How we handle your data.

Who we are

Proud Brands is a small partner-led agency based in Aylesbury, Buckinghamshire. We build websites, brand systems, and ongoing search and content programmes for a small number of long-term partners.

For the purposes of UK GDPR and the Data Protection Act 2018, Proud Brands is the data controller for any personal data submitted to this website (proudbrands.co.uk).

You can reach us at hello@proudbrands.co.uk or by post at the address listed at the foot of every page.

What we collect

We only collect personal data you give us directly, plus a small amount of technical information your browser shares with our hosting provider.

Information you give us

• Contact form: your name, email address, optional company name, and the message you send. Submitted via Gravity Forms and emailed to us.
• Discovery call booking: your name, email address, and any availability details you share. Handled through HubSpot Meetings.
• Email replies: any further detail you choose to include in the email thread once a conversation is open.

Information your browser shares

• Server logs: IP address, browser type, operating system, the page you requested, and the time of the request. Held by our hosting provider for security and diagnostics.
• Cookies: only if you accept them. See the cookie policy for the full list.

We do not collect special-category data (health, biometric, political, religious, sexual orientation, trade-union membership). Please don't send that information to us through any of our forms.

How we use it

• To reply to enquiries you send us.
• To run a discovery conversation if you ask for one.
• To perform a contracted engagement and send invoices.
• To keep a record of who we've worked with for our own commercial reference.
• To diagnose and prevent abuse of the website (security logs only).

We do not use your data for advertising. We do not sell your data. We do not share it with brokers, lead-generation services, or third-party marketing platforms.

Lawful basis

Under UK GDPR, every use of personal data needs a lawful basis. Ours are:

• Consent: when you actively send us a contact form or accept non-essential cookies.
• Contract: when we are scoping, delivering, or invoicing work for you.
• Legitimate interest: when we keep server-log information to protect the site from abuse, and when we keep records of completed projects for our own commercial history.
• Legal obligation: when accounting, tax, or regulatory rules require us to retain a record.

Who we share it with

We use a small set of third-party suppliers to run the website and our business. Each one acts as a data processor under contract.

• Hosting provider (Rocket.net): stores the website and its server logs.
• Cloudflare: edge security, bot protection, and CDN delivery. Receives the IP address of every request.
• Gravity Forms: powers the contact form. Submissions are emailed to us and also stored in the WordPress database for our own reference.
• HubSpot Meetings: handles discovery-call bookings on /contact/. Stores your name, email, and chosen time-slot.
• Google (Gmail): we send and receive email through Google Workspace. Conversations are stored in Gmail under sean@proudbrands.co.uk.
• Complianz: stores your cookie-consent record as a cookie on your own device.

Some of these providers are based outside the UK (notably the United States). They operate under UK adequacy decisions, EU Standard Contractual Clauses, or both. We rely on those legal mechanisms for any data that leaves the UK.

How long we keep it

• Contact form submissions: kept until you ask us to delete them, or 24 months after the conversation ends, whichever is sooner.
• Booking records: kept for 12 months after the call.
• Project records (active partners): kept for the duration of the engagement plus 7 years for accounting purposes.
• Email correspondence: kept indefinitely in Gmail unless you ask us to delete it.
• Server logs: rotated by the hosting provider after 30 days.

Your rights

Under UK GDPR you have the following rights over personal data we hold about you:

• Access: ask for a copy of what we hold.
• Rectification: ask us to correct anything that's wrong.
• Erasure: ask us to delete it, where we have no legal reason to keep it.
• Restriction: ask us to stop processing it while a question is resolved.
• Portability: ask for your data in a machine-readable format.
• Objection: object to processing based on our legitimate interest.
• Withdraw consent: at any time, for anything you previously consented to.

Email hello@proudbrands.co.uk and we'll respond within one working day. We do not charge for any of these requests.

If you think we've mishandled your data and we haven't resolved it, you can complain to the Information Commissioner's Office (ico.org.uk). We'd appreciate the chance to put it right first.

Cookies

A short summary lives in the cookie policy. The site loads no non-essential cookies until you accept them via the consent banner. Strictly necessary cookies (consent state, security session) load on every page.

See the cookie policy for the full list and how to manage them.

Children

This website is not directed at children. We don't knowingly collect personal data from anyone under 13. If you think a child has submitted information to us, write to hello@proudbrands.co.uk and we'll delete it.

Changes to this policy

We update this policy whenever the substance of how we handle data changes. Trivial fixes (typos, formatting) don't move the effective date. Material changes do, and we'll surface a note at the top of the page for at least 30 days.

Contact us

For anything privacy-related, email hello@proudbrands.co.uk. For general questions, the contact form on /contact/ is the fastest route.