Bright Ivy

Privacy Policy

This Privacy Policy explains how Bright Ivy (“we”, “us”, “our”) collects, uses, stores, and shares personal data when you visit our website, contact us, or use our services.

1) Who we are

Data controller: Bright Ivy Marketing

Contact (privacy): privacy@brightivymarketing.com

Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ

If you’re unsure where to send something, email us and we’ll route it.

Email privacy

2) The data we collect

Data you give us

  • Contact details (name, email, company, role, phone if you provide it)
  • Enquiry content (messages, briefs, meeting requests)
  • Commercial details (billing contact info, invoicing details, purchase history - if relevant)
  • Recruitment-related data (if you apply or enquire about roles/contracting)

Data we collect automatically

  • Technical data: IP address, browser type/version, device identifiers, operating system
  • Usage data: pages viewed, clicks, time on page, referral source
  • Cookie data: see “Cookies” below

Data we may receive from others

  • Referrals (someone introduces you)
  • Business tools we use (e.g., email, calendar, CRM) where your organisation has shared your details for business contact purposes

3) How we use your data (and our legal bases)

We only use your data when we have a lawful basis under UK GDPR.

Purpose Typical data Lawful basis
Respond to enquiries and book calls Contact details, enquiry content Legitimate interests (running our business) / Steps to enter a contract
Deliver services and manage clients Contact details, project comms, billing Contract / Legitimate interests
Send operational updates (e.g., scheduling, delivery comms) Contact details Contract / Legitimate interests
Marketing (insights, newsletters, invitations) Email, preferences Consent (where required) / Legitimate interests (B2B)
Improve our website and user experience Technical/usage data, cookies Consent (for non-essential cookies) / Legitimate interests
Protect security and prevent abuse IP, logs, usage Legitimate interests / Legal obligation
Comply with legal/tax requirements Billing records, contracts Legal obligation

Marketing choice: you can opt out at any time via the link in our emails or by contacting us.

4) Cookies and analytics

We use cookies and similar technologies to make the site function properly, understand how the site is used, and improve performance and content.

Where required, we’ll ask for your consent before setting non-essential cookies (e.g., analytics, advertising).

Cookie details: Manage Cookie Preferences

5) How we share your data

We do not sell your personal data.

We may share data with trusted providers who help us operate, such as:

  • website hosting and infrastructure providers
  • analytics providers
  • email, calendar, and collaboration tools
  • CRM and client record systems
  • payment and accounting providers (if applicable)

These providers act as processors and are contractually required to protect your data and use it only on our instructions.

We may also share data if required to comply with law or regulatory requests, protect our rights and security, or prevent fraud and abuse.

6) International transfers

Some of our providers may process data outside the UK. Where this happens, we ensure appropriate safeguards are in place (for example, the UK International Data Transfer Agreement or other approved mechanisms).

7) Data retention

We keep personal data only as long as necessary for the purposes described above, including legal, tax, and reporting requirements.

  • Enquiries: up to 12–24 months (unless you become a client)
  • Client records: duration of engagement + up to 6 years (for contractual/tax purposes)
  • Marketing lists: until you unsubscribe or we remove inactive contacts

8) Your rights (UK GDPR)

You have the right to:

  • access your personal data
  • correct inaccurate data
  • request deletion (where applicable)
  • restrict or object to processing (including marketing)
  • data portability (in certain cases)
  • withdraw consent (where processing is based on consent)

To exercise your rights, contact: privacy@brightivymarketing.com

9) Complaints

If you’re not satisfied with how we handle your data, you can complain to the UK regulator:

Information Commissioner’s Office (ICO)
Website: ico.org.uk
Telephone: 0303 123 1113

We’d appreciate the chance to resolve it with you first.

10) Security

We use appropriate technical and organisational measures to protect your data, including access controls and secure systems. No system is perfect, but we take this seriously.

11) Children’s privacy

Our services and website are not directed at children, and we do not knowingly collect data relating to children.

12) Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available on this page, with the effective date updated accordingly.

Last updated: 13 January 2026