law, you have the following rights in relation to your personal data:

  • Access: To obtain a copy of your personal data and information about how we process it.

  • Rectification: To have inaccurate or incomplete data corrected.

  • Erasure: To request deletion of your personal data, where there is no longer a legal basis for us to keep it.

  • Restriction: To ask us to limit processing in certain circumstances.

  • Objection: To object to processing based on legitimate interests, on grounds relating to your particular situation.

  • Portability: To receive certain data in a structured, commonly used and machine-readable format and to have it transmitted to another controller, where technically feasible.

These rights are subject to legal conditions and exceptions.

To exercise any of these rights, contact us using the details in section 1. We may need to verify your identity before acting on a request.

10. Complaints

If you are unhappy with how we handle your personal data, contact us first using the details in section 1 so the issue can be addressed.

You also have the right to lodge a complaint with the UK supervisory authority:

Information Commissioner’s Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Telephone: 0303 123 1113
Website: https://ico.org.uk ico.org.uk

11. Changes to this policy

If we change how we process personal data or add new functionality to the site, we may update this privacy policy. The “Last updated” date at the top shows the latest version.

Scroll to Top