Studio openStart a project →
Level44

Privacy policy

Last updated · 29 April 2026

How Level44 handles personal data, cookies, and analytics — written for humans, not lawyers.

Draft, not legal advice. This policy is a working starting point for a small UK studio site. Have a UK solicitor or a service like Termly review before launch — particularly if you start running newsletters or paid ads, or expand what the contact form collects.

This privacy policy explains what data Level44 collects when you use www.level44.co, why we collect it, who we share it with, and the rights you have over it under UK data protection law (UK GDPR and the Data Protection Act 2018).

Who we are

Level44 is a small design studio operating out of Belfast, Northern Ireland. Throughout this policy, "we", "us", and "our" refer to Level44.

The data controller for personal data collected via this site is Level44, Campsie House, Crumlin Road, Belfast. You can reach us at [email protected] or +44 (0) 28 9691 8442.

What we collect

Browsing the site is essentially anonymous. We collect data only in four specific situations:

  • You submit the contact form. The name, email, and project notes you enter are sent to [email protected] via our self-hosted email service. We keep the resulting message thread for as long as it's useful to the work.
  • You email or call us directly. Conversations on [email protected] or +44 (0) 28 9691 8442 are kept while the conversation is active and afterwards, in line with normal business practice.
  • You book a call. The "Book a call" button takes you to a Google Calendar appointment page. The booking is created and processed by Google; we receive the confirmation (your name, email, and any notes you added) so we can prepare for the call.
  • You accept the cookie banner. With your consent, we use Google Analytics to count visits and understand which pages are read. The data is anonymised and aggregated — we don't know who you personally are.

We do not collect data from children, and we don't use sensitive categories of data (health, biometric, political, religious, etc.) on this site.

Why we collect it

  • Contact form, direct messages, and bookings: to reply to you and, if appropriate, scope and deliver work. Lawful basis: legitimate interest, or performance of a contract once one is in place.
  • Analytics: to improve the site over time. Lawful basis: consent — refusing the cookie banner doesn't restrict any part of the site.

Cookies and similar storage

The site uses two pieces of browser storage:

  • Strictly necessary. A small entry in your browser's local storage called level44.consent.v1 that records whether you accepted or rejected the cookie banner, so we don't ask again on every page. This is set whether you accept or reject — without it the banner can't remember your choice.
  • Analytics (Google Analytics 4). Loaded only after you click Accept. Counts page views, session duration, and where traffic came from. Our Measurement ID is G-18V79E1P3T. If you reject, GA never loads at all.

You can change your mind at any time by clicking Cookie settings in the footer of any page — that re-opens the banner so you can switch your choice.

Who handles data on our behalf

We use a small number of suppliers to run the site:

  • Coolify and the underlying server provider — host the site itself. Like any web host, they receive every page request, which includes your IP address and browser user agent. Logs are kept short-term for security and debugging.
  • Sanity — content management. Sanity stores the content of the site (case studies, insights, settings) and serves images via its CDN. Reading public pages doesn't share personal data with Sanity beyond what any CDN sees on a request.
  • Usesend — our self-hosted transactional email service. Contact form submissions are routed through Usesend on its way to [email protected]. As Usesend runs on our own infrastructure, your message isn't shared with any external email provider.
  • Google — Workspace handles our email inbox; Google Analytics handles analytics (with your consent); Google Calendar handles call bookings if you choose to book one.

We don't sell your data, and we don't share it with advertisers.

How long we keep data

  • Contact form submissions, email, and phone conversations: kept while the conversation is active and for our records afterwards, in line with normal business practice.
  • Call bookings: kept on our calendar for the lifetime of the booking, then archived as part of normal calendar history.
  • Analytics: Google Analytics 4 default retention (currently 2 months for events; we don't extend it).

Your rights

Under UK GDPR you have the right to:

  • ask what personal data we hold about you,
  • correct inaccurate data,
  • ask us to delete your data,
  • object to or restrict how we use it,
  • ask for a copy of your data in a portable format,
  • withdraw consent for analytics at any time via Cookie settings in the footer.

To exercise any of these, email [email protected]. We'll respond within one calendar month.

If you're not satisfied with our response, you can complain to the Information Commissioner's Office (ico.org.uk) — the UK regulator for data protection.

Changes to this policy

We'll update this page when we change how we handle data. The "Last updated" date at the top reflects the most recent change.

Contact

Questions? Email [email protected] or call +44 (0) 28 9691 8442.