Legal

Privacy Policy

Last updated: April 2026

Who we are

Chairs Creative is a creative studio based in the United Kingdom, specialising in digital advertising, branding, influencer marketing, and web design services. This Privacy Policy explains how we collect, use, and safeguard your personal data when you visit chairscreative.com or get in touch with us.

Data controller

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, the data controller is Chairs Creative. If you have questions about this policy or how we handle your data, please contact us.

Information we collect

Information you provide to us

When you submit an enquiry via our contact form, we collect:

  • Your name
  • Your email address
  • The subject of your enquiry
  • The contents of your message

We collect this information solely so we can respond to your enquiry. Our lawful basis for processing is your consent (UK GDPR Article 6(1)(a)) and, where relevant, our legitimate interest in communicating with prospective clients (UK GDPR Article 6(1)(f)).

Information collected automatically

When you visit our website, our hosting provider may automatically log technical information such as your IP address, browser type, operating system, and pages visited. This is used solely for security, performance monitoring, and troubleshooting. Our lawful basis is our legitimate interest in maintaining a secure and functional website.

Third-party services

Our website relies on the following third-party services, each of which may process limited personal data on our behalf:

  • Formspree — handles the delivery of our contact form submissions. When you submit the form, your name, email, subject, and message are transmitted to Formspree, which is based in the United States. You can review their privacy practices at formspree.io/legal/privacy-policy.
  • Google Fonts — we load our typefaces (Montserrat and Oswald) from Google's font CDN. When fonts load, Google may log your IP address. Their privacy policy is available at policies.google.com/privacy.

Cookies

Our website does not currently use tracking, advertising, or analytics cookies. We store a single small value in your browser's local storage to remember your cookie preference choice — this is strictly functional and contains no personal data.

If we introduce optional cookies in the future (for example, site analytics), we will update this policy and request your consent via the cookie banner before any such cookies are set. You can manage cookies and local storage at any time via your browser settings.

How long we keep your data

  • Contact form enquiries: retained for as long as necessary to respond to your request and for up to 24 months afterwards for business continuity and record-keeping, unless you request earlier deletion.
  • Hosting logs: typically retained for 30 days by our hosting provider and then automatically rotated.

Your rights under UK GDPR

You have the following rights in relation to your personal data:

  • Right of access — request a copy of the personal data we hold about you.
  • Right to rectification — ask us to correct inaccurate or incomplete data.
  • Right to erasure — request deletion of your data (the "right to be forgotten").
  • Right to restrict processing — ask us to limit how we use your data.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to our processing of your data based on legitimate interest.
  • Right to withdraw consent — where processing is based on consent, you may withdraw it at any time.
  • Right to lodge a complaint — with the UK Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, please contact us. We will respond within one month of your request.

International transfers

Some of the third-party services we use (such as Formspree and Google Fonts) are based outside the United Kingdom. Where personal data is transferred internationally, we rely on appropriate safeguards permitted under UK GDPR, including the UK's adequacy regulations and Standard Contractual Clauses.

Data security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. Any changes will be posted on this page with an updated "Last updated" date. We encourage you to review this page periodically.

Contact us

If you have any questions about this Privacy Policy or how we handle your data, please contact us via our contact page.