PRIVACY POLICY

Privacy Policy

Chic Digital Ltd
Last Updated: May 2025

  1. Who We Are

Chic Digital Ltd (“we”, “us”, or “our”) is a data and marketing services provider registered in England and Wales. We specialise in GDPR-compliant data supply, analytics, and managed marketing services for business clients.

  • Company Number: 13546270
  • ICO Registration Number: ZB733543
  • Registered Office: Athena House, 612 – 616 Wimborne Road, Bournemouth, England, BH9 2EN
  • General Enquiries: letstalk@chicdigital.co.uk
  • Data Protection Contact: frankie@chicdigital.co.uk

We are registered with the Information Commissioner’s Office (ICO) and comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations 2003 (PECR).

  1. What This Policy Covers

This Privacy Policy explains:

  • What personal data we process
  • How we collect and use data
  • Your rights under UK data protection laws
  • How we protect your data
  • The systems and tools we use
  • Who we may share information with
  1. The Personal Data We Process

Depending on your interaction with us, we may process:

  • Full name
  • Email address
  • Postal address
  • Telephone number
  • IP address, device, browser, and interaction data
  • Preferences and marketing responses
  • Employment or company information (for B2B records)

We only process personal data as part of the services we provide to our clients. Chic acts as a data processor under client instruction, not as a data controller for marketing records.

  1. How We Collect Data

We collect and process data through the following means:

  • Direct interactions – when users submit an enquiry, complete a form, or engage with us directly
  • From our clients – we process data under written agreement and lawful instruction
  • Via secure platforms – we use tools such as Microsoft 365 and Zoho to receive, store, and manage data in line with compliance standards

We do not collect personal data from affiliate networks or external marketing platforms.

  1. Why We Process Your Data

We process personal data only to:

  • Deliver services as instructed by our clients
  • Analyse data or build audiences for client campaigns
  • Assist in campaign delivery, fulfilment, and suppression
  • Maintain accurate processing records for audit and compliance
  • Respond to legal or regulatory obligations where applicable (e.g. ICO requests)

Chic Digital acts solely as a data processor. We do not determine the purpose of marketing campaigns, nor do we retain or reuse client data outside of contractual obligations.

  1. Lawful Basis for Processing

Our processing is governed by:

  • Contractual obligation – processing data solely to deliver services to our clients
  • Legal obligation – for record-keeping, financial, and regulatory purposes
  • Legitimate interest – where we process B2B contact details for business development, or where our clients have engaged us to do so under their own legitimate interest assessments

We rely on our clients to ensure that all data provided to us has been collected lawfully and with an appropriate legal basis.

  1. Who We Share Data With

We may share data, strictly as needed, with:

  • Clients who provide the data or instruct its use
  • Trusted sub-processors (e.g. Microsoft, Zoho) who provide secure cloud and communications infrastructure
  • Legal or regulatory authorities, only where required by law

We do not sell or trade personal data under any circumstances.

  1. Marketing and Your Rights

Chic Digital does not conduct consumer marketing under its own name. If you have received marketing and believe your data originated via Chic, it is likely one of our clients licensed the data through us.

If Chic has processed your data on behalf of a client, we will forward your request to the appropriate data controller and assist them as required under data protection law.

  1. Live Chat (Tidio)

We use Tidio to provide real-time website chat support. Tidio may collect personal information such as your name, email address, and message history. This data is stored securely and used only to respond to your queries or support needs.

You can view Tidio’s privacy policy at: https://www.tidio.com/privacy-policy/

  1. International Data Transfers

We do not transfer data internationally ourselves. However, some of the software services we use – including Microsoft 365 and Zoho – may use servers located outside the UK or EEA as part of their cloud infrastructure.

Where this occurs, those providers implement appropriate safeguards such as Standard Contractual Clauses or operate under approved UK adequacy decisions, to ensure your data remains protected to UK standards.

  1. Data Retention

As a data processor, Chic Digital does not determine data retention periods for marketing records.

We:

  • Process and store data only as long as required to deliver services
  • Securely delete or return data to clients following completion of projects or upon written request
  • Retain internal business records (e.g. invoices, contracts) in line with statutory requirements (typically 6–7 years for financial and legal documents)
  1. Data Security

We use secure, industry-standard systems to protect the data we process. These include:

  • Microsoft 365 Business Premium and Microsoft Defender
  • Data encryption in transit and at rest, managed by Microsoft’s infrastructure
  • Multi-factor authentication (MFA) for all staff accounts
  • Role-based access controls to ensure data is only accessible to those who need it
  • Protected document sharing and secure email handling
  • Endpoint protection and threat detection via Microsoft Defender
  • Ongoing review of user access, activity logs, and permissions

We are committed to maintaining the security and confidentiality of data processed on behalf of our clients.

  1. Your Rights

Under UK data protection law, you have the right to:

  • Access your personal data
  • Correct inaccurate or outdated information
  • Request erasure (right to be forgotten)
  • Restrict or object to processing
  • Request data portability
  • Withdraw consent (if applicable)
  • Lodge a complaint with the ICO

To exercise any of these rights or raise a concern, email: frankie@chicdigital.co.uk

  1. Cookies

Our website uses cookies and similar technologies to:

  • Enable essential website functions
  • Understand user interaction and improve performance
  • Support tools like our live chat (Tidio)

You can manage cookie preferences through your browser settings or by interacting with our cookie banner when visiting the site.

For full details, please see our Cookie Policy.

  1. Changes to This Policy

We may update this policy occasionally to reflect legal or operational changes. The latest version will always be published on our website. We encourage you to review it periodically.

Last updated: May 2025