Privacy
Branding Brothers® Ltd respects your privacy and takes the protection of your personal information very seriously.
Last updated: 6 July 2026
This Privacy Policy explains how we collect, use, store and protect personal information when you visit our website, contact us, book a meeting or work with us.
1. Who we are
Branding Brothers® Ltd is a creative design and production company registered in England and Wales.
Company name: Branding Brothers® Ltd
Company number: 12963247
Website: brandingbros.uk
Registered address: [INSERT REGISTERED ADDRESS]
Email: [INSERT PRIVACY OR CONTACT EMAIL]
For the purposes of UK data protection law, Branding Brothers® Ltd is usually the data controller responsible for the personal information described in this policy.
In some client projects, we may process personal information solely on a client’s instructions. In those circumstances, the client may be the data controller and we may act as a data processor.
2. The information we collect
Depending on how you interact with us, we may collect:
Contact and identity information
This may include:
- Your name
- Job title
- Company or organisation
- Email address
- Telephone number
- Business address
- Social media profile or username
Enquiry and project information
This may include:
- Information submitted through our website or by email
- Project briefs and creative requirements
- Brand, campaign and business information
- Meeting notes and correspondence
- Feedback, approvals and project decisions
- Files, images, video, audio or documents you provide
- Information about your customers, team members, suppliers or project participants
Please avoid sending us personal information that is not relevant to your project.
Meeting and scheduling information
When you arrange or attend a meeting, we may collect:
- Your name and email address
- Meeting date and time
- Calendar availability
- Meeting title, description and joining details
- Attendee information
- Notes or actions arising from the meeting
- Audio, video or chat information where a meeting is recorded
We currently use Google Calendar and Google Meet to schedule and conduct meetings.
We will not normally record a meeting without informing the participants first.
Financial and transaction information
This may include:
- Billing address
- Invoice details
- Bank account information
- Payment references
- Payment status and transaction history
- Tax or accounting information
We may need bank details when paying suppliers, freelancers, contractors or issuing refunds. We do not normally collect or store complete debit or credit card details ourselves.
Website and technical information
When you visit our website, we may automatically collect limited technical information, including:
- IP address
- Browser and device type
- Operating system
- Referring website
- Pages visited
- Approximate location
- Website interaction and performance information
- Cookie identifiers and preferences
More information about cookies should be provided in our Cookie Policy and cookie consent settings.
Sensitive information
Clients may occasionally share information that is sensitive or confidential because it is relevant to their brand, campaign, organisation or creative work.
This could sometimes include information relating to:
- Health or accessibility
- Race or ethnicity
- Religious or philosophical beliefs
- Political opinions
- Trade union membership
- Sexual orientation or sex life
- Biometric or genetic information
These categories receive additional protection under UK data protection law.
We ask clients not to share sensitive personal information unless it is genuinely necessary for the project. Where we need to process this information, we will limit its use, protect it appropriately and identify a lawful basis and an additional special category condition.
Where appropriate, this may include obtaining the explicit consent of the person concerned. Consent may be withdrawn at any time, although this will not affect processing that has already taken place lawfully.
3. How we obtain information
We may collect personal information:
- Directly from you
- Through our website contact forms
- Through email, telephone calls or messages
- Through Google Calendar or Google Meet
- During meetings, workshops or project delivery
- Through contracts, proposals, invoices or supplier forms
- From a colleague, employer, client, agency or project partner
- From publicly available professional sources, such as company websites or LinkedIn
- Through website analytics and cookies
Where a client provides us with personal information relating to another person, the client is responsible for ensuring that they are permitted to share it with us.
4. How we use your information
We may use personal information to:
- Respond to enquiries
- Assess whether we can undertake a project
- Prepare proposals, estimates and contracts
- Schedule and conduct meetings
- Provide design, branding, digital, motion, production or consultancy services
- Communicate about ongoing work
- Manage feedback, approvals and deliverables
- Collaborate with clients, freelancers, suppliers and production partners
- Issue and process invoices and payments
- Maintain financial and tax records
- Manage our business operations
- Improve our services and website
- Protect our systems, business and legal rights
- Prevent fraud or misuse
- Comply with legal, regulatory and insurance requirements
- Send relevant business updates or marketing where permitted
We will not sell your personal information.
5. Our lawful bases
UK data protection law requires us to have a lawful reason for using personal information.
Depending on the circumstances, we may rely on:
Contract
Processing may be necessary to enter into or fulfil a contract with you, including preparing a proposal, delivering a project, communicating with you and receiving payment.
Legitimate interests
We may process information where it is reasonably necessary for our legitimate business interests, provided those interests are not overridden by your rights.
These interests may include:
- Responding to business enquiries
- Managing client and supplier relationships
- Operating and improving our business
- Maintaining appropriate project records
- Protecting our work, systems and legal rights
- Promoting relevant services to existing business contacts
Legal obligation
We may process information to comply with legal requirements, including accounting, taxation, fraud prevention, regulatory or court-related obligations.
Consent
We may rely on your consent for certain activities, such as optional marketing, non-essential cookies, meeting recordings or particular uses of sensitive information.
You may withdraw your consent at any time.
Special category information
Where we process special category information, we must have both a lawful basis and an additional condition under data protection law.
Depending on the circumstances, this may include:
- Your explicit consent
- Information you have deliberately made public
- Processing necessary to establish, exercise or defend legal claims
- Another condition permitted by applicable law
We will not use sensitive information for unrelated advertising or profiling.
6. Marketing
We may occasionally contact existing clients or relevant business contacts about services, projects or updates that we believe may be of genuine professional interest.
Where consent is required, we will ask for it before sending marketing.
You may unsubscribe or object to direct marketing at any time by using the unsubscribe option provided or contacting us directly.
We will not use sensitive information to decide what marketing to send you.
7. Who we share information with
We may share personal information with trusted organisations or individuals where necessary to run our business or deliver a project.
These may include:
- Google Workspace, including Google Calendar, Google Meet, Gmail and Google Drive
- Website hosting and website management providers
- Cloud storage and file transfer providers
- Project management and collaboration platforms
- Accountants, bookkeepers and professional advisers
- Accounting and invoicing providers
- Banks and payment providers
- Freelancers, contractors and production partners
- Printers, fabricators, developers, animators, photographers, videographers or other specialist suppliers
- Legal, insurance, regulatory or public authorities where required
- A prospective purchaser or successor if our business is sold, reorganised or transferred
We only share information that is reasonably necessary for the relevant purpose.
Where appropriate, suppliers processing personal information on our behalf are required to handle it securely, confidentially and in accordance with applicable data protection law.
Some project information may be shared with suppliers acting as independent data controllers. Those suppliers will be responsible for their own use of that information.
8. Google Calendar and Google Meet
We use Google Calendar to arrange meetings and Google Meet to conduct online calls.
When a meeting is booked, information such as your name, email address, meeting time, attendee list and meeting description may be processed through Google’s systems.
When you join a Google Meet call, Google may also process technical and usage information associated with your connection and use of the service.
Google processes information in accordance with its own privacy terms and may process or store information outside the United Kingdom.
Please avoid placing confidential or sensitive personal information in the title of a calendar event. Where sensitive information needs to be discussed, we will take reasonable steps to limit what appears in calendar invitations and joining details.
9. International data transfers
Some of the service providers we use may store or process personal information outside the United Kingdom.
Where personal information is transferred internationally, we will take reasonable steps to ensure that an appropriate safeguard is in place. This may include:
- A UK adequacy regulation
- The UK International Data Transfer Agreement
- The UK Addendum to the EU Standard Contractual Clauses
- Contractual, organisational or technical protections required by law
However, no internet-based system can guarantee that information will remain entirely within one country.
10. How we protect information
We use reasonable technical and organisational measures to protect personal information from loss, misuse, unauthorised access, alteration or disclosure.
These measures may include:
- Password-protected systems
- Multi-factor authentication where available
- Controlled access to project files
- Secure cloud storage
- Device and software security
- Appropriate confidentiality arrangements
- Restricted sharing of sensitive information
- Secure deletion or disposal where appropriate
- Regular review of the services and systems we use
Only people who reasonably need access to information for their role or the relevant project should be given access.
Although we take security seriously, no method of online transmission or storage is completely secure.
11. How long we keep information
We keep personal information only for as long as it is reasonably needed for the purpose for which it was collected.
Our usual retention periods are:
- Unsuccessful enquiries and proposals: normally up to 2 years after the last meaningful contact
- Client and project correspondence: normally up to 7 years after the project or relationship ends
- Contracts, invoices and financial records: normally at least 6 years after the end of the relevant financial period, or longer where legally required
- Supplier and freelancer records: normally up to 7 years after the relationship ends
- Website analytics information: according to the settings and retention period of the relevant analytics service
- Meeting recordings: only for as long as necessary for the purpose explained when the recording was made
- Marketing information: until you unsubscribe, object or the information is no longer useful or accurate
- Sensitive personal information: only for as long as it is genuinely required for the relevant project or legal purpose
We may keep information for longer where necessary to resolve a dispute, establish or defend a legal claim, comply with a legal obligation or enforce an agreement.
Information may also remain temporarily within secure backups before being overwritten or deleted.
12. Portfolio work and case studies
We may wish to feature completed work in our portfolio, website, social media, pitches, awards submissions or case studies.
We will consider confidentiality, contractual restrictions and client permissions before publishing non-public project information.
Where a case study includes identifiable individuals, testimonials, private results or sensitive information, we may ask for additional permission before publication.
You may contact us if you believe that published portfolio material contains personal information that should be corrected or removed.
13. Your data protection rights
Depending on the circumstances, you may have the right to:
- Ask for a copy of the personal information we hold about you
- Ask us to correct inaccurate or incomplete information
- Ask us to delete your information
- Ask us to restrict how we use your information
- Object to certain uses of your information
- Receive certain information in a portable format
- Withdraw consent where we rely on consent
- Object to direct marketing
- Complain about how we use your information
These rights are not absolute and may depend on the reason we hold the information.
We may need to verify your identity before responding to a request. We will normally respond within one month, although the law allows additional time in certain complex circumstances.
To exercise a right, contact us using the details at the end of this policy.
14. Automated decision-making
We do not currently use personal information to make solely automated decisions that produce legal or similarly significant effects.
15. Information about children
Our website and services are intended primarily for businesses and professional clients.
We do not knowingly collect personal information directly from children through our website.
A client project may occasionally involve images, video, names or other information relating to children. Where this happens, the client is responsible for ensuring that suitable permissions, notices and safeguards are in place unless we expressly agree otherwise in writing.
16. Links to other websites
Our website may contain links to websites or services operated by other organisations.
We are not responsible for how those organisations collect or use personal information. You should review their privacy policies before submitting personal information to them.
17. Complaints
Please contact us first if you have a concern about how we handle your personal information. We will do our best to resolve the issue.
You also have the right to complain to the UK Information Commissioner’s Office:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
You can find further information through the ICO website at ico.org.uk.
18. Changes to this policy
We may update this Privacy Policy when our services, suppliers or legal obligations change.
The latest version will be published on our website with the updated revision date.
19. Contact us
For privacy questions, requests or complaints, contact:
Branding Brothers® Ltd
124 City Road, London, EC1V 2NX
legal@brandingbros.uk