Last updated: December 2025

Priddey Marketing Limited is committed to protecting your personal information and being transparent about how it is used. This Privacy Policy explains how we collect, use and protect your personal data when you interact with us, including through our website www.priddeymarketing.co.uk.

We process your personal data in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

The data controller is:

Priddey Marketing Ltd
Boston House, Grove Business Park
Downsview Road, Wantage OX12 9FF
ICO Registration Number: ZA313053

1.     Information we collect

We collect information so we can provide our services, communicate effectively and run our business. The information we may collect includes:

Your name, job title and company information.
Your email address, phone number and business correspondence with us.
Information you provide during meetings, calls or events.
Information you submit through forms on our website, downloads or enquiries.
Information about how you use our website, including IP address, device type, pages viewed and referral sources.
Professional information that is publicly accessible, for example from LinkedIn or company websites.

We do not intentionally collect special category (sensitive) data.
We do not target or knowingly collect data from children.

2.     How we collect your information

We collect personal data when you:

Contact us by email, phone, social media or through our website.
Meet us at events, networking or business meetings.
Subscribe to updates, download resources or complete website forms.
Work with us as a client, supplier or partner.

We may receive information from trusted third parties such as business partners, analytics providers, suppliers or public sources.

We do not sell personal data.

3.     How we use your information

We use your personal information for the following purposes:

To respond to enquiries and deliver our services

This includes proposals, contracts, invoicing and day-to-day communication.
Lawful basis: performance of a contract or steps taken before entering a contract.

To maintain and develop client and business relationships

This includes networking, events, follow-ups and relevant business communication.
Our CRM system (Samai) provides clear unsubscribe options and automatically prevents communication with anyone who opts out.
Lawful basis: legitimate interests.

To improve our website and marketing

We use analytics to understand visitor behaviour and improve content.
Analytics cookies are only used with your consent.
Lawful basis: consent.

To meet legal and regulatory requirements

Including accounting, tax and responding to regulators.
Lawful basis: legal obligation.

Automated processing

We do not carry out automated decision-making that has legal or significant effects.
We do use simple automated email workflows in our CRM and marketing systems to improve communication and efficiency.

4.     Lawful basis summary

We process personal data under one or more of the following lawful bases:

Performance of a contract
Legitimate interests
Consent (analytics cookies)
Legal obligation

5.     Cookies

We use cookies to improve user experience and understand how visitors use our website.

Our site uses:

Essential cookies, required for the site to function.
Analytics cookies through Google Analytics 4, used only with your consent.

You can manage your cookie preferences at any time through our cookie banner.
For more information, see our Cookie Policy.

6.     How we protect your information

We take appropriate technical and organisational measures to protect your personal data. These include:

Multi-factor authentication on devices and systems.
Encrypted and password-protected data storage.
Fingerprint and facial recognition on approved devices.
Up-to-date antivirus and security monitoring.
Access limited to authorised staff and associates under confidentiality agreements.
Regular IT security and social engineering training to meet client and industry standards.
Documented procedures for responding to potential data breaches.

While no method of electronic transmission is entirely risk-free, we take reasonable steps to safeguard your information.

7.     Where your information is stored

Your data may be stored on secure cloud platforms including:

Microsoft 365 and OneDrive
Samai CRM
GoogleDrive
Dropbox

Zoom

These suppliers act as data processors and are required to meet UK GDPR standards.

Retention

We retain personal data only for as long as necessary.

Enquiries: up to 24 months.
Client records: up to 7 years to meet accounting and HMRC requirements.
Marketing contacts: up to 24 months without engagement.

8.     International data transfers

Some of our trusted suppliers may store or process data outside the UK. When this occurs, we use appropriate safeguards such as the ICO International Data Transfer Agreement (IDTA) or Standard Contractual Clauses to ensure your data receives equivalent protection.

We do not rely on consent for international transfers.

9.     Sharing your information

We may share your personal data with:

Specialist associates who support project delivery, including designers, digital specialists, copywriters, IT professionals and compliance advisers.
Trusted processors such as Microsoft, Samai CRM, GoogleDrive, Dropbox and Zoom.
Analytics providers for website performance improvements.

We only share what is necessary and only with parties who meet UK GDPR requirements.

Data may also be shared if required to comply with legal obligations or if the business is transferred in future.

We do not sell, rent or trade personal data.

10.  AI tools

We use trusted AI-assisted tools to support client delivery, improve quality and increase efficiency.
We use a paid version of ChatGPT with training disabled, so any client data entered is not used to train AI models.
Client information is only entered when necessary to support the work being carried out.
AI tools are used to support drafting and delivery, not to make decisions about individuals.
Clients can ask us not to use AI-assisted tools during their project. Where this is requested, delivery will be completed manually and the project fee or timeline may increase to reflect the additional time and resource required.

11.  Your rights

You have the following rights under UK GDPR:

Right to access your personal data.
Right to correct inaccurate data.
Right to request deletion of your data in certain circumstances.
Right to restrict processing.
Right to data portability.
Right to object to processing based on legitimate interests.
Right to withdraw consent (for analytics cookies).
Right to lodge a complaint with the Information Commissioner’s Office (ICO).

To exercise any of these rights, contact:

[email protected]

12.  Contact

For questions or requests about this policy:

The Data Protection Manager
Priddey Marketing Ltd
Boston House, Grove Business Park
Downsview Road, Wantage OX12 9FF
[email protected]

13.  Changes to this policy

We may update this Privacy Policy from time to time. The updated version will always be published on this page.