The General Data Protection Regulation (GDPR) came into effect on 25 May 2018 and forms part of UK data protection law alongside the Data Protection Act 2018 (UK).
We use your personal data to quote, arrange, and manage web design contracts, and communicate with you as part of delivering our services.
jigsaw kloud, as the Data Controller, is responsible for determining how and why your personal data is processed. As a sole trader, we are not required to appoint a Data Protection Officer under UK GDPR. All client information is stored electronically using secure, access-controlled systems. No paper records are kept. Some of our trusted suppliers and service partners may process or store data outside the UK. Where this occurs, we ensure that appropriate safeguards – such as UK-approved Standard Contractual Clauses (SCCs) – are in place to keep your data protected.
When building or maintaining websites for clients, jigsaw kloud may process personal data on behalf of those clients. In these situations, the client acts as the Data Controller and jigsaw kloud acts as a Data Processor.
Data Processor suppliers
We use a number of trusted service providers to operate and deliver services. These providers may process personal data on our behalf and are listed below.
#1 Microsoft
#2 Google
#3 Zoho
#4 Filen
#5 Authy
#6 WordPress and Hostinger
#1 Microsoft
Windows 11 and Office documents containing sensitive data are password-protected and backed up to encrypted cloud storage.
Microsoft’s GDPR statement
#2 Google
Data is saved in various apps.
Google’s GDPR statement
#3 Zoho
Data is saved in various apps.
Zoho’s GDPR statement
#4 Filen
Files encrypted in cloud storage.
Filen GDPR Statement
#5 Authy
Additional security is provided using Two-factor Authorisation (2FA).
Twilio’s GDPR statement
#6 WordPress and Hostinger
All websites are managed via WordPress and Hostinger.
WordPress’ GDPR statement
Hostinger’s GDPR statement
What personal data we collect
jigsaw kloud considers there to be either a contractual or legitimate business interest to maintain contact with current clients, partners and suppliers. We only collect and process personal data we require to provide a specific service, which may include personally identifiable contact information. In addition, if you contact us directly, we may receive additional information, the contents of any message and/or attachments you send us, and any other information you choose to provide. The personal information you are asked to provide, and the reasons you are asked to provide it, will be made clear to you when we request such information.
How we handle your data
We use your data to provide a specific service and may share this data with trusted third parties, only when necessary.
How we protect your data
We take reasonable precautions, utilising encryption (#4) and 2FA (#5) to protect data in our possession from loss, misuse, and unauthorised access.
How long we process your data
Personal data we process will not be held longer than we have an ongoing legitimate business need to do so. Client records may be retained for up to six years to comply with contractual and legal obligations. When there is no ongoing legitimate business need, we will delete or, if not possible, securely store your information and isolate it from any further processing until deletion is possible.
How we process requests for data
Any clients, suppliers, or partners who wish to receive copies of the personal data jigsaw kloud holds about them can request this free of charge. We aim to respond within one month. A reasonable administrative fee may only be applied where a request is manifestly unfounded, excessive, or repetitive, as permitted under UK GDPR.
YOUR RIGHTS
Right of access: You have the right to obtain from us information concerning you and to request copies of your data.
Right to rectification: You have the right to request inaccurate data be amended by providing correct data.
Right to be forgotten: You have the right to request erasure of your personal data in certain circumstances, as provided by UK GDPR.
Right to restriction of processing: In certain situations, you have the right to obtain from us the restriction of processing.
Right to data portability: You have the right to receive your data in a structured, commonly used and machine-readable format to transmit to another controller.
Right to object: In certain situations, you have the right to object to the processing of your data e.g. for marketing purposes.
Right to file complaints: You have the right to complain to the ICO about how we process your data.
If you wish to request your data related to the rights mentioned, contact us.
jigsaw kloud
Created: 19th May 2018
Last updated: 6th March 2026