Privacy Policy for Digital Momentum Agency Ltd

Privacy Policy UK / EU

Last Updated: 04/09/2025

1) Who we are (Controller)
Digital Momentum Agency Ltd (“we”, “us”, “our”) is the controller for the processing described in this notice.

Registered office: Suite 106 C/O Know Tax, Denning House, 1a George Street, Wolverhampton, England, WV2 4DP
Email: privacy@digitalmomentum.agency
Postal contact (for rights requests): Suite 106 C/O Know Tax, Denning House, 1a George Street, Wolverhampton, England, WV2 4DP

EU representative (if required by Article 27 GDPR): we will appoint and publish details here if our targeting of EEA residents triggers the requirement. Until then, please use the contact above.
We have not appointed a Data Protection Officer. Privacy queries should use the contacts above.
2) Scope
This notice explains what personal data we collect, how and why we use it, who we share it with, how long we keep it, and your rights. It covers our websites and any products/services we provide to clients and prospects.
3) Data we collect

Identity and contact: name, role, company, email, phone, addresses.
Account and transactions: proposals, statements of work, invoices, delivery details, payment references from our payment provider.
Marketing and preferences: consents, opt-outs, interest areas, engagement with our emails.
Website and device: IP address (truncated/region-processed where configured), device/browser, pages viewed, time on page, events (clicks, downloads), error logs, consent choices.
Content you provide: form entries, briefing notes, RFP responses, support requests.
Supplier/partner contacts: business contact details and contracts.

We do not seek special-category data. Please avoid sending health, political, or other sensitive data unless we specifically request it and provide a lawful basis.
4) How we collect it

Directly from you: forms, email, phone, video calls, events.
Automatically: essential cookies and, with your consent, optional analytics cookies (see Cookie Policy).
From third parties: payment providers, analytics/communications platforms, delivery partners, and public sources (e.g., Companies House, your website/LinkedIn).

5) Why we use your data and our lawful bases
We only process personal data where a lawful basis applies (contract, legal obligation, legitimate interests, consent).
PurposeData (summary)Lawful basisTypical retention
Proposals, onboarding, and service deliveryIdentity, contact, project docs, billing refsContract (Art. 6(1)(b))Contract + 6 years (tax/claims)
Client support and service qualityIdentity, contact, comms historyLegitimate interests (service improvement)24 months after last contact
Operational/service communicationsIdentity, contact, project/order infoContract / Legal obligationAs above
Direct marketing (email/SMS)Identity, contact, preferences, engagementConsent or soft opt-in under PECR for our own similar servicesUntil opt-out or 24 months of inactivity
Website analytics and performancePseudonymous usage data, device infoConsent (non-essential cookies)14 months (aggregated thereafter)
Security and fraud preventionLogs, IP, device, eventsLegitimate interests / Legal obligation30–180 days (system-dependent)
Supplier/partner managementIdentity, contact, contract recordsContract / Legitimate interestsContract + 6 years
We do not make decisions based solely on automated processing that produce legal or similarly significant effects.
6) Who we share data with
We use trusted service providers under contracts that require confidentiality and data protection:

Website/hosting and productivity: Wix (site platform), Microsoft 365/OneDrive/SharePoint.
Analytics (consent-based): Google Analytics 4 (configured without PII).
Email and marketing: your chosen provider (e.g., Mailchimp/Klaviyo) if used for campaigns and preference management.
Payments and delivery: payment processors and couriers where applicable.
Professional advisers: accountants, auditors, legal advisers.
Public authorities: where required by law or to protect rights.

We do not sell personal data.
7) International transfers
Some providers may process data outside the UK/EEA. Where this occurs we use appropriate safeguards, such as:

EU Standard Contractual Clauses with the UK Addendum (or UK IDTA), and/or
the UK-US Data Bridge or EU-US Data Privacy Framework for certified US providers.

You can request information about these safeguards.
8) Cookies and similar technologies
We use strictly necessary cookies to make our site work. With your permission, we also use optional cookies (e.g., analytics). Optional cookies are off by default and only run if you Accept them. You can Reject all optional cookies or change your choice any time via Manage cookies in the footer. See our Cookie Policy for details.
We configure analytics to avoid collecting PII (no names/emails in URLs or events; IP processing controls where available).
9) Marketing choices
We send marketing by email/SMS only with consent, or under the soft opt-in where we obtained your details during a sale or negotiation for our own similar services and gave you a clear chance to opt out. You can opt out at any time via any message or by contacting us. We do not buy or sell marketing lists.
10) Security
We apply technical and organisational measures appropriate to risk: access controls, encryption in transit, network security, role-based access, staff training, secure disposal, supplier due diligence, and incident response.
11) How long we keep data
See Section 5. Where exact periods vary by system, we apply clear criteria to determine deletion and keep data no longer than necessary for legal/accounting requirements or to resolve disputes.
12) Your rights
You have the right to access, rectify, erase, restrict, object (including an absolute right to object to direct marketing), and portability; plus the right to withdraw consent at any time.
You also have the right to complain to a supervisory authority:

UK: Information Commissioner’s Office - ico.org.uk
EEA: your local Data Protection Authority

To exercise your rights, contact us using Section 1. We may verify identity with proportionate checks.
13) Children
Our services are not directed at children. If you believe a child has provided us with personal data, contact us and we will delete it.
14) Changes to this notice
We will post any changes here with a new effective date. Material changes will be highlighted for at least 30 days.
15) Contact
Email: privacy@digitalmomentum.agency
Postal: Suite 106 C/O Know Tax, Denning House, 1a George Street, Wolverhampton, England, WV2 4DP

Privacy Policy for Digital Momentum Agency Ltd

Privacy Policy UK / EU

1) Who we are (Controller) Digital Momentum Agency Ltd (“we”, “us”, “our”) is the controller for the processing described in this notice.

Registered office: Suite 106 C/O Know Tax, Denning House, 1a George Street, Wolverhampton, England, WV2 4DP

Email: privacy@digitalmomentum.agency

Postal contact (for rights requests): Suite 106 C/O Know Tax, Denning House, 1a George Street, Wolverhampton, England, WV2 4DP

Identity and contact: name, role, company, email, phone, addresses.

Account and transactions: proposals, statements of work, invoices, delivery details, payment references from our payment provider.

Marketing and preferences: consents, opt-outs, interest areas, engagement with our emails.

Website and device: IP address (truncated/region-processed where configured), device/browser, pages viewed, time on page, events (clicks, downloads), error logs, consent choices.

Content you provide: form entries, briefing notes, RFP responses, support requests.

Supplier/partner contacts: business contact details and contracts.

We do not seek special-category data. Please avoid sending health, political, or other sensitive data unless we specifically request it and provide a lawful basis. 4) How we collect it

Directly from you: forms, email, phone, video calls, events.

Automatically: essential cookies and, with your consent, optional analytics cookies (see Cookie Policy).

From third parties: payment providers, analytics/communications platforms, delivery partners, and public sources (e.g., Companies House, your website/LinkedIn).

Website/hosting and productivity: Wix (site platform), Microsoft 365/OneDrive/SharePoint.

Analytics (consent-based): Google Analytics 4 (configured without PII).

Email and marketing: your chosen provider (e.g., Mailchimp/Klaviyo) if used for campaigns and preference management.

Payments and delivery: payment processors and couriers where applicable.

Professional advisers: accountants, auditors, legal advisers.

Public authorities: where required by law or to protect rights.

We do not sell personal data. 7) International transfers Some providers may process data outside the UK/EEA. Where this occurs we use appropriate safeguards, such as:

EU Standard Contractual Clauses with the UK Addendum (or UK IDTA), and/or

the UK-US Data Bridge or EU-US Data Privacy Framework for certified US providers.

UK: Information Commissioner’s Office - ico.org.uk

EEA: your local Data Protection Authority

1) Who we are (Controller)
Digital Momentum Agency Ltd (“we”, “us”, “our”) is the controller for the processing described in this notice.

We do not seek special-category data. Please avoid sending health, political, or other sensitive data unless we specifically request it and provide a lawful basis.
4) How we collect it

We do not sell personal data.
7) International transfers
Some providers may process data outside the UK/EEA. Where this occurs we use appropriate safeguards, such as: