Privacy Policy

Last updated: 13 January 2026

Gradatim LTD (“we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website (gradatim.co.uk), engage our services, or otherwise interact with us.

Gradatim LTD is a company registered in England and Wales under company number 16507573. Registered office: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom Email: info@gradatim.co.uk

We act as a data controller for most of the personal data we process. In some cases (e.g. when running advertising campaigns on your behalf), we may act as a data processor.

By using our website or services, you consent to the practices described in this policy.

1. What Personal Data We Collect

We may collect the following types of personal data:

From website visitors / contact form users:

  • Name
  • Email address
  • Phone number (optional)
  • Any message or information you send us
  • IP address, browser type, device information, pages visited, time/date of visit (via cookies/analytics)

From clients / prospective clients:

  • Full name
  • Business name / trading name
  • Email and phone number
  • Business address (if provided)
  • Payment details (processed securely by Stripe or bank transfer – we do not store card details)
  • Social media profiles / website URLs
  • Any documents or information you provide (e.g. branding guidelines, target audience details, existing marketing data)

From marketing campaigns we run on your behalf:

  • We may process data about your end-customers / leads (e.g. names, emails, LinkedIn profiles) only as your processor and under your instructions.

2. How We Collect Personal Data

  • Directly from you (contact form, email, phone, proposals, onboarding)
  • Automatically via website (cookies, server logs, analytics tools)
  • From third parties (e.g. payment providers like Stripe, advertising platforms like Google/Meta/LinkedIn)

3. How We Use Your Personal Data

We use personal data only for the following purposes:

  • To provide our marketing, branding and lead generation services
  • To communicate with you (proposals, invoices, updates, support)
  • To process payments and manage our business relationship
  • To comply with legal obligations (e.g. tax, accounting, anti-money laundering)
  • To improve our website and services (analytics – anonymised where possible)
  • To send occasional marketing emails (only if you have opted in or are an existing client)

We never sell your personal data.

4. Lawful Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Contract – to perform our services and fulfil our agreement with you
  • Legitimate interests – running our business, improving services, direct marketing to existing clients (you can opt out anytime)
  • Legal obligation – tax, accounting, fraud prevention
  • Consent – for non-essential marketing emails or certain cookies (you can withdraw consent anytime)

5. Sharing Your Personal Data

We share data only when necessary:

  • With service providers (processors) under strict contracts:
    • Email providers (e.g. Google Workspace, Mailchimp)
    • Payment processors (Stripe)
    • Advertising platforms (Google Ads, Meta, LinkedIn)
    • Analytics tools (Google Analytics – anonymised IP)
    • Cloud storage / project management tools (if used)
  • With professional advisers (accountants, lawyers)
  • If required by law, court order, or regulatory authority

All third parties are based in the UK/EEA or covered by UK adequacy decisions / standard contractual clauses.

6. International Transfers

Some of our processors (e.g. Google, Meta) are based outside the UK/EEA. Where this happens, we use UK-approved safeguards (e.g. International Data Transfer Agreement or Standard Contractual Clauses).

7. Data Retention

We keep personal data only as long as necessary:

  • Client data: 6 years after last engagement (for tax/legal purposes)
  • Website contact form enquiries: 12 months (unless you become a client)
  • Marketing emails list: until you unsubscribe
  • Analytics data: anonymised and retained per tool policy (usually 14–26 months)

8. Your Rights

Under UK GDPR you have the right to:

  • Access your data
  • Correct inaccurate data
  • Erase data (in certain circumstances)
  • Restrict processing
  • Object to processing (including direct marketing)
  • Data portability
  • Not be subject to automated decisions

To exercise any right, email info@gradatim.co.uk. We will respond within one month (free of charge, unless requests are excessive).

You can also complain to the Information Commissioner’s Office (ico.org.uk).

9. Cookies & Similar Technologies

Our website uses cookies and similar technologies. See our separate Cookie Policy [link to your Cookie Policy page] for details.

10. Security

We use reasonable technical and organisational measures to protect personal data (e.g. encryption, access controls, regular updates). However, no system is 100% secure.

11. Changes to This Policy

We may update this policy. Changes will be posted here with an updated date. Significant changes may be notified by email or website notice.

12. Contact Us

For any privacy questions: Email: info@gradatim.co.uk Write to: Gradatim LTD, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ