Privacy policy

This policy explains how Lakin-Smith handles personal information when you use lakin-smith.com and related client services.

Who we are

Lakin-Smith is operated by Derrick Lakin-Smith, based in Gloucestershire, United Kingdom. For data protection purposes, Lakin-Smith is the data controller for information described in this policy.

Contact: hello@lakin-smith.com

What we collect

Digital Health Check

Your answers stay in your browser while you complete the health check. We only store your report if you choose to receive a copy by email. When you do, we may store:

Your email address
Business name and profile details you provide
Your answers and generated report

Contact form

If you use the website contact form, we receive the details you submit (such as your name, email address, and message). This is handled by Netlify Forms on our behalf.

Client workspace

If you sign in to the client area, we store your email address, account membership, session records, and audit information needed to keep access secure. We may also store operational data connected to your engagement, such as reports, tasks, inventory records, and renewal decisions you submit through the client or admin workspace.

Technical information

Our hosting and security systems may process standard technical data such as IP address, browser type, and request timestamps. This is used to deliver the site, prevent abuse, and maintain secure sign-in.

Website analytics

On public pages, we may use Google Analytics if you accept analytics cookies. This helps us understand how visitors use the site — for example, which pages are viewed and how people reach us. Google Analytics may set cookies and process usage data. We do not load Google Analytics on client or admin areas, and we do not use it for advertising.

You can accept or decline analytics cookies using the cookie notice. You can also change your choice at any time using the Cookie preferences link in the footer.

Why we use your information

To provide the Digital Health Check and send your report when you ask for it
To respond to enquiries and deliver consultancy services you request
To operate secure client and admin sign-in
To send service-related emails, such as sign-in links, report delivery, and agreed reminders
To keep the platform secure and reliable
To understand how public pages are used, where you have accepted analytics cookies

Legal bases

We rely on:

Consent — for example, when you request an emailed health check report, submit a contact form, or accept analytics cookies
Contract — where processing is needed to deliver services you have engaged us for
Legitimate interests — to operate, secure, and improve the website and client platform in a way that does not override your rights

Who we share information with

We use trusted service providers to run the platform. These may process data on our behalf, including:

Netlify (website hosting and serverless functions)
Supabase (database and authentication infrastructure)
Resend (transactional email delivery)
Microsoft (administrator sign-in via Microsoft Entra ID)
Google (website analytics via Google Analytics 4, only where you have accepted analytics cookies)

We do not sell your personal information. We only share information where needed to deliver the service, comply with law, or protect rights and security.

How long we keep information

We keep information only for as long as needed for the purposes above, unless a longer period is required by law. Health check reports and client workspace data are retained while relevant to your enquiry or engagement. Session and security audit records are kept for a limited period to support security and troubleshooting.

You can ask us to delete information that is no longer needed. Contact us at hello@lakin-smith.com.

Your rights

Under UK data protection law, you may have the right to access, correct, delete, restrict, or object to certain processing of your personal information, and to withdraw consent where processing is based on consent. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

International transfers

Some service providers may process data outside the UK. Where this happens, we rely on appropriate safeguards provided by those suppliers.

Changes

We may update this policy from time to time. The date at the top of this page shows when it was last revised.