Privacy Policy

How Obsidian Resin collects, uses and protects your personal data.

1. Who we are

Obsidian Resin is a epoxy resin flooring business based in Leicestershire, United Kingdom. We are the data controller for the personal data we collect through this website (www.obsidianresin.co.uk) and through our work with you.

Any questions about how we handle your data? Get in touch through our contact form and we'll come back to you.

2. What we collect

When you submit a quote form, call us or email us, we may collect:

  • Your name and email address
  • Details of the epoxy resin flooring work you need
  • Anything else you type into a form or send us

Automatically when you visit this site:

  • Your IP address, browser, device type and rough location
  • Pages you look at, what you click, how long you spend, where you came from
  • Cookies (more on those in section 5)

If you become a customer, we also keep job records, invoices and any photographs taken on site.

3. What we do with it

UK GDPR requires us to tell you our "lawful basis" for using your data:

  • To reply to you and do the work you have asked for. Basis: contract, or steps before entering a contract.
  • To send quotes, invoices and job updates. Basis: contract.
  • To improve this site and measure our marketing. Basis: legitimate interest. You can tell us to stop at any time.
  • To send the occasional email about new services. Basis: consent or legitimate interest. You can unsubscribe at any time.
  • To meet our tax and legal obligations. Basis: legal obligation.

We do not sell your data.

4. Who we share it with

We use trusted third parties to run the business. They handle some of your data on our behalf, under written agreements. The main ones:

  • Netlify hosts this site and handles the quote form
  • Google for Analytics, Tag Manager and (where applicable) Google Ads
  • Email, accounting and invoicing tools we use to run the business

We only share what they need to do the job. We may also share data if the law requires it, or to defend ourselves in a legal claim.

5. Cookies and tracking

Cookies are small files your browser stores. We use them to understand how visitors use the site and how our marketing is performing. Some cookies are essential; analytics and marketing cookies are only set where the law allows.

You can block cookies in your browser settings. Blocking analytics cookies will not break this site.

6. Where your data goes

Some of the providers above (such as Google) are based outside the UK, so your data may leave the UK. When that happens, we make sure the transfer uses safeguards the UK government accepts: the UK's data transfer agreement, the EU's standard contractual clauses, or an "adequacy" decision.

7. How long we keep it

  • Enquiries that did not become jobs: while still useful, then deleted. Sooner if you ask.
  • Customer records and invoices: 6 years after the job ends, as required by UK tax law.
  • Website analytics: up to 14 months (the maximum Google Analytics allows).
  • Marketing list: until you unsubscribe.

8. Your rights

Under UK GDPR, you can ask us to:

  • Show you what we hold about you
  • Fix anything that is wrong
  • Delete it, where we are not legally required to keep it
  • Stop or limit how we use it
  • Hand it over in a portable file
  • Withdraw consent, where consent was the basis

Get in touch through our contact form and we will come back to you within a month.

If you would rather complain, you can contact the UK's Information Commissioner's Office (ICO) at ico.org.uk. We'd rather you let us fix it first.

9. Keeping your data safe

We protect your data with HTTPS encryption, password-protected accounts and trusted suppliers. No system online is 100% safe, but we take security seriously.

10. Changes to this policy

We may update this policy from time to time. The date below shows the latest version.

Last updated: 15 May 2026