Privacy Policy

Last updated: February 2026

Overview

Urthly Ltd ("we", "us", "our") is committed to protecting your privacy. This policy explains how we handle information when you use our websites, portal, and managed website services.

Information We Collect

We collect minimal data necessary to provide our services:

Portal users (clients): Name, email address, business details provided during onboarding. This data is stored securely and used solely to deliver our web management service.

Website visitors (client sites): When a visitor consents to analytics cookies, we collect anonymised page view data, click events, scroll depth, device type, and session identifiers. No personally identifiable information is collected through analytics. Form submissions (name, email, message) are stored to forward enquiries to our clients.

We do not sell, trade, or otherwise transfer personal information to third parties.

Cookies

Our websites use cookies in the following categories:

Essential cookies: Required for basic site functionality, including consent preference storage. These cannot be disabled.

Analytics cookies: Used to understand how visitors use a website. These are only set after the visitor provides explicit consent via the cookie banner. Analytics data includes page views, clicks, and scroll behaviour. No advertising profiles are built.

Marketing cookies: Where configured by our clients (such as Google Analytics or heatmap tracking), these are only activated after explicit visitor consent.

All cookie consent preferences are stored in the visitor's browser. No consent is assumed from continued browsing.

Third-Party Services (Sub-Processors)

We use the following third-party services to deliver our platform:

Supabase (database hosting and authentication), Vercel (website hosting and CDN), Resend (transactional email delivery), Stripe (payment processing, where applicable), Google Analytics (optional, configured per client site, consent-gated).

Each service has its own privacy policy and processes data in accordance with its terms.

Data Retention

Analytics data is automatically deleted after 13 months. Form submissions are retained until the client requests deletion or their account is closed. Portal account data is retained for the duration of the service agreement and deleted upon request after account closure.

Your Rights

Under UK GDPR, you have the right to:

Access your personal data. Rectify inaccurate data. Request erasure of your data. Restrict or object to processing. Receive your data in a portable format. Lodge a complaint with the Information Commissioner's Office (ICO) if you believe your rights have been breached.

To exercise any of these rights, contact us at the email below.

Contact

If you have any questions about this privacy policy, please contact us at hello@urthly.digital.