Privacy Policy
Last updated: 7 May 2026
This Privacy Policy explains how Stormshake.com ("we", "us", "our") collects, uses, stores, and protects personal data when you visit our website, contact us, order services, create an account, use our website builder, or use our website design, hosting, support, and related digital services.
We aim to collect only the information we reasonably need to provide and improve our services. We do not sell personal data.
1. Information We Collect
We may collect and process the following types of information:
- name and contact details, such as your email address;
- optional contact details, such as a phone number if you choose to provide one;
- business information, such as your business name, website requirements, and project details;
- account information, where you create or use an account with us;
- website content you provide, upload, or publish through our services;
- billing, subscription, and payment-related information;
- messages, enquiries, support requests, and other communications with us;
- technical data, such as IP address, browser type, device information, and operating system;
- usage data, such as pages visited, links clicked, referring websites, and interactions with our website; and
- cookie and analytics data, where permitted by your cookie choices.
We do not intentionally collect sensitive personal data unless you choose to include it in information you send to us.
2. How We Use Your Information
We use personal data to:
- respond to enquiries and consultation requests;
- provide website design, website builder, hosting, backup, support, and related services;
- create, manage, and support customer accounts;
- process payments, subscriptions, invoices, and renewals;
- communicate with you about your services, account, payments, or support requests;
- manage cancellations, renewals, disputes, and service changes;
- host, display, back up, and maintain customer website content;
- improve our website, services, security, and user experience;
- monitor, prevent, and investigate fraud, abuse, unlawful use, security issues, or policy breaches;
- comply with legal, tax, accounting, and regulatory obligations; and
- protect our rights, customers, systems, and services.
3. Payments and Stripe
Payments are processed securely by third-party payment providers, including Stripe .
We do not store full payment card details on our systems. Stripe may process payment details, billing details, fraud prevention data, and other information needed to complete and manage payments.
Your use of Stripe may also be subject to Stripe's own privacy policy and terms.
4. Customer Website Content
If you use our website builder or website services, you may provide or upload content for your website, including text, images, files, branding, business information, contact details, and other materials.
You are responsible for ensuring that any personal data or other content you provide, upload, or publish through your website is lawful and that you have the necessary rights, permissions, or notices in place.
We may process customer website content only as needed to provide, maintain, back up, secure, support, or improve our services, or where required for legal, security, or abuse-prevention reasons.
5. Legal Bases for Processing
Where UK GDPR or EU GDPR applies, we rely on the following legal bases:
- Contract: to provide services you request, manage your account, process orders, and deal with payments or support.
- Legal obligation: to meet tax, accounting, regulatory, and legal requirements.
- Legitimate interests: to run, secure, improve, and protect our business, website, services, and customer relationships.
- Consent: where required, such as for certain non-essential cookies or optional marketing communications.
6. Sharing Your Data
We may share personal data with trusted third parties where necessary to provide, secure, manage, or improve our services.
These may include:
- payment processors, including Stripe;
- website hosting and infrastructure providers;
- domain, DNS, and email service providers;
- analytics and cookie-related service providers;
- communication, support, and customer management tools;
- professional advisers, such as accountants or legal advisers; and
- law enforcement, regulators, courts, or authorities where legally required.
We do not sell personal data. We also do not knowingly share personal data for targeted advertising purposes.
7. Cookies and Analytics
We use cookies and similar technologies to help our website function, understand how visitors find and use our website, improve our services, and measure website performance.
Some cookies are essential for the website to work. Other cookies, such as analytics or tracking cookies, are only used where required consent has been obtained.
Cookie data may include technical information, pages visited, referral sources, approximate location, browser type, device type, and interactions with our website.
You can control cookies through our cookie settings where available and through your browser settings.
8. International Transfers
Some of our third-party service providers may process personal data outside the United Kingdom or European Economic Area, including in the United States.
Where this happens, we rely on appropriate legal transfer mechanisms where required, such as adequacy regulations, standard contractual clauses, the UK International Data Transfer Agreement, the UK Addendum, or other legally recognised safeguards.
We choose service providers that are expected to protect personal data in line with applicable data protection laws.
9. Data Retention
We keep personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy.
This may include keeping data for as long as you have an account or active service with us, and for a reasonable period afterwards where needed for legal, tax, accounting, dispute, security, backup, or legitimate business reasons.
Customer website content may be deleted after a service is cancelled, terminated, or unpaid, subject to any backup, legal, or technical retention periods.
10. Your Rights
Depending on your location and applicable law, you may have rights to:
- request access to your personal data;
- request correction of inaccurate or incomplete data;
- request deletion of your data;
- object to certain processing;
- request restriction of processing;
- request data portability;
- withdraw consent where processing is based on consent; and
- complain to a data protection authority.
To exercise your rights, contact us at support@stormshake.com.
We may need to verify your identity before responding to certain requests.
11. UK and EU Users
If you are in the United Kingdom or European Economic Area, you may have specific rights under applicable data protection laws.
You also have the right to complain to your local data protection authority. In the UK, this is the Information Commissioner's Office.
12. United States Privacy Rights
If you are based in the United States, you may have privacy rights under applicable state laws, depending on where you live and whether those laws apply to us.
These rights may include the right to request access to, correction of, or deletion of personal data.
We do not sell personal data. We do not knowingly share personal data for cross-context behavioural advertising or targeted advertising purposes.
If you wish to make a privacy request, contact us at support@stormshake.com.
13. Marketing Communications
We may contact customers about their services, account, payments, support requests, renewals, or important service updates.
We will only send optional marketing communications where we have a lawful basis to do so. You can opt out of marketing communications at any time by following the unsubscribe instructions in the message or contacting us.
14. Data Security
We use appropriate technical and organisational measures to help protect personal data against unauthorised access, loss, misuse, alteration, or disclosure.
No website, hosting service, payment system, or internet transmission can be guaranteed to be completely secure.
15. Third-Party Links
Our website or services may contain links to third-party websites, platforms, payment pages, or services.
We are not responsible for the privacy practices, content, security, or policies of third-party websites or services.
16. Children's Privacy
Our services are intended for businesses and individuals aged 18 or over. We do not knowingly collect personal data from children.
17. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or business operations.
The latest version will always be available on this page.
18. Contact
For privacy questions or requests, contact:
19. Governing Law
This Privacy Policy and any disputes relating to privacy or data protection matters connected with our website or services are governed by the laws of England and Wales, except where mandatory local laws apply.