Privacy Policy

1. Who we are

Tkist Digital Ltd (“Tkist”, “we”, “us”, “our”) operates the website tkist.com and provides digital marketing services. We are the data controller responsible for your personal data.

To contact us about your data: hello@tkist.com

2. What data we collect

We collect personal data only when you choose to provide it through our contact forms. This includes:

• Identity data: your name and company name
• Contact data: your email address
• Technical data: your website URL (if provided)
• Message data: the content of any message or goals you share with us
• Usage data: basic server logs (IP address, browser type) collected automatically

We do not collect sensitive personal data (health, financial, or biometric information).

3. How we use your data

We use your data only for the purposes for which it was collected:

• To respond to your enquiry and deliver the requested audit or service
• To communicate about ongoing project work
• To send information about our services (only if you have opted in)
• To improve our website and services

Our legal basis for processing your data is legitimate interests (responding to business enquiries) and, where applicable, your explicit consent.

4. How long we keep your data

We retain enquiry data for up to 24 months from the date of last contact. If you become a client, we retain data for the duration of our engagement plus 6 years (as required for tax and legal purposes). You may request earlier deletion at any time.

5. Third parties we share data with

We do not sell your data. We may share data with:

• Email service providers (e.g. Google Workspace) — to receive and process enquiry emails
• CRM software — to manage client relationships
• Analytics providers — aggregated, anonymised usage data only

All third-party processors are GDPR-compliant and operate under data processing agreements.

6. Cookies

This website uses only essential cookies required for basic site functionality. We do not currently use advertising or tracking cookies. If this changes, we will update this policy and implement a consent mechanism first.

7. Your rights (UK GDPR)

Under UK GDPR you have the right to:

• Access — request a copy of the data we hold about you
• Rectification — request correction of inaccurate data
• Erasure — request deletion of your data (“right to be forgotten”)
• Restriction — request we limit processing of your data
• Portability — request your data in a machine-readable format
• Object — object to processing based on legitimate interests

To exercise any of these rights, email us at hello@tkist.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

8. Data security

We apply appropriate technical and organizational measures to protect your data against unauthorized access, loss, or disclosure. Our website uses HTTPS encryption and is hosted on secure infrastructure.

9. International transfers

Your data is processed in the UK and EEA. Where we use third-party processors outside these regions, we ensure adequate safeguards are in place (e.g. Standard Contractual Clauses).

10. Changes to this policy

We may update this policy as our practices change. The “Last updated” date at the top of this page reflects the most recent version. Continued use of the site after a policy update constitutes acceptance of the revised policy.