Privacy Policy.

01

Who We Are

Arch 35 Marketing Ltd is a digital marketing agency based in Aberdeen, Scotland. We are the data controller for any personal data collected via this website or in connection with our services.

Registered name: Arch 35 Marketing Ltd
Company number: SC512478
Registered office: 35 South College Street, Aberdeen, Scotland, AB11 6LE
Email: enquiries@arch35.com
Telephone: 01224 054396

If you have any questions about how we handle your data, please get in touch using the contact details above.

02

What Data We Collect

We only collect data that is necessary for a legitimate business purpose. Depending on how you interact with us, this may include:

Information you give us directly

• Your name and contact details (email address, telephone number)
• Your business name and website URL
• Any information you include in enquiry forms, emails, or calls
• Billing information where applicable (processed securely via third-party payment providers)

Information collected automatically

• IP address and browser type
• Pages visited and time spent on the site
• Referral source (how you found our website)
• Device type and operating system

This data is collected via cookies and analytics tools (see Section 7 below).

Information from third parties

• Publicly available business information (e.g. from LinkedIn or Companies House) where we are carrying out research as part of a legitimate business development activity

We do not collect or process any special category data (such as health information, racial or ethnic origin, or political opinions) unless you have provided it voluntarily and we have your explicit consent to do so.

03

Our Legal Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following:

Where we rely on legitimate interests, we have considered the impact on your rights and are satisfied that our interests do not override them. You can request more detail on this balancing test by contacting us directly.

04

How We Use Your Data

We use the personal data we collect for the following purposes:

• To respond to enquiries and provide quotes or proposals
• To deliver the marketing services you have engaged us for
• To send you relevant communications about our work together
• To issue invoices and manage our financial records
• To send occasional business development communications where we believe our services may be relevant to your business (you can opt out at any time)
• To monitor and improve our website and service quality
• To comply with any applicable legal or regulatory obligations

We will not use your data for any purpose that is incompatible with the reason it was originally collected.

05

Who We Share Your Data With

We do not sell your personal data to third parties. We may share your data with the following categories of recipients only where necessary:

• Service providers and software platforms we use to operate our business (e.g. Squarespace, Google Workspace, project management tools). These are bound by data processing agreements and are only permitted to use your data on our instructions.
• Our team members and contractors who require access to deliver your project or service.
• Professional advisers such as accountants or legal advisers, where required.
• Regulatory or law enforcement bodies where we are required to do so by law.

Where any third party processes your data on our behalf, we ensure appropriate data processing agreements are in place.

06

International Data Transfers

Some of the software platforms we use may store or process data outside the UK or European Economic Area (EEA). Where this is the case, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses or an adequacy decision by the UK Government, in accordance with UK GDPR requirements.

If you would like more information about the specific safeguards we rely on for any particular transfer, please contact us.

07

Cookies and Analytics

Our website uses cookies and similar technologies to help us understand how visitors use the site and to improve your experience.

Types of cookies we use

• Essential cookies: Required for the website to function correctly. These cannot be disabled.
• Analytics cookies: Used to track visitor behaviour and site performance. We use Google Analytics (GA4) for this purpose. The data collected is anonymised where possible.
• Preference cookies: Used to remember your settings or choices on the site.

You can control or disable non-essential cookies through your browser settings at any time. Please note that disabling certain cookies may affect how the site works.

For more information on Google Analytics and how to opt out, visit tools.google.com/dlpage/gaoptout.

08

How Long We Keep Your Data

We only retain your personal data for as long as necessary for the purposes it was collected, or as required by law.

• Client data: Retained for the duration of our working relationship and for up to 7 years after the contract ends, in line with HMRC financial record requirements.
• Enquiry and prospect data: Retained for up to 12 months from the date of the enquiry, unless a business relationship is established.
• Website analytics data: Retained in line with Google Analytics default retention settings (14 months).
• Email correspondence: Retained for up to 3 years unless there is an ongoing legal or commercial reason to keep it longer.

When data is no longer required, it is securely deleted or anonymised.

09

Your Rights Under UK GDPR

You have a number of rights in relation to your personal data. These are:

To exercise any of these rights, please contact us at enquiries@arch35.com. We will respond within one calendar month. We may need to verify your identity before actioning your request.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your data correctly. You can do this at ico.org.uk/make-a-complaint or by calling 0303 123 1113.

10

Data Security

We take reasonable technical and organisational measures to protect your personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These include:

• Password-protected systems and accounts with multi-factor authentication where available
• Use of reputable, secure cloud platforms for data storage and communications
• Restricting access to personal data to team members who need it to do their job
• Regular review of our data handling practices

While we take these steps seriously, no method of transmission over the internet is completely secure. If you have concerns about the security of any data you have sent to us, please get in touch.

In the event of a data breach that is likely to affect your rights and freedoms, we will notify you and the ICO in accordance with our legal obligations.

11

Links to Other Websites

Our website may contain links to third-party websites. Once you leave our site, this Privacy Policy no longer applies. We are not responsible for the privacy practices of other websites and encourage you to read their privacy policies before providing any personal data.

12

Children's Privacy

Our website and services are intended for business use and are not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe we have inadvertently done so, please contact us and we will delete the data promptly.

13

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The most current version will always be available on this page. We will update the "last updated" date at the top of the page when changes are made.

If we make any significant changes that affect your rights, we will make reasonable efforts to notify you directly.