1. Who We Are

The Doorway Company is a composite door supplier based in Derbyshire, UK. We supply composite doors to homeowners and trade installers across England and Wales.

Data Controller: The Doorway Company
Email: hello@thedoorway.co.uk
Website: thedoorway.co.uk

For any data protection queries, please contact us using the details above. We are not currently required to appoint a Data Protection Officer.

2. Data We Collect

We only collect personal data that is necessary for the purposes described in this policy. We do not collect more data than we need.

Data you provide directly

When you submit an enquiry through our contact form, we collect:

Your first and last name
Your email address
Your phone number (optional)
Your enquiry type and any collection preferences you specify
The contents of your message

Data collected automatically

When you visit our website, basic technical data may be collected automatically by the services we use, including your IP address, browser type, pages visited and time of visit. We do not directly access or store this data — it is handled by the third-party services described in Section 6.

3. How We Use Your Data

Purpose	Data used
Responding to your enquiry or quote request	Name, email, phone, enquiry details
Processing and managing your order	Name, email, phone, delivery address if provided
Trade account administration	Name, email, phone, business details if provided
Sending brochures or product information you have requested	Name, email
Improving our website and services	Anonymised usage data via analytics

We do not use your data for automated decision-making or profiling. We do not send marketing emails unless you have specifically requested to receive them.

4. Legal Basis for Processing

Under UK GDPR, we must have a lawful basis to process your personal data. We rely on the following:

Contractual necessity — processing required to respond to your enquiry, provide a quote, or fulfil an order you have placed with us
Legitimate interests — improving our website and services, and communicating with existing customers about relevant products and updates, where this does not override your rights
Legal obligation — where we are required to retain records for tax, accounting or legal compliance purposes
Consent — where you have specifically opted in, for example to receive marketing communications

5. Data Sharing

We do not sell, rent or trade your personal data to third parties. We may share your data only in the following circumstances:

Service providers — third-party services we use to operate our website and process enquiries (see Section 6). These providers act as data processors on our behalf and are contractually required to protect your data.
Legal requirements — if required to do so by law, a court order, or regulatory authority
Business transfers — in the event of a sale or transfer of our business, your data may be transferred to the new owner, who will be bound by the same data protection obligations

Your data is processed within the UK and/or European Economic Area (EEA). Where data is processed outside the UK/EEA by a third-party service, we ensure appropriate safeguards are in place.

6. Third-Party Services

Our website uses the following third-party services, each of which has its own privacy policy:

Service	Purpose	Privacy Policy
Formspree	Processes contact form submissions and delivers them to us by email	formspree.io/legal/privacy-policy
Google Fonts	Serves website fonts. May log your IP address when fonts are loaded	policies.google.com/privacy
Google Maps	Embedded map on our contact page showing our supply coverage area	policies.google.com/privacy
Cloudflare	Provides website security, performance and DNS services	cloudflare.com/privacypolicy

Note: When you submit our contact form, your data is processed by Formspree before being delivered to us. Please review Formspree's privacy policy if you have concerns about how they handle data.

7. Cookies

Our website uses a small number of cookies. A cookie is a small text file stored on your device when you visit a website.

Cookie type	Purpose	Can be declined?
Strictly necessary	Required for the website to function correctly. These cannot be switched off.	No
Google Fonts	Google may set cookies when loading fonts. These are functional and relate to font delivery.	Not without blocking the service
Google Maps	Google sets cookies when the embedded map is loaded on our contact page.	Not without blocking the service
Cloudflare	Cloudflare sets a security cookie (_cfruid) to manage traffic and protect against bots.	No — required for security

We do not currently use analytics cookies, advertising cookies or marketing tracking on this website. If this changes, we will update this policy and seek your consent where required.

You can manage or block cookies through your browser settings. Please note that blocking certain cookies may affect website functionality.

8. How Long We Keep Your Data

We retain your personal data only for as long as necessary for the purpose for which it was collected, or as required by law.

Enquiries that do not result in an order — we retain contact details and enquiry information for up to 12 months, after which it is securely deleted
Order and customer records — retained for 7 years in line with HMRC requirements for financial record-keeping
Trade account information — retained for the duration of the business relationship and for 7 years thereafter

9. Your Rights

Under UK GDPR you have the following rights in relation to your personal data. To exercise any of these rights, please contact us at hello@thedoorway.co.uk.

Right of access — you can request a copy of the personal data we hold about you
Right to rectification — you can ask us to correct inaccurate or incomplete data
Right to erasure — you can ask us to delete your data in certain circumstances (the "right to be forgotten")
Right to restrict processing — you can ask us to limit how we use your data in certain circumstances
Right to data portability — you can request your data in a structured, commonly used format
Right to object — you can object to processing based on legitimate interests or for direct marketing
Rights related to automated decision-making — we do not carry out automated decision-making or profiling, so this right is not currently applicable

We will respond to all requests within one calendar month. If we are unable to comply with your request, we will explain why.

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) — the UK's data protection authority. Visit ico.org.uk or call 0303 123 1113.

10. Security

We take the security of your personal data seriously. Our website is served over HTTPS (encrypted connection). Contact form data is transmitted securely via Formspree. We use Cloudflare for additional security and DDoS protection.

While we take all reasonable steps to protect your data, no method of transmission over the internet is completely secure. If you have concerns about a specific piece of sensitive information, please contact us directly rather than using the online form.

11. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page.

We encourage you to review this policy periodically. Continued use of our website after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions about this privacy policy or how we handle your personal data, please get in touch:

The Doorway Company
Derbyshire, UK
hello@thedoorway.co.uk

We aim to respond to all data protection enquiries within 5 working days.

Contact Us Back to Home

Privacy Policy.