Privacy Policy

Privacy Policy

Effective date: 11/04/2026
Governing law: England and Wales
Applies under: UK GDPR and the Data Protection Act 2018

This Privacy Policy explains how Peters Blueprints collects, uses, stores, shares, and protects personal data.

1. WHO WE ARE

1.1 Peters Blueprints is the trading name of Petru Strugariu ("Peters Blueprints","PetersBlueprints", "we", "us", or "our").

1.2 For the purposes of UK data protection law, Peters Blueprints / Petru Strugariu is the data controller of the personal data covered by this Privacy Policy.

1.3 Contact details:
Trading name: Peters Blueprints
Data controller: Petru Strugariu
Website: petersblueprints.co.uk
Email: contact@petersblueprints.co.uk

1.4 This Privacy Policy applies to personal data collected through:
(a) petersblueprints.co.uk ("Website");
(b) direct correspondence with us;
(c) enquiries, quotations, project discussions, and contractual dealings;
(d) Deliverables supplied by us where this Policy is referenced or applies;
(e) authorised third-party platform listings or distribution channels to the extent we receive personal data from them directly.

2. WHAT THIS POLICY COVERS

2.1 This Policy applies to personal data relating to:
(a) website visitors;
(b) enquiry contacts;
(c) current, former, and prospective customers;
(d) business contacts, suppliers, and professional contacts;
(e) users of our Deliverables where we receive or process their personal data directly.

2.2 This Policy does not govern personal data processed solely by third-party platforms, app stores, payment providers, or websites that have their own privacy policies, except to the extent we receive that data ourselves.

3. THE PERSONAL DATA WE COLLECT

3.1 Data you provide directly
We may collect personal data you provide to us directly, including:
(a) name;
(b) email address;
(c) telephone number;
(d) postal address if provided;
(e) company or organisation name;
(f) job title or role if provided;
(g) project details, business requirements, technical requirements, and information included in enquiries or communications;
(h) account, billing, and transaction information relevant to a contract or payment;
(i) correspondence, messages, attachments, and records of communications with us.

3.2 Data collected automatically from the Website
When you visit the Website, we may collect technical and usage data such as:
(a) IP address;
(b) approximate location derived from IP;
(c) browser type and version;
(d) operating system and device information;
(e) referral source;
(f) pages viewed and navigation behaviour;
(g) date, time, and duration of visits;
(h) cookie or similar technology data, where applicable.

3.3 Data from Deliverables
Where a Deliverable includes functionality that transmits technical diagnostics, usage data, crash information, or service-related information to us, we may collect that information to provide, secure, maintain, or improve the Deliverable. Where relevant, additional product-specific privacy information may be provided within that Deliverable or its documentation.

3.4 Data from third-party platforms
Where Deliverables are supplied through Stores or other third-party platforms, we may receive limited information from those platforms, such as sales information, download figures, refund status, crash reports, reviews, or support-related information. We do not control what personal data those platforms collect for their own purposes.

3.5 We do not intentionally collect special category personal data unless it is necessary and lawfully provided in a specific engagement.

4. HOW WE USE PERSONAL DATA

4.1 We use personal data only where we have a lawful basis and only for legitimate business purposes, including:
(a) responding to enquiries and requests;
(b) preparing quotations, proposals, scopes, or contracts;
(c) providing services, Deliverables, support, or project-related communications;
(d) performing and administering contracts;
(e) processing payments and maintaining accounting and tax records;
(f) operating, securing, maintaining, and improving the Website and Deliverables;
(g) diagnosing faults, handling incidents, and resolving technical issues;
(h) protecting our systems, business, Website, Deliverables, users, and intellectual property;
(i) managing legal claims, disputes, complaints, and enforcement matters;
(j) complying with legal, regulatory, tax, accounting, and professional obligations;
(k) sending essential service, legal, contractual, or operational notices.

4.2 We do not use personal data for unsolicited direct marketing by email, SMS, or similar means unless we are lawfully permitted to do so and, where required, have the necessary consent.

5. LAWFUL BASES

We rely on one or more of the following lawful bases under Article 6 UK GDPR depending on the context:

5.1 Contract
Processing is necessary to take steps at your request before entering into a contract, or to perform a contract with you.

5.2 Legal obligation
Processing is necessary for compliance with a legal obligation to which we are subject, including tax, accounting, anti-fraud, and regulatory obligations.

5.3 Legitimate interests
Processing is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests may include:
(a) responding to business enquiries;
(b) operating and securing our Website and Deliverables;
(c) preventing misuse, fraud, and unauthorised access;
(d) maintaining records of enquiries, contracts, and communications;
(e) recovering sums due and enforcing our legal rights;
(f) improving our services, Website, and Deliverables;
(g) managing our business efficiently and responsibly.

5.4 Consent
Where required by law, we rely on consent, including for non-essential cookies or similar technologies and for any direct marketing where consent is required. Where we rely on consent, you may withdraw it at any time. ICO guidance states that privacy information should explain the lawful basis relied upon and, where legitimate interests are used, what those interests are.

6. COOKIES AND SIMILAR TECHNOLOGIES

6.1 The Website may use cookies and similar technologies, including technologies that store information on, or access information from, a user’s device.

6.2 These technologies may be used for:
(a) essential website operation;
(b) security and fraud prevention;
(c) remembering settings or preferences;
(d) analytics and performance measurement, where implemented;
(e) functionality and user experience improvements.

6.3 Some cookies or similar technologies are strictly necessary for the provision of the Website or a service requested by the user. Others are non-essential and require consent before being used. PECR applies not only to cookies but also to similar storage and access technologies such as pixels, scripts, tags, web storage, and fingerprinting techniques.

6.4 Where non-essential cookies or similar technologies are used, we will seek consent as required by law.

6.5 You can also manage cookies through your browser or device settings, although disabling some technologies may affect functionality.

6.6 If analytics are used, we aim to minimise the data collected and to use anonymisation or aggregation where appropriate.

7. WHO WE SHARE PERSONAL DATA WITH

7.1 We do not sell personal data.

7.2 We may share personal data, where necessary and lawful, with:
(a) hosting providers;
(b) website, email, cloud, and infrastructure providers;
(c) payment processors and payment service providers;
(d) accountants, solicitors, insurers, auditors, and professional advisers;
(e) contractors or service providers acting on our behalf and under appropriate obligations;
(f) regulators, courts, law enforcement agencies, or public authorities where legally required or where necessary to establish, exercise, or defend legal claims;
(g) a purchaser, successor, or replacement operator in connection with a business transfer, restructuring, or transfer of relevant assets, subject to appropriate safeguards.

7.3 We require processors and service providers acting for us to process personal data only on appropriate instructions and with suitable confidentiality and security measures where required by law.

8. INTERNATIONAL TRANSFERS

8.1 Some of our service providers may process or store personal data outside the United Kingdom.

8.2 Where we transfer personal data internationally, we will do so only where permitted under UK data protection law and where appropriate safeguards are in place, such as adequacy regulations or approved transfer mechanisms. International transfers under UK GDPR require an adequacy basis or appropriate safeguards under Chapter V.

9. DATA RETENTION

9.1 We retain personal data only for as long as reasonably necessary for the purposes for which it was collected, including to satisfy legal, accounting, tax, contractual, and dispute-resolution requirements. The ICO states that privacy information should include retention periods, or the criteria used to determine them.

9.2 Typical retention periods may include:
(a) enquiry and pre-contract correspondence: up to 24 months after the last substantive contact, unless a longer period is justified;
(b) customer, contract, project, and commercial records: up to 7 years after the end of the relevant engagement or accounting period, or longer where necessary for legal claims;
(c) financial and tax records: for the period required by applicable tax and accounting law;
(d) technical logs, diagnostics, and security records: for as long as reasonably necessary for security, continuity, troubleshooting, and audit purposes;
(e) cookie consent records: for as long as reasonably necessary to evidence consent choices and manage preferences.

9.3 We may retain data for longer where necessary to establish, exercise, or defend legal claims, to comply with legal obligations, or to investigate misuse or security incidents.

9.4 When retention is no longer necessary, personal data will be securely deleted, anonymised, or otherwise disposed of.

10. DATA SECURITY

10.1 We use appropriate technical and organisational measures designed to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, damage, alteration, or disclosure.

10.2 Such measures may include access controls, password protection, least-privilege access, secure hosting, encryption in transit where available, backups, and reasonable security review processes.

10.3 No internet transmission or storage system can be guaranteed to be completely secure. We therefore cannot guarantee absolute security.

10.4 Where a personal data breach occurs and notification is required by law, we will act in accordance with our legal obligations.

11. YOUR RIGHTS

11.1 Subject to applicable law and any lawful exemptions, you may have the following rights:
(a) the right to be informed;
(b) the right of access;
(c) the right to rectification;
(d) the right to erasure;
(e) the right to restrict processing;
(f) the right to data portability;
(g) the right to object;
(h) rights relating to automated decision-making, where applicable;
(i) the right to withdraw consent, where processing is based on consent.

11.2 These rights are not absolute and may depend on the legal basis relied upon and the circumstances of the processing.

11.3 To exercise your rights, contact us using the details in section 14.

11.4 You also have the right to complain to the Information Commissioner’s Office ("ICO"), the UK supervisory authority for data protection matters. The ICO explains that individuals have the right to be informed about processing, including purposes, retention, and sharing.

12. CHILDREN’S DATA

12.1 Our Website and business services are not directed at children.

12.2 We do not knowingly collect personal data from children where doing so would require parental consent unless that consent has been properly obtained.

12.3 If you believe that personal data relating to a child has been provided to us improperly, contact us and we will investigate and, where appropriate, delete the data.

13. THIRD-PARTY WEBSITES, STORES, AND SERVICES

13.1 The Website or our Deliverables may link to third-party websites, Stores, or services.

13.2 Those third parties operate under their own terms and privacy policies. We are not responsible for their privacy practices, content, or services.

13.3 If you use a third-party platform, including an app store, payment provider, hosting platform, or external website, you should review that third party’s privacy information separately.

14. CONTACT AND COMPLAINTS

14.1 If you have questions about this Privacy Policy, want to exercise your rights, or wish to make a privacy-related complaint, contact:

Trading name: Peters Blueprints
Data controller: Petru Strugariu
Website: petersblueprints.co.uk
Email: contact@petersblueprints.co.uk

14.2 You have the right to lodge a complaint with the ICO if you consider that your personal data has been handled unlawfully or unfairly. The ICO is the UK regulator responsible for enforcing data protection law.

15. CHANGES TO THIS POLICY

15.1 We may update this Privacy Policy from time to time.

15.2 Any updated version will be published on the Website with a revised effective date.

15.3 Material changes will take effect from the stated effective date, except where the law requires a different approach.

16. STATUS OF THIS POLICY

16.1 This Privacy Policy is intended to provide transparency about how personal data is handled.

16.2 It does not form part of any contract unless expressly incorporated into one.