Privacy

Privacy policy

This policy explains what personal data the site processes, why it is used, and how visitors and customers across the site's public offers can exercise their rights without ambiguity.

Site data handling

This privacy policy covers personal data processed through this website and its enquiry, support, ordering, and payment activity for public offers. This privacy policy covers the public website and its contact, brief, newsletter, support, ordering, and payment activity.

Privacy requests should use the contact details shown on the relevant offer, brief, newsletter, or order confirmation.

Third-party services can apply their own privacy notices for the parts of the interaction they handle directly, including hosted checkout links or invoice options, email delivery, booking tools, newsletter delivery, analytics, or other embedded third-party services.

This page is the main privacy reference for the site. It does not mean every offer uses the same third-party service or payment option.

A public offer reference does not itself guarantee that a checkout, booking, or purchase flow is currently available.

How visitors should use this page

Read this page when you want to understand what is collected, why it is collected, and how privacy requests are handled. If you are sending an enquiry, a brief, or a newsletter request, this page explains what happens to that data after it arrives.

Use the privacy contact when the question is about access, deletion, correction, portability, objection, or the handling of personal data itself.

What data is collected and why

The site collects the information visitors submit directly, such as name, email address, company details, messages, booking context, form responses, and purchase-related records tied to the selected offer or service. For public contact or brief submissions, this can include project context plus any budget or timeline information the visitor chooses to share.

Technical usage data can include device information, browser details, IP-derived location, timestamps, cookie identifiers, request metadata such as page URL or origin, and payment-service transaction references when a chosen offer uses a published checkout link or managed payment page for security, fraud prevention, analytics, and service delivery.

Newsletter requests, if submitted, can include the email address and any fields the subscription form asks for so delivery and preference handling work correctly.

If form processing is temporarily delayed, the submission remains in the operational review queue until it is handled.

Submitting booking context, a project brief, or an enquiry does not by itself reserve a time slot, confirm approval, or create a paid order.

This information is used to answer enquiries, review booking or application requests, process orders, deliver the selected paid service or access offer, manage renewals, send operational messages, prevent abuse, maintain records, and improve the site and service where the law permits that use.

The site is designed to collect the information needed for the specific service or interaction.

If a future service requires sensitive or higher-risk data, this policy and the supporting controls will be updated before that data is collected.

Why data is used, who helps deliver the service, and transfers

Processing relies on one or more of the following legal bases: contract performance, steps taken at the user's request before a contract, legitimate interests, legal obligations, and consent for non-essential cookies or marketing where consent is required.

Service providers involved in hosting, email delivery, booking, analytics, and payments receive the data needed to perform their role. The chosen offer and payment option determine which payment service processes payment or billing data when a checkout link or invoice option is published.

The Founding Hundred: if that offer is not using a public payment option yet, payment and billing data stays within the direct order record used for that purchase.

Nemesis: if that offer is not using a public payment option yet, payment and billing data stays within the direct order record used for that purchase.

When data is transferred across borders, the transfer follows the service provider and legal mechanism used for that service.

Personal data is shared only with the service providers needed to run the site and deliver the service.

The public privacy baseline does not imply a single shared service-provider list for every offer or payment option.

Non-essential analytics or marketing tools run only through the consent choices described in the cookie policy.

Retention, rights, and complaints

Personal data is retained for as long as needed to provide the service, keep required business and tax records, prevent fraud, and resolve disputes. Public enquiries and project briefs are retained for reply handling, abuse prevention, and service record-keeping for as long as those purposes reasonably require. This page does not publish a dataset-by-dataset retention schedule.

Visitors can request access, correction, deletion, restriction, objection, portability, or withdrawal of consent through the privacy contact listed above. The same contact details can be used for contact, brief, or newsletter data where those requests relate to a person or account.

Visitors may also complain to the competent data protection authority.