Introduction
WebMOT is a website review and diagnostic service operated by GeekyBee Ltd (GeekyBee). GeekyBee provides the WebMOT service in accordance with its Terms and Conditions (“Terms”) and this Privacy Policy.
We are committed to protecting your privacy and handling personal data in an open, lawful, and responsible manner.
This Privacy Policy explains how we collect, use, store, and protect personal data when you use WebMOT, visit our website, create an account, purchase services, or otherwise interact with WebMOT and GeekyBee.
Definitions & Interpretation
For the purposes of this Privacy Policy:
GeekyBee, “we”, “us”, “our” - means GeekyBee Ltd (Company No. 12007302) trading as “WebMOT”.
WebMOT - means the WebMOT website review and diagnostic platform operated by GeekyBee Ltd.
“user”, “you”, “your” - means any individual or legal entity accessing, purchasing from, or using WebMOT.
personal data - means any information relating to an identified or identifiable individual, as defined under UK data protection law.
processing - means any operation performed on personal data, whether automated or not, including collection, storage, analysis, use, disclosure, or deletion.
Service - means the WebMOT platform and any related audits, reports, systems, tools, features, and outputs provided by GeekyBee Ltd.
Audit - means an automated and AI-assisted analysis of a submitted website or domain.
website data - means technical, structural, and content-related data collected from websites submitted to WebMOT, which may include personal data where such information appears on the scanned website.
AI-assisted processing - means the use of automated systems and artificial intelligence technologies to analyse data and generate insights, reports, and signals.
third-party providers - means external service providers engaged to support WebMOT’s infrastructure, communications, analytics, payments, or AI processing.
Who We Are
WebMOT is operated by:
GeekyBee Ltd (Company No. 12007302)
Registered in England and Wales at Anglo-Dal House, 5 Spring Villa Park, Edgware, Middlesex, United Kingdom, HA8 7EB
Website:
Contact:
We have a legal duty to protect personal information that we collect under applicable privacy legislation, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 (the “DPA”), as amended by the Data Use and Access Act 2025 (the “DUAA”), and the Privacy and Electronic Communications Regulations 2003 (PECR).
For the purposes of data protection law, GeekyBee Ltd is the Data Controller.
What Data We Collect
We may collect and process the following types of data:
Information you provide
Name
Email address
Company or business name
Website URL and domains submitted for scanning
Payment & billing information (processed via third-party payment providers – we do not store full card details)
Account details and access credentials (stored securely, including hashed or encrypted where applicable)
Support communications, including messages or enquiries
Website and audit-related data
When you use WebMOT, we collect and generate technical and analytical data about the website you submit, which may include:
Page content, structure and publicly accessible resources
Technical website data generated during scans
Audit results, scores, and reports
Metadata associated with audit runs (e.g. timestamps, crawl scope, system processing indicators (performance and accessibility))
SEO and technical signals
Publicly available website information
This data may sometimes contain personal data if the scanned website includes it.
Automatically collected data
IP address
Device and browser information
Pages visited and interaction data (Log files)
Timestamps and usage data
Cookies and similar technologies
This information is used to operate the Service, maintain security, monitor performance, and prevent misuse.
See our Cookie Policy for further details.
Sensitive and special category data
WebMOT is not designed to intentionally collect or process special category data (sometimes referred to as “sensitive personal data”), such as information relating to health, biometric data, political opinions, religious beliefs, sexual orientation, or trade union membership.
Because WebMOT analyses publicly accessible websites, such information may occasionally appear in scanned content. Where this occurs, it is processed only to the extent technically necessary to perform the audit and generate reports, in line with this Privacy Policy and data minimisation principles.
You must ensure you have the appropriate rights and lawful basis before submitting any website for analysis that may contain special category data.
How We Use Your Data
We use personal data for the following purposes:
To provide, operate, and maintain the WebMOT service
To run WebMOT audits, process website data, and generate reports and insights
To deliver PDF and web-based results and service-related communications
To process payments, manage transactions, and issue receipts or invoices
To create, administer, and secure user accounts
To provide customer support and respond to enquiries
To monitor, maintain, and improve system performance, reliability, accuracy, and security
To detect, prevent, and investigate fraud, abuse, and technical issues
To comply with applicable legal and regulatory obligations
To develop, test, and enhance WebMOT systems, including AI-assisted and automation features, in a controlled and privacy-aware manner
Where website scans incidentally contain personal or special category data, such data is processed only to the extent technically necessary to perform the audit and generate reports, in accordance with this Privacy Policy and data minimisation principles.
We do not sell personal data.
Legal Bases for Processing
Under the UK GDPR, we rely on the following lawful bases we rely on the following lawful bases to process personal data:
Contract - where processing is necessary to provide the WebMOT service, run audits, generate reports, manage accounts, and deliver purchased services
Legitimate interests – where processing is necessary to operate, secure, maintain, and improve WebMOT, including system monitoring, fraud prevention, service analytics, and development of platform and AI-assisted features, provided that such interests are not overridden by your rights and freedoms
Legal obligation – where processing is required to comply with applicable legal, regulatory, accounting, or tax obligations
Consent – where required for optional communications, such as marketing updates. You may withdraw your Consent at any time by contacting:
Where we rely on legitimate interests, these interests are assessed and balanced against your rights, freedoms, and reasonable expectations.
AI and Automated Processing
WebMOT uses automated systems and AI-assisted analysis to:
Scan websites and publicly accessible content
Identify, classify, and structure technical findings and content patterns
Generate reports, scores, and analytical insights
These systems analyse website data and system metrics in order to produce automated outputs. All results require human interpretation.
WebMOT does not carry out automated decision-making that produces legal effects or similarly significant impacts on individuals within the meaning of Article 22 of the UK GDPR.
AI-assisted outputs are analytical and informational in nature only. They do not constitute professional, legal, regulatory, financial, or compliance advice and must not be relied upon as such.
You remain solely responsible for how WebMOT outputs are interpreted and for any decisions or actions taken based on them.
Data Sharing and Third Parties
We may share limited personal data with carefully selected third-party service providers who support the operation and delivery of WebMOT, including:
Hosting and infrastructure providers
Payment processors
Email and communications services
Security and monitoring platforms
AI and automation service providers
Analytics and performance tools
All third parties are contractually required to protect the data they process and These providers act on our instructions and are contractually required to process data only for authorised purposes, maintain appropriate confidentiality, and implement suitable technical and organisational security measures.
We may also disclose information where required to do so by law, regulation, court order, or other lawful authority, or where necessary to protect our rights, users, or the integrity of the WebMOT service.
International Transfers
Some of our service providers may process personal data outside the United Kingdom.
Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place in accordance with UK data protection law, which may include:
Transfers to countries subject to UK adequacy regulations
The use of approved Standard Contractual Clauses or equivalent legal mechanisms
Data processing and confidentiality agreements with service providers
Ongoing vendor risk and compliance reviews
These measures are designed to ensure that personal data continues to be protected to a standard equivalent to that required under UK law.
How Long We Keep Data (Data Retention)
WebMOT is designed as a short-term technical audit service. We retain personal data only for as long as necessary to:
Provide WebMOT services, including re-scans
Maintain appropriate business and operational records
Comply with legal, tax, and regulatory obligations
Establish, exercise, or defend legal rights
Unless otherwise required by law:
audit results, reports, crawl data, and any related technical information generated through your use of WebMOT will be accessible within your WebMOT dashboard for a period of up to thirty (30) days from the date of the original Audit run;
during this period, you may view, export, and download reports and outputs made available through WebMOT.
For the avoidance of doubt, this retention period applies to all audit-related data, including submitted website URLs, domains, audit records, associated metadata, and other identifiers linked to the scan.
Where re-scans are performed within the 30-day period, the resulting data forms part of the same audit record and does not extend the original retention period unless explicitly stated otherwise.
After the expiry of the 30 day retention period:
access to audit data, reports, scan history and associated identifiers within the WebMOT dashboard will be permanently removed; and
audit-related data stored within WebMOT systems will be deleted as part of automated system management and data lifecycle processes.
You acknowledge that:
WebMOT is not intended to operate as a long-term data storage or archiving service.
You are responsible for downloading and securely storing any reports, data, or outputs you wish to retain before the expiry of the 30 day period.
Once deleted, audit data cannot be recovered.
You may request deletion of your account and associated personal data, (subject to legal retention obligations) by contacting
Your Data Protection Rights
Under UK data protection law, you have certain rights in relation to your personal data, including the right to:
Request access to your personal data
Request correction of inaccurate or incomplete data
Request deletion of your personal data (the “right to be forgotten”)
Request restriction of processing or object to certain processing activities
Request portability of personal data you have provided to us
Withdraw consent at any time, where processing is based on consent
These rights are subject to certain legal conditions and exemptions.
To exercise these rights, contact:
We aim to respond to legitimate requests without undue delay and in accordance with applicable legal timeframes.
You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) -
Data Security
We implement appropriate technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures include, but are not limited to:
Secure hosting and server infrastructure
Encrypted connections
Access controls and authentication mechanisms
System, application, and network security controls
Monitoring, logging, and threat detection
Regular updates, patching, and maintenance
While we take data security seriously and build WebMOT with security as a core design principle, no online system can be guaranteed to be completely secure. Use of the WebMOT service is therefore at your own risk.
Cookies
WebMOT uses cookies and similar technologies to:
Enable core website and service functionality
Analyse usage and interaction patterns
Monitor and improve performance and reliability
Support security and fraud prevention
Further information about how we use cookies, and how you can manage your preferences, is available in our Cookie Policy.
Children’s Data
WebMOT is a business-focused service and is not intended for use by individuals under the age of 18.
We do not knowingly collect personal data from children. If we become aware that personal data relating to a child has been collected, we will take reasonable steps to delete it without undue delay.
Governing Law
This Privacy Policy is governed by and interpreted in accordance with the laws of England and Wales, including applicable UK data protection legislation.
Where disputes arise in connection with this Privacy Policy, they shall be subject to the jurisdiction of the courts of England and Wales.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes to WebMOT, legal or regulatory requirements, or how we process personal data.
Where changes are made, the updated version will be published on our website and the “Last updated” date at the top of this policy will be revised.
Where required by law, we will take reasonable steps to notify users of material changes.
Contact Us
Questions about privacy, data protection, or this Privacy Policy can be directed to: GeekyBee Limited -