Privacy Policy

Introduction
This Contently Digital privacy policy explains how we collect, use, and protect your personal data when you visit our website or interact with our services. It also sets out your rights under UK data protection law.
 
Contents
 

1. Important information and who we are

2. The data we collect about you

3. How your personal data is collected

4. How we use your personal data

5. Disclosures of your personal data

6. International transfers

7. Data security

8. Data retention

9. Your legal rights

10. Glossary

​

1. Important information

Purpose of this privacy policy
We care about your privacy and handle personal data lawfully and transparently. Read this policy with any other notices we provide at the point of data collection.
 
Children
Our website and services are not directed at children.
 
Controller
Contently Ltd (“Contently Digital”, “we”, “us”, “our”) is the controller of your personal data for this website and our services.
 
Contact details
 

• Legal entity: Contently Ltd

• Email: Hello@contentlydigital.co.uk

• Postal address: [Insert registered office address, UK]

• Company number: [Insert]

 
You can complain to the UK Information Commissioner’s Office (ICO) at ico.org.uk. Please contact us first so we can try to resolve your concern quickly.
 
Changes to this policy
We review this policy regularly. Last updated: 7 November 2025.
Keep your personal data with us up to date by notifying us of any changes.
 
Third-party links
Our site may link to third-party sites and tools. Their policies apply to their processing.

​

2. The data we collect about you
 
We may collect the following categories of data:
 

• Identity Data: first name, last name, title.

• Contact Data: email, phone, billing and delivery addresses.

• Financial Data: bank details, payment card details (processed via payment providers).

• Transaction Data: details about payments and services purchased.

• Technical Data: IP address, login data, browser type and version, time zone, plug-ins, operating system, device identifiers, and similar.

• Profile Data: account details, preferences, feedback, survey responses.

• Usage Data: information about how you use our website and services.

• Marketing & Communications Data: your preferences for receiving marketing.

 
We also create Aggregated Data (e.g., usage statistics). Aggregated data is not personal data unless it can identify you.
 
We do not intentionally collect Special Category Data or data about criminal convictions.
 
If you do not provide data
If required data is not provided, we may be unable to supply services.

3. How your personal data is collected
 

• Direct interactions: forms, email, phone, proposals, onboarding, contracts, support, surveys, events, and webinars.

• Automated technologies: cookies, pixels, and similar technologies record Technical and Usage Data. See our Cookie Policy.

• Third parties / public sources:

  • Analytics & advertising: Google Analytics/Ads.

  • CRM & marketing: HubSpot and/or Mailchimp (forms, email, sequences, lead management).

  • Payment & finance: Xero

  • File & productivity: Google Workspace / Microsoft 365.

  • Scheduling & events: Calendly / EventBrite & Meetup

  • Automation & databases: Airtable; Make  / n8n (workflow automation).

  • Video & voice (client projects): HeyGen, ElevenLabs, InVideo (processing only as instructed by clients).

  • Social & messaging (community comms): Slack, WhatsApp Business (for opted-in communications).

Opt-out options for Google services:

• Ads Settings: https://adssettings.google.com/authenticated

• Analytics Opt-out: https://tools.google.com/dlpage/gaoptout/

​

4. How we use your personal data

We only use personal data where allowed by law:
 

• To perform a contract with you.

• For our legitimate interests (balanced against your rights).

• To comply with a legal obligation.

• With your consent (e.g., certain marketing).

Recruitment (if you apply)
Identity, Contact, Profile, Technical
Legitimate interests (hire and assess candidates); Legal obligation
Marketing

• We may send marketing if you have requested information, purchased services, or explicitly opted in.

• You can opt out at any time via our emails or by contacting us.

• We obtain your express opt-in before sharing your data with third parties for their own marketing.

 
 Change of purpose
We use data only for the original purpose, unless a compatible purpose applies. For incompatible purposes, we will notify you and explain the legal basis.

​

5. Disclosures of your personal data
 
We share data with trusted recipients that support our business:
Recipient                                                          Activity
Google (Analytics/Ads, Workspace)           Analytics, advertising, docs         Marketing & productivity.  UK/EU/US (regional storage applies)
HubSpot and/or Mailchimp                            CRM, forms, email marketing       Sales & marketing                EU/US (regional options)
Xero                                                                          Invoicing and bookkeeping        Finance.                                    EU/US/NZ (regional options)
Microsoft 365                                                        Email and productivity                    Operations                               EU/US
Airtable                                                                    Data and project records              Operations                               EU/US

ChatGPT                                                                 Data and project records              Operations                               EU/US

Make / n8n                                                             Workflow automation                      Operation                                 EU/US
Calendly / event platforms                              Scheduling / registrations            Operations                               EU/US
HeyGen, ElevenLabs, InVideo (client work)  
                                                                                  AI video/voice processing under
                                                                                  client instructions                              Creative/production                EU/US
Professional advisers                                     Legal, banking, insurance, accounting  Professional services  UK
HMRC, regulators, authorities                    Regulatory reporting                         Public authority                         UK

We require processors to protect your data and act only on our instructions. if we sell or restructure our business, data may transfer to a new controller on the same terms.

 

 

6. International transfers
 
 Some providers are outside the UK. We use appropriate safeguards, such as:
 

• UK adequacy decisions, or

• UK International Data Transfer Addendum / Standard Contractual Clauses.

 
Contact us for details of the mechanism used for a given transfer.
 
7. Data security
 
We apply administrative, technical, and organisational measures to reduce the risk of unauthorised access, alteration, disclosure, or loss. Access is role-based and logged. We maintain an incident process and will notify you and relevant authorities when legally required.
 
8. Data retention
 
We keep personal data only as long as needed for the purposes set out above, including legal, tax, and accounting requirements.
 
Typical periods:
 

• Core customer records (Identity, Contact, Financial, Transaction): six years after the end of the customer relationship (tax requirement).

• Marketing contacts: until you opt out or your data becomes inactive for a reasonable period.

• Project files: for the duration of the engagement and an archival period aligned to limitation periods.

 
We may anonymise data for research and statistics.

 

9. Your legal rights
 
You have the right to:
 

• Access your personal data.

• Rectify inaccurate data.

• Erase data in certain circumstances.

• Object to processing based on legitimate interests and to direct marketing.

• Restrict processing in certain cases.

• Port data you provided to us where processing is automated and based on consent or contract.

• Withdraw consent at any time, without affecting prior processing.

 
To exercise rights, contact privacy@contentlydigital.co.uk.
We respond within one month. Complex requests may take longer; we will update you. We may request proof of identity. A reasonable fee may apply for manifestly unfounded or excessive requests.
 
Further guidance: ICO Individual Rights — https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
 
10. Glossary

Lawful bases
 

• Legitimate interests: running and improving our business in ways that do not override your rights.

• Contract: needed to perform a contract with you or to take steps at your request.

• Legal obligation: needed to comply with UK law.

• Consent: you have given clear consent for a specific purpose.

 
Third parties
 

• Processors: service providers acting on our instructions.

• Controllers: organisations that decide how and why data is processed.

​

Contact
For questions about this Contently Digital privacy policy or your data, email privacy@contentlydigital.co.uk.

​

​

​