Privacy Policy
How Local Markers handles your data.
Last updated: 10 April 2026 · Local Markers, North Wales
1. Who we are
Local Markers is a Google Business Profile management service based in Rhyl, North Wales. We help trade businesses and other organisations improve their local visibility on Google Maps and Google Search.
For the purposes of UK GDPR, Local Markers is the data controller for personal information collected through this website and through the delivery of our services. You can contact us at hello@localmarkers.co.uk.
2. What data we collect
We collect two categories of personal data depending on your relationship with us.
2a — Website enquiries and audit requests
If you submit a contact form or free audit request on our website, we collect:
- Your name
- Your email address
- Your business name
- Your website URL
- Any notes or details you include in your message
2b — Client data
If you become a paying client, we collect and store the following as part of delivering our services:
- Contact details: business name, contact name, email address, phone number, website URL
- Communication preferences: your preferred method of contact (email, SMS, or WhatsApp)
- Billing information: your subscription status, payment history, and Stripe customer reference. We do not store your card details — these are held securely by Stripe (see Section 5)
- Google Business Profile data: performance metrics retrieved from your Google Business Profile via the Google Business Profile API, including search impressions, map impressions, calls, website clicks, direction requests, and booking clicks. This data is displayed in your client portal and used to generate monthly reports
- Audit data: the results of your 50-point GBP audit, including pass/fail scores, issue notes, and remediation records
- Portal activity: records of your logins, messages sent through the portal, documents you upload, and activity within the portal
- Correspondence: any messages exchanged through the client portal or by email
2c — Cookies and analytics
We use a small number of essential cookies to make this website and the client portal work — for example, to keep you signed in, protect forms against cross-site request forgery, and remember your cookie banner choice. These cookies do not track you across other websites.
We also use Google Analytics 4 to understand how visitors find and use the site, so that we can improve it. Google Analytics sets cookies (_ga, _ga_ZZZ7SC2VL8) and may process IP-derived data in anonymised form. We do not load Google Analytics or set its cookies until you explicitly click Accept analytics on our cookie banner. If you decline, or if your browser sends a Do Not Track signal, no analytics code is loaded at all.
We do not use advertising cookies, retargeting pixels, session replay, or any other cross-site tracking technology. A full list of every cookie and similar storage we use, along with a button to change your consent, is on our Cookies page.
3. Why we collect it and our lawful basis
| Purpose | Data used | Lawful basis |
|---|---|---|
| Responding to enquiries and audit requests | Name, email, business name, website | Legitimate interests |
| Delivering GBP optimisation and management services | All client data | Performance of a contract |
| Processing payments | Email, billing records (card data held by Stripe) | Performance of a contract |
| Providing access to the client portal | Email address (for magic link login), portal activity | Performance of a contract |
| Generating monthly performance reports | GBP performance data, audit data | Performance of a contract |
| Sending transactional emails (magic links, invoices, notifications) | Email address | Performance of a contract |
| Internal business record-keeping | All client data | Legitimate interests |
| Sending service-related communications | Email address | Legitimate interests |
We do not use your personal data for marketing purposes without your explicit consent. We do not send marketing emails.
4. How long we keep your data
Enquiries that do not convert to clients: We retain your information for up to 12 months in case you wish to follow up, after which it is deleted.
Active clients: We retain your data for the duration of the client relationship.
After cancellation: Your client portal data is retained for 30 days after your service end date to allow for any disputes or final reporting, after which it is permanently deleted. Billing records and invoices are retained for 7 years for legal and accounting purposes. General correspondence is retained for up to 2 years after the relationship ends.
GBP performance data: Data retrieved from your Google Business Profile via the API is stored in your client portal. On cancellation, this data is deleted along with the rest of your portal data within 30 days.
You can request deletion of your data at any time — see Section 7.
5. Who we share your data with
We do not sell, rent, or share your personal data with third parties for marketing purposes.
We use the following third-party services and processors to operate our business. Each processes data on our behalf and is required to handle it securely and in accordance with UK GDPR:
Stripe — payment processing. When you pay for our services, your payment is processed by Stripe, Inc. Stripe stores and processes your card details and payment information securely. We receive only a customer reference and payment status — we never see or store your full card details. Stripe's privacy policy is available at stripe.com/gb/privacy.
Brevo (formerly Sendinblue) — transactional email. We use Brevo to send service emails including magic link login links, invoice notifications, and portal notifications. Your email address is passed to Brevo for this purpose. Brevo's privacy policy is available at brevo.com/legal/privacypolicy.
Google LLC (Google Business Profile API) — to deliver our services, we access your Google Business Profile data via Google's API. This requires you to grant us Manager-level access to your profile. Applies to paying clients only. Google's privacy policy is available at policies.google.com/privacy.
Google LLC (Google Analytics 4) — website analytics. If you consent via our cookie banner, Google Analytics 4 collects anonymised usage statistics (page views, referrers, device type, approximate location derived from an anonymised IP) to help us improve the site. Google Analytics is not loaded if you decline or if your browser sends a Do Not Track signal. Google Analytics data is processed by Google LLC, which may transfer it outside the UK under the EU–US Data Privacy Framework and Standard Contractual Clauses. See our Cookies page for details and to change your choice.
Hetzner Online GmbH — web hosting. Our website and client portal are hosted on servers operated by Hetzner in the European Union. Your data is stored on these servers.
Cloudflare — DNS and content delivery. We use Cloudflare for website performance and security. Cloudflare may process request metadata (such as IP addresses) as part of its service. Cloudflare's privacy policy is available at cloudflare.com/privacypolicy.
We do not use any other advertising, retargeting, or cross-site tracking services.
6. Data security
We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:
- Encrypted connections (HTTPS) across the entire website and client portal
- Passwordless authentication via time-limited magic links — we do not store passwords
- Access controls limiting portal data to the relevant client only
- Secure server infrastructure hosted within the EU
No method of transmission or storage is completely secure. If you have concerns about a specific data security matter, please contact us at hello@localmarkers.co.uk.
7. Your rights
Under UK GDPR, you have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure — ask us to delete your data ("right to be forgotten")
- Restriction — ask us to limit how we use your data while a concern is resolved
- Objection — object to our processing where we rely on legitimate interests
- Portability — request your data in a structured, commonly used format
To exercise any of these rights, email us at hello@localmarkers.co.uk. We will acknowledge your request within 5 business days and respond in full within 30 days.
We will not charge a fee for reasonable requests. We may need to verify your identity before fulfilling a request.
8. International transfers
Our primary data processors (Stripe, Brevo, Google) may process data outside the UK and EEA. Where this occurs, appropriate safeguards are in place — typically Standard Contractual Clauses approved by the relevant data protection authority. You can request details of these safeguards by contacting us.
9. Complaints
If you have a concern about how we handle your personal data, please contact us first at hello@localmarkers.co.uk and we will do our best to resolve it promptly.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection supervisory authority:
- Website: ico.org.uk
- Helpline: 0303 123 1113
- Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
10. Changes to this policy
We may update this policy from time to time to reflect changes in our services or legal obligations. The "last updated" date at the top of this page will always reflect the current version. Where changes are material, we will notify active clients by email.
Local Markers · hello@localmarkers.co.uk · localmarkers.co.uk · Based in Rhyl, North Wales