top of page

Privacy Policy

Arrel Marketing ("we," "us," or "our") is committed to protecting the privacy and security of your personal data. This policy explains how we collect, use, and process the personal data of our website visitors, business contacts, and clients, in compliance with the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

​

We collect and process several categories of personal data, each gathered from specific sources and handled under appropriate legal bases in accordance with the GDPR. The types of data we process include Identity Data, which we obtain through our contact form, email correspondence, and direct enquiries. This information is processed under our legitimate interest in responding to enquiries, as well as contractual necessity where you become a client. We also collect Contact Data from the same sources, processed for similar reasons—both legitimate interest and, where relevant, contractual necessity.

In addition, we gather Technical Data, such as analytics information from tools like Google Analytics. This is processed under our legitimate interest in improving our website’s performance and user experience. Marketing Data is collected only when individuals opt-in, and this category is processed on the basis of consent, for example when subscribing to a newsletter. Finally, we process Client Data, which we obtain through contracts and our discovery questionnaire. This information is essential for fulfilling our contractual obligations and delivering the services clients expect.

 

​How We Use Your Information

We use the personal data we collect for several key purposes:

  • Service Delivery: Your information enables us to meet our contractual commitments, including developing social media strategies, producing content, and preparing analytics reports for clients.

  • Responding to Enquiries: We use your data to manage, track, and answer enquiries submitted through our website’s contact form or sent directly via email.

  • Business Operations: Your information supports internal processes such as maintaining accurate records, managing billing, and nurturing our professional relationship with you.

  • Website Improvement: We analyse website usage patterns to refine and enhance the user experience, ensuring that the site remains functional, effective, and engaging.

​​

Who We Share Your Data With

We may share your data with trusted third-party service providers necessary to operate our business and deliver services. This includes:

  • Payment Processors: Quickbooks for securely processing client invoices and payments.

  • Website Hosting Provider: Wix.com for storing website data.

  • Analytics Providers: Google Analytics for tracking website performance and user behaviour.

  • Professional Advisers: Accountants, solicitors, when required for legal or financial compliance.

We only share the minimum amount of personal data necessary for them to perform their specific services and require all third parties to respect the security of your personal data and treat it in accordance with the law.

 

Data Security

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way. This includes:

  • Using secure, encrypted email communication.

  • Restricting access to client data files to essential personnel only.

  • Utilising password protection on all systems containing personal data.

 

International Transfers

We are based in the UK. Some of our external third parties (such as Google Analytics or certain cloud storage providers) may be based outside the UK and European Economic Area (EEA). Whenever we transfer your personal data out of the UK/EEA, we ensure a similar degree of protection is afforded by ensuring that legally compliant safeguards are implemented (e.g., using standard contractual clauses or relying on adequacy decisions).

 

Your Legal Rights (UK GDPR)

Under UK data protection law, you have specific rights concerning your personal data:

  • The Right to be Informed: To be informed about how your data is used (as provided by this policy).

  • The Right of Access: To request a copy of the data we hold about you.

  • The Right to Rectification: To request correction of any incomplete or inaccurate data we hold about you.

  • The Right to Erasure ('Right to be Forgotten'): To ask us to delete or remove personal data where there is no good reason for us to continue processing it.

  • The Right to Restrict Processing: To ask us to suspend the processing of your personal data.

  • The Right to Data Portability: To request the transfer of your personal data to another party.

  • The Right to Object: To object to the processing of your personal data where we are relying on a legitimate interest.

To exercise any of these rights, please contact us using the details provided in Section 1.

 

How to Complain

If you are not satisfied with our response or believe we are processing your personal data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.

ICO Contact Details: https://ico.org.uk/make-a-complaint/

 

Changes to this Privacy Policy

We may update this policy periodically. Any changes will be posted on this page with an updated "Effective Date."

bottom of page