Privacy Policy

This privacy policy explains the personal data we may collect about you when you interact with us. It also explains how we store and handle that data, safeguard it and how we use it. This policy may be updated occasionally. We will notify you of any significant changes, but this page will always show the current version of our policy. This policy was last updated on 04 January 2023.

Who are Thinkology?

We are a creative marketing agency based in the UK.
Registered Office: 34-36 Fore Street, Bovey Tracey, Newton Abbot, Devon, TQ13 9AD
Registered in England No:.5539025

Throughout this policy, ‘we’ and ‘us’ means Thinkology Limited.

Why we process your data

When we collect your personal data, we’ll always make clear to you which data is necessary in connection with a particular service that we discussing with you or providing to you. Article 6 of the GDPR sets out a number of different reasons a company may collect and process your personal data, including:

Consent: We collect and process your data with your consent e.g when you subscribe to receive our newsletter.

Contract: We will need your personal data to comply with our contractual obligations. For example, if we are working on a branding project for you, crafting a marketing strategy, designing and hosting a website or any of our other services.

Legal obligation: If the law requires us to, we may need to collect and process your data. For example, we must and will pass on details to relevant law enforcement agencies of people we believe may be involved in fraud or other criminal activity.

Legitimate interests: We may use your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. We use tools like Google Analytics to combine anonymous data that we use to develop new services and ensure that our existing services can be delivered safely and efficiently. We may use your address details to send you direct marketing information by email or post, telling you about products and services that we think might interest you.

In the UK the supervisory authority for data protection is the Information Commissioner’s Office (ICO). We are registered with the Information Commissioner’s Office under registration number ZA499447.

When and how do we collect your data?

Personnel data may be collected in a number of circumstances, such as:

Visiting our website

• When we meet with you
• When you attend an event we have organised for ourselves or for a client
• Requesting a proposal from us or a response to a tender or RFQ
• When you engage us to perform a service
• If you communicate or otherwise engage with us via social media
• Contacting us by any means with requests for information or any other purpose
• Participating in any questionnaires, polls or surveys to which we invite you
• When a third party with whom you have given permission to share your data with us makes that data available to us or where your information is made public as a matter of law.

What data do we collect?

Depending on the nature of our relationship with you, we may collect information in different ways, both identifiable information and anonymous information.

Identifiable information:

• If you complete a contact form, we will use the data you give us to respond to you
• If you subscribe to receive a newsletter we will collect your name and email address
• If you interact with us via social media, we may use your contact details to allow us to respond to you
• During any meeting or contractual discussion, either face to face or using any communications media we may collect notes in order to manage your requests and our business processes required to fulfil the meeting or contractual aim. We may store copies of documents you provide which may include data such as your full name, address, date of birth and portrait image.

Anonymous information:

• When you visit a website, we may collect anonymous analytical data to optimise the user experience and is not identifiably associated with you as an individual
• Our website hosting infrastructure generates log files of the activities that occur throughout the systems. These are used to monitor performance and security and to enable our engineers to trace bugs and faults. None of this data is identifiable to you and is regularly deleted on a cyclical basis.

How and why do we use personal data?

We may use your personal data for any of the following reasons:

In order to respond to any request you have made of us and to ensure that we have a robust record of how we have communicated with you over time. We do this predominantly to ensure that we provide you with the best possible service, but we may also do it to meet legal and contractual obligations, particularly those arising from any contracts that we have entered into with you.

In order to communicate relevant information to you regarding our services, processes and our company in general. In order to comply with our legal obligations, we will send you information required by law in which case such communications will not contain any marketing or promotional content.

As part of our legitimate interest and to comply with our contractual and legal obligations we will also use your data to protect us and you from any fraud or illegal activities and will share data with relevant law enforcement organisations when requested to do so.

If we ask you to participate in a questionnaire, poll or survey, we may use any data you provide in order to produce relevant results for analysis as part of our legitimate business interest.

How do we protect your data?

We process and store all data with care and take appropriate steps to protect it at all times. We have a robust information security policy in place and monitor our systems continually for vulnerabilities, attacks or unauthorised access. Our hosting services are provided in Tier 3 data centres in the UK only and have extremely limited physical access.

In the UK the supervisory authority for data protection is the Information Commissioner’s Office (ICO). We are registered with the Information Commissioner’s Office under registration number ZA499447.

How long will we keep your data?

We will keep your data for as long as is necessary to fulfil the purpose for which it was collected, to meet our legal obligations or until you ask us to delete it. Once the legitimate business interest has been terminated we will either delete your data completely or we may anonymise it by aggregating with other data in a non-identifiable manner to assist with analysis for our legitimate business interests.

With whom do we share your data?

We may share the smallest amount of your data with selected third parties with whom we contract to deliver services to you, such as:

• Delivery organisations
• Communication providers
• Organisations that support our own business systems
• Companies who provide or support our business systems.

Any data shared with third parties is strictly limited and only when the third party can assure and ensure the following:

• That the data is only used for the exact purposes specified by our contract with them
• That the data retains privacy and is kept securely
• That any data is deleted once their provision of service to us is terminated
• That the provider undertakes that data is only processed under the terms of the GDPR legislation currently in force on the date of this policy.

We may disclose your data if we or all of our assets are acquired by a third party as the data we hold will be considered as a transferable asset. If we under a legal obligation in order to protect against fraud or credit risk, or apply our terms of use, or to protect the rights, property, or safety of Thinkology, its staff, customers, or others we may disclose data.

Where do we process your data?

We maintain all of our data in the UK and if you are outside the UK borders we will transfer your data into the UK. Bearing in mind a potential broadening of commercial activities as a result of Brexit, we may need to share your data with third parties and suppliers outside the UK. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this policy.

What rights do you have regarding your data?

We never forget that this data is yours and that you have shared it with us to meet a specific need. Accordingly, you have the right to request the following at any time:

• That we correct any data we hold that is incorrect or incomplete
• That we stop using your data to send marketing messages, by one or more channels
• That when you withdraw consent we will stop any consent-based activities
• A copy of the data that we hold about you.

To make any of the above requests please email us at [email protected]. In order to ensure and maintain the confidentiality of your data, we will require you to verify your identity before proceeding with any request you make under this policy. Should you choose to ask a third party to make the request on your behalf, we will require them to prove they have your authority to act for you in this regard.

Concerns and complaints

If you think that your data has been handled incorrectly, or you are dissatisfied with our response to any requests you have made to us regarding the use of your data, you have the right to make a complaint with the Information Commissioner’s Office at the following website: www.ico.org.uk/concerns

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

Any questions?

If you have any questions at all relating to this policy, please contact us at: [email protected] and mark your subject as "Privacy".