Last updated: 29 June 2026
1. Who we are
Norbit.Online Development (“Norbit”, “we”, “us”) operates norbit.online and related services (websites, Discord bots, hosting). For data protection queries, contact contact@norbit.online.
2. What data we collect
Contact form
When you submit our contact form, we receive: first name, last name, email address, service interest, budget range, and your message. A hidden honeypot field is used for spam protection and should remain empty.
Server and visit logs
When you browse our public website, our servers automatically record technical data such as: pages viewed, date and time, IP address, browser type, device type, operating system, referring URL, and approximate location (country/region/city) derived from the IP address. This helps us operate, secure, and improve the site.
Email and Discord
If you email us or interact via Discord, we process the information you choose to send (name, email, message content, Discord username where applicable).
Outreach email
We sometimes contact organisations (for example registered charities or businesses) by email about our website and related services. We may use contact details from public registers, your website, or other publicly available sources. We do not send outreach email to addresses on our do-not-contact list.
Email unsubscribe (opt-out)
When you use our unsubscribe page, we record your email address, the date of the request, and basic technical data (such as IP address) to prevent abuse of the form. We use this to stop further outreach to that address and to keep a suppression record so we do not contact you again by mistake.
Concept demo removal requests
If you ask us to remove an unofficial concept demo site, we use your contact details only to process that request. See our Terms.
3. How we use your data
- To respond to enquiries and provide quotes or support
- To send occasional outreach about our services where permitted (we stop as soon as you opt out)
- To operate, secure, and improve our website and services
- To understand how visitors use our site (aggregated visit statistics)
- To comply with legal obligations
4. Lawful bases (UK GDPR)
- Contract / pre-contract — responding to your project enquiry
- Legitimate interests — site security, basic analytics, fraud prevention, improving our services, and limited B2B or charity outreach using publicly available contact details (balanced against your rights; you can object at any time)
- Consent — where we rely on optional cookies or similar technologies (see Cookie Policy)
5. Who we share data with
- Discord — contact form submissions are delivered to our team channel via Discord’s webhook service
- Hosting providers — our website and databases run on infrastructure we control or contract (UK/EU where possible)
- CDN providers — fonts and icons may be loaded from third-party CDNs (see Cookie Policy)
We do not sell your personal data.
6. How long we keep data
- Contact enquiries — typically up to 24 months unless a client relationship continues
- Email opt-out / do-not-contact records — kept for as long as needed to honour your request (including after you stop being a prospect or client, so we do not email you again by mistake)
- Visit logs — typically up to 12 months, then deleted or aggregated
- Client project data — for the life of the project and as required for accounting or legal purposes
7. Your rights
Under UK data protection law you may have the right to access, rectify, erase, restrict, object to processing, and data portability (where applicable). You may also withdraw consent for optional cookies at any time.
Direct marketing: you can object to outreach email from us at any time — use our unsubscribe page or email contact@norbit.online. We will stop outreach to that address without needing a reason.
To exercise your other rights, email contact@norbit.online. You may complain to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your data.
8. Security
We use reasonable technical and organisational measures to protect personal data. No method of transmission over the internet is 100% secure.
9. Children
Our services are aimed at businesses and adults. We do not knowingly collect data from children under 16.
10. Changes
We may update this policy from time to time. The “last updated” date at the top will change when we do.