Summary: We only collect information we genuinely need to run our business. We never sell your data. You have full rights over your personal information and can contact us at any time to exercise them.
1. Who We Are
LetsBrand Ltd ("we", "us", "our") is a graphic design and creative agency registered in England and Wales. We operate the website at letsbrandltd.co.uk and deliver creative services including branding, campaign development, social media design, event design, wedding stationery, packaging, print, pitch decks, content creation, digital advertising, and related services.
For the purposes of UK data protection law, LetsBrand Ltd is the data controller responsible for your personal data.
| Detail | Information |
|---|---|
| Company | LetsBrand Ltd |
| Country | England, United Kingdom |
| letsbrandltd@gmail.com | |
| Website | letsbrandltd.co.uk |
2. Data We Collect
We may collect and process the following categories of personal data:
2.1 Identity & Contact Data
- Full name
- Email address
- Phone number (including WhatsApp)
- Company or organisation name
- Job title or role
- Postal address (where required for print or delivery projects)
2.2 Project & Enquiry Data
- Details of the services you enquire about or commission
- Project briefs, reference materials, and creative assets you share with us
- Budget range and project deadlines
- Correspondence by email, WhatsApp, or any other channel
2.3 Financial Data
- Invoice details and payment records (we do not store card numbers — all card payments are processed by our third-party payment provider)
- Billing address
2.4 Technical & Usage Data
- IP address and approximate location
- Browser type and version
- Operating system
- Pages visited, time on site, referring URL
- Device type and screen resolution
2.5 Marketing & Communications Data
- Your preferences for receiving marketing emails from us
- Records of newsletter sign-ups
We do not collect any Special Category data (e.g. health information, racial or ethnic origin, political opinions, religious beliefs, biometric data) and we ask that you do not send us any such information.
3. How We Collect Your Data
3.1 Directly from you
- When you complete the contact or enquiry form on our website
- When you email us or message us via WhatsApp
- When you sign up for our newsletter
- When you enter into a contract with us for services
- When you provide materials or feedback during a project
3.2 Automatically
- Through cookies and similar tracking technologies when you visit our website (see Section 10)
- Through analytics tools that record how visitors interact with our site
3.3 From third parties
- Referrals from existing clients
- Publicly available business information (e.g. LinkedIn, Companies House)
4. Legal Basis for Processing
We only process your personal data where we have a lawful basis to do so under UK GDPR Article 6. The bases we rely on are:
| Legal Basis | When We Rely On It |
|---|---|
| Contract (Art. 6(1)(b)) | Processing necessary to perform or enter into a contract with you — e.g. delivering design services, sending invoices. |
| Legitimate Interests (Art. 6(1)(f)) | Sending service-related follow-up emails, maintaining business records, preventing fraud, securing our website, and improving our services — where your interests do not override ours. |
| Consent (Art. 6(1)(a)) | Sending marketing emails and newsletters — you may withdraw consent at any time. |
| Legal Obligation (Art. 6(1)(c)) | Retaining financial and tax records as required by HMRC and applicable UK law. |
5. How We Use Your Data
We use the personal data we collect to:
- Respond to your enquiries and provide quotations
- Deliver the design and creative services you commission
- Communicate with you throughout a project
- Send invoices and process payments
- Maintain accounts and financial records
- Send project updates, revisions, and deliverables
- Send marketing communications (newsletter, offers, portfolio updates) — only with your consent
- Improve and administer our website
- Prevent and detect fraud or misuse of our services
- Comply with legal obligations
We will never sell, rent, or trade your personal data to third parties for their own marketing purposes.
6. Who We Share Your Data With
We may share your data with the following categories of third parties, all of whom act as data processors under our instruction and are bound by appropriate contractual safeguards:
| Recipient | Purpose |
|---|---|
| Email service providers (e.g. Google Workspace, Gmail) |
Sending and receiving project communications and enquiries |
| Cloud storage (e.g. Google Drive, Dropbox) |
Storing and sharing project files and deliverables |
| Project management tools (e.g. Notion, Trello) |
Managing project workflows and timelines |
| Payment processors (e.g. Stripe, PayPal) |
Processing client invoices and payments securely |
| Website analytics (e.g. Google Analytics) |
Understanding how visitors use our website |
| Web hosting & CDN | Hosting our website and serving content globally |
| Accounting software (e.g. Xero, QuickBooks) |
Financial record-keeping and tax compliance |
| Print & fulfilment suppliers | Delivering physical products (print, packaging, merchandise) — name and address only, where applicable |
| Legal or regulatory authorities | Where required by law, court order, or to protect our legal rights |
We do not share your data with any other third parties without your explicit consent unless required to do so by law.
7. International Data Transfers
Some of our third-party service providers operate outside the United Kingdom (for example, servers located in the United States or European Economic Area). Where we transfer your personal data outside the UK, we ensure an equivalent level of protection applies by relying on:
- UK adequacy regulations (transfers to countries deemed adequate by the UK Secretary of State)
- International Data Transfer Agreements (IDTAs) or UK Addenda to EU Standard Contractual Clauses
- Binding corporate rules or other legally approved safeguards
You may contact us to obtain further information about the specific mechanism used for any particular transfer.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Our standard retention periods are:
| Data Type | Retention Period |
|---|---|
| Client project files and correspondence | 7 years from project completion (HMRC / tax compliance) |
| Financial and invoice records | 7 years (Companies Act / HMRC requirements) |
| Enquiry / contact form submissions (no project) | 12 months from last contact |
| Marketing consent records | Until you withdraw consent, then deleted within 30 days |
| Website analytics data | 14 months (Google Analytics default; anonymised) |
| Security logs (IP addresses) | 90 days |
When retention periods expire, data is securely deleted or anonymised. You may request early deletion — see Section 9.
9. Your Rights
Under the UK GDPR and the Data Protection Act 2018, you have the following rights in relation to your personal data:
To exercise any of these rights, contact us at letsbrandltd@gmail.com. We will respond within one calendar month (extendable by a further two months for complex requests, with notice). There is no charge for most requests; however, we may charge a reasonable fee or decline manifestly unfounded or excessive requests.
You will not be subject to discrimination for exercising your rights.
10. Cookies
Our website uses cookies — small text files stored on your device. We use the following types:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for the website to function (e.g. theme preference stored in localStorage) |
Persistent (local) |
| Analytics | Understanding visitor behaviour via Google Analytics (anonymised IP) | Up to 14 months |
| Preference | Remembering your dark/light mode selection | Persistent (local) |
We do not use advertising or tracking cookies for third-party marketing. Analytics cookies are only placed where permitted. You can control cookies through your browser settings or via a cookie consent manager. Disabling analytics cookies will not affect your use of the website.
For more information about managing cookies, visit aboutcookies.org.
11. Children's Privacy
Our website and services are directed at businesses and individuals aged 18 years or older. We do not knowingly collect personal data from children under the age of 13. If you believe we have inadvertently collected data from a child, please contact us immediately and we will delete it promptly.
Where we provide wedding or event design services commissioned by a parent or guardian on behalf of a minor, we process only the minimum data necessary for service delivery.
12. Third-Party Links
Our website may contain links to third-party websites, social media platforms (Instagram, LinkedIn, Behance, TikTok), and service providers. These sites have their own privacy policies, and we are not responsible for their content or practices. We encourage you to review the privacy policy of any third-party site you visit.
Clicking a WhatsApp link will open WhatsApp's platform, which is governed by Meta's Privacy Policy. Our use of WhatsApp for business communication is limited to direct client enquiries and project correspondence.
13. Security
We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. These measures include:
- HTTPS encryption on our website
- Password-protected and access-controlled cloud storage
- Limited internal access to personal data on a need-to-know basis
- Regular review of our data handling practices
Despite our best efforts, no data transmission over the internet or electronic storage system can be guaranteed as completely secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately.
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) within 72 hours of becoming aware, and we will notify affected individuals without undue delay where required.
14. Policy Changes
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
Your continued use of our website or services after any changes constitutes your acknowledgement of the updated policy. Where required by law, we will seek fresh consent.
15. Contact & Complaints
If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal data, please contact us:
LetsBrand Ltd — Data Enquiries
📧 letsbrandltd@gmail.com
📱 WhatsApp: +44 7308 085561
🌐 letsbrandltd.co.uk
You also have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office (ICO), if you believe we have not handled your personal data in accordance with the law:
Information Commissioner's Office (ICO)
🌐 ico.org.uk
📞 0303 123 1113
📬 Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance.
This Privacy Policy was drafted for LetsBrand Ltd and is intended to comply with the UK General Data Protection Regulation (UK GDPR) as it forms part of domestic law by virtue of the European Union (Withdrawal) Act 2018, and the Data Protection Act 2018. It does not constitute legal advice. LetsBrand Ltd recommends seeking independent legal counsel for specific compliance questions.